Internal control

• Management: the Group has an established management organisation, with structure, reporting lines, accountabilities and delegated authorities.
• Key policies and documentation:

––Royal Mail’s activities are mandated by the Postal Services Act 2011 and are further bound by regulatory requirements which cover service standards, complaint handling, integrity of mail, access to postal facilities, accounting separation and process for postal services.
–– The Group’s Code of Business Standards sets the principles of professionalism and integrity for our people. 

• Standard policies exist within each function:

– Standard daily and monthly management accounting and payroll processes through centralised shared services for the UK businesses.
–– A budget prepared, reviewed and set once a year, providing clarity on the short-term strategies for each part of the Group. This, along with the delegated authorities, resets the levels of delegated spend in each area on an annual basis.
–– Performance management reviews include production of weekly indicators and a pyramid of monthly balanced scorecards from frontline operations to Holdings Board level, which underpin quarterly reviews and the interim and year end results.
–– Five to ten year business plans are collated on a regular basis and submitted to both the Shareholder and the regulator as part of formal external processes such as regulatory framework reviews and State Aid applications. This provides regular opportunity for executive management and the Board to reappraise and confirm long-term strategies and objectives for the Group.

• Regular rolling reviews and audits are carried out within the operations, covering key operational areas including quality of service, corporate security, health and safety, and fleet.
• A self assessment is conducted of key financial and non-financial processes across all parts of the UK businesses, including commercial and operations, and within each key function.
• Annual sign-off by Finance Directors provides a formal confirmation, including proper preparation of financial  results, compliance with Group accounting policies, compliance to statutory reporting standards and tax accounting arrangements, disclosure of post balance sheet events and related party transactions, and maintenance of an appropriate system of internal control, including disclosure of material weaknesses and confirmation of remedial action plans.

• Specific and targeted Internal Audit work programme. The effectiveness of the internal control system is reviewed regularly by Internal Audit & Risk Management (IA&RM), the Group’s independent Internal Audit unction. IA&RM reports to the ARC and provides assurance to executive management and the Board on the effectiveness of the internal control system.Internal Audit reports include an action plan where issues have been identified, and progress against action plans is regularly tracked and reported. IA&RM establishes and agrees with the ARC an annual plan of assignments and activities based on discussions with the Board and management, and also taking into account known issues in the business and the postal industry.
   
• External audit and other reviews. External audits and reviews take place during the year to provide management, the Board and the regulator with assurance on specific matters, including:

–– The external auditor performs a statutory year end audit.
–– The external auditor performs an audit of the regulatory accounts.
–– The externally measured end to end quality of service is audited by an independent accounting firm (appointed
by Ofcom)