Skip navigation.

Audit, Risk & Security Committee - Terms of Reference
About Camelot > Audit, Risk & Security Committee - Terms of Reference

Audit, Risk & Security Committee - Terms of Reference


1. Constitution, Membership and Quorum

  1. 1.1 The Board has resolved to establish a Committee of the Board to be known as the Audit, Risk & Security Committee.
  2. 1.2 The Committee, including its Chairman, shall be appointed by the Board from amongst the non-executive Directors of the Company and shall consist of not less than three members.
  3. 1.3 A quorum shall be two members, one of whom shall be an independent non-executive director. A duly convened meeting of the Committee at which a quorum is present shall be competent to exercise all or any of the authorities, powers, and discretions vested in or exercisable to the Committee.
  4. 1.4 In the absence of the Committee Chairman and / or an appointed deputy, the remaining members present shall elect one of themselves to chair the meeting.
  5. 1.5 The Board should satisfy itself that at least one member of the Committee has recent and relevant financial experience.
  6. 1.6 Only members of the Committee have the right to attend Committee meetings. However, other individuals, for example, the Chairman of the Board, Chief Executive, the Commercial and Operations Director, Finance Director, other Directors, members of the company's executive team, and representatives from the external auditors, may be invited to attend all or part of any meeting as and when appropriate. The Director of Security of both Camelot and De La Rue shall normally be invited to attend for the purposes of the Security section of the meeting.
  7. 1.7 At least once a year the Committee shall meet separately with the external auditors and if considered appropriate by the Committee, with the Director of Business Assurance without any executive board members present.
  8. 1.8 The Company Secretary (or their designee) shall act as Secretary to the Committee.
  9. 1.9 Appointments to the Committee shall be for a period of up to three years, which may be extended for two further three-year periods, provided the Director remains non-executive.

2. Meetings with the NLC

  1. 2.1 The Chief Executive of the National Lottery Commission shall be given the right to seek a meeting with the Committee if he/she has identified issues of concern which he/she wishes to bring to the attention of the Committee.

3. Frequency of Meetings

  1. 3.1 Meetings will be held not less than three times a year and otherwise as the Chairman of the Committee deems necessary. The NLC, external auditors, or any of the members or attendees may request a meeting if they consider that one is necessary.
  2. 3.2 The Secretary shall minute the proceedings and resolutions of all meetings of the Committee, including recording the names of those present and in attendance. The Secretary shall ascertain, at the beginning of each meeting, the existence of any conflicts of interest and minute them accordingly.
  3. 3.3 Minutes of Committee meetings shall be circulated promptly to all members of the Committee and, once agreed, to all members of the Board. Copies of the minutes of each Committee meeting shall be sent to the NLC within 7 days of approval of the minutes by the Chairman of the Committee.

4. Purpose: Summary

Introduction

Camelot is committed to high standards of corporate governance. Camelot has adopted, through the consolidation of audit risk and security into one committee, an overarching approach to governance. The role of the committee is to oversee the Company's risk, audit and compliance programmes, to assure itself that the Company operates with integrity.

The committee reviews the controls in place to give effect to the Board's commitment to transparency, corporate integrity and ethical business practices so that the company earns the trust of all its stakeholders.

  1. 4.1 In respect of its Audit responsibilities, the Committee is responsible for ensuring that the system and standards of internal control within the Company and in particular of the financial reporting are to highest standards and to ensure that the interests of shareholders are safeguarded. The Committee shall also be responsible for considering how the Company should apply the financial reporting and internal control principles and for maintaining an appropriate relationship with the Company's auditors.
  2. 4.2 In respect of its Risk responsibilities, the Board of Directors is ultimately responsible for managing the risks associated with the business and markets within which Camelot operates. The two core responsibilities of the Committee, in respect of risk, are to:
    • assist the Board in fulfilling its responsibilities by ensuring an appropriate framework is provided for managing risks throughout Camelot; and
    • provide an appropriate forum through which the detailed status of risk management is reported to the Board.

    The Committee carries out its responsibilities, in respect of risk, through an internal Risk Management Committee and Director of Business Assurance, mainly by promoting awareness of risk management, and ensuring that there is a risk management framework designed to ensure that risks are identified, quantified, managed, monitored and reported. It acts as a channel of communication between the Board of Directors and the Risk Management Committee.

  3. 4.3 In respect of its Security responsibilities, the Committee is responsible for approving and ensuring adherence to the Security Policy for the implementation and operation of the National Lottery. This policy will cover all aspects of security including physical, logical and personnel security (including disaster recovery planning). It is also responsible for overseeing the activities undertaken by the Company's Director of Security, and for reviewing incidents of security breaches, which will be brought to its attention by the Director of Security. Any major security breaches will be brought to the Committee's attention immediately they are identified.

5. Authority

  1. 5.1 The Committee has no executive authority but it is authorised by the Board to investigate any activity within its terms of reference. It is authorised to seek any information it requires from any employee of the Company in order to perform its duties. All employees shall be directed to meet any request made by the Committee.
  2. 5.2 The Committee is authorised by the Board to obtain, at the Company's expense, independent professional advice and to secure the attendance of outsiders with relevant experience and expertise if it considers this necessary.

6. Duties in Respect of Audit Matters

  1. 6.1 Financial Reporting
    1. 6.1.1 The Committee shall monitor the integrity of the financial statements of the Company, including its annual and interim reports, preliminary results' announcements and any other formal announcement relating to its financial performance, reviewing significant financial reporting issues and judgements which they contain. The Committee shall also review summary financial statements, significant financial returns to regulators and any financial information contained in certain other documents, such as announcements of a price sensitive nature.
    2. 6.1.2 The Committee shall review and challenge where necessary:
      1. 6.1.2.1 the consistency of, and any changes to, accounting policies both on a year on year basis and across the Company;
      2. 6.1.2.2 the methods used to account for significant or unusual transactions where different approaches are possible;
      3. 6.1.2.3 whether the Company has followed appropriate accounting standards and made appropriate estimates and judgements, taking into account the views of the external auditor;
      4. 6.1.2.4 the clarity of disclosure in the Company's financial reports and the context in which statements are made; and
      5. 6.1.2.5 all material information presented with the financial statements, such as the operating and financial review and the corporate governance statement.
    3. 6.1.3 The Committee shall review the annual financial statements of the pension funds where not reviewed by the Board as a whole.
  2. 6.2 Internal Controls and Risk Management Systems (see Duties in Respect of Risk Matters - Section 7 - for more details)

    The Committee shall:

    1. 6.2.1 keep under review the effectiveness of the Company's internal controls and risk management systems; and
    2. 6.2.2 review and approve the statements to be included in the Annual Report concerning internal controls and risk management (unless this is done by the Board as a whole)

  3. 6.3 Whistleblowing and the Code of Conduct

    The Committee shall review the Company's arrangements for its employees to raise concerns, in confidence, about possible wrongdoing in financial reporting or other matters through a Whistleblowing Policy. The Committee shall ensure that these arrangements allow proportionate and independent investigation of such matters and appropriate follow up action. It shall also review the Company's arrangements for ensuring its employees are made aware of what is expected of their behaviour and business conduct through the 'Camelot Code'.

  4. 6.4 Internal Audit

    The Committee shall:

    1. 6.4.1 monitor and review the effectiveness of the Company's internal audit function in the context of the Company's overall risk management system;
    2. 6.4.2 approve the appointment and removal of the head of the internal audit function;
    3. 6.4.3 consider and approve the remit of the internal audit function and ensure it has adequate resources and appropriate access to information to enable it to perform its function effectively and in accordance with the relevant professional standards. The Committee shall also ensure the function has adequate standing and is free from management or other restrictions;
    4. 6.4.4 review and assess the annual internal audit plan;
    5. 6.4.5 review promptly all reports on the Company from the internal auditors;
    6. 6.4.6 review and monitor management's responsiveness to the findings and recommendations of the internal auditors; and
    7. 6.4.7 meet the head of internal audit at least once a year, without management being present, to discuss their remit and any issues arising from the internal audits carried out. In addition, the head of internal audit shall be given the right of direct access to the Chairman of the Board and to the Committee.

  5. 6.5 External Audit

    The Committee shall:

    1. 6.5.1 consider and make recommendations to the Board, to be put to shareholders for approval at the AGM, in relation to the appointment, re-appointment and removal of the Company's external auditor. The Committee shall oversee the selection process for new auditors and if an auditor resigns the Committee shall investigate the issues leading to this and decide whether any action is required;
    2. 6.5.2 oversee the relationship with the external auditor including (but not limited to):
      1. 6.5.2.1 approval of their remuneration, whether fees for audit or non-audit services and that the level of fees is appropriate to enable an adequate audit to be conducted;
      2. 6.5.2.2 approval of their terms of engagement, including any engagement letter issued at the start of each audit and the scope of the audit;
      3. 6.5.2.3 assessing annually their independence and objectivity taking to account relevant (UK) professional and regulatory requirements and the relationship with the auditor as a whole, including the provision of any non-audit services;
      4. 6.5.2.4 satisfying itself that there are no relationships (such as family, employment, investment, financial, or business) between the auditor and the Company (other than in the ordinary course of business);
      5. 6.5.2.5 agreeing with the Board a policy on the employment of former employees of the Company's auditor, then monitoring the implementation of this policy;
      6. 6.5.2.6 monitoring the auditor's compliance with relevant ethical and professional guidance on the rotation of audit partners, the level of fees paid the Company compared to the overall fee income of the firm, office and partner and other related requirements; and
      7. 6.5.2.7 assessing annually their qualifications, expertise and resources and the effectiveness of the audit process which shall include a report from the external auditor on their own internal quality procedures;
    3. 6.5.3 meet regularly with the external auditor, including once at the planning stage before the audit and once after the audit at the reporting stage. The Committee shall meet the external auditor at least once a year, without management being present, to discuss their remit and any issues arising from the audit;
    4. 6.5.4 review and approve the annual audit plan and ensure that it is consistent with the scope of the audit engagement;
    5. 6.5.5 review the findings of the audit with the external auditor. This shall include, but not be limited to, the following;
      1. 6.5.5.1 a discussion of any major issues which arose during the audit.
      2. 6.5.5.2 any accounting and audit judgements, and
      3. 6.5.5.3 levels of errors identified during the audit.
      The Committee shall also review the effectiveness of the audit.
    6. 6.5.6 review any representation letter (s) requested by the external auditor before they are signed by management.
    7. 6.5.7 review the management letter and management's response to the auditor's findings and recommendations; and
    8. 6.5.8 develop and implement a policy on the supply of non audit services by the external auditor, taking into account any relevant ethical guidance on the matter.

7. Duties in Respect of Risk Matters

  1. 7.1 The duties of the Committee shall be:

    Approval of the risk management policy;

    Overseeing the development and improvement of the group-wide risk management process;

    Reviewing at a high level the major risk types faced by Camelot and the current and future strategies necessary to manage them;

    Receipt of regular risk profile reports (collated by the Business Assurance Department) detailing:

    • Management's summary assessment of the key risks to Camelot and the trend of those risks
    • Risk exposures classified by risk type
    • The status of key incidents / issues arising and the management actions being taken
    • Initialising action to address any cross divisional issues as to appropriateness, timeliness and sufficiency of risk management activities and communication across the business
    • Influencing the design of Camelot's infrastructure and other processes to ensure that individuals are motivated and incentivised to engage in "good" risk management
    • Reviewing the risk management training and support programmes to ensure they are adequate and remain relevant to the needs of the business
    • Overseeing the risk management culture and control environment.

8. Duties in Respect of Security Matters

  1. 8.1 The Committee is authorised by the Board to examine any activity relating to security. It is authorised to seek any information it requires. The Committee will advise the Director of Security and Chief Executive if changes and improvements are required to the Company's security policies and procedures.

9. Reporting Procedures

  1. 9.1 In carrying out its duties in respect of audit matters, the Committee will work closely with the Operations Director who will be informed of any meetings between the Committee and external audit and internal auditors and other advisors.
  2. 9.2 If the Committee feels it is necessary to depart from this practice then it will do so only with the prior approval of the Chairman of the Board or a majority of the non-executive Directors.
  3. 9.3 The Chairman of the Committee shall report formally to the Board on its proceedings after each meeting of the Committee.
  4. 9.4 The Committee shall make whatever recommendations to the Board it deems appropriate on any area within its remit where action or improvement is needed.

10. Other Matters

The Committee shall:

  1. 10.1 have access to sufficient resources in order to carry out its duties, including access to the company secretariat for assistance as required;
  2. 10.2 be provided with appropriate and timely training, both in the form of an induction programme for new members and on an ongoing basis for all members.
  3. 10.3 give due consideration to laws and regulations, in particular the licences under which the Company operates the National Lottery, the provisions of the Combined Code and the requirements of the UK Listing Authority's Listing Rules as appropriate;
  4. 10.4 be responsible for co-ordination of the internal and external auditors;
  5. 10.5 oversee any investigation of activities which are within its terms of reference and act as a court of the last resort; and
  6. 10.6 at least once a year, review its own performance, constitution and terms of reference to ensure it is operating at maximum effectiveness and recommend any changes it considers necessary to the Board for approval.

Remuneration Committee - Terms of Reference

Nominations Committee - Terms of Reference

Sealing Committee - Terms of Reference



Navigation: back to top of page back to top