RBS 2009 Annual Report Download - page 220

Download and view the complete annual report

Please find page 220 of the 2009 RBS annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 390

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284
  • 285
  • 286
  • 287
  • 288
  • 289
  • 290
  • 291
  • 292
  • 293
  • 294
  • 295
  • 296
  • 297
  • 298
  • 299
  • 300
  • 301
  • 302
  • 303
  • 304
  • 305
  • 306
  • 307
  • 308
  • 309
  • 310
  • 311
  • 312
  • 313
  • 314
  • 315
  • 316
  • 317
  • 318
  • 319
  • 320
  • 321
  • 322
  • 323
  • 324
  • 325
  • 326
  • 327
  • 328
  • 329
  • 330
  • 331
  • 332
  • 333
  • 334
  • 335
  • 336
  • 337
  • 338
  • 339
  • 340
  • 341
  • 342
  • 343
  • 344
  • 345
  • 346
  • 347
  • 348
  • 349
  • 350
  • 351
  • 352
  • 353
  • 354
  • 355
  • 356
  • 357
  • 358
  • 359
  • 360
  • 361
  • 362
  • 363
  • 364
  • 365
  • 366
  • 367
  • 368
  • 369
  • 370
  • 371
  • 372
  • 373
  • 374
  • 375
  • 376
  • 377
  • 378
  • 379
  • 380
  • 381
  • 382
  • 383
  • 384
  • 385
  • 386
  • 387
  • 388
  • 389
  • 390

RBS Group Annual Report and Accounts 2009218
Corporate governance continued
Internal control
The Board of directors is responsible for the Group’s system of internal
control that is designed to facilitate effective and efficient operations
and to ensure the quality of internal and external reporting and
compliance with applicable laws and regulations. In devising internal
controls, the Group has regard to the nature and extent of the risk, the
likelihood of it crystallising and the cost of controls. A system of internal
control is designed to manage, but not eliminate, the risk of failure to
achieve business objectives and can only provide reasonable, and not
absolute, assurance against the risk of material misstatement, fraud or
losses.
The Board has established a process for the identification, evaluation
and management of the significant risks faced by the Group, which
operated throughout the year ended 31 December 2009 and to 24
February 2010, the date the directors approved the Report and
Accounts. This process is regularly reviewed by the Board and meets
the requirements of the guidance ‘Internal Control: Revised Guidance
for Directors on the Combined Code’ issued by the Financial Reporting
Council in October 2005. Enhancements have been made to the Risk
Management Framework during throughout 2009 and further
improvements will be made in 2010.
The effectiveness of the Group’s internal control system is reviewed
regularly by the Board, the Audit Committee and, since January 2010,
the Board Risk Committee. Executive management committees or
boards of directors in each of the Group’s businesses receive regular
reports on significant risks facing their business and how they are being
controlled. In addition, the Board receives monthly risk management
reports. Details of the Group’s approach to risk management are given
in the Risk, capital and liquidity management section of the Business
review. The Audit Committee has received confirmation that
management has taken, or is taking, the necessary action to remedy
any failings or weaknesses identified through the operation of the RBS
group framework of controls.
The Group’s independent auditors present to the Audit Committee
reports that include details of any significant internal control matters
which they have identified. The system of internal controls of the
authorised institutions and other regulated entities in the Group is also
subject to regulatory oversight in the UK and overseas. Additional
details of the Group’s regulatory oversight are given in the Supervision
and Regulatory reviews and developments sections on pages 361 and
362.
Internal control over financial reporting
The Group is required to comply with Section 404 of the US Sarbanes-
Oxley Act of 2002 and assess the effectiveness of internal control over
financial reporting as of 31 December 2009.
The Group assessed the effectiveness of its internal control over
financial reporting as of 31 December 2009 based on the criteria set
forth by the Committee of Sponsoring Organizations of the Treadway
Commission in ‘Internal Control – Integrated Framework’.
Based on its assessment, management has concluded that, as of
31 December 2009, the Group’s internal control over financial reporting
is effective.
The Group’s auditors have audited the effectiveness of the Group’s
internal control over financial reporting and have given an unqualified
opinion.
Management’s report on the Group’s internal control over financial
reporting will be filed with the SEC at the same time as the Annual
Report on Form 20-F.
Disclosure controls and procedures
As required by US regulations, the effectiveness of the company’s
disclosure controls and procedures (as defined in the rules under the
US Securities Exchange Act of 1934) have been evaluated. This
evaluation has been considered and approved by the Board which has
instructed the Group Chief Executive and the Group Finance Director to
certify that, as at 31 December 2009, the company’s disclosure controls
and procedures were adequate and effective and designed to ensure
that material information relating to the company and its consolidated
subsidiaries would be made known to them by others within those
entities.
Changes in internal control
There was no change in the company’s internal control over financial
reporting that occurred during the period covered by this report that has
materially affected, or is reasonably likely to materially affect, the
company’s internal control over financial reporting.