UKG100042818
UKG100042818
Post Office Limited — Strictly Confidential
POLARC13 (1st)
POLARC13/1- 13/8
POST OFFICE LIMITED
(Company no. 2154540)
Minutes of a meeting of the AUDIT, RISK AND COMPLIANCE SUB-COMMITTEE held on
Wednesday 13 February 2013 at 1.15pm
at 148 Old Street, London EC1V 9HQ
Present:
Alasdair Marnoch Chairman of Committee
Neil McCausland Senior Independent Director
Susannah Storey Non-Executive Director
In attendance:
Alice Perkins Chairman, Post Office Limited
Paula Vennells Chief Executive (CEO)
Chris Day Chief Financial Officer (CFO)
Susan Crichton HR & Corporate Services Director
Sarah Hall Head of Financial Control and Compliance
Alwen Lyons Company Secretary
Mark Davies Communications Director (item 13/4 only)
Malcolm Zack Head of Internal Audit
Stephen Collins Audit Manager, Royal Mail Group Internal Audit (item 13/5 only)
Apologies for absence: Tim Franklin
POLARC13/1 INTRODUCTION
(a) I A quorum being present, the Chairman of the Committee opened the
meeting and welcomed all those present.
POLARC13/2 MINUTES OF THE LAST MEETING AND MATTERS ARISING
(a) I The minutes of the meeting held on 13 November 2012 were approved
for signature by the Chairman of the Committee.
(b) I The CFO reported that there was one final item to agree before he
ACTION: could confirm the external audit fees payable for 2012/2013 but he was
Chris Day content with the value being offered and would report the final fee to
the Committee once it had been finalised.
(c) I The following minutes were noted:-
Post Office Limited and Bank of Ireland (UK) Regulatory Risk
Committee held on 16 November 2012
Post Office Limited and Bank of Ireland (UK) Regulatory Risk
Committee held on 12 December 2012
Post Office Risk & Compliance Committee held on 21 January 2013.
UKG100042818
UKG100042818
Post Office Limited — Strictly Confidential
(d) I It was agreed that in future, instead of the minutes of the above Risk
Committees being presented to the ARC for noting, Susan Crichton, as
ACTION: Chair of the Risk & Compliance Committee would provide a summary
Susan Crichton of the key issues covered.
(e) I Susan Crichton explained the changes to the Post Office’s Speak Up
Policy (Whistleblowing) and the plan to communicate to Staff in April.
The policy was noted by the Committee who requested a report on the
ACTION: issues raised at the end of 2013-2014, with any significant matters
Susan Crichton highlighted in the interim.
POLARC13/3 RISK MANAGEMENT WITHIN POST OFFICE LIMITED
Risk Management Strategy 2013-2014
(a) I Malcolm Zack presented the Post Office Limited’s Risk Management
Strategy for 2013-2014. The current status of the Enterprise Risk
Management (ERM) framework was noted.
(b) I The next stage of the ERM development was agreed and would be
recommended to the Post Office Limited Board.
(c) I The Committee discussed the Risk Management Strategy for 2013-
2014 and the relationship between the Risk & Compliance Committee,
the Audit and Risk Committee, the Executive Committee and the
ACTION: Board. It was agreed following the completion of the Strategy both the
Susan Crichton/ Business and the Board would identify the key material risks (top 5-10)
Alasdair Marnoch which would be brought back to the ARC in the autumn for
consideration.
(d) I Regulatory Risk Framework and Controls
The Committee considered the Regulatory Risk Framework currently
in place for Post Office Limited and thanked the Business for the
comprehensive list of regulation identified.
(e) I Susan Crichton stressed the need for a clear view on risk appetite and
ACTION: the costs involved with assurance and mitigation. She asked the
Susan Crichton/ Committee to recognise that this was work in progress. The Committee
Alasdair Marnoch endorsed the proposed approach to monitoring, and agreed that the
Committee should review the Regulatory Risk Framework later in the
year once the risk appetite work had been completed.
(f) I Treasury Risk Management
The CFO presented the Treasury risk management framework,
policies and authorities to the Committee. The Chairman thanked him
for the full report and the Committee discussed each principal treasury
risk, as set out below.
UKG100042818
UKG100042818
Post Office Limited — Strictly Confidential
(g) I Foreign exchange Risk
The CFO explained that, although large volumes of currency were held
by the Business, the value at risk was relatively small. Tim Franklin
had asked the Business to consider the effect of reducing the number
of currencies held as this would reduce complexity and cost. The CFO
acknowledged that the ‘long tail’ of currencies with relatively few sales
did add complexity.
The Chairman asked if forward hedging a month was effective. The
CFO explained that the current regime was very risk averse and time
consuming and was an area which he would reconsider.
(h) I Interest Rate Risk
The CFO explained that the Business was affected by both sides of
the interest rate market and that he would only be concerned if the
market became volatile.
(i) I Insurance Risk
The Committee asked the Business to consider the need for
ACTION: Susan Professional Indemnity Insurance cover as it moved into the area of
Crichton financial services advice.
(j)_ I Counterparty Risk
The CFO presented the list of counterparties and reassured the
Committee that any proposed additions would be presented to the
Committee for approval. The Committee asked that the list be updated
to show the parent company and highlight where a parent company
guarantee existed. The list of counterparties was noted.
The Committee discussed the flow of Government funds and the
ACTION: possible advantage for the Business and the Government of a different
Chris Day approach. The CFO was asked to explore the possibility with ShEx but
ensuring this would not put receiving the agreed funding at risk.
(k) I Governance and Reporting
The governance and reporting explained in the paper was discussed. It
was agreed that policy breaches identified by management and any
ACTION: oversight processes should be notified to internal audit. The Head of
Malcolm Zack Internal Audit would report any significant policy breach to the
Committee.
The Committee noted the treasury risks to which the Post Office was
exposed. It was agreed that the proposed framework of treasury
policies and procedures, including the governance and reporting
ACTION: Chris mechanisms and associated approvals and limits, be recommended to
Day the Post Office Board in March.
POLARC13/4 ANNUAL REPORT AND ACCOUNTS
Mark Davies joined the meeting
(a) I The Committee considered the plans for the publication of the Post
UKG100042818
UKG100042818
Post Office Limited — Strictly Confidential
Office’s Report and Accounts (R&A) for the financial year 2012/2013
which included the key messages, together with a proposed timeline
for clearance of the report. It was agreed that the R&A should aim to
change people’s perception of the Business by being concise and
engaging, showing solid progress but with a sense of realism and
excitement.
The Chairman advised the Business to compare the R&A to those
ACTION: produced by mid-cap or small private limited companies as these were
Mark Davies often more concise than those produced by big corporations.
(b) I Neil McCausland explained the pressure from Government for full
disclosure in the Directors’ Remuneration Report. The Remuneration
Committee had agreed with advice from New Bridge Street
ACTION: (Remuneration Consultants) an appropriate level of disclosure.
Neil McCausland/ Susannah Storey recommended checking with ShEx that we are in line
Susannah Storey with the other companies in which they hold a share.
The Committee stressed the need to be prepared for the questions
ACTION: which would be raised by the disclosures in the Directors’
Mark Davies Remuneration Report.
(c) I The first draft of the Board Chairman's Foreword had been circulated
ACTION: All and the Committee were asked to provide comments to Mark Davies
and Alice Perkins.
Tim Franklin had asked that the Business consider if there was a
ACTION: subject on which it would want to make a public statement in the R&A.
Mark Davies/ He gave, as an example, the easy way in which customers were able
Alwen Lyons to move their bank current accounts.
The plans for the publication of the Post Office’s Report and Accounts
for the financial year 2012/2013 were noted. The Committee asked for
a high level detailed milestone plan showing when the Board would be
required to input and who was signing off which parts of the document.
Mark Davies left the meeting.
POLARC13/5 INTERNAL AUDIT
(a) I Stephen Collins joined the meeting.
(b) I Malcolm Zack presented the activity report for the internal audit
function, which the Committee noted.
(c) I The Chairman asked that future Internal Audit Reports include the
outcomes required from the Audit and a timeline showing when those
outcomes would be delivered so that they could be tracked. Susan
Crichton explained that this detail was scrutinised by the Risk and
Audit Committee and it would be included in the summary requested
by the ARC. _(POLARC 13/2 (d)).
UKG100042818
UKG100042818
Post Office Limited — Strictly Confidential
@
Malcolm Zack reported the progress in setting up the Post Office
internal audit team and how this would enable a more flexible
approach.
The proposed internal audit plan for the financial year 2013/2014 was
ACTION: considered and reviewed. The Business was asked to ensure it had
Malcolm Zack enough focus on the major transformation programmes in both
Network and IT.
ACTION: All The Chairman asked that any other comments be forwarded to the
Head of Internal Audit.
It was agreed that
(i) the remaining contracted 100 man days from the Royal Mail
ACTION: Internal audit function be utilised in the first quarter of the
Malcolm Zack 2013/2014 financial year, with a view to exiting from the Royal
Mail support by 30 June 2013 at the latest;
(ii) the Internal audit plan for 2013/2014 be approved subject to an
increased focus on transformation programmes; and
(iii) a copy of the approved Internal Audit plan be circulated to the
ACTION: Risk and Compliance Committee, and the Executive
Malcolm Zack Committee.
Stephen Collins left the meeting
POLARC13/6 MATTERS REFERRED TO ARC BY THE BOARD
Update report on Information Security
(a) I The Committee noted the paper on Information Security. The
Chairman explained that he had already asked Lesley Sewell to focus
ACTION: on the immediate actions required to ensure the matter was
Lesley Sewell progressed to mitigate the significant risks.
ACTION: The Committee asked for an update in the CEO’s Board Report
Lesley Sewell explaining the specific actions being taken.
(b) I Bank of Ireland (UK) plc Capital and Liquidit
The Committee noted Bank of Ireland (UK) plc’s capital and liquidity
position against its regulatory and Eagle contract requirements, which
had met the terms of the joint venture agreement. Tim Franklin had
assured the Chairman that he was comfortable with the current
position and the on-going agreed monitoring.
POLARC13/7 ANY OTHER BUSINESS
None was reported.
POLARC13/8 CLOSE
There being no further business, the meeting was declared closed.