Investors

Click to enlarge

The governance framework reflects the devolved and decentralised structure of the Group, which is considered a key part of the Group’s ability to deliver multi-local services to its clients. Under this structure authority and control are delegated from the chief executive to the regional managing directors (each of whom are members of the Strategy Group), from them to the managing directors of the principal businesses (many of whom are members of the Group Executive) and then downward to business and project managers as appropriate. Within this framework:

• authority is delegated within clearly prescribed limits
• decisions are escalated where either project size or risk profile require a higher level of authority
• activity and performance are tracked through monthly and quarterly reports
• effectiveness is audited via internal audit and self-assessment controls.

Following the acquisition of The PBSJ Corporation in North America, an integration programme was implemented to embed the Group’s governance framework within the acquired business. Work under this integration programme is ongoing and hence the governance framework described here is not currently fully operational within the acquired business. We are confident that an appropriate control framework is in operation while this work is completed.

The governance framework is designed to manage, rather than eliminate, the risk of failure to achieve stated business objectives. It can only provide reasonable and not absolute assurance against material misstatement or loss.

Joint ventures in which the Company does not have overall control are not covered by the Group’s governance framework. For these joint ventures, systems of internal control are applied as agreed between the joint venture parties.

The Group’s devolved and decentralised structure is considered key to its continued success. Within this, operational management is delegated to the managing directors and management teams of each region and then to the managing directors and management teams of each business.

Strategic plans and annual budgets are developed via a structured process which ensures that each region and business responds appropriately to market opportunities within an overall strategy for the Group. These plans and budgets are reviewed formally by the chief executive, Group finance director and Group HR director before finally being approved by the Board.

The performance of each region and business against targets is reviewed quarterly by the chief executive, Group finance director and Group HR director. These reviews are wide-ranging, covering matters including quality, safety and environment, financial performance and forecasts, employee matters and commercial, strategy and operational matters.

In addition, the managing director and management team of each region and business review management accounts for the region or business on a monthly basis. The Group finance director and Group financial controller also review monthly financial performance. These monthly financial performance updates are consolidated and distributed to the Board, regional managing and finance directors and business managing and finance directors.

Each region and business has a management board, which varies in size and composition to meet the specific needs of the region or business but always includes at its core the regional/business managing director, regional/business finance director, regional/business commercial director and HR regional/business partner. The regional and business management boards are responsible for the day-to-day operations of each region and business respectively.

The primary objective of the Group’s project systems and controls is to deliver business objectives and customer requirements in an efficient and consistent manner. These systems and controls are mandated in order to minimise the risk of errors on projects, and to maximise the delivery of the required technical quality to customers and the required profitability to the Group.

Controls are in place to ensure that the right people approve bids, projects and purchases and that appropriate and focused reporting provides managers with the right information to make informed decisions. The system provides common processes to deliver maximum efficiency.

Whilst significant responsibility for commercial issues is delegated to the businesses, there are consistent controls in place to ensure the Group is able to assess and manage overall business risk. This is set out in the commercial risk and audit framework.

Within each business a framework of internal controls exists that forms a robust business management system. These systems include policies, processes, procedures, guidance, plans and other tools such as pro formas specific to the needs of the business. They are implemented to manage and control risk and to ensure activities are effectively controlled.

The Group authority matrix summarises the authority of employees at each level of the organisation to commit the Group to expenditure and contractual liabilities in the course of their duties. It has been designed to allow the Group to operate flexibly and efficiently. Controls are in place to ensure the Group authority matrix and procedures around its operation and management are adhered to.

A service delivery process has been adopted to enable us to realise value from opportunities for customers, the Group and partners whilst always adhering to the Group’s business conduct policy. The service delivery process is applied from the receipt of a lead, through bidding, project delivery and project closure; the full life cycle of a project. It overlays requirements on line managers to ensure a consistent, controlled approach to projects.

Each bid and each project has a project manager and a project director appointed to it. These individuals are responsible for ensuring the project is carried out in accordance with the Group’s service delivery process. Controls exist to identify individuals who are suitable for these roles.

Commercial procedures and guidance notes have been developed to help bid and project managers understand specific commercial issues in the bidding process. Whilst the Group commercial policies and procedures are mandatory, guidance notes are advisory and provide the background to specific commercial and legal issues. The guidance notes are reviewed annually to ensure they are up to date and relevant.

An annual risk review of all parts of the Group is undertaken with the assistance of the Group’s insurance brokers. This review is based on interviews with key personnel and the results are shared with the Group’s Risk Committee and the Board. Risk logs are produced throughout the Group in accordance with the risk management policy, including project risk logs and business risk logs, which feed into the Group risk log. Project risk logs form an important part of the service delivery process whilst the Group risk log is reviewed by each of the Risk Committee, Audit Committee and Board.

Project summary reports are one-page summaries of the financial status of projects at a point in time. The project manager, project director and lead engineer are required to approve the report on a monthly basis.

Project audits are carried out by the internal audit function. The activities of this function are described in more detail below.

The Board sets Group policies on corporate responsibility, including QSE. The chief executive is the Board member responsible for corporate responsibility and for the Group’s performance, supported by Group-wide frameworks. A common management structure governs QSE. The Group director for QSE, who reports to the chief executive, is responsible for Group QSE. Each business also has dedicated QSE representatives.

Corporate responsibility-related Group policies include quality, health and safety, environment, sustainability, community, business conduct, data protection, dignity and equality at work, whistleblower and the appropriate use of information technology. These are published on the Group’s intranet and may be provided externally on request. They are reviewed regularly and updated to reflect changes to legislation, emerging good practice and business needs.

A summary of the Group’s corporate responsibility activities is provided for shareholders in the Corporate Responsibility Review within the Annual Report. In addition, the Group provides further information on corporate responsibility, which includes detailed information in respect of safety leadership and performance, carbon reduction, respect for the environment and working with our community in the corporate responsibility section of our website.

Our business conduct policy sets out the standards of behaviour we expect from Atkins staff in our dealings with clients, suppliers, colleagues and other parties. The areas it covers are illustrated below.

Atkins business conduct

Click to enlarge

The Group’s principal objective is to maintain a culture and an environment within which talented professionals can be recruited, retained, developed and deployed to work in support of its clients. Significant effort is made to treat staff consistently and fairly yet at the same time as individuals.

The Group endeavours to operate cohesively. However, people are employed in several countries where employment practices and legislation differ from the principal market in the UK. In these jurisdictions the Group operates in compliance with local requirements.

A range of business controls are maintained to ensure that the Group:

• identifies and meets resource requirements
• selects people with the requisite skills, qualifications and credentials
• manages employee performance and engagement
• develops the careers and capabilities of individuals
• makes skills and careers mobile across the organisation
• assures the health and well-being of all staff
• manages employment obligations, liabilities and risks.

More information on the Group’s people is provided in the Human Resources Review within the Annual Report.

The Board has established a Risk Committee, chaired by the chief executive, to provide assistance with the day-to-day management of risk and to oversee the operation of the Group’s risk management framework.

The members of the Risk Committee comprise the chief executive, the Group finance director, the company secretary, the Group legal director, the head of internal audit and the Group commercial and risk management director.

The Committee usually meets four times each year.

Committee meetings are attended by the chairman, Allan Cook, at the discretion of the Committee chairman. The deputy company secretary acts as secretary to the Committee.

The Committee’s responsibilities include:

• reviewing significant risks and ensuring they are being actively managed
• instilling risk awareness into Atkins’ corporate culture and sharing knowledge and best practice
• reviewing and monitoring the changing risk profile for the Group
• reviewing the continued relevance of the Group’s insurance programme arrangements
• reviewing significant claims arising in the period together with lessons learned
• reporting to the Board and Audit Committee regularly on its activities.

The Group aims to ensure that all its activities are adequately controlled to mitigate risk and support achievement of objectives, while avoiding the creation of excessive bureaucracy. The internal audit function supports this aim by providing the directors, through the Audit Committee, with an objective evaluation of the Group’s governance framework. The internal audit function also aims to raise levels of understanding and awareness of risk and control throughout the Group.

The head of internal audit reports to the Group finance director and, through the Audit Committee, to the Board.

The internal audit function reviews the annual self-certification process undertaken by management, which requires managers throughout the Group to personally confirm the testing of the internal controls and compliance with Group policies within their business or function and the steps taken to address actual or potential issues that are identified. Central reporting enables good practice to be shared throughout the Group.

The internal audit function has unlimited access to records, staff and data (subject to any formal client restrictions). The head of internal audit will report any concerns about restrictions placed on the authority or scope of the team’s work to the chief executive, Group finance director and Audit Committee.

Ernst & Young (EY) has been appointed to provide internal audit services to the Group. This arrangement seeks to ensure that the function is fully resourced, leading edge and able to draw on the resources and specialist expertise of the wider EY group. An EY employee has assumed the role of head of internal audit.

The internal audit function is independent and free from interference in determining the scope of internal auditing, performing audit work and communicating results. It operates within the terms of its charter as laid out on the Group’s intranet and complies with the Standards and Code of Ethics of the Institute of Internal Auditors. Should the head of internal audit become aware of any non-compliance, the chief executive, Group finance director and Audit Committee would be informed.

The external audit is an important independent control.

The appointment of the independent auditor is approved by shareholders annually. The independent auditor’s audit of the Financial Statements is conducted in accordance with international standards on auditing issued by the Auditing Practices Board. The independent auditor, currently PricewaterhouseCoopers LLP, provides the following:

• a report to the Audit Committee giving an overview of the results, significant contracts and judgements and observations on the control environment
• an opinion on the truth and fairness of the Group and Company accounts
• an internal control report, following its audit, highlighting to management any areas of weakness or concern.

The Board monitors and reviews the adequacy and effectiveness of the Group’s governance framework, which includes internal controls and risk management, on a continual basis throughout each year. Support is provided by the Group’s Risk Committee, the internal audit function and the Company’s independent auditor.