This site uses cookies to provide you with a more responsive and personalised service. By using this site you agree to our use of cookies. Please read our cookie notice for more information on the cookies we use and how to delete or block them.
The full functionality of our site is not supported on your browser version, or you may have 'compatibility mode' selected. Please turn off compatibility mode, upgrade your browser to at least Internet Explorer 9, or try using another browser such as Google Chrome or Mozilla Firefox.

Guidance on internal control and risk management

For companies applying the UK Corporate Governance Code, the current guidance in respect of internal control and risk management is the Financial Reporting Council (FRC)'s publication Guidance on Risk Management, Internal Control and Related Financial and Business Reporting (link to FRC website). This document serves as a reference for boards, prompting them to consider how they effectively manage risk within their business and ensuring a sound monitoring of internal controls, while also highlighting related reporting responsibilities in respect of these areas, such as principal risk disclosures, internal control statements and the longer term viability statement.  This has been echoed by the changes in the 2018 UK Corporate Governance Code, which calls for boards to carry out a robust assessment of the company’s emerging risks as well as principal risks.

For companies complying with US requirements to report on internal controls over financial reporting, the Guidance is a suitable framework as noted by the US Securities and Exchange Commission (SEC).

Possible attestation over internal controls over financial reporting

In December 2019, Sir Donald Brydon’s report of the independent review into the quality and effectiveness of audit proposed a signed attestation by the CEO and CFO to the Board that an evaluation of the effectiveness of the company’s internal controls over financial reporting had been completed and whether or not they were effective. This is expected to be a subject for consultation during 2020/2021.

Guidance for non-Code companies

For those companies not applying the UK Corporate Governance Code, the FRC, in April 2016, issued non-mandatory guidance on the going concern basis of accounting and reporting on solvency and liquidity risks.  Small and micro companies have been scoped out of the guidance but may find parts of it to be a useful in making their going concern assessment. 

Correction list for hyphenation

These words serve as exceptions. Once entered, they are only hyphenated at the specified hyphenation points. Each word should be on a separate line.