The Marketing Group Plc (TMG) is a company incorporated in the UK. It is listed on Nasdaq Stockholm, and complies with the Rule Book for Issuers. TMG’s Corporate Governance is based on UK law and internal rules and instructions. We apply the UK Corporate Governance Code (‘the Code”), which is a guide to effective board practice. It is based on the underlying principles of all good governance: accountability, transparency, probity and focus on the sustainable success of an entity over the longer term. This code applies with effect from June 2016 for all companies with a premium listing of equity shares and shall be fully applied from the first annual shareholders; meeting held the year following the listing.
TMG is not obliged to comply with every rule in the Code as the Code itself provides for the possibility to deviate from the rules, provided that any such deviations and the chosen alternative solutions are described and the reasons therefore are explained in the corporate governance report (according to the so-called “comply or explain principle”). Any deviation from the Code will be reported in the Company’s annual corporate governance report. Currently, the Company does not expect to report any deviation from the Code in the corporate governance report due in 2016/17.
Internal Control and Risk Management
The Board has overall responsibility for the Company’s system of internal control including risk management and for reviewing its effectiveness throughout the group.
Such a system is designed to manage or mitigate rather than eliminate the risk of failure to achieve business objectives, and can only provide reasonable and not absolute assurance against material misstatement or loss.
The Group operates an established framework of internal controls covering both financial and non-financial controls.
The Board is responsible for the overall strategic direction and management of the Group.
The Board is establishing an organisational structure with clearly defined reporting lines and controls at all levels of management across the Group, identifying transactions requiring approval by the Board.
The GRAC Committee will assist the Board in the discharge of its duties regarding the Group’s financial statements, accounting policies and the maintenance of proper systems of risk management and internal control.
Key elements of the group’s processes and procedures will be: an organisation structure with clear lines of accountability; regular structured reviews of business risk by senior management; a scheme of delegated authority; monthly reporting and monitoring of financial results, regulatory compliance and other key business measures; and independent assurance provided by internal and external auditors.
Work continues to review and improve the system of internal controls across the group. Any controls weaknesses identified will have action plans to remedy them and those plans will be monitored by the GRAC Committee and other internal teams.
The Board confirms that there is an ongoing process for identifying, evaluating and managing significant business risks faced by the Group, including those risks relating to social, environmental and ethical matters.
The risk management framework is being built to identify, evaluate, analyse, mitigate and monitor those risks that threaten the successful achievement of our business strategy and objectives, within our risk appetite.
Risks are owned and managed within the business, and formally reviewed at least every quarter. To supplement business self-assessments, global governance forms a second line of assurance, executing information security, regulatory compliance and business continuity risk and control reviews. Internal Audit/Assurance team will provide a third line of security, by executing independent and objective risk and control assessments. The results of these reviews will feed into the reporting cycle. Risks will be overseen and supervised through the Executive and Governance, Risk Management, Audit & Compliance Committee (GRAC Committee).
Our risk identification processes will follow a dual approach, seeking to identify risks using:
A bottom-up approach at a business subsidiary level:
This approach identifies those risks which threaten an individual subsidiary and are managed by the Director(s) of that subsidiary. To provide visibility of wider issues within the business, these are consolidated at the global level. Higher rated risks are escalated to the full Board via the GRAC Committee.
A top-down approach at the global level:
This approach identifies those principle risks which threaten the delivery of our strategy and objectives. The diagram below summarises our principal risk profile. Action items are prioritised, monitored, reported and escalated based upon standard criteria.