On behalf of the Company the Directors acknowledge the Board’s responsibility for ensuring that an effective system of internal controls is maintained and operated. This responsibility takes account of the requirements of the Code. The system of internal control is designed to manage risk to a tolerable level rather than to eliminate it. The system can therefore only provide reasonable but not absolute assurance that assets are safeguarded, transactions authorised and properly recorded and that material errors or irregularities are either prevented or detected in a timely way. The system of internal control, which accords with guidance issued by the Department of Public Expenditure and Reform has been in place in Bord na Móna for the financial year and up to the date of approval of the financial statements.
The principal procedures which have been put in place by the Board include:
- An organisation structure with clear operating and reporting procedures, authorisation limits, segregation of duties and delegated authorities;
- A code of conduct that requires all Directors and employees to maintain the highest ethical standards in conducting business;
- Clearly defined management responsibilities have been established throughout the Group and the services of qualified personnel have been secured and duties properly allocated among them;
- A statement of decisions reserved to the Board;
- A risk management process which enables the identification and assessment of risks that could impact business performance and objectives and ensures that appropriate mitigation plans are formulated to minimise the residual risk;
- A comprehensive budgeting process for each business, Lean Centre and business services culminating in an annual Group budget approved by the Board;
- A comprehensive planning process for each business, Lean Centre and the business services culminating in an annual Group long-term plan, approved by the Board;
- A comprehensive financial reporting system with actual performance against budget, prior year, forecasts, performance indicators and significant variances reported monthly to the Senior Leadership Team and Board;
- A set of policies and procedures relating to operational and financial controls including capital expenditure;
- A Protected Disclosures Policy to provide employees and others with a confidential means to report any fraud or ethical concerns;
- Procedures for addressing the financial implications of major business risks, including financial instructions, delegation practices, and segregation of duties and these are supported by monitoring procedures;
- Management at all levels are responsible for internal control over its respective business functions and provide annual management assurance statements; and
- Procedures for monitoring the effectiveness of the internal control systems include the work of the Risk and Audit Committee, management reviews, the use of external consultants and Internal Audit.
Internal audit considers the Group’s control systems by examining financial reports, by testing the accuracy of transactions and by otherwise obtaining assurances that the systems are operating in accordance with the Group’s policies and control requirements. Internal audit report
directly to the Risk and Audit Committee on the operation of internal controls and make recommendations on improvements to the control environment if appropriate.
Where weaknesses in internal control systems have been identified plans for strengthening them are put in place and action plans are regularly monitored until completed.
The Group has a framework in place to review the adequacy and monitor the eectiveness of internal controls covering financial, operational, risk management and compliance controls. Formal procedures have been established for monitoring control processes and control deficiencies are
communicated to those responsible for taking corrective action and to management and the Board, where relevant, in a timely way.
The Directors confirm that the following ongoing monitoring systems are in place:
- Key risks and related controls have been identified and processes have been put in place to monitor the operation of those key controls and report any identified deficiencies;
- Reporting arrangements have been established at all levels where responsibility for financial management has been assigned; and
- There are regular reviews by senior management of periodic and annual performance and financial reports which indicate performance against budgets/forecasts.
The Directors confirm that Bord na Móna has procedures to monitor the effectiveness of its risk management and control procedures. Bord na Móna’s monitoring and review of the effectiveness of the system of internal control is informed by the work of the internal and external auditors,
the Risk and Audit Committee which oversees their work, and the Senior Leadership Team within Bord na Móna responsible for the development and maintenance of the internal control framework.
The Directors confirm that the Board conducted an annual review of the effectiveness of the internal controls for the financial year and up to the date of approval of the financial statements. The process used to review the effectiveness of the system of internal controls included:
- Review and consideration of the internal audit work programme and consideration of its reports and findings;
- Review of the regular reporting from internal audit on the status of the internal control environment and the status of recommendations raised previously from their own reports and reports from the external auditor;
- Review of reports from the external auditor which contain details of any material internal control issues identified by them in their work as auditors; and,
- Review of the risk register reports, the countermeasures in place to mitigate the risk, the remaining residual risk and actions required or being taken to further mitigate the risks.
No material weaknesses in internal control were identified in relation to the reporting period that requires disclosure in the financial statements.