Managing risk and maintaining quality

Managing risk is a strategic priority for the Executive Board and senior management of the firm.


We have a clear business strategy. In implementing this strategy it is vital that we also manage the risks associated with it. As a result we have a defined process for assessing, monitoring and controlling risk.

The Executive Board takes overall responsibility for establishing systems of internal control and for reviewing and evaluating their effectiveness. The dayto- day responsibility for implementation of these systems and for ongoing monitoring of risk and the effectiveness of controls rests with senior management.

The systems, which have been in place throughout the financial year and up to the date of approval of these financial statements, include the following:

  • The Risk Council, an Executive Board subcommittee, is responsible for making sure that the controls are in place to identify, evaluate and manage risk.
  • Our lines of service and our internal firm services, which document risks and the responses to them, carry out risk assessments annually and report to the Risk Council on how effectively they have managed risk during the year.
  • Periodic reviews of performance and quality are carried out independently by the PwC network.
  • Our internal audit team reviews the effectiveness of the financial and operational systems and controls throughout the Group and reports to the Executive Board and the Audit and Risk Committee.
  • Our risk and quality functions oversee our professional services risk management systems and report to the Executive Board.

We take client acceptance procedures extremely seriously and we do not automatically take on new client engagements. Understanding properly both who we are working with and the nature of the work requested is central to protecting our reputation for quality.

We have procedures to assess the risks associated with new clients. We seek to serve only those clients whom we are competent to serve, who value our service and who meet appropriate standards of legitimacy and integrity. We also establish up front whether we are able to comply with independence requirements and to address any potential conflicts of interest. In addition, we conduct annual risk reviews of all audit clients.

Internal control assessment

Our internal control systems are designed to manage, rather than eliminate, the risk of failure to achieve business objectives or, in the case of financial controls, the risk of material misstatement in our financial statements. Accordingly, they provide only reasonable and not absolute assurance against such failure or material misstatement. The Executive Board has reviewed the systems of internal control in operation during the year and is satisfied with their effectiveness.