Email this page

The Board has overall responsibility for the Group's systems of internal control and risk management and for reviewing their effectiveness.  These systems have been in place for 2007 and to the date of approval of the report and accounts and involve: the identification, evaluation and management of key risks through a Risk Committee, which reports to the Board annually; business reviews by the Board of each of the business units; and the review by the Audit Committee of internal controls over financial reporting and the risk management process. These systems are reviewed annually by the Board. Whilst not providing absolute assurance against material misstatements or loss, these systems are designed to identify and manage those risks that could adversely impact the achievement of the Group's objectives.

The Risk Committee comprises the executive directors and the executive officers of the Group and is chaired by the Chief Executive. As an integral part of planning and review, management at each of the business units identify the risks involved in their business, the probability of those risks occurring, the impact if they do occur and the actions being taken to manage and mitigate those risks. Areas of potential major impact are reported to the Risk Committee at its meetings which are held twice a year.

The annual Group Risk Report of the Risk Committee to the Board details all principal risks categorised by potential financial impact on profit and share price. The most significant Group risks are reported to the Board quarterly, which include new key or significantly increased risks along with actions put in place to mitigate such risks. The principal risks are detailed in "Risk Factors" to be found on pages 22 to 26 of the 2007 Annual Report.

In 2007 the effectiveness of the business units' systems to identify and manage material risk were evaluated and the findings reported to the Board. No material weaknesses were identified in these systems.

Management is responsible for establishing and maintaining adequate internal control over financial reporting as defined in Rule 13a-15(f) and 15d-15(f) under the Securities Exchange Act of 1934.

Because of inherent limitations, internal control over financial reporting may not prevent or detect misstatements.  In addition, projections of any evaluation of effectiveness to future periods are subject to the risk that controls may become inadequate because of changes in conditions, or that the degree of compliance with the policies or procedures may deteriorate.

In accordance with the requirement in the US under s404 of the Sarbanes-Oxley Act management assessed the effectiveness of the Group’s internal control over financial reporting as at 31 December 2007.  In making this assessment, management used the criteria set forth by the Committee of Sponsoring Organisations of the Treadway Commission in Internal Control-Integrated Framework.  The assessment excluded the internal controls over financial reporting relating to entities acquired as part of the Plus acquisition (“the Plus entities”) because they were acquired on 31 May 2007 as described in Note 32 of the Notes to the Accounts.  As of, and for the year-ended, 31 December 2007, the Plus entities represented 8%, 13%, 6% and 17% (loss) of the Group’s consolidated total assets, net assets, total revenues and attributable profit respectively.

Based on its assessment, management has concluded and hereby reports that, as at 31 December 2007, the Group’s internal control over financial reporting is effective based on those criteria.

Ernst & Young LLP, an independent registered public accounting firm, has issued an audit report on the Group’s internal control over financial reporting as of 31 December 2007.  This report appears on page 78 of the 2007 Annual Report.

There has been no change in the Group’s internal control over financial reporting during the period covered by this Annual Report that has materially affected, or is reasonably likely to materially affect, the Group’s internal control over financial reporting.

The Disclosures Committee is chaired by the Chief Executive and also comprises the Chief Financial Officer and the Group Director of Corporate Affairs. The secretary is the Company Secretary. The Committee approves the releases of all major communications to investors, to the UK Listing Authority and the London and New York stock exchanges.

The Chief Executive and Chief Financial Officer have evaluated the effectiveness of the design and operation of the Group's disclosure controls and procedures as at 31 December 2007. Based upon, and as of the date of, that evaluation, the Chief Executive and Chief Financial Officer concluded that the disclosure controls and procedures were effective.

The Codes of Business Principles, which include a whistleblowing policy are available at   www.smith-nephew.com/sustainability2007 and are available on request, apply to all directors, officers and employees. Any breaches of the Codes are reported to the Company Secretary who is obliged to raise the issue with the Chief Executive or Chairman and the Audit Committee. During 2007 and up until 12 March 2008 no waivers have been put in place nor any amendments made to the Codes.

The Board of Directors has adopted a Code of Ethics for senior financial officers, which is available at www.smith-nephew.com/sustainability2007 and is available on request. It applies to the Chief Executive, Chief Financial Officer, Group Financial Controller and the Group's senior financial officers. There have been no waivers to any of the Code's provisions nor any amendments made to the Code during 2007 or up until 12 March 2008.

The Audit Committee's remit, which is set out in its terms of reference, includes responsibility for:

• monitoring the integrity of the Group’s accounts, ensuring that they meet statutory and associated legal and regulatory requirements and reviewing significant financial reporting judgments contained in them;
• monitoring announcements relating to the Group's financial performance;
• monitoring and reviewing the effectiveness of then Group's internal audit function;
• recommending, for shareholder approval, the appointment, re-appointment and removal of the external auditors, as appropriate;
• approving the remuneration and terms of engagement of the external auditors;
• monitoring and reviewing the external auditors' independence and the effectiveness of the audit process;
• pre-approval of the external auditors to supply non-audit services;
• monitoring the effectiveness of internal financial controls and reviewing compliance with s404 of the Sarbanes-Oxley Act 2002;
• reviewing the operation of the risk management process; and
• reviewing arrangements by which staff may raise complaints against the Group regarding financial reporting or other matters.

The Group has specific policies which govern:

• the conduct of non-audit work by the external auditors which prohibits the auditors from performing services which would result in the auditing of their own work, participating in activities normally undertaken by management, acting as advocate for the Group and creating a mutuality of interest between the auditors and the Group, for example being remunerated through a success fee structure. Each year, the Audit Committee pre-approves the budget for fees relating to audit and non-audit work, including taxation services, in accordance with a listing of particular services. In the event that limits for these services are expected to be exceeded or the Group wants the external auditors to perform services that have not been pre-approved, approval by the Chairman of the Audit Committee is required, together with a notification to the Audit Committee of the service and the fees involved. All services provided by the independent auditors during the year were pre-approved by the Audit Committee; and
• audit partner rotation, which is in accordance with the Auditing Practices Board Ethical Standards in the UK and the SEC rules in the US. Partners and senior audit staff may not be recruited by the Group unless two years has expired since their previous involvement with the Group.

The Chief Executive, the Chief Financial Officer and other members of management attend the meetings when necessary and the external auditors have unrestricted access to the Audit Committee. The Audit Committee meets without management in attendance, when appropriate, and meets with the auditors, without management present, from time to time.

The principal activities of the Audit Committee during the year ended 31 December 2007 included:

• consideration of the quarterly, interim and preliminary results and the annual accounts;
• consideration of the Group's compliance with s404 of the Sarbanes-Oxley Act 2002;
• a review of the Group's approach to internal financial control, its processes, outcomes and disclosures;
• a review of the audit, audit-related and tax services provided by Ernst & Young LLP;
• review and the pre-approval of all services provided by the auditors during the year including all non-audit work performed by the auditors together with associated fees, to ensure that the objectivity and independence of Ernst & Young LLP as auditors of the Group was not compromised. Ernst & Young LLP only provided advisory work in respect of accounting and tax related matters;
• consideration of Ernst & Young LLP's in-depth reports to the Committee on the scope and outcome of the annual audit and management's response. Their reports included accounting matters, governance and control and accounting developments;
• a review of the effectiveness of the performance of Ernst & Young LLP effected by the completion of a questionnaire by the units audited within the Group and by the members of the Committee;
• recommending the re-appointment of Ernst & Young LLP as the Group's auditors;
• confirmation that no concerns were raised with the Committee about possible improprieties in matters of financial reporting or other matters;
• reviewing the Committee's terms of reference to ensure they reflect developments in corporate governance in the UK and the US;
• consideration of the Group's risk management process; and
• an evaluation of its own performance during the year, effected by means of a questionnaire and individual discussions.

The Committee may obtain legal and other independent professional advice, at the Company's expense, as it deems necessary. During the year, no such advice was sought by the Committee.