Cookies on the Gambling Commission website

The Gambling Commission website uses cookies to make the site work better for you. Some of these cookies are essential to how the site functions and others are optional. Optional cookies help us remember your settings, measure your use of the site and personalise how we communicate with you. Any data collected is anonymised and we do not set optional cookies unless you consent.

Set cookie preferences

You've accepted all cookies. You can change your cookie settings at any time.

Skip to main content


Corporate Governance Framework

Our corporate governance framework sets out the necessary responsibilities and procedures that guarantee we operate properly.

5 - Responsibilities

5.1. In particular, the Audit and Risk Committee (ARC) is responsible for the following items:

5.2. Financial Reporting

The ARC is asked to provide assurance to the Board of Commissioners (the Board) and Accounting Officer on the integrity of the Gambling Commission’s annual statutory financial statements, to assist the Board in fulfilling its responsibilities to approve the annual report and accounts. The Committee is responsible for:

5.3. Scrutinising (annually):

  • the accounts, the accounting policies, other accounting information, the Governance statement, and the assurances relating to corporate governance and legality contained in the Annual Report and Financial Statements before submission to the Board and Accounting Officer for approval. Focusing particularly on the wording in the Governance Statement and other disclosures relevant to the terms of reference of the Committee
  • ensuring that the systems for financial reporting are subject to periodic review by internal audit as to completeness and accuracy of the information provided to the Board.

5.4. Governance, Risk Management and Internal Control

The ARC is asked to provide assurance to the Board on the Commission’s systems of governance, risk management and internal control, namely the comprehensiveness, reliability and integrity of the assurances provided by those systems.

5.5. The ARC can highlight concerns and recommend changes to the Board, to assist Board in approving the Commission’s risk management arrangements and Corporate Governance Framework. To do this, Committee will:

5.6. Scrutinise (annually) delegated authorities and governance structures, report to the Board on whether they are adequate and make any recommendations to the Board.

5.7. Scrutinise (as needed or as specified):

  • The comprehensiveness, reliability and integrity of the system of internal controls and the assurances these provide. In particular:

    • review managements and the internal auditors’ reports on the effectiveness of the system of internal control, including Health and Safety
    • the Commission’s policies, controls and assurance frameworks, including those relating to cybersecurity
    • the continued appropriateness of key performance indicators with Executive and report to the Board any recommendations for improvement.
  • The Strategic Risk Register at every meeting of ARC, in particular:

    • appropriateness of risk appetite and horizon scanning arrangements
    • reports from internal auditors and scrutinising the status and trends of all risks in the strategic risk register
    • individual risks from the Strategic Risk Register as per a schedule of reviews agreed with Committee.
  • The operation of key internal controls including but not restricted to:

    • the content and efficacy of the Commission’s whistleblowing, complaints and Anti-fraud and bribery policies
    • the Commission’s approach to information security, GDPR and Freedom of Information to ensure it meets all relevant requirements of the Information Commissioner’s Office and other agencies
    • the Commission’s response to major information security failures.

5.8. Internal Audit

The ARC is asked to provide assurance to the Board on the effectiveness and quality of the internal audit function, with a view to ensuring it provides appropriate independent assurance to the Board and value for money. To do this, Committee will:

5.9. Scrutinise (as needed):

  • the scope of the internal audit programme, ensure that the function is adequately resourced and has appropriate standing within the Commission
  • management’s response to all internal audit recommendations.

5.10. Make recommendation to the Board and Accounting Officer on the appointment and removal of the internal auditors, and, on the internal audit fee, the terms of engagement and the internal audit strategy and plan.

5.11. External Audit

The ARC is asked to provide assurance to the Board on the effectiveness and quality of the external audit, including any issues arising from the audit and to do this, the Committee will:

5.12. Scrutinise (as needed) the findings of the audit with the external auditor considering any material issue which arose during the audit, any accounting and audit judgements and levels of errors identified during the audit.

5.13. Scrutinise (at least annually):

  • its independence and the relationship with the auditor as a whole, including the provision of any non-audit services, and value for money
  • with the National Audit Office, the terms of engagement of the external auditor and the external audit strategy and plan.
Previous section
Next section
Committee effectiveness
Is this page useful?
Back to top