Report
Annual Report and Accounts 2021 to 2022
The Gambling Commission's 2021 to 2022 Annual Report and Accounts.
Risk and internal control framework
The Board and Audit and Risk Committee
The Board, supported by the Audit and Risk Committee, oversees the arrangements in place for the risk management. The Gambling Commission’s risk management framework was reviewed and revised during 2020-21, with the support of the Commission’s internal auditors. Programme risk registers are reviewed monthly, and the Executive team review escalations and the Corporate Risk Register at least quarterly. The Audit and Risk Committee receive the Corporate Risk Register each quarter, and Board discuss risk twice a year.
The risk management strategy
The strategy outlines the objectives and policies for identifying and managing risk to the achievement of the Commission’s strategic objectives and business plan. This also includes the Commission’s tolerance or appetite for risk. The framework sets out management roles and responsibilities, the process for identifying and recording risk, allocating ownership of risk, evaluating risk, determining responses to risk and monitoring and reporting on progress in managing risk. The framework applies to all levels of the organisation up to the Corporate Risk Register.
The Commission’s risk tolerance
The Commission's risk tolerance is expressed through the level of residual risk judged acceptable for each risk identified. Risk owners are required to identify and implement mitigating actions to reduce the residual risk value to an acceptable level.
The Commission’s governance framework
The Commission’s governance framework sets out how the Board manages its affairs and which matters are delegated to the Chief Executive, or to other employees or committees. This is reviewed periodically (typically every three years), with the most recent changes to the overarching framework being made in June 2020.
Specific aspects of this framework are reviewed more frequently to ensure they remain fit for purpose.
The internal audit programme
The internal audit programme focuses on the requirement to provide assurance that the risks faced by the Commission are properly managed and controlled. Where control weaknesses are identified, these are drawn to the attention of senior managers, who are responsible for determining and implementing an appropriate response.
In their annual report, the Commission’s internal auditors for 2021-22 have been PricewaterhouseCoopers (PwC), supplemented by the Government Internal Audit Agency in certain areas. PwC provide an independent opinion on the adequacy and effectiveness of the Commission’s system of internal control, together with recommendations for improvement. During the year, the following internal audit reviews were carried out:
- Governance and Assurance – internal governance (GIAA)
- Financial Systems – review of the assumptions in the medium-term financial plan (PwC)
- Cybersecurity (PwC)
- 4th National Lottery Licence Competition (GIAA).
Last updated: 31 August 2022
Show updates to this content
No changes to show.