TIDMNCC
RNS Number : 4812Z
NCC Group PLC
18 September 2020
NCC Group plc
(the "Company" or the "Group")
Notice of Annual General Meeting 2020
The Company confirms that its Notice of Annual General Meeting
2020 ("AGM Notice") and its Annual Report and Accounts for the year
ending 31 May 2020 ("Annual Report") have been posted or otherwise
been made available to shareholders and published on the Investor
Relations section of its website
(www.nccgroup.com/investor-relations). The Annual General Meeting
will be held at 10.30 am on Tuesday 20 October 2020 at the
Company's Head Office, XYZ Building, 2 Hardman Boulevard,
Spinningfields, Manchester, M3 3AQ.
Copies of the Annual Report and the AGM Notice have been
submitted to the National Storage Mechanism and will shortly be
available for inspection at www.morningstar.co.uk/uk/NSM .
A condensed set of the Company's financial statements and
extracts were included in the Company's preliminary results for the
year ended 31 May 2020 released on 3 September 2020 (the
"Preliminary Announcement"). The information included within the
Preliminary Announcement together with the information set out
below, which is extracted from the Annual Report, constitute the
material required by Disclosure Guidance and Transparency Rule
6.3.5 to be communicated to the media in full unedited text through
a Regulatory Information Service. This announcement and the
Preliminary Announcement are not a substitute for reading the full
Annual Report. Page numbers and cross-references in the extracted
information below refer to page numbers and cross-references in the
Annual Report. To view the Preliminary Announcement, please visit
the Investor Relations section of the Company's website at
www.nccgroup.com/investor-relations
Directors' responsibilities statement
The following statement is extracted from page 96 of the Annual
Report and is repeated here for the purposes of Disclosure Guidance
and Transparency Rule 6.3.5. This statement relates solely to the
Annual Report and is not connected to the extracted information set
out in this announcement or the Preliminary Announcement:
"The Directors are responsible for preparing the Annual Report
and Accounts and the Group and Parent Company Financial Statements
in accordance with applicable law and regulations.
Company law requires the Directors to prepare Group and Parent
Company Financial Statements for each financial year. Under that
law they are required to prepare both the Group Financial
Statements in accordance with International Financial Reporting
Standards as adopted by the European Union (IFRSs as adopted by the
EU) and applicable law and have elected to prepare the Parent
Company Financial Statements on the same basis.
Under company law the Directors must not approve the Financial
Statements unless they are satisfied that they give a true and fair
view of the state of affairs of the Group and Parent Company and of
their profit or loss for that period. In preparing each of the
Group and Parent Company Financial Statements, the Directors are
required to:
-- Select suitable accounting policies and then apply them consistently
-- Make judgments and estimates that are reasonable, relevant and reliable
-- State whether they have been prepared in accordance with IFRSs as adopted by the EU
-- Assess the Group and Parent Company's ability to continue as
a going concern, disclosing, as applicable, matters related to
going concern
-- Use the going concern basis of accounting unless they either
intend to liquidate the Group or the Parent Company or to cease
operations, or have no realistic alternative but to do so
The Directors are responsible for keeping adequate accounting
records that are sufficient to show and explain the Parent
Company's transactions and disclose with reasonable accuracy at any
time the financial position of the Parent Company and enable them
to ensure that its Financial Statements comply with the Companies
Act 2006. They are responsible for such internal control as they
determine is necessary to enable the preparation of Financial
Statements that are free from material misstatement, whether due to
fraud or error, and have general responsibility for taking such
steps as are reasonably open to them to safeguard the assets of the
Group and to prevent and detect fraud and other irregularities.
Under applicable law and regulations, the Directors are also
responsible for preparing a Strategic Report, Directors' Report,
Directors' Remuneration Report and Corporate Governance Statement
that comply with that law and those regulations.
The Directors are responsible for the maintenance and integrity
of the corporate and financial information included on the
Company's website. Legislation in the UK governing the preparation
and dissemination of Financial Statements may differ from
legislation in other jurisdictions.
Responsibility statement of the Directors in respect of the
annual financial report
We confirm that to the best of our knowledge:
-- The Financial Statements, prepared in accordance with the
applicable set of accounting standards, give a true and fair view
of the assets, liabilities, financial position and profit or loss
of the Company and the undertakings included in the consolidation
taken as a whole
-- The Strategic Report includes a fair review of the
development and performance of the business and the position of the
issuer and the undertakings included in the consolidation taken as
a whole, together with a description of the principal risks and
uncertainties that they face
We consider the Annual Report and Accounts, taken as a whole, is
fair, balanced and understandable and provides the information
necessary for shareholders to assess the Group's position and
performance, business model and strategy."
Principal risks and uncertainties
The principal risks and uncertainties relating to the Company
are set out on pages 30 to 36 of the Annual Report from which the
following is extracted in full and unedited text :
"Risk management
Risk is an inherent part of doing business and risk management
is a fundamental part of good corporate governance. A successful
risk management process balances risk and reward and is underpinned
by sound judgment of their impact and likelihood. The Board has
overall responsibility for ensuring that NCC Group has an effective
risk management framework, which is aligned to our business
objectives.
The Board has established a Risk Management Policy, which has
established protocols, including:
-- Roles and responsibilities for the risk management framework
-- Risk scoring framework
-- A definition of risk appetite
The integrated approach to risk management diagram on page 31
summarises the Group's overall approach to risk management, which
is supported by a web-based tool - the Integrated Risk Management
System (IRMS). The tool is designed to follow the risk management
model described in the next section and records both strategic and
operational risk registers and tracks risk mitigation action plans,
helping embed ownership of risks and treatment actions while also
providing access to live management information, which is used at
both a Board and operational management level.
NCC Group's approach to risk management
NCC Group adopts both a "top down" and "bottom up" approach to
risk, to manage risk exposure across the Group to enable the
effective pursuit of strategic objectives. The approach is
summarised in the diagram on page 31.
The approach is one of collaboration, which supports our
comprehensive approach to risk identification, from the "top down"
and "bottom up". The Group believes that this is the most efficient
and effective way to identify its business risks.
Top down - strategic risk management
The Board, Audit Committee and Cyber Committee review risks on
an ongoing basis and are supported by the Executive Committee and
subject matter specialists (including Assurance, Software
Resilience (Escrow), Information Security, Data Protection and
Health and Safety). The Board gives consideration to the Group's
strategic objectives and any barriers to their achievement.
Bottom up - operational risk management
The Board and Executive Committee engage with colleagues at
every level of the Group in recognition of the importance of their
expertise, contribution and views. In relation to matters of
wrongdoing, or risks not being recognised and adequately managed,
the Group has a robust and effective whistleblowing procedure,
which is supported by the Safecall reporting line.
Risk management model
The Board has overall responsibility for ensuring that NCC Group
adopts an effective risk management model, which is aligned to our
objectives and promotes good risk management practice. We have
therefore adopted the model described in this section and
summarised in the diagram above.
The Board, Audit Committee, Cyber Committee and Executive
Committee review risks on an ongoing basis throughout the year. The
appropriateness and relevance of the risks and issues tracking
system - IRMS - are monitored by the global governance team to
ensure that it continues to be updated, meet the needs of the Group
and remain in line with good risk management practice. In addition,
there is a robust process in place for monitoring and reporting the
implementation of agreed actions.
We are satisfied that the risk management policy, framework and
model currently in place are sufficient to manage risk across the
Group.
The key areas of identifying, assessing, addressing and
monitoring risks are explained in more detail below:
Identify
Risks exist within all areas of our business and it is important
for us to identify and understand the degree to which their impact
and likelihood of occurrence will affect the delivery of our key
objectives. This is achieved through day-to-day working practices
and incorporates risks in both the internal and external
environment. Examples of identification include horizon scanning
for legislative and market changes, operational and delivery
reviews (such as SGT), procedures in relation to projects and
change and independent systems audits.
All identified risks are initially assessed for their "inherent"
risk (risk with no controls in place), using a scoring mechanism
that accounts for the likelihood of an event occurring and the
impact that it may have on the Group. The scoring mechanism adopted
takes account of high impact, low likelihood events and these risks
are managed in a timely manner.
In addition to ongoing risk identification, an annual exercise
is undertaken to review the Group's strategic risk universe by the
Board. This exercise is reliant on the "top down", "bottom up"
approach discussed earlier.
Assess
Following the identification of the Group's inherent risks
exposure, a comprehensive assessment of the effectiveness of
current mitigating controls is undertaken. This exercise takes
account of the design of the current control environment and the
application of these controls prior to assessing the Group's
current exposure to risk - mitigated risk score. The Board uses a
number of sources of information to support the scoring of risk and
these include, but are not limited to:
-- Management updates
-- Action tracking and reporting
-- Control environment policies and procedures
-- Independent audit activity
-- Project monitoring reports
Address
An assessment of whether additional actions are required to
reduce our risk exposure is undertaken, with actions falling into
one of four categories:
-- Treat - develop an action plan (applying responsibility,
deadlines and prioritisation) that may include the implementation
of additional controls, or increase the requirement for additional
assurance over the adequacy and effectiveness of the existing
controls
-- Transfer - use a third party specialist to undertake the activity, thus mitigating the risk
-- Tolerate - determine the risk is within appetite
-- Terminate - exit the activity
Output from the evaluation of strategic risks has resulted in
milestone plans owned by senior business leaders, or has been used
in the development of the Group's Transformation Programme.
Monitor
Ongoing monitoring of risks and related actions is key to the
implementation of our risk management model and, therefore, NCC
Group is committed to making enterprise-wide risk management part
of business as usual. Examples of ongoing monitoring of business
risks include, but are not limited to:
-- Annual review of the external audit strategy and plan by the
Audit Committee and Chief Financial Officer to ensure inclusion of
key financial risks
-- Annual review of the annual internal audit plan to validate
that it incorporates key areas of business risk
-- A review of internal audit reports issued during the period,
including a summary of progress against previously raised
management actions
-- Annual review of the strategic risk register by the Board to
ensure that it includes risks arising in year
Internal control
While risk management identifies threats to the Group achieving
its strategic objectives, internal controls are designed to provide
assurance that these objectives are being achieved, such as the
effectiveness and efficiency of operations and delivery, accurate
and reliable financial reporting, and compliance with applicable
laws and regulation.
NCC Group has established a robust internal control framework
which is made up of a number of components:
Control environment
The control environment has primarily been established taking
account of the Group's values (working together; being brilliantly
creative; and embracing difference), and its Code of Ethics, which
sets the foundations for the expected behaviours, values and
competencies for all colleagues across the Group. The Board,
Executive Committee and its extended leadership team lead by
example and strive to maintain effective control environments,
while also maintaining integrity and transparency.
Risk assessments
Risk assessments are conducted at both a strategic and
operational level of the Group and support the Group in
understanding the risks that it faces and the controls in place to
mitigate them. Importantly, they provide a mechanism to identify
operational improvements and are vital in our transformational
programmes.
Policies and procedures
Established policies communicate expected behaviours and these
are supported through procedures and guidelines defining required
processes and controls. This in turn supports the business to adopt
efficient and effective control environments.
Information and communication
Access to accurate and timely data is key in supporting our
colleagues to make decisions and to be well informed in order to
conduct, manage and control their areas of responsibility. During
the year, the Group has focused on its data systems - successfully
implementing Workday HR and currently rolling out the Workday
Finance system.
Activity monitoring
Financial minimum controls have been established during the
current financial year for local finance teams. The financial
minimum controls were self-assessed at the year end and will be
audited by the internal audit function from FY21. The financial
minimum controls framework was established in consultation with the
Chief Financial Officer, the Group Financial Controller and the
local Finance Directors and has taken account of the implementation
of Workday Finance.
Financial accounting and reporting follow generally accepted
accounting practices.
Group review and approval procedures exist in relation to major
areas of risk and require Executive Committee/Board approval,
including mergers and acquisitions, major contracts, capital
expenditure, litigation, treasury management and taxation
policies.
Compliance with all legislation, current and new, is closely
monitored.
Risk and control reporting structure
During the current financial year, NCC Group has focused on
establishing the "three lines of defence", to provide a robust
internal controls structure that will support the Board, Audit
Committee, Cyber Committee, Executive Committee and extended
leadership team with accurate and reliable information in relation
to the systems of internal control. This has resulted in the
recruitment of a Director of Global Governance, who was on-boarded
in January 2020.
The Group has three lines of defence:
-- First line - Group policies and procedures
-- Second line - Global Governance function, incorporating
Health and Safety; Information Security; Data Protection;
Compliance & Standards; and Corporate Legal
-- Third line - independent challenge and assessment, including
ISO certification; and internal and external audit
Principal risks and uncertainties
The Group continues to operate in a particularly dynamic and
evolving marketplace. The current strategic risk register has been
developed to reflect those factors and includes those risks that
would threaten its business model, future performance, solvency or
liquidity. Detailed descriptions of the current principal risks and
uncertainties faced by the Group, their potential impact and
mitigating processes and controls are set out below:
Risk Areas Potential Impact Mitigation
Business A poor strategy (High impact, risk exposure
strategy or ineffective unchanged from 2019)
execution of a
A comprehensive strategy could Members of the Board have
business have a material significant experience
strategy negative impact in evolving business strategies.
is essential on the Group's The Board is significantly
to the financial performance engaged in both setting
continued and value. It would and reviewing strategy
success of the potentially weaken and held a dedicated strategy
Group as we the Group compared session in March 2020.
strive to its competitors
to maximise and risk the Group's
shareholder established position
value. in the marketplace.
------------------------------------------------------------ -------------------------------------------------------------
Management of Poor change management (Low impact, risk exposure
strategic could lead to ineffective unchanged from 2019)
change implementation
of projects that The Group has established
As the Group then cost more a Strategic Change Management
adapts and to deliver, take capability and this includes
executes longer to deliver access to programme management
its strategy and result in fewer professionals and the
there are a benefits being deployment of associated
number realised (or all change management processes,
of complex three). Poor delivery for example the operation
projects of change could of senior change oversight
and initiatives ultimately impair committees.
that not only business performance.
need to be
delivered
but also
require
understanding
and support
from
all colleagues.
------------------------------------------------------------ -------------------------------------------------------------
Global pandemic The potential impact (High impact, risk exposure
- Covid-19 of a pandemic for increased from 2019)
the Group could
NCC Group has be: We established a global
a number of response team and mobilised
features * The inability to operate due to local restrictions our whole workforce to
which give the impacting our customers remote working ahead of
Group a greater local lockdown/shelter-in-place
resilience in orders. Local task forces
the face of a were established and processes
global * The potential inability to deliver work if required were in place to protect
pandemic. onsite colleagues and customers
Failure to from risk of infection.
prepare Local office track and
for this may trace measures were put
cause * Risk of colleagues being exposed due to travel/onsite in place with 24 hour
disruption work requirements reporting to support global
and uncertainty operations.
to our
business, We also enabled more than
as well as risk * Colleagues being unable to work due to illness or 95 per cent of our services
the health and being restricted due to shielding/quarantine either to be delivered remotely
safety of our for themselves or people they live with with a dedicated global
people. Any marketing campaign to
disruption support customers around
or uncertainty their specific Covid-19
could have an * Lower demand due to many of our customers challenges. Existing services
adverse effect experiencing uncertainty, financial pressures or were modified to provide
on our logistical challenges effecting the Group's revenue, customers short-term solutions
business, profitability and cash generation to lockdown issues.
financial
results For further information
and operations. in relation to the Group's
specific Covid-19 response,
please see pages 8 and
9 of the Strategic Report.
------------------------------------------------------------ -------------------------------------------------------------
Availability If the Group's (Medium impact, risk exposure
of critical critical systems decreased from 2019)
information failed, this could
systems affect our ability The Group continues to
to provide services make significant investment
The Group is to our customers. in its IT infrastructure
heavily reliant to ensure it continues
on continued to support the growth
and of the organisation. This
uninterrupted has been particularly
access to its pertinent, during home
IT systems. As working, as part of Covid-19.
well as
environmental The Group has controls
and physical in place in order to reduce
threats, the the risk of actual loss
Group is a of critical systems; this
natural has included a review
target for of single points of failure
individuals and these have been mitigated.
who may seek Further, controls are
to disrupt the operated to ensure the
Group's availability of backup
commercial media in the event of
activities. prolonged loss of systems.
Initiating to standardise
and simplify while increasing
resilience continues to
be implemented. Additional
focus is being periodically
given to proving the recoverability
of systems and data.
------------------------------------------------------------ -------------------------------------------------------------
Attracting and Loss of key colleagues (Medium impact, risk exposure
retaining or significant decreased from 2019)
appropriate colleague turnover
colleagues' could result in Colleagues are offered
capacity a lack of necessary a rewarding career structure
and capability expertise or continuity and attractive salary
to execute the and benefits packages,
The Group would Group's strategy. which can include participation
be adversely in share schemes.
impacted if it An inability to
were unable to attract and retain Comprehensive communications
attract and sufficient high-calibre with our colleagues are
retain colleagues could ongoing and include all-hands
the right become a barrier calls, The Wire, and Group
calibre to the continued and local communications.
of skilled success and growth
colleagues. of NCC Group. Linked to the development
Some roles of our people, the Group
within continues to review our
the Group values, has launched personal
operate performance management
in highly processes in 2020 and
technical has aligned development
and extremely programmes.
specialised
areas
in which there
are shortages
of skilled
people.
------------------------------------------------------------ -------------------------------------------------------------
Cyber risk Failure to maintain (Low impact, risk exposure
(including control over customer, unchanged from 2019)
data colleague, commercial
protection) and/or operational The Board operates a Cyber
data could lead Committee chaired by the
As a provider to a range of impacts, Chair of the Board.
of security including reputational
services, damage. The misuse Security testing is regularly
the Group is of personal data, carried out on the Group's
a high profile for example without infrastructure and there
target and the customer's are extensive response
could consent, or retaining plans, which were reviewed
therefore be for longer than during the year, in the
subject to is necessary, may event of a major security
attacks also result in incident.
specifically reputational harm,
designed to regulatory investigations Comprehensive plans are
disrupt and potential fines. in place and being delivered
the Group's associated with discharging
business our GDPR obligations.
and harm the Progress is monitored
Group's by the Cyber Committee.
reputation. Colleagues also receive
regular security training
There could and updates.
also
be implications
relating to our
GDPR control
obligations.
Such events
could
adversely
affect
the market's
perception of
the Group as
well as causing
business
disruption.
------------------------------------------------------------ -------------------------------------------------------------
Quality of Suboptimal business (High impact, risk exposure
Management decision making decreased from 2019)
Information and performance
Systems as key financial The Group finance function
(MIS) and performance data has developed a forward-facing
internal is not available Finance Functional Strategy.
business or trusted. Enhancements were identified
processes covering system and process
standardisation. A comprehensive
We need to milestone plan is in place
ensure and progress is tracked
that trusted and reported to the Audit
and relevant Committee.
MIS are
available Standardised business
on a day-to-day process control standards
basis to inform are in place across all
management parts of the Group. As
decisions the new financial year
and drive progresses, control self-assessment
performance. techniques will be implemented
along with an aligned
programme of internal
audits.
------------------------------------------------------------ -------------------------------------------------------------
Quality and The risk of the (Low impact, risk exposure
security Group failing to unchanged from 2019)
management retain a core standard,
systems e.g. 9001, 27001 We operate a comprehensive
or PCI, with a programme to ensure the
We aspire to consequential loss retention of our core
attain and of key customer standards. This includes
retain accounts or ability a portfolio of aligned
key to operate. policies and cascading
internationally business processes. A
recognised programme of internal
standards. audit provides assurance
These form an over the design and application
important of these policies and
component procedures. External assessors
for many of our provide a further layer
customers. of review and challenge,
confirming during the
year the retention of
our Quality and Security
standards.
------------------------------------------------------------ -------------------------------------------------------------
Brexit Uncertainty around (Medium impact, risk exposure
the UK's departure unchanged from 2019)
Failure to from the EU continues
prepare as a result of Similar to any UK company,
for the UK's the political deadlock. we list Brexit as a significant
departure from The risks associated risk due to the uncertainty
the EU may with Brexit are surrounding the final
cause the possibility form Brexit will actually
disruption to, of a "no-deal" take and when it will
and create scenario and also happen.
uncertainty the potential for
around, our an abrupt departure We continue to plan for
business. from the EU. Brexit internally and
Any disruption the Brexit Steering Group
or uncertainty meets regularly.
could have an
adverse effect As our operations around
on our the world include business
business, entities based in Continental
financial Europe, we believe NCC
results Group is structurally
and operations. resilient to any disruption
caused by Brexit. The
main risks to our business
from Brexit are:
* Any reduction in demand from an economic slowdown
* Real or perceived differences in data protection
standards, which impact our global ways of workin
g
------------------------------------------------------------ -------------------------------------------------------------
Extraordinary risk during the year
During the year, the global pandemic of Covid-19 occurred and
while this had an impact on financial performance, it also provided
opportunities. The Group mobilised its Executive Support Team and
its business continuity plan in January 2020 and this enabled a
number of planned initiatives to be brought forward to support a
Group-wide response to remote working and delivery.
We have also successfully negotiated with our clients where
appropriate to work remotely, which has minimised disruption to
service delivery."
LEI - 213800DJCGZRB6523934
Classification - Annual Report and Financial Statements and
Notice of AGM.
Enquiries:
NCC Group plc
Adam Palser - CEO 0161 209 5200
Tim Kowalski - CFO 0161 209 5200
Jonathan Williams, Deputy Company Secretary 0161 209 5374
This information is provided by RNS, the news service of the
London Stock Exchange. RNS is approved by the Financial Conduct
Authority to act as a Primary Information Provider in the United
Kingdom. Terms and conditions relating to the use and distribution
of this information may apply. For further information, please
contact rns@lseg.com or visit www.rns.com.
RNS may use your IP address to confirm compliance with the terms
and conditions, to analyse how you engage with the information
contained in this communication, and to share such analysis on an
anonymised basis with others as part of our commercial services.
For further information about how RNS and the London Stock Exchange
use the personal data you provide us, please see our Privacy
Policy.
END
NOABSGDCUBBDGGI
(END) Dow Jones Newswires
September 18, 2020 10:19 ET (14:19 GMT)
Ncc (LSE:NCC)
Historical Stock Chart
From Feb 2024 to Mar 2024
Ncc (LSE:NCC)
Historical Stock Chart
From Mar 2023 to Mar 2024