Bird's eye view of highway

Risk management and financial reporting

Financial reporting

Financial statements

Rio Tinto Directors are required to prepare financial statements for each financial period to give a true and fair view of the state of affairs of the Group and of the profit or loss and cash flows for that period. In addition, the UK Corporate Governance Code requires the Board provides a fair, balanced and understandable assessment of the Company's position and prospects in its external reporting.

The Directors are also responsible for maintaining proper accounting records, in accordance with the UK and Australian law. They have a general responsibility for taking such steps as are reasonably open to them to safeguard the assets of the Group and to prevent and detect fraud and other irregularities.

External auditors

Selection and Appointment and Rotation of Engagement Partners

We have adopted policies designed to uphold the independence of the Group's external auditors by prohibiting their engagement to provide other accounting and other professional services that might compromise their independence. Further details about the external auditors' independence can be found in the 2023 Annual Report.

KPMG LLP and KPMG (together, KPMG) are the auditors of Rio Tinto plc and Rio Tinto Limited respectively. KPMG was appointed the external auditors in 2020.

KPMG will follow the requirements of the Sarbanes-Oxley Act 2002 and APB Ethical Standards and rotate both the lead UK and Australian audit partners at least every 5 years.

Disclosure controls and procedures

The Group maintains disclosure controls and procedures as the term is defined in the US Exchange Act Rule 13a-15(e).

Management, with the participation of the chief executive and chief financial officer, evaluate the effectiveness of the design and operation of the Group's disclosure controls and procedures pursuant to US Exchange Act Rule 13a-15(b) as of the end of each financial reporting period.

More details on internal controls are set out in the Governance Report of the 2023 Annual Report.

Integrity of corporate reports

We have a thorough and rigorous review process in place to ensure integrity of the periodic reports we release to the market. Rio Tinto communicates with the market through accurate, clear, concise and effective reporting, and contents of periodic reports are verified by the subject matter experts and reviewed by the relevant Group functions. Such reports are then reviewed and considered by the Group Disclosure Committee for release to the market.

Risk management

Our company is exposed to a variety of risks that can have financial, operational and compliance impacts on our business performance, reputation and licence to operate.

The Board recognises that creating shareholder returns is the reward for taking and accepting risk. The effective management of risk is therefore critical to supporting the delivery of the Group's strategic objectives.

The Group's approach to risk management, underpinned by the Risk Policy & Standard, aims to embed a risk-aware culture in all decision-making, as well as a commitment to managing risk in a proactive, effective manner. This includes the early identification and evaluation of risks, the management and mitigation of risks before they materialise, and dealing with them effectively in the event they do materialise. Accountability for risk management is clear throughout the Group and is a key performance area of line managers.

To support risk understanding and management at all levels, our Risk function provides the necessary infrastructure to support the management and reporting of material risks within the Group, and escalates key issues through the management team and ultimately to the Board where appropriate. Group Risk also supports the Risk Management Committee (an executive management committee chaired by the Chief Executive) in its review of risk.

The process for identifying, evaluating and managing the material business risks is designed to manage, rather than eliminate, risk and where appropriate accept risk to generate returns. Certain risks, such as natural disasters, cannot be managed using internal controls. Such major risks are transferred to third parties in the international insurance markets, to the extent considered appropriate or possible.

  • wave

Annual report

Our drive for innovation and continuous improvement is at the core of our purpose

Related downloads

Risk Management Policy
268 KB
Risk Management Standard
257 KB

Related content

Sunset at Kennecott copper mine

Board of Directors

Our Board oversees how we deliver on our purpose
Conveyor running along the export facility at Cape Lambert Ports

Executive Committee

Our Executive Committee is responsible for day-to-day management of the business
Banner image

Policies and standards

Learn more about our Group policies and standards