Bird's eye view of highway

Risk Management & Financial Reporting

Financial Reporting

Financial Statements

Rio Tinto directors are required to prepare financial statements for each financial period to give a true and fair view of the state of affairs of the Group and of the profit or loss and cash flows for that period. In addition, the UK Corporate Governance Code requires the board provides a fair, balanced and understandable assessment of the Company's position and prospects in its external reporting.

The directors are also responsible for maintaining proper accounting records, in accordance with the UK and Australian law. They have a general responsibility for taking such steps as are reasonably open to them to safeguard the assets of the Group and to prevent and detect fraud and other irregularities.

External Auditors

Selection and Appointment and Rotation of Engagement Partners

We have adopted policies designed to uphold the independence of the Group's external auditors by prohibiting their engagement to provide other accounting and other professional services that might compromise their independence. Further details about the external auditors' independence can be found on page 92 of the 2018 Annual Report.

PricewaterhouseCoopers LLP and PricewaterhouseCoopers (together, PwC) are the auditors of Rio Tinto plc and Rio Tinto Limited respectively. PwC have been the external auditors since the formation of the dual listed companies structure in 1995.

Since 2002, PwC have followed the requirements of the Sarbanes-Oxley Act 2002 and APB Ethical Standards and rotated both the lead UK and Australian audit partners at least every five years.

In 2018, the Audit Committee completed the audit tender process for the Group’s external auditors, and recommended that the board should appoint KPMG as our external auditors with effect from the 2020 financial year. The board agreed and the formal appointment will occur subject to shareholder approval in early 2020.

Disclosure Controls & Procedures

The Group maintains disclosure controls and procedures as the term is defined in the US Exchange Act Rule 13a-15(e).

Management, with the participation of the chief executive and chief financial officer, evaluate the effectiveness of the design and operation of the Group's disclosure controls and procedures pursuant to Exchange Act Rule 13a-15(b) as of the end of each financial reporting period.

More details on internal controls are set out in the Governance Report of the 2018 Annual Report.

Risk Management

Our company is exposed to a variety of risks that can have financial, operational and compliance impacts on our business performance, reputation and licence to operate.

The board recognises that creating shareholder returns is the reward for taking and accepting risk. The effective management of risk is therefore critical to supporting the delivery of the Group's strategic objectives.

The Group's approach to risk management, underpinned by the Risk Policy & Standard, aims to embed a risk-aware culture in all decision-making, as well as a commitment to managing risk in a proactive, effective manner. This includes the early identification and evaluation of risks, the management and mitigation of risks before they materialise, and dealing with them effectively in the event they do materialise. Accountability for risk management is clear throughout the Group and is a key performance area of line managers.

To support risk understanding and management at all levels, our Risk function provides the necessary infrastructure to support the management and reporting of material risks within the Group, and escalates key issues through the management team and ultimately to the board where appropriate. Group Risk also supports the Risk Management Committee (an executive management committee chaired by the Chief Executive) in its review of risk.

The process for identifying, evaluating and managing the material business risks is designed to manage, rather than eliminate, risk and where appropriate accept risk to generate returns. Certain risks, such as natural disasters, cannot be managed using internal controls. Such major risks are transferred to third parties in the international insurance markets, to the extent considered appropriate or possible.