Just Annual Report and Accounts 2024

Just Group plc | Annual Report and Accounts 2024

102

GROUP AUDIT COMMITTEE REPORT continued

• reviewed the recommendations made by the external auditor in their internal control report and considered the adequacy of management’s response; and • reviewed the Group’s policy on using the external auditor for non-audit services and assessed proposed non-audit service engagements against compliance with the policy. The Committee considered the quality and effectiveness of the external audit process. Its effectiveness relies on accurately identifying and assessing key audit risks at the beginning of the audit cycle, as set out in the audit plan. For the 2024 reporting period, the significant risks identified were consistent with those in 2023 with the exception of the removal of the significant risk relating to implementation of IFRS 17 which is no longer required following the full implementation of IFRS 17 in 2023. Significant risks identified were in relation to: • valuation of insurance contract liabilities including assumptions regarding mortality, expenses, calibration of the risk adjustment and credit default assumptions relevant to the discount rate applied; • valuation of certain hard-to-value investments; • fraud risks regarding risk of management override of controls and fraud in revenue recognition; and • judgements in applying the Matching Adjustment in the Solvency II balance sheet. The significant judgements considered by the Committee in relation to these risks are detailed on page 100. The Committee challenged the work conducted by the external auditor to test management’s assumptions and estimates around these areas. The Committee evaluated the effectiveness of the audit process based on PwC’s interim and year end reports and feedback received from management. For the 2024 reporting period, management were satisfied with the focus on audit risks and deemed the quality of the audit process to be good. The Committee agreed with this assessment. SAFEGUARDING INDEPENDENCE AND NON-AUDIT SERVICES The independence of the external auditor is key to providing an objective opinion on the accuracy and fairness of financial statements. Auditor independence and objectivity are safeguarded through various control measures, such as limiting the type and amount of non-audit services performed by the external auditor and rotating partners at least every five years. The Group has an established policy regarding the provision of non-audit services by our external auditor. All non-audit services rendered by the external auditor are subject to review and approval by the Committee. This policy ensures that the Group leverages the accumulated knowledge and experience of its external auditor while maintaining objectivity and independence. In concluding the appropriateness of the use of the external auditor for non-audit services the Committee assessed: a) The independence and objectivity of the external auditor, based on their safeguarding procedures; b) The level, nature and extent of non-audit services provided by the external auditor; c) The suitability of the external audit firm for the non-audit services; and d) the fees charged for non-audit services, both individually and in aggregate; During the year, the value of audit services to the Group was £2.6m (2023: £3.2m). The value of non-audit services for the year amounted to £0.9m (2023: £0.8m), which related to the annual audit of the SFCR, and, in the current year, assurance services regarding the issuance of the £400m sustainability Tier 2 bond.

The ratio of non-audit services to audit services fees was 1:2.9. These services are closely related to the work performed by the external auditor of the Group and the Committee determined that these services do not impact the independence of the external auditor. As part of assessing the objectivity and independence of the external auditor, the Committee reviewed written confirmation that PwC has verified their compliance with all UK regulatory and professional requirements. Additionally, PwC has confirmed that their independence is not compromised by the non-audit engagements undertaken during the year, the level of non-audit fees charged, or any other factors. The non-audit services provided reflects the external auditor’s comprehensive knowledge and understanding of the Group. The Group has also appointed other accountancy firms to provide specific non-audit services related to internal audit, controls, governance, tax and regulatory advice. An analysis of auditor remuneration is detailed in note 3 to the consolidated financial statements. The Committee has approved PwC’s remuneration and terms of engagement for 2024 and remains satisfied with the audit quality, affirming that PwC continues to be independent and objective. RISK MANAGEMENT AND INTERNAL CONTROL The Committee is responsible for reviewing the system of internal financial controls and internal control and risk management systems that identify, assess, manage and monitor risks. In executing this responsibility, the Group employs a three lines of defence model. The first line of defence consists of line management, who design and operate the controls over the business operations. The second line includes functions such as Risk Management and Group Compliance. These functions, together with Actuarial Assurance oversee the first line, ensuring that the systems of internal controls are sufficient and appropriately implemented. They also measure and report on risk to the GRCC, taking into account adequacy of these controls. The third line comprises Group Internal Audit, which provides independent assurance to the Board and its Committees that both the first and second lines are operating effectively. The Group’s internal control and risk management systems comprise the following key features: • clear and detailed matters reserved for the Board and terms of reference for each of its Committees; • a clear organisational structure, with documented delegation of authority from the Board to senior management; • a Group Risk policy framework, which sets out risk management and control standards for the Group’s operations; • defined procedures for the approval of major transactions and capital allocation; • a Group Internal Audit function that provides independent and objective assurance on the effectiveness of the Group’s risk management, governance and internal control processes; and • clear accountability and reporting. The Group has specific internal mechanisms that govern the financial reporting process and the disclosure controls and procedures around the approval of the Group’s financial statements. The results of the financial disclosure process are reported to the Committee to provide assurance that the Annual Report is fair, balanced, and understandable, including the opportunity to challenge members of management and the external auditor on the robustness of those processes. It is the view of the Committee that the Group’s system of risk management and internal controls is appropriate to the Group’s needs.