Giles Kerr

Chairman of the Audit and Risk Committee

Composition

Meghan Fitzgerald

Giles Kerr

Dear Shareholders,

On behalf of the Board, I am pleased to present the Audit and Risk Committee report for the year ended 31 December 2018.

All members of the Committee are Independent Non-Executive Directors. The Board considers that I have recent and relevant financial experience as recommended under provision C.3.1 of The UK Corporate Governance Code (the Code) as it applies to the Company. In line with the Code, the Audit and Risk Committee as a whole is deemed to have competence relevant to the sector in which the Company operates.

The Committee's role is to assist the Board with the discharge of its responsibilities in relation to internal and external audits and controls, including reviewing the Group's annual financial statements, considering the scope of the annual audit and the extent of the non-audit work undertaken by external auditors, advising on the appointment of external auditors and reviewing the effectiveness of the internal control systems in place within the Group.

The Committee has met three times during the year. Further details on the activities of the Committee during the year and how it has discharged its responsibilities are provided in the report below.

Giles Kerr

Chairman of the Audit and Risk Committee
28 March 2019

Duties and responsibilities

The Audit and Risk Committee's duties and responsibilities are set out in its terms of reference which are available on the Company's website.

Duties and responsibilities

Meetings and attendees

The Audit and Risk Committee has met three times during the year. The Audit and Risk Committee will normally meet no fewer than three times a year with further meetings being called as required.

The external auditors are invited to attend the majority of the meetings. Outside of the formal meeting programme, the Audit and Risk Committee chairman maintains a dialogue with key individuals involved in the Company's governance, including the Chairman, the Chief Executive Officer, the Chief Financial Officer and the external audit lead partner.

Activity during the year:

The Audit and Risk Committee has met three times during the year. Matters discussed have included:

  • Reviewing the Committee's terms of reference and recommending changes to the Board
  • Reviewing the Company's internal controls environment
  • Reviewing the Company's Whistleblowing Policy
  • Reviewing the Company's Treasury Policy for recommendation to the Board
  • Considering the Group's policy on the provision of non-audit services by the external auditors
  • Reviewing the Audit Plan, process and scope
  • Reviewing the independence of the External Auditor
  • Reviewing the significant issues in the External Audit report
  • Reviewing the Annual Report and Accounts and recommending their approval by the Board

Significant issues considered in relation to the financial statements

Significant issues and accounting judgements are identified by the finance team and are considered and reviewed by the Audit and Risk Committee. The significant issues considered by the Committee in respect of the year ended 31 December 2018 are set out in the table below:

Significant issues and judgementsHow the issues were addressed
Valuation of unquoted Investments

The Audit and Risk Committee reviewed management's determination of the valuations of the unquoted investments, including the valuation methodology applied. The Committee concluded that the valuations of the unquoted investments were properly prepared in accordance with the stated accounting policy and the evidence available.

The Audit and Risk Committee also reviewed and considered the key assumptions for the valuation of the financial interest in The Wales Life Sciences Investment Fund, noting also that both the valuation of investment in carried interest and the valuation of the fund's unquoted investments are determined at the reporting date by management's appointed independent, external experts. The Audit and Risk Committee was satisfied that procedures and assumptions used were appropriate and both the carried interest valuation and fund interest valuation were in the appropriate range.

Calculation of share-based payment expenseThe Audit and Risk Committee considered management's calculation of the share-based payment expense relating to founder shares, founder options, management options and the Executive Incentive Plan, including the assumptions made regarding volatility and the risk-free interest rate. The Committee was satisfied that the expense had been calculated appropriately.
Presentation of the Annual ReportThe Audit and Risk Committee reviewed management's presentation of the Annual Report. The Committee noted that the inputs into, and disclosures and accounting policies included, in the annual report are reviewed by people with relevant financial experience and knowledge of the business, up to and including the Audit and Risk Committee. The Committee concluded that management has presented the report in a suitable manner, and that it is fair, balanced and understandable.

Risk management and internal control

The Board has overall responsibility for setting the Group's risk appetite and ensuring there is an effective risk management framework to maintain levels of risk within this risk appetite. The Board has, however, delegated responsibility for reviewing the risk management methodology and effectiveness of internal control to the Audit and Risk Committee. The Audit and Risk Committee provides oversight and advice to the Board on current risk exposures and future risk strategy. Further details of the Group's risk management approach, structure and principal risks are set out in Risk Management.

The Group's system of internal control comprises entity-wide high level controls, controls over business processes and centre level controls. Policies and procedures are clearly defined. Levels of delegated authority have been communicated across the Group and management has identified the key operational and financial processes which exist within the business and implemented internal controls over these processes, in addition to the higher level review and authorisation based controls. Policies cover defined lines of accountability and delegation of authority; financial reporting procedures; and preparation of monthly management accounts; these facilitate the accuracy and reliability of financial reporting and govern the preparation of financial statements.

The Board is ultimately responsible for the Group's system of internal controls and risk management. Having discharged its duties in this area by:

  • holding regular Board meetings to consider the matters reserved for its consideration;
  • receiving regular management reports which provide an assessment of key risks and controls;
  • scheduling annual Board reviews of strategy, including reviews of the material risks and uncertainties facing the business;
  • ensuring there is a clear organizational structure, with defined responsibilities and levels of authority;
  • ensuring there are documented policies & procedures in place; and
  • reviewing regular reports containing detailed information regarding financial performance, rolling forecasts, actual and forecast covenant compliance and financial and non-financial KPIs;

no significant failings or weaknesses were identified.

In reviewing the effectiveness of the system of internal controls, the Audit and Risk Committee:

  • reviews the risk register compiled and maintained by senior managers within the Group and questions and challenges where necessary
  • reviews the system of financial and accounting controls regularly
  • reports to the Board on the risk and control culture within the Group.

Internal audit

The Group does not have an internal audit function. The Audit and Risk Committee reviews the need for an internal audit function at least annually but following the most recent review in December 2018 feels it is not currently required given the Group's size.

External auditors

The Audit and Risk Committee is responsible for overseeing the Group's relationship with its external auditors, PricewaterhouseCoopers LLP (PwC). This includes the ongoing assessment of the auditors' independence and the effectiveness of the external audit process, by regular meetings and assessment of non-audit engagements. The results of this inform the Committee's recommendation to the Board as to the auditors' appointment (subject to shareholder approval) or otherwise.

Appointment and tenure

PwC was first appointed as the external auditors of the Group in December 2016. The current lead audit partner, Richard McGuire, has been in place for three years.

PwC require the rotation of the lead audit partner every five years for a listed client. Therefore, we expect a new lead audit partner to be selected for the 2021 audit. In accordance with EU legislation, the Committee intends to put the external audit out to tender at least every ten years.

Non-audit services

The engagement of the external audit firm to provide non-audit services to the Group can affect the independence assessment, and the Group has therefore adopted a policy which conforms to the Revised Ethical Standard 2016 published by the Financial Reporting Council. Under the policy the engagement of the external auditors to provide statutory audit services, certain assurance, taxation and certain advisory services with fees of less than £5,000 is pre-approved. Any engagement of the external auditors to provide permitted services above £5,000 is subject to the specific approval of the Audit and Risk Committee. The policy recognises that certain non-audit services may not be carried out by the external auditors (in accordance with the EU Statutory Audit regime).

During the year ended 31 December 2018, PwC was engaged to provide certain non-audit services as Reporting Accountant for the Company's capital raising in March 2018. This included the preparation of reports on the Company's financial position and prospects, working capital and reporting to the Company's sponsors on the Company's business and operations. PwC also provided reward services during the year in which they reviewed the Company's post-IPO reward structure and remuneration policies. In approving the use of PwC to provide these services, the Board took the view that PwC's knowledge of the Company and its operations meant it was best placed to provide the services, and was comfortable that PwC's independence would not be compromised.

The fees paid to PwC for non-audit services during the period totalled £195,000, representing 115% of the total audit fee.

Whistleblowing

The Group has adopted procedures where employees may, in confidence, raise concerns relating to possible improprieties in matters of financial reporting, financial control or any other matter. The whistleblowing policy applies to all Group employees. The Audit and Risk Committee is responsible for monitoring the Group's whistleblowing arrangements and the Board reviews the policy periodically. The Audit and Risk Committee, on behalf of the Board, reviewed the Group's whistleblowing arrangements in December 2018 and it was considered that they were still appropriate in their current form.

Giles Kerr

Chairman of the Audit and Risk Committee
28 March 2019