58 Annual Report 2025
Report of the Audit & Risk Committee
The Audit and Risk Committee is a key element of the Group’s governance structure, overseeing
and monitoring the effectiveness of our approach to risk, internal and external audit activity,
controls and assurance.
Assurance Team
Our dedicated Assurance team carries out a cyclical programme of continuous audit testing across
the Group’s critical business processes and controls. The team understands the business in detail and
is able to probe the underlying data sources, working closely with associated teams to ensure that no
stone goes unturned. The Committee sets the priorities and scope of work for the Assurance team
and receives reports directly from the team.
Independent Internal Auditors
Forvis Mazars has provided independent internal audit services to Pobl since April 2024, and bring
specialist, technical and cross‐industry expertise. We have a three‐year rolling, risk‐based, independent
internal audit plan, covering a range of financial and operational thematic reviews, which is overseen
and approved by the Committee.
At each Committee meeting reports are presented, summarising the findings of internal audit work
completed during the period. Where recommendations are identified, management responses are
recorded and submitted to the Committee for approval, with regular updates on the status of
recommendations.
External Independent Audit
KPMG was reappointed as our external auditor in January 2025, following a competitive tender
exercise. The current audit partner, Jonathan Brown, first signed the audit report as Senior Statutory
Auditor for the year ended 31 March 2021. The Committee reviews the audit plan each year,
considering its scope and audit approach. The Committee reviews reports from KPMG following
each significant element of audit work and meets with the auditors at least once annually without
any management present (in camera).
Risk Management
Pobl’s Risk Management Framework provides a structured approach to managing risk across the
business. Strategic risks are discussed at each Executive meeting and reported to the Board
quarterly, with devolved responsibility for oversight of those risks sitting with the Audit & Risk
Committee. All operational risks are reviewed quarterly with risk owners. Monthly performance
reports are presented to the Board showing key performance indicators and trend analysis,
which informs decision‐making around risk.