Annual Financial Report

Summar y  o f Principal Risks

 

Th e table maps our Principal Risks to risk categories.

 

S t ra t e g i c r i s ks	F ailuretogrowprofitably
F ina n c i a lrisks	F inancial con t r o lfailure
Opera ti ona l r i s k s	Majorinformationsecurity breachorcyber-attack	C on tr a c tnon-compliance, no n- pe r formanceormisreporting	S i g nificantfailureofsupplychain
P e op l erisks	F ailuretoactwithintegrity	F ailuretoattract, engageand retainkeytalent	H ealth,safetyandwellbeing
H aza r drisks	C a ta s t r o p hicincident
Le ga land compliancerisks	Materiallegal and regulatorycompliance failure

 

Th e method and four priorities we use to deliver our strategy as part of our management philosophy are set out on page 9 namely Winning good business, Executing brilliantly, A place people are proud to work, and Profitable and sustainable. Each of our principal risks supports one or more of these priorities with the strongest link shown against each risk. Appropriate consideration and management of the principal risks have a direct link to key Executive remuneration as outlined in the Remuneration Report on page 139

 

STRATEGIC  RISKS 

 

Failu r e to grow profitably (Winning good business / Profitable and sustainable)

Integra l to our Strategy Review process, this risk considers the potential impact of failure to win material bids or renew material contracts profitably, or a lack of opportunities in our chosen markets, restricting revenue growth which may in turn have an adverse impact on Serco's profitability. This risk has a broad and direct link to our ability to meet the financial KPIs described on page 32. We have moderate appetite for this risk recognising that we will take reasonable and considered risks to generate profitable growth. Our business is linked to changes in the economy, fiscal and monetary policy, political stability and leadership, budget priorities, and the perception and attitude of governments and the wider public to outsourcing, which could result in decisions not to outsource services or lead to delays in placing work. Our ability to succee d  i s also linked to the competitive landscape and our ability to efficiently deploy resources as part of our service offering. We carried out a comprehensive strategy review that took the divisional five-year strategies and rolled these up for a Group view. This work concluded that ou r markets remain robust with significant revenue opportunity in our chosen markets and chosen activities.

 

I n 2021 we have been successful in securing significant new business as well as renewing several critical contracts. Whilst certain key contracts such as Dubai Metro and AWE did end in 2021 they have been offset by new and existing business. We have also benefited from continuing demand for Covid-19 related support services such as testing, tracking and tracing across different geographies. On the other hand, tight employment markets have led to increased employment costs as well as vacancies that have adversely affected some parts of our portfolio. Overall, our revenues and Underlying Trading Profit increased by £539.8m and £65.8m respectively, however some of these gains are temporary and expected to level out once pandemic related work recedes. Further detail on our financial performance can be found on pag e 77. While the outlook for pandemic related services is unclear, we enter 2022 with a robust, qualified, new business pipeline and good win rate momentum, suggesting that the near and medium-term risk is stable.

 

K eyriskdrivers: E x t e rn a l f a c t o r s r e d uc in g the pipeline  ofopportunities. Failuretobecompetitive. In a bili t y t o m ee tcustomerand solution requirementsduring  design, implementationanddelivery. Ine f f e c t i v e b us in e s s development.

Ma t e r ia l c o n t ro l s: - Se rco GroupandDivisionalStrategyincluding periodicstrategyreviews. - InvestmentCommittees. - Se c t o r -s pe c if ic C en t resof Excellence andValue P ropositions. - Se rco Institutedevelopingthoughtleadership andinnovationfor ourmarkets. - BusinessLifecycleReview t eamprocess. - P ipe lineandBusiness Developmentspend reviews. - R e g ular GrowthForumreviews. - DivisionalPerformanceReportingprocess.

Mit i gat i o n p r i o rit i e s : - R eview pipelineopportunitiestoensureall marketactivityisaccuratelycapturedand thatbudgetsareallocatedaccordingly. - R eview po r t foliofor newattractiveorganic expansionareas. - C ont inuetoimproveleveragingof Serco bestpracticeandinnovationandrefinement of biddevelopmentprocesses. - C ont inuetoadoptarobustbidqualification process. - R e t ain focusoneffectivemanagementfor majorbids. - D evelopefficientcommonplatformsfor servicedelivery.

R i s ktrend:   No Change

 

 

FINANCIAL RISKS

 

Financia l control failure  (Executing brilliantly / A place people are proud to work / Pofitable and sustainable)

Se r c o  operate s complex financial controls systems and processes and there is an inherent risk that these may fail. Such failures may result in: an inability to accurately report timely financial results and meet contractual financial reporting obligations; a heightened risk of error and fraud: poor quality data leading to poor business decisions, or an inability to forecast accurately; the failure to create a suitable capital structure; and an inability to execute critical financial transactions, leading to financial instability, potential business losses, and negative reputational impact. This risk links directly to our ability to meet the financial KPIs outlined on page 32. We have an averse appetite for financial control failures and require a robust framework of financial processes, systems and controls to enable timely and accurate financial reporting.

 

A t the start of the Covid-19 pandemic, it was recognised that the risk of financial control failure was heightened due to the fast-moving nature of the business, risk of absenteeism in both the in-house and outsourced finance organisation and disruption to core financial processes and data quality caused by new operating environments resulting from the items noted above and remote working. The Group mobilised quickly to ensure that key mitigants were put in place such as: additional assurance procedures; adequate remote working capacity, including within the Group's outsourced finance teams; monitoring of working capital; and data capture to understand the impact of Covid-19 on the Group's financial results. As a result of the actions taken, the risks which were identified at the start of the pandemic have not materialised in 2021 and our core financial processes and controls have continued to operate without significant disruption.

 

Ove r the last 12 months, the Group has worked with external advisers to develop a programme of work with the objective of improving th e financial control environment within the Group. This is in preparation for anticipated changes following the issuance of the consultation document by the Department of Business, Energy and Industrial Strategy ("BEIS") entitled Restoring Trust in Audit and Corporate Governance. In addition to improving documentation and control standards, the programme also aims to review the operating model r equi r e d to implement and sustain the improvements and embed an enhanced controls culture across the Group. The work performed to date is not dependent on the outcome of the BEIS consultation as a no-regrets policy has been adopted to ensure that any work performed would be considered best practice rather than required to support a formal controls attestation, as suggested within the consultation. As noted a t the Capital Markets Day, the Company's controls, governance and risk management processes help to assure quality outcomes across the business. These controls operate at both the strategic and operational levels of the business and are embedded in our ESG framework described in detail on page 39.

 

A s noted in the 2020 Annual Report and Accounts, the Group's European business was subject to a cyber-attack in January 2021. The results of the investigation into this attack, produced by both our internal investigations and by our external advisers, have not identified any compromise to the financial information used for the 2021 year-end reporting or to the integrity of financial results from the European Business Unit.

 

K eyriskdrivers: No t s e t t i n g t h e ri g h t t o n e f r o m t h e t o p . Poorfinancialprocesses. In ade q u a t e financialcontrolswithinthe business . Lo s sofcritical rolesand/orsystems. Poorlyskilledandresourcedfinance teamstoaddresscomplexfinance standards .

Ma t e r ia l c o n t ro l s : - GroupGovernance andFinancestrategy. - S t anda rdised an dmandatedfinancial systems,processes(includingforecasting andreporting)anddatastructures. - Governance an dreviewprocedures associatedwith managingthe qualityof services deliveredbythirdpartysuppliers. - S k illed an dadequately trainedfinancestaff. - Disasterrecovery p lansandtesting. - Boardoversightviathe AuditCommittee. - Mon t hlyDivisionalperformancereviews. - Ded icatedFinancialAssuranceteamtesting.

Mit i gat i o n p r i o rit i e s : - Enhance t h efinancialcontrolsandassurance framework. - C ont inuetodelivereffectivefinancial reporting. - C ont inuouslyimproveforecastingand reportingprocessesanddataanalysis. - De liverglobalfinanceprocessimprovement andefficiencythroughautomationand robotics. - D evelopaGroup-widetrainingcurriculum. - E f fectivenessreviews of disasterrecovery plans. - Ensure t alentisretainedwithin the finance function.

R i s ktrend:     No Change

 

OPERATIONAL RISKS

 

Majo r information security breach or cyber-attack (Winning good business / Executing brilliantly / Profitable and sustainable)

Informatio n security breaches or cyber-attacks represent a key risk for us. Such incidents could result in the loss or compromise of sensitive information (including personal or customer) or wilful damage resulting in the loss of service, causing significant reputational damage, financial penalties and loss of customer confidence. We operate an averse risk appetite to major information security breaches and cyber-attacks. We accept that due to the nature of the services we provide we face threats from both internal and external factors but will mitigate the impact of any breach and carry out immediate remedial actions.

 

A s described at our Capital Markets Day, we operate on a business-to-government platform that leverages scale and helps simplify our processes with a well invested portfolio of best-in-class software solutions to support our contracts and shared services. We continue to make significant investments in our cyber-security both at our endpoints and in our core network. In most of our jurisdictions we test ourselves against government standards including CES+ in the UK and we also regularly run penetration tests as well as meeting specific security standards in line with customer requirements as a provider of public services to government. We have a continuing programme of upgrading old desktops and laptops, and the number of devices outside centralised management and monitoring is decreasing rapidly. We have our own in-house Security Operations Centre which monitors the networks and manages our response to cyber threats. The strategy review showed the benefit of investing in shared services to produce standardised and efficient processes.

 

Se r c o  i s committed to delivering secure services which protect our own and our customers' data and as such holds a variety of externally audited security-related certifications. This includes the Information Security Management System covering our UK corporate environment that is certified to ISO 27001. We also maintain certification, where specified, against the principal government security/cyber schemes in the markets we operate. Our certifications are generally publicly available on the relevant accreditors' websites or can be requested from the Company directly.

 

W e continue to invest in staff security training as a key mitigant to this risk. Security training is delivered via our Learning Management System as part of the broader Serco Essentials framework. Training comprises mandatory modules that cover a range of areas including responsibilities when dealing with personal data and how to identify and respond to issues. All Serco employees, including contractors, must complete Serco Essentials and pass a test at the end or alternatively, in the case of subcontract or staff, their employer must demonstrate tha t they provide equivalent security training. Training is further supplemented, where appropriate, to cover specific points relevant to any particular contract, together with regular campaigns and awareness tests such as protecting against phishing threats.

 

Howeve r , the external threat landscape continues to evolve. As evidenced in a cyber-attack in our European business in January 2021 and recent attacks on our competitors involving ransomware, our industry is a particular target for extortion, and this, along with the increased public profile we have had because of our involvement with government contracts to respond to the Covid-19 pandemic, leads us to conclude that this risk is increasing.

 

K eyriskdrivers: N o n - c o m p li a n t o robsolescentsystems. Non-compliance ormisconfiguration w i t h poli c i e sandstandards. V u ln e r a bili t y o f s y s t e m s a nd in f o r m at i on . Un a u t h o r i s e d us eofsystems. In ade q u a t e incident monitoringand response. In c re ase dregulatoryscrutiny.

Ma t e r ia l c o n t ro l s: - EnterpriseArchitectureBoards&Solution R eview m eet i ngs. - Se rco ManagementSystem("SMS") includingdetailedguidance onminimum securitycontrols. - ITsecurity infrastructure,processesand controlsincludingisolatedbackups. - PrivilegedAccessManagementand multi-factorauthenticationfor our centralisedmanagedsystems. - E x t e r nal a s s e s smen t s an dscenariobased cybersecuritytestingandincidentplanning. - R e g ular a t t e s t at ionstatementsonsecurity controlscompliance.

Mit i gat i o n p r i o rit i e s : - P e r formmarketreviewsof deployed technologywhenservices arereviewedat renewaltoensurewemaintainourdefences asthreatschangeanddevelopin sophistication. - O ngoingcontinuousimprovement programmesfor ourSecurityOperations Centrestomaintaineffectiverisk identification. - C ont inuedroutinevigilanceandproactive vulnerabilityidentificationcoordinated throughourSecurityOperationsCentres. - C ont inueduseof globalkeysecurityrisk indicatorsandregularthird-partytesting andbestpracticeconfigurationreviewsto supportmitigationpriorities. - L everagingCloudadoptiontoensure standardisedcontrolmechanisms. - Afocusonthe behaviouralaspectsof our employees. - Maintaininggovernmentsecurity attestations.

R i s ktrend:     Increasing Risk

 

Contrac t non-compliance, non-performance or misreporting (Winning good business / Profitable and sustainable)

The r e is a risk that we fail to deliver contractual requirements or to meet agreed service performance levels and report against these accurately. This failure may lead to significant financial penalties, legal notices, onerous contract provisions or, ultimately, early termination of contracts. We have an averse risk appetite to any possibility of deliberate misreporting of contractual performance and losing material contracts due to non-performance or non-compliance.

 

Governanc e  i n bid processes, transition and operations provide the primary means of managing this risk. The Serco Management System prescribes a review of contract risk through each of the stages of the bid lifecycle from prequalification to contract close out, including monthly performance reviews for all material contracts. As part of our commitment to ongoing improvement our mitigation priorities for the next year will focus on strengthening some of the key control processes and formalising these in the Serco Management System.

 

Whils t still in the early stages of development we will also begin to track Environmental, Social and Governance ("ESG") impact from our contracts as the maturity of our reporting increases. Though our individual customer contracts vary on ESG-related commitments, our overall corporate commitment to ESG targets will permeate through to our contract teams and will form part of the overall assessment of contract performance and compliance.

 

K eyriskdrivers: No t s e t t i n g t h e ri g h t t o n e f r o m t h e t o p . Un c le a rcontract requirements/ o b li g at i o n s . H uma nerror(deliberate or unintentional). O p e ration a l de l i v e r y orreporting failures.

Ma t e r ia l c o n t ro l s: - C on tr a c tManagementapplication. - Mon t hlyperformancereviewsatContract, BusinessUnitandDivisionallevel. - BusinessLifecycleReview t eamprocess. - C ommu nicationof OurValuesandCodeof C on d u c t . - S p eak U pprocess("Ethicspoint"). - E x t en sive internal andexternalassurance reviews,includingindependentthird-party reviewsandcustomeroversightprocesses.

Mit i gat i o n p r i o rit i e s : - S t rengthenprocessesrelatedtoagreeing clearcontracts,changemanagement,bidto contracthandoverandKPIreporting, formalisedthroughSercoManagement System. - C on tr a c tManagementtraining(Globaland D i v i s io na l ) . - Greatervisibilityof performancethrough contract performance dashboard ("Gauge"). - C ont inuedfocusonconsistentapproachto riskassessment. - O pe r at ionalexcellenceimprovementplans. - O ngoingethics,businessconductand compliancetraining.

R i s ktrend :     No Change

 

Significan t failure of the supply chain (Executing brilliantly / Profitable and sustainable)

I f there was a significant failure in Serco's end-to-end supply chain to perform to the required standard, Serco may be exposed to risks that mean Serco is unable to meet its customer obligations, perform critical business operations or win new business. This could cause a financial, operational or reputational impact to Serco. Supply chain risk is broad; examples include operational performance risk, cyber risk, regulatory/ legal compliance risk, ethical risk, environmental, social or governance risk. We use thousands of suppliers globally each year and take a proportionate approach to management of these third parties and have a moderate risk appetite for using them.

 

Thi s year  w e have expanded this risk to encompass the broader risk to Serco from the supply chain rather than just the risk from the failure of a business-critical supplier. This new scope considers the risk to Serco from non-business critical suppliers and from the suppliers of our suppliers. This change was prompted by several factors including recognition of external challenges (e.g. mini umbrella companies) and our growing maturity in this area. The risk was historically focused largely on operational failure; by amending we have extended the coverage t o ensure the risk covers all significant risk exposures and has a view on emerging risks in the supply chain. We have commenced a review of Serco's existing Supplier Risk Management processes, current supplier risk initiatives and key supplier risk exposures to identify any gaps and create alignment across the Group. The output of the review will be used to create a Supplier Risk Management Framework, encompassing risk exposures from information security/cyber, data protection, business integrity and social responsibility, regulatory and legal compliance, external and exceptional risks, supply chain performance, supply chain resilience, financial, environmental, and health, safety and wellbeing. In 2021, we also launched a Sustainable Procurement Charter which aims to improve our review of ESG and responsibility matters in our supply chain.

 

A s a result of Covid-19 and Brexit our third-party suppliers are reporting supply constraints (e.g. resources/logistics) in line with the general supply chain instability that is being widely reported in the media. There is a risk of disruption in all divisions, with a higher perceived risk in the UK where we are experiencing and managing localised challenges. Although our rating for this risk remains constant, the probability is trending upwards driven by the supply constraints we are seeing in the UK.

 

K eyriskdrivers: In a d e q u a t e p r o c u r e m e n t s t a n da r d s , op e ratin g p roc e d u r e s andcontrols. Failuresorinadequate duediligence  and onboardingwhenbringingnew suppliers, partnersandsub-contractors into the business including  poor specificationofrequirements, inadequatesourcingandselectionand inadequate  contracting. In a d e q u a t e / l ac kofmonitoring-and management ofsupplierperformance andrisks. Hi g hvolumeofsuppliers/complexity of supplychain.

Ma t e r ia l c o n t ro l s: - SM S Pr o c urementPolicy,Standardsand ProcedureincludingSupplierCodeof Conduct. - S up p li erchecks(pre-qualification/ o n- b o a r d i n g ) . - Serco s t andardcontractsincluding appropriateobligations,KeyPerformance IndicatorsandServiceLevelAgreements. - SupplierManagementProgrammeformost business-criticalsuppliersincluding performance. - B i annual Pr o c urementreviewprocessofall business-criticalsuppliers.

Mit i gat i o n p r i o rit i e s : - C o m ple t eimplementationof SupplierRisk ManagementFrameworkandcommence deliveryof resultingroadmap, including suppliertriageandassessment. - Enhance Procurement&SupplyChain GroupStandardimprovingclarityand understandingof policyrequirements, processes,controlsandresponsibilities. - Risk a s s e s s m en t an dmitigationplans incorporatingactionstoimproveeffective implementationof keyriskcontrolsfor all materialriskratedbusiness-critical suppliers. - E x pandscopeof suppliermanagement programme,takingatieredapproach relativetorisk.Reviewtoolsandguidance for contract levelsuppliermanagementfor lowerrisksuppliers.

R i s ktrend:     Increasing Risk

 

 

PEOPLE  RISKS

 

Failu r e to act with integrity (Winning good business / Executing brilliantly / A place people are proud to work / Profitable and sustainable)

A s a people-based business employing over 50,000 employees there is an inherent risk of rogue employees engaging in significant corrupt or dishonest acts including bribery, fraud, misreporting, cheating or lying. If this risk occurred it would lead to reputation and brand damage and customers being reluctant to do business with us. Such behaviour might arise through the actions of rogue employees or as a result o f pressures individuals may feel they are being placed under to deliver financial or operational performance and might lead to: the loss of existing business; restrictions on our ability to bid or win new business; a reduction in our ability to attract high-quality people or partners; or may impact shareholder, investor and financial institutions' confidence in Serco. We have an averse risk appetite to behaviours and actions that may compromise our integrity. Our values and purpose sit at the top of our Management Framework described on page 9 and integrity sits at the centre of and underpins our ESG framework. Whilst we are finding a new balance as the pandemic evolves, we continue to recognise that Covid-19 has brought additional challenges to many parts of the business, and these could lead to an increase in inherent risk. However, we remain confident in the controls we have in place to manage this, and we rate this risk as stable.

 

Buildin g on work from 2020 we have rolled out improved ethics training, strengthened our internal capability through professional qualifications, continued to reinforce our strong tone at the top and further developed our ESG framework as outlined on page 40.

 

K eyriskdrivers: No t s e t t i n g t h e ri g h t t o n e f r o m t h e t o p . W e a kvalues andculture. In c re ase dpressuretodeliver. Ineffectivesystemsandprocesses. W e a kdiligence  onwhereweworkand whoweworkwith.

Ma t e r ia l c o n t ro l s: - S t rong,meaningfulandunderstoodValues andrequiredbehaviourswhicharerole modelledbyleaders. - R o bust g ov ernance(Corporate ResponsibilityCommittee;Executive Committee;InvestmentCommittee; DivisionalExecutiveManagementetc.) exercisingoversightofdecisionswithin delegatedauthorities. - E f fectivepolicyandproceduresincluding financialcontrolsandprocessesdefined within the SMSandsupportedbyourCode of Conduct. - IndependentSpeakUpprocesssupported bycorporateinvestigations.

Mit i gat i o n p r i o rit i e s : - De liverourcommitmentsunder the DPA. - D r i vegreaterleadershipownershipand accountabilityfor astrongethicalculture. - EmbedEthicsCompliance controlsand proceduresasanintegralpartof business processes. - C ont inuetoimplementeffectivedue diligenceprocessesfor allthirdparties. - C ont inuetostrengthenEthicsCompliance resourceandcompetency. - S t rengthenassuranceprovidedbyEthics C o m p liance controls.

R i s ktrend:     No Change

 

Failu r e to attract, engage and retain key talent (Executing brilliantly / A place people are proud to work)

I t is our ambition to be regarded as the best-managed company in the sector and, notwithstanding our framework of people processes, systems and controls, there is a risk that we are unable to attract, engage and retain an appropriately sized, qualified and competent workforce and management team. The impact of this risk materialising would restrict Serco's ability to deliver on its customer obligations, execute its strategy and achieve its business objectives whilst driving employee pride in the organisation. The ESG framework is an implicit consideration in this ris k  an d influences the achievement of our Employee Engagement KPI as outlined on page 34. We have a cautious risk appetite and take a pragmatic approach to the attraction, retention and development of key talent. We ensure that robust contingency plans are in place for business-critical roles but recognise that an element of churn is healthy for any business meaning that we are not averse to change.

 

Thi s risk  include s consideration of key person reliance in our leadership and executive teams including succession planning for our senior management team and other business-critical roles. It should be noted that there are difficulties in relation to labour markets, however, rather than being a problem across our whole business, we are currently addressing challenges in specific sectors, roles, or geographies. In response to Covid-19, a great deal of work has been done to streamline and simplify our approach to attracting and onboarding new colleagues . Extensive use of social media to promote recruitment activity and the "speed boarding" global onboarding process has now been embedded, leading to significant efficiencies in bringing new staff into Serco.

 

Th e Group Chief Operating Officer continues to work closely with the Board to develop effective succession planning, both for Executive Committe e and Group roles.

 

K eyriskdrivers: L ac kofstaffdevelopment. Poortalentmanagementandsuccession planning. L o wemployee  engagement. Unsatisfactory rewardframework. Recruitmentfailings. In a bili t y t o a t t r a c t app ro p ria t e n e w hi r e s .

Ma t e r ia l c o n t ro l s: - T alentManagement&Succession processes. - L eadershipcapabilitydevelopment. - T a r g e t e dretentionarrangements. - C r it icalResourcePlanning. - A nn ualPerformanceManagementprocess. - E x i tinterviews. - A nn ualViewpointsurvey.

Mit i gat i o n p r i o rit i e s : - Ensure u p -to-dateunderstandingof local employmentmarkets. - C ont inuetomonitorchannelstoaccess externaltalentinchosenmarkets. - O ngoingbenchmarkingactivitytoensure marketcompetitiverewardpackagestoaid retentionof existingstaffandattractionof new. - C ont inuewith detailedreviewof succession plansandmitigationstrategiesaspartof the TalentReviewprocess. - Ensure o ngoinguseandanalysisof exit interviews. - Followup andactiononthemesidentified asaresultof annualpeoplesurvey.

R i s ktrend:     Increasing Risk

 

Health , safety and wellbeing (Executing brilliantly / A place people are proud to work)

Th e diversity of services provided by Serco exposes our employees, customers and third parties to a wide range of health, safety and wellbeing risks inherent to our operations in both work and public environments. These may be caused by a process or control failure or by the wrong behaviour and/or an inadequate safety culture. As responsible employers we recognise the complexity of wellbeing risk and aim to ensure that working for Serco does not impose any additional wellbeing challenges on our employees. This is a wide-reaching risk that directly supports the KPI target for Major Incident Frequency Rate and Lost Time Incident Frequency Rate as described on page 34 and HSE related metrics outlined in our ESG report on page 69. We have an averse risk appetite for actions/failures that would cause loss of life. We cannot eradicate H&S risk entirely whilst maintaining operational delivery so we prioritise prevention of major injuries and threats to wellness whilst accepting that minor injuries will occur on occasion but are minimised by training, risk assessment, safe systems of work, operating procedures, PPE, site supervision and audit & inspection.

 

Ou r vision is zero harm. We aim to ensure that no one comes to harm because of the work we do. Wherever we work, we are committed to th e prevention of injury and promoting a "just" safety culture in which we foster transparency, honesty and trust in order to identify root causes and prevent recurrence. Wherever we work, we are committed to the promotion of wellbeing and the prevention of ill health. We understand that healthier, happier employees go hand-in-hand with strong business performance, enhanced productivity, a far more positive culture and better outcomes for those we serve.

 

I n addition to personal injury concerns, a breach of Health and Safety regulations or failure to meet our contracted expectations could disrupt our business, have a negative impact on our reputation and lead to contractual, financial and regulatory costs.

 

Muc h of 2020 had been dominated by the impact of the Covid-19 pandemic and this has continued into 2021 and will do so into at least 2022. We have continued our response to the Covid-19 pandemic where we have ensured focus on the protection of our employees, customers and third parties. Our Health, Safety & Wellbeing teams continue to support our Covid-19 response across the business, facilitating key mitigations and supporting the continuing recovery phase activities, including design and implementation of Covid-19 site specific risk assessments, remote working risk assessments, training and the development of mental health resources. We have also continued to develop and mature our Diversity and Inclusion network. We recognise that Covid-19 continues to present an ongoing challenge and elevates the position of this risk on our corporate profile.

 

K eyriskdrivers: FailureoftheSercoSafety Management Sy s t e m . I n s u f f i c i e n t c o mm u n i c a t i o n o f keyissues, risks andchanges. L ac kof/out-of-datetaskspecific competence. H uma nfactorsimpact onbehaviour. Oc cu pation a l  wellbeingrisksincluding psychosocialrisks. P ub li cHealthandwellbeingrisks. B e h a v io u r a lfailures/humanerror resulting ininjuryorincident. Im p a c t o f t h e C o v i d -1 9pandemic.

Ma t e r ia l c o n t ro l s: - Se rco H ealth,Safety,Environmentaland Wellbeing("HSEW")StrategiesandSafety ManagementSystem(policiesand proceduresinc.Covid-19Secureand s pe c if icguidance andpolicies)underpinned byourESGframework. - S a f e t y an dwellbeingtraining, communications,andguidance (inc.Serco Essentials)andindividualdevelopment plansandprocessesbasedonrole and operationalrisk. - S pon t aneou s an dplannedpreventative, maintenance,inspectionandrepair programmes. - E f fectiveincident/near-missobservations reportingandinvestigationsandeffective useof ASSURE(independentreportingand compliance system). - R e g ular o r ga nisation wideandlocal Covid-19specificguidanceand communication.

Mit i gat i o n p r i o rit i e s : - C ont inuetoembedupdatedHealth,Safety, EnvironmentandWellbeingstrategiesanda positive"just"culture. - Increase ZeroHarmEngagement andSafety Momen tactivityacrossthe regions. - D r i vewellbeingagendaandensure appropriatefocusatacorporatelevel. - C ont inuing1st,2ndand3rdlineassurance activitiesandensuringunderstandingof appropriatelevelsof ownership, accountability,andresponsibility. - F u r t he rembedthe Serco(Health,Safety, EnvironmentalandWellbeing)Strategies andSafetyManagementSystem(policies andproceduresinc.Covid-19Secureand specificguidanceandpolicies). - F u r t he rdevelopmentandmaturityof our ESGagendaandprogrammeof improvementstomeetbestpracticeand evolvingstakeholderexpectations. - C ont inuedreviewandsharingof lessons learntthroughoutthe Covid-19pandemic recoveryphases.

R i s ktrend:     No Change

 

 

HAZARD RISKS

 

Catast r ophi c incident (Winning good business / Executing brilliantly / A place people are proud to work / Profitable and sustainable)

Give n the nature of our business we are exposed to the risk of an event (incident or accident) occurring as a result of Serco's actions or failure to effectively respond to/prepare for an event that results in multiple fatalities, and/or severe property/asset damage/loss and/or very serious environmental damage. Management of this risk influences the KPI target for Major Incident Frequency Rate as described on page 34.

W e aim to provide safe services and places to work and have an averse risk appetite for this risk.

 

Eac h  divisio n is continuing to assess risks at a contract level to ensure that all relevant material risks have been identified and to assess and assure mitigations, including insurance cover, are appropriate. Contracts considered inherently high risk are reviewed regularly. The physical risks linked to climate change related events are now included more explicitly in our risk management framework as part of the work initiated for TCFD and outlined in more detail on page 58. Existing business continuity and crisis management plans and processes have been used and served the business well during the Covid-19 pandemic and, despite a continued hard insurance market, we have secured extensive insurance protection as a key mitigant for this risk.

 

K eyriskdrivers: F a c t o r s r e s u l t in g i nunsafeconditions. Ineffective orinadequate  policies, s t a n d a r d s , a n dprocedures. L ac kofcapabilityandexperience. Lackofsafetyculturalalignment. Insufficientsafetymanagement o v e r s i g h t . In ade q u a t e  planningorresponsetoa catastrophicevent,including  extreme weather  ora climatechangerelated event.

Ma t e r i a l c o n t ro l s : - R e gularreviews o fhigh-riskcontracts. - Se r c o H ea lt h ,Safety,Environmentaland Wellbeing("HSEW")StrategiesandSafety ManagementSystem(policiesand procedures)underpinnedbyourESG framework. - S a f e t y t raining(includingSercoEssentials) andindividualdevelopmentplansand processesbasedonroleandoperationalrisk. - E f f e c ti v e i nc i d e n t / n e a r -missinvestigations andeffectiveuseofASSURE(independent reportingandcompliancesystem). - B u si n ess co n t i n u i t y ,crisisandincident emergencyresponseplansandtesting. - R is k t ransferviainsurance whereappropriate.

Mit i gat i o n p r i o rit i e s : - C ont inuetoembedupdatedHSE&W s tr a t eg iesandapositive"just"culture. - O ngoingworkwithindivisionstoidentify andassesscontractspecificrisksand liabilities. - C ont inuedtrainingininsuranceand contractualriskmanagement. - R eview an doptimisationof the insurance programmeandcaptivestructure. - R eviewlevels an dadequacyof compliance assurance.

R i s ktrend:     No Change

 

LEGAL  AND COMPLIANCE RISKS

 

Materia l legal and regulatory compliance failure (Winning good business / Executing brilliantly / A place people are proud to work / Profitable and sustainable)

Se r c o  operate s in complex legal and regulatory environments across multiple industries and geographies and there is a risk that we might not comply with all relevant laws and regulations. Failure to comply with laws and regulations could cause significant loss and damage to the Group and its people including exposure to regulatory prosecution and fines, reputational damage and the potential loss of licences and authorisations, all of which may prejudice the prospects for future bids. Defending legal proceedings may be costly and may also divert management attention away from running th e business for a prolonged period. Uninsured losses or financial penalties resulting from any current or threatened legal actions may also have a material adverse effect on the Group. We are averse to risks which may result in legal and regulatory non-compliance and require processes that seek to minimise regulatory fines and legal action, as well as targeted and selected assurance activity.

 

Th e Covid-19 pandemic, post-Brexit regulatory landscape in the UK and changes in many governments where our customers operate has introduced additional and fast-moving complexity to the legal compliance framework and we recognise that this may increase our risk exposure. In addition, various laws and regulations that apply across the business continue to be subject to increased focus and attention, including Anti-Bribery and Corruption laws, Market Abuse Regulation, Data and Privacy laws, Modern Slavery, Trade Compliance, Competition and Antitrust and Human Rights and Modern Slavery.

 

Ou r 2019 Annual Report documented our approach to the Deferred Prosecution Agreement ("DPA") of one of the subsidiaries of Serco Group plc, Serco Geografix Limited ("SGL") entered into with the Serious Fraud Office ("SFO") in July 2019. Throughout 2020 and 2021 we have continued to implement and monitor delivery of our obligations under the DPA, including reporting to the SFO in June 2020 and June 2021. We will continue to focus on the implementation of our ongoing obligations via our DPA plan with both the Board and GRC providing review and oversight of progress.

 

Th e management of this risk is a key enabler of Serco's governance for ESG purposes.

 

K eyriskdrivers: L ac kofgovernanceandoversight. Failuretocomplywith theSMSand c on t r a c t u a l o b li g at i o n s . Failuretoidentifyandrespondto materialchangesinlegalandregulatory requirements, including  fast-moving n e wlaws. L ac kofawarenessbyemployeesofthe legalandregulatoryrequirements placeduponthemandthe business. In a d e q u a t e p r o vis io n  ofsystemsand tools. Le ga lorregulatorycompliancefailure bya thirdparty. C l a s s a c t i o n liti g atio n a n dincreasing regulatoryfines. Comp li a nc ewith SFODPAobligations.

Ma t e r ia l c o n t ro l s: - E x t e r nally ap p ointedlegal specialists monitoringandadvisingonlegaland regulatoryobligationsandchanges. - Leg alandcontractexpertsalignedto variousspecialistareasacross the business supportedbymandatoryandbespoke training. - InvestmentCommitteeandBusiness LifecycleReviewTeam("BLRT")bidprocess andgovernance. - T hird-party due diligenceonallsuppliers. - S p eak U pprocessandsystemsand corporateinvestigationcasemanagement system.

Mit i gat i o n p r i o rit i e s : - C o m p liance with DPAobligations. - Automatinglegislationtrackingandhorizon scanningonkeynewlawsandregulations. - Greateruseof dataandtrendanalysis. - Embeddingriskbasedthird-partydue diligenceincludingmodernslaveryrisk assessment. - C ont inuingdevelopmentof SercoEssentials trainingprogrammes includingCodeof Conducttraining. - C ont inuingtoimprovekeycontract and complianceassurancereviews.

R i s ktrend:     No Change

 

Relate d party transactions (Note 35 to the Consolidated Financial Statements)

T ransaction s  betwee n the Company and its wholly owned subsidiaries, which are related parties, have been eliminated on consolidation and are not disclosed in this note. Transactions between the Group and its joint venture undertakings and associates are disclosed below.

 

T ransactions

Durin g the year, Group companies entered into the following transactions with joint ventures and associates:

 

 

	Cur r en t  Non-current outstanding  outstanding T ransaction s  at31December  at31December 202 1  2021  2021 £ m  £m  £m
Sal eofgoodsandservices Join tventures Associates Other Dividend sreceived-jointventures Dividend sreceived-associates Receivabl e f r o mconsortium fortax-jointventures	1. 6  1.7  - 0. 8  -  -   -  -  - 13. 5  -  - 0. 9  0.2  0.8
T otal	16. 8  1.9  0.8

 

Join t venture receivable and loan amounts outstanding have arisen from transactions undertaken during the general course of trading, are unsecured, and will be settled in cash. No guarantees have been given or received.

 

	Cur r en t  Non-current outstanding  outstanding T ransaction s  at31December  at31December 202 0  2020  2020 £ m  £m  £m
Sal eofgoodsandservices Join tventures Associates Other Dividend sreceived-jointventures Dividend sreceived-associates Receivabl e f r o mconsortium fortax-jointventures	0.1   - 2.3   0.2  -   4.3  -  - 15. 5  -  - (0.1)   2.0  0.1
T otal	22.1   2.2  0.1

 

A s announced on 2 November 2020, the Ministry of Defence notified the Group that it would be exercising its ability to terminate services provided by the Group through AWE Management Limited (AWEML) on 30 June 2021.

 

A s announced on 24 June 2021, Vivo Defence Services Limited (VIVO), a joint venture between Serco Limited and ENGIE SA, has been awarded contracts to provide repairs and maintenance work for Service Family Accommodation (SFA) by the UK Ministry of Defence (MOD) Defence Infrastructure Organisation (DIO). VIVO is not a material joint venture to the Group in 2021.

 

 

Di r ectors ' Responsibility Statement (Page 178)

 

Th e directors are responsible for preparing the Annual Report and the Group and parent Company financial statements in accordance with applicable law and regulations.

 

Compan y law requires the directors to prepare Group and parent Company financial statements for each financial year. Under that law they are required to prepare the Group financial statements in acco r danc e  wit h UK-adopted international accounting standards and applicable law and have elected to prepare the parent Company financial statements in accordance with UK accounting standards and applicable law, including FRS 101 Reduced Disclosure Framework.

 

Unde r company law the directors must not approve the financial statements unless they are satisfied that they give a true and fair view of the state of affairs of the Group and parent Company and o f the Group's profit or loss for that period. In preparing each of the Group and parent Company financial statements, the directors are required to:

-    s elect suitable accounting policies and then apply them consistently;

-    m ake judgements and estimates that are reasonable, relevant, reliable and prudent;

-    f or the Group financial statements, state whether they have been prepared in accordance with UK-adopted international accounting standards;

-  f or the parent Company financial statements, state whether applicable UK accounting standards have been followed, subject to any material departures disclosed and explained in the parent Company financial statements;

-    a s s e s s  t he Group and parent Company's ability to continue as a going concern, disclosing, as applicable, matters related to going concern; and

-    us e  t he going concern basis of accounting unless they either intend to liquidate the Group or the parent Company or to cease operations or have no realistic alternative but to do so.

 

Th e directors are responsible for keeping adequate accounting records that are sufficient to show and explain the parent Company's transactions and disclose with reasonable accuracy at any time the financial position of the parent Company and enable them to ensure that its financial statements comply with the Companies Act 2006. They are responsible for such internal control as they determine is necessary to enable the preparation of financial statements that are free from material misstatement, whether due to fraud or error, and have general responsibility for taking such steps as are reasonably open to them to safeguard the assets of the Group and to prevent and detect fraud and other irregularities.

 

Unde r applicable law and regulations, the directors are also responsible for preparing a Strategic Report, Directors' Report, Directors' Remuneration Report and Corporate Governance Statement that complies with that law and those regulations.

 

Th e directors are responsible for the maintenance and integrity of the corporate and financial information included on the company's website. Legislation in the UK governing the preparation and dissemination of financial statements may differ from legislation in other jurisdictions.

 

Responsibilit y statement of the directors  in respect of the  Annua l Report and Accounts

W e confirm that to the best of our knowledge:

-  t he financial statements, prepared in accordance with the applicable set of accounting standards, give a true and fair view of the assets, liabilities, financial position and profit or loss of the company and the undertakings included in the consolidation taken as a whole; and

-    t he strategic report includes a fair review of the development and performance of the business and the position of the issuer and the undertakings included in the consolidation taken as a whole, together with a description of the principal risks and uncertainties that they face.

 

W e consider the annual report and accounts, taken as a whole, is fair, balanced and understandable and provides the information necessary for shareholders to assess the Group's position and performance, business model and strategy.

 

B y  o r de r of the board

 

Rupert Soames  Nigel Crossley

Group Chief Executive   Group Chief Financial Officer

 

 

Cautionary statement

This announcement does not constitute or form part of any offer or invitation to sell, or any solicitation of any offer to purchase any shares or other securities in Serco nor shall it or any part of it or the fact of its distribution form the basis of, or be relied on in connection with, any contract or commitment or investment decisions relating thereto, nor does it constitute a recommendation regarding the shares or other securities of Serco. Statements in this announcement reflect the knowledge and information available at the time of its preparation.

 

Without prejudice to that, this announcement contains statements which are, or may be deemed to be, "forward-looking statements" which are prospective in nature.  All statements other than statements of historical fact are forward-looking statements.  Generally, words such as "expect", "anticipate", "may", "could", "should", "will", "aspire", "aim", "plan", "target", "goal", "ambition", "intend" and similar expressions identify forward looking-statements.  By their nature, these forward-looking statements are subject to a number of known and unknown risks, uncertainties and contingencies, and actual results and events could differ materially from those currently being anticipated as reflected in such statements.  Factors which may cause future outcomes to differ from those foreseen or implied in forward-looking statements include, but are not limited to: general economic conditions and business conditions in Serco's markets; contracts awarded to Serco; customers' acceptance of Serco's products and services; operational problems; the actions of competitors, trading partners, creditors, rating agencies and others; the success or otherwise of partnering; changes in laws and governmental regulations; regulatory or legal actions, including the types of enforcement action pursued and the nature of remedies sought or imposed; the receipt of relevant third party and/or regulatory approvals; exchange rate fluctuations; the development and use of new technology; changes in public expectations and other changes to business conditions; wars and acts of terrorism; cyber-attacks; and pandemics, epidemics or natural disasters.  Many of these factors are beyond Serco's control or influence.  These forward-looking statements speak only as of the date of this announcement and have not been audited or otherwise independently verified.  Past performance should not be taken as an indication or guarantee of future results and no representation or warranty, express or implied, is made regarding future performance.  Accordingly, undue reliance should not be placed on the forward-looking statements.

 

Except as required by any applicable law or regulation, Serco expressly disclaims any obligation or undertaking to release publicly any updates or revisions to any forward looking statements contained in this announcement, including to reflect any change in Serco's expectations or any change in events, conditions or circumstances on which any such statement is based after the date of this announcement, or to keep current any other information contained in this announcement.