Last checked at 14 Mar 2019 14:31
Capita plc - Annual Financial ReportCapita plc - Annual Financial Report
PR Newswire
London, March 14
14 March 2018
Capita plc
(the "Company")
Annual Financial Report
In compliance with Rule 4.1 of the Disclosure Guidance and Transparency Rules (“DTRs”), the Company announces the publication of its Annual Financial Report for the year ended 31 December 2018. Pursuant to Listing Rule 9.6.1, a copy of this document has been submitted to the National Storage Mechanism and will shortly be available for inspection at http://www.hemscott.com/nsm.do. The document is also available on the Company's website: www.capita.com/investors.
Additional Information
A condensed set of the Company's financial statements and information on important events that have occurred during the financial year and their impact on the financial statements, were included in the preliminary results announcement released on 14 March 2018. That information, together with the information set out below, which is extracted from the Annual Report and Accounts 2018, is provided in accordance with DTR 6.3.5. This information should be read in conjunction with the Company's preliminary results announcement. This announcement is not a substitute for reading the full Annual Report and Accounts 2018.
Principal risk categories
Our risk management framework is based around risk categories against which our businesses measure their risk exposure and report on incidents and issues. The ‘critical’ risk exposures are reported directly to the Audit and Risk Committee to provide clear line of sight. The principal risks represent the main risks to the strategy and objectives of Capita.
The principal risks and uncertainties which are considered to have a material impact on Capita’s performance and achievement of its strategy are set out on the following pages. External and internal risk factors are considered. This is not intended to be an exhaustive and extensive analysis of all risks which may affect our businesses. Additional risks and uncertainties not presently known to management, or currently deemed to be less material, may also have an adverse effect on our objectives.
To repeat, Capita is in year one of a fundamental transformation plan. The principal risks reflect this; in particular, Capita’s ability to meet financial expectations, deliver sales growth and protect its reputation, so as to continue to do business. The integrated nature of the transformation plan is designed to mitigate these risks as effectively as possible. Accordingly, such mitigation is dependent on the successful implementation of this plan.
1. Failure of internal systems of control – controls do not operate effectively or do not operate at all. Potential impact:
Increased fraudulent activity Increased risk of financial malpractice Increased regulatory scrutiny Increased costs associated with remediation activities Reputational damage Service detriment to our clients or end-customers Financial lossHow we manage the risk:
Mitigating actions in 2018
Governance, boards and committees in place to review Internal audit programme of work Monitoring of regulatory requirements Monthly performance tracking of risk indicatorsFuture actions
Controls and risk self-assessment Financial Services Risk Committee put in place Implementation of a new finance systems supported by standard processes and controls2. Failure in information security controls – information held in systems is accessed or shared in breach of policy. Potential impact:
Significant loss of data Loss of customer confidence Failure to win new business Regulatory censure/fine Remediation programme at Capita’s expenseHow we manage the risk:
Mitigating actions in 2018
Capita operates and holds certifications for ISO 27001 External review of cyber-resilience Programme of work of remediate issues Detective controls in place and regularly reviewed to consider new threats Preventative controls in place and regularly updated to detect new threats Data protection programme of work carried outFuture actions
Comprehensive review of current status of resilience against group and contract requirements Simplify our cybersecurity through the creation of a single cyber-operations centre Strengthen our cyber-posture by developing and mandating additional capabilities, including organisational awareness and enhanced training of our people Work with organisations, such as Security Alliance (a Gartner company), to help assess the threat to Capita by looking from an external viewpoint Run continuous vulnerability assessments across the estate to proactively identify weaknesses that need to be addressed Run executive cyber-training to ensure all our senior employees are aware that cybersecurity is a business responsibility and not just an IT responsibility3. Increased business complexity – business has grown into many diverse business areas. Potential impact:
Lack of clear accountability within the business
Risk and performance management are more difficult to operate effectively, leading to sub-optimal outcomes for all stakeholders
Divisions not working together, duplicating effort and driving up costs
How we manage the risk:
Mitigating actions in 2018
Reorganised business into coherent divisions
Implemented a clear operating model with supporting governance to clarify accountabilities
Simplified the range of market offerings
Strengthened corporate and divisional management
Disposal of non-core businesses
Future actions
Embed operating models across business
New customer relationship management tool to be put in place
Financial models agreed where divisions introduce each other
4. Operational IT – IT infrastructure is not fit for purpose. Potential impact:
Disruptions to service lead to loss of revenue
Service credits payable to clients
Loss of confidence in Capita’s IT systems
How we manage the risk:
Mitigating actions in 2018
Upgrade technical abilities
Investment in data centre network
Simplified existing IT environment
Change management processes help reduce risk and unplanned outages
Future actions
Continued activity on simplifying data centre network Continued investment in IT resilience
5. Failure to effectively manage our people – unable to recruit and retain key employees. Potential impact:
Loss of key employees
Unable to attract the right people with the right skills
Lack of skilled, competent resource
Increased cost of recruitment due to high attrition rates
Unable to deliver Capita’s strategy
Lack of continuity at Executive Committee level
How we manage the risk:
Mitigating actions in 2018
Chief People Officer appointed
Focus on culture from the top
Strengthened senior leadership team
People strategy defined
Improved engagement across the business
Capita Academy launched
Future actions
Focus on succession planning and development of employees
Talent reviews, enabling employees to identify new opportunities and to move to new roles within Capita
Investment into new HR systems
6. Weaknesses in acquisition and contracting – entering poorly worded contracts to our detriment. Potential impact:
Loss of contracts
Lack of ability to acquire new business
Contract terms are punitive
Contract terms are not met or understood
Loss of profits
Exposure to unexpected costs or onerous terms
Brand and reputation damage if not managed effectively
Acquisition synergies are not realised
How we manage the risk:
Mitigating actions in 2018
Contract Review Committee in place to better understand contract risks in new or existing arrangementsFuture actions
Delivery of a clearly defined Contract Management process
Transactions committee to be put in place
7. Legal and regulatory – breaking the law or not meeting regulations. Potential impact:
Censure or fine from a regulator
Reputational damage
Lack of confidence from investors and customers
Data Subject Access requests not completed within required timescales
Increased costs due to remediation activities
Increased regulatory scrutiny which could limit potential for growth
How we manage the risk:
Mitigating actions in 2018
Regular risk committee meetings held throughout the year, including the Audit and Risk Committee
Engagement with regulatory bodies
Specialist team monitoring and engaging with regulators over proposed regulatory or legal changes
Chief General Counsel appointed
Legal team in place across the divisions to manage potential and actual issues
Future actions
Financial Services Risk Committee to focus on financial services risk
Development of controls and risk self-assessment tool
Refresh and roll-out of a revised risk framework
8. Failure to achieve financial expectations – adverse performance against our stated business plans. Potential impact:
Loss of revenues, profits and/ or cash flows
Failure to return to organic revenue growth
Loss in shareholder value
Undermines investor confidence
Erodes corporate position in the market
Weakens our ability to attract and retain the best people
How we manage the risk:
Mitigating actions in 2018
Move to a multi-year strategic planning range
Detailed bottom-up Board-approved business plan for 2019 and 2020
Enhanced monthly performance reviews
Clearer financial and operational KPIs at business, divisional and functional level
New Executive Committee governance committees
Appointed Chief Growth Officer
Future actions
Delivery of upgraded financial systems, processes and controls
Deep-dive review of businesses to assess progress against the new strategy
Plan to drive revenue growth
9. Lack of corporate financial stability – failure to manage financial exposures and access to finance. Potential impact:
Increase in leverage
Inflexible balance sheet
Lack of cash to invest
Inability to grow
Lack of confidence from investors and customers
How we manage the risk:
Mitigating actions in 2018
Launched new strategy
Completion of the rights issue
Disposal of non-core businesses
Reduction in leverage
Early repayment of debt
Targeted investment
Achieving £70m of cost-out savings
Developed a plan to address pension deficit
Future actions
Further repayment of debt
10. Failure to innovate – not keeping up with technology or other changes. Potential impact:
Inability to grow and develop into new markets
Loss of new and existing business to competitors
Erodes corporate position in the market
Weakens our ability to attract and retain the best people
Unable to compete with others who are innovative
How we manage the risk:
Mitigating actions in 2018
Strengthened the executive team with a Chief Digital Officer and Chief Growth Officer
Working with external technology partners to develop our digital offering
Share market innovation best practice internally
11. Adverse changes in political landscape – unable to operate under a different political regime. Potential impact:
Fewer outsourcing opportunities offered by the public sector
Existing business no longer outsourced
Exposure to markets with limited growth opportunities
Loss of revenues, profits and/ or cashflows
How we manage the risk:
Mitigating actions in 2018
Engagement with Government and other parties (e.g. regulators) to understand current thinking
Preparations made in relation to Brexit
Understanding of client requirements for Brexit if there is a transition period or no deal with Europe
Future actions
Build a broader base of understanding about Capita as a transforming business, committed to delivery of service
Demonstrate value delivered in public sector
12. Reputation – poorly thought of by our stakeholders. Potential impact:
Loss of confidence in Capita
Clients suffer reputational damage
Fewer or no new contracts
Loss of revenues, profits and/ or cash flows
Unattractive proposition for shareholders to invest in
How we manage the risk:
Mitigating actions in 2018
Director of Corporate Affairs appointed
Reactive and proactive management of media stories
Working with selected media to promote Capita’s positive image
Future actions
Deliver new corporate affairs strategy
Ensure Capita’s multi-year transformation is understood and clearly communicated to all stakeholders
Embed new corporate purpose, and refreshed values and behaviours
13. Transformation – making the business fit for the future. Potential impact:
A more complex business that is unmanageable
Loss of revenues, profits and/or cash flows
Money spent on transformation is wasted
Business is not fit for the future
How we manage the risk:
Mitigating actions in 2018
‘Blueprint’ used to ensure consistent approach to operating model across divisions and functions
Chief Transformation Officer appointed
Focus by Executive Committee on risks
Simplification is the way to strengthen the business
Future actions
Complete operating model work
Embed the new model
Emerging Risk
Impact of Brexit:
While the details around the UK’s scheduled departure from the EU remained unclear at the time of writing this Annual Report, Capita has continued to review a range of Brexit scenarios and conducted contingency planning. We have taken steps to manage risk in specific areas and are not aware of any material company-specific impacts from Brexit. We are therefore confident that there will be no significant disruption to the services we offer clients.
Capita employs a significant number of EU nationals, and we want to see maximum certainty for our valued employees and colleagues. We are providing guidance and support for those who are applying for settled status in the UK.
Our preparations for any Brexit scenario, including a ‘no deal’ exit, include safeguards to ensure resilience around potential changes to data protection rules, procurement rules and immigration requirements. As with other companies, Capita would be subject to any deterioration in the economy occurring as a result of Brexit.
We continue to monitor political developments and consider scenarios as the Government’s plans and positions develop.
Other risk factors
Protecting our information and data:
Protecting the data of our clients, our company and our people is one of the most fundamental and important responsibilities we have. Our Data Protection and Information Security Policies, Standards and Procedures ensure we treat personal information correctly, in accordance with the law and best practice. When we process personal information (including sensitive personal information), we ensure that we comply with these policies, standards and procedures including its collection, storage, use, retention, transfer, deletion and safe destruction.
In order to ensure compliance with the Data Protection Act 2018 (and General Data Protection Regulations), we have implemented a comprehensive programme, including a network of trained privacy professionals who provide expert help and assistance for anyone handling data within our business or on behalf of our clients.
We continue to raise awareness of the importance of data protection and privacy through our mandatory data protection training and ongoing training programmes, in particular the Think Privacy; Think Security campaigns.
Cyber-attacks:
Cyber-attacks continue to negatively impact all industry sectors.
Capita fully recognises the persistent cyber-threat posed by criminals and nation-states, and that cyber-attacks are increasing both in their number and in their sophistication.
The Board remains focused on ensuring our businesses and systems are resilient against the latest cyber-threats and have instigated a cyber-resilience programme. Supported by external and internal cybersecurity subject matter experts, the cyber-resilience programme liaises with our businesses and IT providers to implement and maintain robust preventative security controls throughout Capita’s IT estate. As a managed service provider, we recognise our role within our client’s supply chain, and the increasing cyber-threat posed by nation-state resourced actors targeting our clients.
We continue to work closely with UK Government agencies and our partner organisations, to help protect our clients’ digital assets and services, and the key parts of the national information infrastructure with which we are entrusted.
Related party transactions
Compensation of key management personnel
| 2018 | 2017 | |
| £m | £m | |
| Short term employment benefits | 11.9 | 11.3 |
| Pension | 0.2 | 0.2 |
| Share based payments | - | 0.1 |
| Total | 12.1 | 11.6 |
Gains on share options exercised in the year by Capita plc Executive Directors were £0.0m (2017: £0.7m) and by key management personnel £0.0m (2017: £0.2m), totalling £0.0m (2017: £0.9m).
During the year, the Group rendered administrative services to Smart DCC Ltd, a wholly-owned subsidiary which is not consolidated (refer to note 34 of the Annual Report and Accounts 2018). The Group received £64.3m (2017: £55.5m) of revenue for these services. The services are procured by Smart DCC on an arm’s length basis under the DCC licence. The services are subject to review by Ofgem to ensure that all costs are economically and efficiently incurred by Smart DCC.
Capita Pension and Life Assurance Scheme is a related party of the Group. Transactions with the Scheme are disclosed in note 32 – Employee benefits on pages 157-164 of the Annual Report and Accounts 2018.
The following companies are substantial shareholders in the Company and therefore a related party of the Company (in each case, for the purposes of the Listing Rules of the UK Listing Authority).
The number of shares held on 5 March 2019 was as below:
| Shareholder | No. of shares | % of voting rights |
| Veritas Asset Management LLP 1 | 192,533,863 | 11.54 |
| Invesco Ltd. | 191,409,106 | 11.47 |
| Investec Asset Management Ltd | 153,805,729 | 9.22 |
| RWC Asset Management LLP | 127,012,876 | 7.61 |
| Schroders Investment Management Ltd | 101,030,829 | 6.06 |
| Woodford Investment Management LLP | 93,562,659 | 5.60 |
| Coltrane Asset Management, L.P | 82,388,589 | 4.94 |
| BlackRock, Inc. | 74,230,358 | 4.45 |
| Marathon Asset Management LLP | 64,756,810 | 3.88 |
| Veritas Funds PLC | 55,009,900 | 3.30 |
| Vanguard Group | 54,711,874 | 3.28 |
| Norges Bank Investment Management | 54,273,873 | 3.25 |
| Jupiter Asset Management Limited | 53,573,060 | 3.21 |
1 This includes the holding of Veritas Funds PLC
Responsibility Statement of Directors in respect of the annual financial statements
The Directors confirm that, to the best of their knowledge:
the financial statements, prepared in accordance with the applicable set of accounting standards, give a true and fair view of the assets, liabilities, financial position and profit or loss of the Company and the undertakings included in the consolidation taken as a whole.
the strategic report includes a fair review of the development and performance of the business and position of the Company and the undertakings included in the consolidation taken as a whole, together with a description of the principal risks and uncertainties that they face.
The Annual Report and Accounts, taken as a whole, are fair, balanced and understandable, and provide the information necessary for shareholders to assess the Company’s position and performance, business model and strategy.
Cautionary statement
The Directors present the Annual Report for the year ended 31 December 2018 which includes the strategic report, governance and audited accounts for this year. Pages 1 to 98 of the Annual Report comprise a report of the Directors that has been drawn up and presented in accordance with English company law, and the liabilities of the Directors in connection with that report shall be subject to the limitations and restrictions provided by such law. Where the Directors’ report refers to other reports or material, such as a website address, this has been done to direct the reader to other sources of Capita plc information which may be of interest. Such additional materials do not form part of the report.
Contact: Francesca Todd, Group Company Secretary, 020 7202 0641