• Home
• Customer Site
• Help
• Accessibility
• Legal
• Privacy

• Corporate Communications
• Investor Relations
• Treasury
• Share Information
• Careers

• You are here:
• Home
• Investor Relations
• Corporate Reports
• Community Report 2006

• Investor Relations Home
• Temporary Public Ownership
• Regulatory Announcements
• Results & Presentations
• e-mail subscription
• Corporate Profile
• The Board
• Corporate Reports
  • Community Report 2005
  • Community Report 2006
• Contacts

Governance and Accountability

Corporate Governance

Northern Rock plc (the Company) regards adherence to the principles of good corporate governance to be of the utmost importance. The Board is accountable to Northern Rock's shareholders for corporate governance, and the Corporate Governance Section of the Annual Report and Accounts describes how the Company applies the principles and provisions contained in the Combined Code of Corporate Governance (the Combined Code) appended to the Listing Rules of the United Kingdom Listing Authority (UKLA). This includes commentary on the Board of Directors, evaluation, internal controls and all other aspects of the code.

For more information, please see ARA Governance (1.5mb pdf)

The Company hosts a Corporate Governance day every two years with shareholders which the Chairman, Senior Independent Director and Chief Executive attend. The most recent took place in November 2006.

See Webcast

The Board of Directors and Committees

The Board of Directors meets regularly throughout the year, retains full and effective control over the Company and its subsidiaries (the Group), is collectively responsible for the success of the Group and determines its strategy and policies whilst monitoring performance.

The current membership of the Board and Terms of Reference of Audit, Risk and Nomination Committees are on the website.

For more information, please see ARA Governance (1.5mb pdf)

The Banking Code

Information on the Banking Code can be obtained from the following site:

• The Banking Code

Confirmation that Northern Rock subscribes to the Code can be found on the following site:

• The Banking Code Standards Board

Northern Rock follows The Banking Code. The current edition came into effect on 1 March 2005 – a voluntary code which sets standards of good banking practice for financial institutions to follow when they are dealing with personal customers in the United Kingdom . It provides valuable protection for the customer and explains how financial institutions are expected to deal with them day to day and in times of financial difficulty.

The Code applies to:

• Current accounts, including basic bank accounts;
• Card products and services;
• Loans and overdrafts;
• Savings and deposit accounts, including mini cash TESSA ISA; and
• Payment services, including foreign-exchange services.

It does not cover mortgages, investments, premium bonds or insurance. These are separately regulated by the Financial Services Authority or by other codes.

As a voluntary code, it allows competition and market forces to work to encourage higher standards for the benefit of customers.

Branch Closures

Although we have no plans to close any branches. If the Company planned to close a branch, we would advise customers at least 8 weeks beforehand, and at least 12 weeks beforehand if it is the last bank or building society branch within a 5-mile radius (4 miles in rural areas). We will also advise customers how we can continue to provide banking services to them. This is all in accordance with The Banking Code.

Risk Management

Northern Rock's risk management framework is designed to maintain and continually improve the established processes and tools for the identification, assessment, control and monitoring of existing and future risks. Northern Rock's approach provides a mechanism for the active identification, assessment and communication of risks throughout the business. The approach is co-operative between Group Risk and the business and ensures that risks are:

• appropriately identified;
• assessed against probability of occurrence and impact; and,
• mitigated and reported where appropriate.

Once the associated probabilities and impacts have been identified, an appropriate response can be developed and implemented.

The actual management of risk within NR is embedded within the business, with responsible individuals being empowered to manage the risks within a framework of policies, procedures and delegated authorities established by the Board and Senior Management. A process of regular risk reporting provides evidence of control, supervision and monitoring by the business.

Risk Management Forums

CSR Risk Management continued to be reviewed as an integral part of Corporate Operational Risk Management processes during 2006. A series of Operational Risk Management Forums were held during the year, with the emphasis being placed on exchange of internal and external good practice in the fields of Risk Management within Northern Rock.

The Forums provide the business with the opportunity to raise the importance of CSR related issues within briefing sessions and to assist in the development of a consistent approach (where appropriate) to operational risk management across the business.

The Risk Management Process

This ensures that the management of risk is embedded within the business, ensuring that the Company achieves an acceptable level of risk management, satisfying both corporate objectives and stakeholders. The process includes the following:

• the responsibility for ensuring adequacy of risk management practices resides with the Board and the Board Risk Committee.
• responsibility for the identification, management and reporting of risk is delegated to the relevant line management. Comprehensive high level policies, approvals and limits are in place to support this;
• monitoring and reporting of risk exposures is integrated into established business reporting processes. Separate and independent reporting is carried out by Group Risk, Internal Audit and Group Compliance; and,
• continued development of the business and the environment in which Northern Rock operates requires continual development of the risk management processes. This ensures that Northern Rock not only maintains its existing high standards of risk management but also fully exploits the opportunities that effective risk management can deliver.

Quantification of Risk

Northern Rock has developed a bespoke risk matrix for the assessment of the Company's risks. Measurement of risk before application of risk response measures (inherent risk) assists with the prioritisation and allocation of resource and responsibility. Measurement of risk after application of response measures (residual risk) aids understanding by the business of the impacts associated with the risk it retains.

Response to Risk

The management of risk is achieved by use of a number of techniques, which include:

• acceptance of risk within an agreed risk framework;
• management, control and good corporate governance;
• transfer of the risk to third parties; and,
• avoidance of risks considered to be unacceptable.

Group Risk's role in the overall risk management process is to support line management in the selection of the appropriate techniques to deploy in responding to and mitigating risk. This response to risk is intended to reduce risk and uncertainty thereby improving the probability of Northern Rock achieving its strategic objectives, within its risk appetite.

Techniques for the transfer of risk to third parties can include using contract conditions, outsourcing arrangements and contracts of insurance.

Disposal of Confidential Waste from Northern Rock Sites

Northern Rock has robust procedures in place for the disposal of confidential waste from all our sites. All confidential waste is shredded and certificates of destruction are issued for all consignments. The process is audited regularly by CSR staff.

• contents page
• go to top of page
• previous page
• next page

© Northern Rock plc. 2008