Last updated: 29 May 2025

On this page

1. Membership

The Committee shall comprise a minimum of three members, all of whom shall be independent of the day to day management of UK Biobank and at least one of whom should have recent and relevant financial and risk management experience. The chairman of the board shall not be a member of the Committee. The majority of the members of the Committee shall be UK Biobank directors.

The board shall appoint the Committee members in consultation with the Chair of the Committee other than when appointing for that post. The Chair of the Committee shall be a board director. In the absence of the Committee chairman and/or an appointed deputy, the remaining members present shall elect one of themselves to chair the meeting.

Only members of the Committee have the formal right to attend Committee meetings. The Chief Operating Officer, Chief Financial Officer and representatives of senior management will be invited to attend meetings of the Committee on a regular basis. UK Biobank’s external auditors attend committee meetings to present their audit plan and to report the results of their audit. The external auditors and funder representative have an open invitation to attend all meetings. The Committee may invite other non-members such as senior staff, external advisers or stakeholders to attend all or part of any meeting.

Appointments to the Committee shall be for a period of up to three years. Members may serve a second term of up to three years. Exceptionally the appointment may be extended for a further year.

2. Secretary

The Secretary, the Assistant Secretary, or their nominee shall act as the secretary of the Committee and will ensure that the Committee receives information and papers in a timely and effective manner.

3. Quorum

The quorum necessary for the transaction of business shall be two members. A duly convened meeting of the Committee at which a quorum is present shall be competent to exercise all or any of the authorities, powers and discretions vested in or exercisable by the Committee. Meetings may be held by electronic means.

4. Frequency of meetings

The Committee shall meet quarterly at appropriate intervals in the financial reporting and audit cycle and to enable it to report on its work to the quarterly board meetings.

Outside the formal meeting programme, the Committee chairman will maintain a dialogue with key individuals involved in governance, including the board chairman, the Chief Financial Officer and other senior management as appropriate, and the external audit lead.

5. Notice of meetings

Meetings of the Committee shall be called by the Secretary of the Committee and/or at the request of any of its members or at the request of the external audit lead partner or the Chief Financial Officer if they consider it necessary.

Unless otherwise agreed, notification of each meeting, the agenda and supporting papers shall be sent to members of the Committee and other attendees no later than five working days before the date of the meeting.

6. Minutes of meetings

The Secretary or a nominee shall minute the proceedings and resolutions of all Committee meetings, including recording the names of those present and in attendance.

Minutes of Committee meetings shall be circulated to members and the following board meeting, after review by the Chair, pending formal approval by the Committee at its next meeting.

7. Other matters

The Committee shall:

  • at least annually, review its constitution, terms of reference and effectiveness recommending any changes it considers necessary to the board for approval;
  • have access to sufficient resources in order to carry out its duties, including access to the company secretariat for assistance as required;
  • give due consideration to laws and regulations;
  • be provided with appropriate training, in particular upon induction;
  • oversee any investigation of activities which are within its terms of reference; and
  • work and liaise as necessary with other board committees.

The Committee’s members shall comply with the UK Biobank group policy on Conflicts of Interest.

Any member of the Committee has a right to attend, as an observer, a meeting of the Audit and Risk Committee of the company’s subsidiary UK Biocentre Limited.

8. Authority

The Committee is authorised by the board to:

  • obtain, at the company’s expense, outside legal or other professional advice on any matters within its terms of reference;
  • seek any information it requires from any employee of the company in order to perform its duties; and
  • call any employee to be questioned at a meeting of the Committee as and when required

9. Duties

The Committee should carry out the duties below for the company and the group as a whole.

Financial reporting

The Committee shall assure the integrity of the financial statements of the company including its annual reports, consolidated financial statements, quarterly interim management statements, and any other formal announcements relating to its financial performance, reviewing and reporting to the board on significant issues and judgments which they contain having regard to matters communicated to it by the auditor.

In particular, the Committee shall review and assure:

  • the consistency of, and any changes to, accounting policies on a year on year basis;
  • the methods used to account for significant or unusual transactions where different approaches are possible;
  • whether the company/group has followed appropriate accounting standards and made appropriate estimates and judgments, taking into account the views of the external auditor;
  • the clarity and completeness of disclosure in the company/group’s financial reports and the context in which statements are made;
  • all material information presented with the financial statements, such as the directors’ report, financial management, and the corporate governance and risk statements;
  • where the Committee is not satisfied with any aspect of the proposed financial reporting by the company/group it shall report its views to the board.

Internal controls and risk management systems

The Committee shall:

  • keep under review the adequacy and effectiveness of the company/group’s internal financial controls and internal control and risk management systems. To fulfil this role, the committee receives the risk register and management accounts each quarter, and benefits from insight provided by the external auditors whose scope of testing includes the group’s transactions and controls.
  • monitor and review the requirement for an internal audit function in the context of the contribution of external audit, quality management systems, assurance of control systems, and other external validation; and
  • review and approve the statements to be included in the annual report concerning internal controls and risk management.

Specific Control Systems

The Committee shall review the adequacy and security of the company/group’s arrangements for the following matters, receiving an annual assurance report on the systems from officers, with further reports in the event of significant breach of controls

  • systems to enable employees and contractors to raise concerns, in confidence, about possible wrongdoings in financial reporting or other matters;
  • the procedures for detecting fraud;
  • the systems and controls for the prevention of bribery and receive reports on non-compliance; and
  • the adequacy and effectiveness of anti-money laundering systems and controls
  • the effectiveness of contractual relationships with major external suppliers
  • assurance of information and data security;
  • effectiveness of environmental and sustainability policies

External audit

The Committee shall;

consider and make recommendations to the board, in relation to the appointment, re-appointment and removal of the company’s external auditor.

The Committee shall oversee the selection process for a new auditor and if an auditor resigns the Committee shall investigate the issues leading to this;

oversee the relationship with the external auditor including (but not limited to):

  • recommendations on their remuneration, and that the level of fees is appropriate to enable an effective audit;
  • approval of their terms of engagement, including the audit plan issued at the start of each audit covering the scope of the audit;
  • assessing annually their compliance with relevant UK professional and regulatory requirements and guidance;
  • satisfying itself that there are no conflict of interests which could adversely affect the auditor’s independence and objectivity;
  • develop a policy on any provision of non audit services by the external auditor; and
  • assessing annually the expertise of the auditor and the effectiveness of the audit process.

meet reasonably regularly with the external auditor, including once at the planning stage before the audit and once after the audit at the reporting stage.

The Committee shall meet the external auditor at least once a year, without management being present; to discuss the auditor’s remit and any issues arising from the audit;

review the findings of the audit with the external auditor. This shall include but not limited to, the following:

  • any major issues which arose during the audit;
  • any accounting and audit judgments;
  • levels of errors identified during the audit; and/or
  • the effectiveness of the audit.

The Committee shall:

  • review the management letter and management’s response to the auditor’s findings and recommendations;
  • review any representation letter(s) requested by the external auditor before they are signed on behalf of the Board
  • recommend to the board whether it can approve sign off of the representation letter and the annual financial statements.

The Committee shall, where appropriate, seek assurances from the UK Biocentre Limited Audit & Risk Committee.

10. Reporting responsibilities

The Committee shall provide an annual report to the board, summarising its work in the previous year, commenting on the effectiveness of financial governance, internal control systems, and risk management, and setting out any priorities for consideration in the coming year;

In addition, the Committee shall report to the board on its proceedings at each meeting, circulating the minutes of its meeting, and covering its consideration of:

  • the financial management information presented at its meeting;
  • risk management of the group;
  • internal controls reviewed at the meeting
  • the external audit process and the appointment of the external auditor; and
  • any other issues on which the board has requested the Committee’s opinion.

The Committee shall make recommendations to the board on any area within its remit where action or improvement is needed.

11. Relationship with UK Biocentre Limited

The Committee will keep the relationship between UK Biobank and UK Biocentre under review, balancing the need of the parent company to assure common group financial management and other control systems while respecting the arms length trading status of UK Biocentre with its own board of directors and audit and risk committee.

To this end the Committee will receive at its meetings, UK Biocentre quarterly financial management statements, risk register and the meeting minutes of UK Biocentre Audit and Risk Committee for information and to assure that the operation of the subsidiary does not present risks either to the financial integrity or overall status of the group or to the reputation of UK Biobank as the parent company. The Committee will agree with UK Biocentre any further information it needs to fulfil its assurance role, as appropriate for the risks UK Biocentre faces and the status of its relationship with UK Biobank.