21 June 2017
For Immediate Release
TalkTalk Telecom Group PLC (the "Company")
Publication of Annual Report 2017 & Notice of Annual General Meeting
The following documents have been posted or otherwise made available to shareholders:
· Annual Report 2017
· Notice of 2017 Annual General Meeting
· Form of Proxy for the 2017 Annual General Meeting
This announcement replaces the Company's announcement of 14 June 2016 in respect of the same subject matter.
In accordance with Listing Rule 9.6.1 a copy of each of these documents has been uploaded to the National Storage Mechanism and will be available for viewing shortly at: http://www.morningstar.co.uk/uk/NSM
These documents are also available to view and download from the Company's website at: http://www.talktalkgroup.com
Copies of the Annual Report 2017 and Notice of the 2017 Annual General Meeting may also be obtained from:
11 Evesham Street
Extracts from the Annual Report 2017 in compliance with the Disclosure and Transparency Rule 6.3.5 ("DTR 6.3.5")
The information below, which is extracted from the Annual Report 2017, is included solely for the purpose of complying with DTR 6.3.5. It should be read in conjunction with the Company's Preliminary results announcement for the 12 months to 31 March 2017 issued on 10 May 2017 (at: https://www.talktalkgroup.com/dam/jcr:813a729f-d203-47c8-9e47-35788d8425f6/TalkTalk%20Group%20FY17%20ARA.pdf )
Together these constitute the material required by DTR 6.3.5 to be communicated to the media in unedited full text through a Regulatory Information Service. This material is not a substitute for reading the full Annual Report 2017. All page numbers and cross-references in the extracted information below refer to page numbers in the Annual Report 2017.
For further information please contact:
Tim Morris, Company Secretary +44 (0)203 417 1000
For media enquiries, Isobel Bradshaw +44 (0) 20 3417 1027 / 07584 708351
The Directors' responsibility statement below has been prepared in conjunction with the Annual Report 2017, whereas this dissemination document contains extracts from the Annual Report 2017 to comply with DTR 6.3.5.
Sir Charles Dunstone - Executive Chairman
Iain Torrens - Chief Financial Officer
Tristia Harrison - Chief Executive Officer
Charles Bligh - Chief Operating Officer
John Gildersleeve - Deputy Chairman
Ian West - Senior Independent Director
John Allwood - Non-Executive Director
Cath Keers - Non-Executive Director
Sir Howard Stringer - Non-Executive Director
Roger Taylor - Non-Executive Director
James Powell - Non-Executive Director
We confirm to the best of our knowledge:
1. The financial statements, prepared in accordance with the relevant financial reporting framework, give a true and fair view of the assets, liabilities, financial position and profit or loss of the Company and the undertakings included in the consolidation taken as a whole; and
2. The management report includes a fair review of the development and performance of the business and the position of the Company and the undertakings included in the consolidation taken as a whole, together with a description of the principal risks and uncertainties that they face.
Principal risks and uncertainties
The Board has identified the following principal risks and uncertainties to the Group, which the Group seeks to proactively manage and monitor on an ongoing basis. The details of these principal risks, and the controls in place for mitigating them, are outlined below in no particular order of severity. In October 2016, TalkTalk revealed simplified new branding reflecting its mission to deliver simple, affordable, reliable and fair connectivity for everyone. The principal risks have been identified and assessed with consideration to the impact on the Group's ability to deliver its strategy and therefore its mission.
The Group's risk management framework facilitates continuous and ongoing discussion of risks and associated risk appetite to ensure the appropriate focus is placed on mitigating principal risks. The Board will continue to assess the principal risks and uncertainties faced by the Group and will update the risks and mitigation plans accordingly.
Customer trust and brand reputation
Risk and impact
Customer confidence and trust are critical to TalkTalk's business, and the Company's operating approach always seeks to do what is right for the customer. However, as a value for money connectivity provider in the market, there is a risk that TalkTalk is perceived as a 'budget' provider, associated with price rather than quality and service.
Business and industry challenges including cyber threats and scam calls also present a risk to brand reputation and trust.
Failure to maintain trust, improve brand reputation and offer a positive customer experience may result in increased churn, performance decline and loss of investor confidence.
TalkTalk remains confident of the role for a well-regarded value operator in the market and is committed to delivering a positive end-to-end customer experience. The MTTS programme has delivered improved customer experience through better quality and availability of products and services. The remaining activities in the programme have transitioned into business as usual with an ongoing focus and commitment to continuous improvement of the customer experience.
The organisation also continues to invest in network and systems to support the provision of reliable products to customers as well as ongoing investment in and focus on security (see data and cyber security risk). In addition, TalkTalk continues to support customers in dealing with the industry‑wide issue of scam calls. Initiatives such as the 'Beat the Scammers' campaign are designed to help customers protect themselves from the threat of scams.
These activities have contributed to mitigating the risk and driving an improving net risk position.
TalkTalk will continue to focus on existing as well as new customers, guided by the four key principles we believe are critical to being a value for money connectivity provider - simplicity, affordability, reliability and fairness.
Risk and impact
TalkTalk recognises employees as a key asset and aspires to be a 'Great Place to Work' for all colleagues. We understand the increasing challenges and importance in the market of attracting and retaining the right talent to deliver current performance and future growth aspirations. Failure to attract and retain required talent and competencies may negatively impact our ability to deliver on performance targets and strategic objectives.
TalkTalk has undertaken an extensive programme to understand and implement the behavioural and values based changes required for the Company to evolve from a start-up culture to a fully mature business. Failure to successfully bring about this change may have a negative impact on the Company's reputational and commercial outlook.
In addition, the change in leadership in 2017 will need to be carefully managed to ensure colleague engagement and more mature business culture are maintained during this period.
Structured talent forecasting and assessment processes are in place to ensure required talent is proactively understood. A people scorecard is also in place for ongoing monitoring and oversight of people risk and, where required, actions to further mitigate risk exposures are identified and implemented. In addition, Group-wide activities are carried out to assess the level of employee engagement and insight gained is used to develop action plans to ensure a highly engaged and motivated workforce is maintained. In addition, the organisation has defined values which have been recently reviewed to include a focus on commitment and delivery.
The Executive Committee assesses the engagement level of the workforce and, in addition, performs an annual assessment of talent at senior management level to ensure the right leadership is in place for motivating, inspiring and leading the workforce to deliver on the corporate objectives.
A plan is in place to manage the leadership transition and the activities described above will continue to be employed to understand and maintain colleague engagement during this period.
Risk and impact
TalkTalk is established as a value for money connectivity provider in the fast growing quad play market. The value proposition is a key part of the business model and to date has provided competitor differentiation. Over the last year there has been significant activity particularly in the retail competitive landscape which presents continuously increasing gross risk. There is a risk that this competitive backdrop makes it difficult for TalkTalk to maintain its value credentials.
A clear pricing strategy is in place with ongoing monitoring of pricing position and value proposition. The strategy is reviewed to ensure it remains competitive and continues to support our position as a value for money provider against the changing competitor activity landscape. As a result, in FY17 TalkTalk launched its FLPP with strong customer take-up. FLPP offers both new and existing customers the opportunity to lock in their price for the term of their contract guaranteeing no mid-contract price rises. The introduction of FLPP forms part of the risk mitigation and driving an improved net risk position.
In addition, competitor pricing activity is monitored to understand customer and market impact and plans are revisited accordingly if necessary. TalkTalk uses customer communications to promote the value for money connectivity provider message and is committed to helping customers understand the best positioned package to meet their needs.
Changing market structure
Risk and impact
The UK telecommunications market structure is currently experiencing significant change. Both the regulator and the Government have acknowledged a pressing need to promote competition and drive investment across the market, and TalkTalk is well placed to participate in the opportunities that may result.
Ofcom made a series of announcements designed to improve the performance of BT Openreach and make it easier for rivals to invest in alternative networks. These included an agreement with BT to legally separate Openreach in response to the regulator's Digital Communications Review; proposed higher service standards for Openreach; proposals to make it simpler for BT's rivals to use existing Openreach infrastructure when building networks; and proposed lower Openreach wholesale broadband prices. Ofcom also sets out proposals for automatic compensation to retail customers, which will impact all providers.
There is a risk that such significant change to the structure of the industry could create opportunities for regulatory gaming or fail to deliver the positive customer outcomes TalkTalk and Ofcom expect.
TalkTalk has been a vocal advocate of competition and is well placed to benefit from an increasing trend toward a more pro-competition regulatory framework. This poses a significant risk to incumbent players in the market, whilst presenting potentially valuable opportunities for challengers. The business is actively engaging with the necessary external stakeholders to share views and attempt to deliver the best market and customer outcomes, as well as to proactively understand and respond to the opportunities and challenges presented by structured market changes.
Risk and impact
The telecommunications sector is highly regulated, with compliance over key customer focused regulations monitored by the governing body, Ofcom. Another of the key governing bodies relevant to the company is the Information Commissioner's Office (ICO). The regulations and laws that TalkTalk must comply with, including Ofcom General Conditions and data legislation including the Data Protection Act, are designed to support customers and the regulatory landscape is increasingly more demanding as it seeks to further support customers. Failure to comply with regulatory obligations may result in negative customer impact and/or significant regulatory fines as experienced by TalkTalk following the October 2015 cyber attack.
There has been continued focus on improving processes and controls and clarifying lines of accountability both in first-line operations and in our second line assurance function. There has been significant progress with delivering improvements in our complaint handling processes during the period and there is continued focus on reducing complaint volumes.
While other matters that took place before the cyber attack remain under investigation by the ICO, since the cyber attack TalkTalk has made significant investments in driving more robust compliance and controls in the area of data protection.
The Group's Regulatory Compliance Committee, a subcommittee of the Board, has continued to convene throughout the year to monitor the mitigation of operational risks which could give rise to customer complaints and regulatory breaches. The Group Legal Counsel and Company Secretary has chaired weekly compliance meetings throughout the year, attended by senior management.
There will be a significant amount of activity for the Group in FY18 as it prepares for the introduction of the new General Data Protection Regulation (GDPR) in May 2018 and delivers changes in response to Ofcom's review and updates to various General Conditions. The progress of this activity will be governed by the existing Compliance Committee and meetings to ensure effective delivery.
Data and cyber security
Risk and impact
Security of customer, commercial and colleague data poses increasing reputational and financial risk to all businesses and the gross risk remains ever increasing. In particular, the ongoing rise in cyber and data related crime presents a significant challenge in terms of securing data and systems against attack. TalkTalk receives most of its revenue through card transactions and like many businesses utilises third parties as part of doing business. TalkTalk recognises that failure to successfully secure data and systems against attack may have a material impact on brand reputation and financial performance. Other associated costs may also be incurred, including potential regulatory fines.
Since the cyber attack in October 2015, TalkTalk continues to invest in and focus on actively implementing an ongoing programme to build security capability. The organisation's security strategy is centred around four strategic themes:
• Secure by Design;
• Secure in Operations;
• Secure Third Parties; and
• Secure Culture.
The strategy is underpinned by the NIST Cyber Security Framework and is positioned to continuously improve the security maturity of the organisation, as well as maintaining and updating ongoing activities (such as monitoring activities, vulnerability scanning, penetration testing and the data loss prevention solution) to ensure they remain fit for purpose.
Since the cyber attack, significant investment has been made in building out a bigger security function and capability including establishing an in-house Security Operations Centre, bringing currently outsourced monitoring activities in house, which is due to go live in autumn 2017. Investment also continues to be made in security related resource with the hire of a permanent Chief Security Officer who joined the business in July 2016 and the Group Data Protection Officer who joined in December 2016. The security function will work closely with the Group Data Protection Officer over the next twelve months to support delivery of the new data protection requirements under the General Data Protection Regulation. These activities and investments are supporting management of the risk and improving net risk trajectory.
In addition to the above, a robust governance structure remains in place with the Security Committee meeting every two months. This is a subcommittee of the Board, chaired by the Chief Executive, with senior executive representation and including a Non-Executive Board member.
Resilience and business continuity
Risk and impact
TalkTalk is reliant on its infrastructure as well as key third party suppliers and partners in order to deliver quality products and services to its customers. Network, system or third party failure could result in significant disruption to services or business processes, which may have a negative impact on customers and therefore damage customer loyalty or drive complaints. It is therefore important to establish resilience in the network and require resilience from our third parties and partners. It is also noted that in the event of an incident, TalkTalk must be able to respond in an efficient and effective manner in order to minimise impact on customers and performance.
Network resilience is assessed and monitored on a regular basis and, over the last year, TalkTalk has continued to deliver network improvements supporting greater resilience. Continuous monitoring of network availability is also in place to ensure any issues are identified in a timely manner. Where an incident does occur, a robust incident response process is in place and exercised to ensure effective response, followed by a problem management review that is linked to service improvement. The Group recognises that network resilience is also reliant on the dependency on BTOR for the last mile and as such Ofcom focus on BTOR processes, systems and controls should help mitigate the risk.
Other prioritised critical processes, systems and third parties are identified and business owners are assigned accountability for assessing resilience and implementing business continuity plans to enable continuity of operations in the event of an incident. TalkTalk also continues to invest in supporting appropriate resilience on critical systems taking a risk-based approach. For third parties, the relationship owners are assigned accountability for requiring critical third parties to have adequate business continuity plans in place and obtaining third party assurance that their plans have been reviewed and tested on a regular basis.
Risk and impact
As with many organisations, TalkTalk must actively manage liquidity risk. Other key financial risks include availability of long term funding, the ability to comply with covenants and other terms of funding arrangements, and foreign exchange and interest rate risk.
In addition, there are a number of changes to accounting standards that will be adopted in FY19, in particular IFRS 15 and IFRS 16.
The Group Treasury function is responsible for managing the Group's liquid resources and managing compliance with the terms of funding agreements. Policies and operating procedures are in place and these are regularly reviewed to ensure they remain appropriate for the business. In addition, the Executive Committee and the Board oversee the liquidity and funding position of the Group on a regular basis and are required to provide approval on major and significant funding decisions.
The Group Treasury function is also responsible for managing foreign exchange and interest rate risks in line with the Group's policy.
TalkTalk has established a change project to deliver the required changes to accounting standards over accounting for revenue from contracts with customers (IFRS 15) and lease accounting (IFRS 16).
Change delivery and execution
Risk and impact
Delivery of performance objectives and development of the business is reliant on the ability to successfully deliver innovation and other operational changes required to support growth and performance. Failure to effectively deliver significant change programmes and associated benefits critical to TalkTalk's strategy would result in an inability to deliver performance objectives and limit
TalkTalk's competitive position in the market.
Following the implementation of a formal change framework for significant change projects in FY16, TalkTalk has continued to embed the framework more broadly for all change projects in FY17. The framework is intended to ensure a desired level of quality is reached throughout the lifecycle of each project and has supported successful delivery of key change programmes in FY17, including the introduction of FLPP.
The Group Change function remains a key control for facilitating prioritisation discussions to ensure people and financial resources are appropriately engaged, allocated and focused. Performance measures for key change projects are defined and monitored and regularly reviewed by Group Change. Monitoring and oversight of key change projects occurs at both the business unit leadership team level and by the Executive Committee on a regular basis, enabling real time consideration of the potential impact of other operational and strategic activities on change projects.
This information is provided by RNS