Capita leads the market in transformational outsourcing. We use our extensive capabilities to deliver real benefits to our clients.

Share Price

Full analysis


In this section

Benefits

Our capability

Offshoring

Industry-leading risk management and regulatory compliance 

Minimising risk 

Integrated risk management

Our customers entrust vital information and processes to us therefore it is essential they have the reassurance of unrivalled risk management.

Our risk management approach can be summarised, as follows:

  • An independent function which monitors and develops a governance framework across the business
  • Stakeholder interaction to establish and maintain an effective internal control programme aligned to changing client and industry requirements
  • A framework detailing ownership and responsibility for business risks
  • Maintenance of risk registers to ensure that business risks are identified and understood and the impact and likelihood are assessed and that controls are always adequate and effective
  • Regular risk reporting to key stakeholders.

A risk management environment includes a strong focus on information security, assured by:

  • ISO27001 certified processes and controls with regular security audits
  • Secure data transfer
  • Passwords, firewalls and standard operating system security protocols across all centres
  • Regular risk and vulnerability assessments with associated risk treatment plans
  • Robust physical controls monitoring all employees for restricted items
  • Regular ‘Information security and privacy’ training
  • Non-disclosure agreements signed by all employees and contractors.

Internal Audit provides:

  • Independent assurance to all stakeholders including the Directors, Clients and Senior Management on key controls
  • Highlights significant issues and residual risks
  • Monitors and compares compliance practices within our India operations to the UK regulations applicable to our clients.

Business continuity

We work closely with each customer to develop a business continuity strategy that fully recognises their business sensitivities. The planning process includes:

  • Single point of failure analysis, with backup for critical utilities and redundant IT infrastructure, including WAN backup both onshore and offshore, with multiple links on diverse routes and redundancy at all potential failure points
  • Business impact analyses for all processes
  • Backup and recovery facilities in place, including use of third party disaster recovery facilities in India
  • Regular testing of procedures and IT redundancy.

Regulatory compliance

Our offshore teams work in a highly regulated environment. Because our clients are UK-based companies, subject to UK laws and regulations, our processes are governed by UK legislation including, but not limited to:

  • Financial Services and Markets Act 2000 (regulated by the Financial Services Authority)
  • Data Protection Act 1998
  • Money Laundering Regulations 2003
  • Proceeds of Crime Act 2002.
Compliance 
Key elements:

Independent, dedicated team of trained professionals

Robust breach identification and reporting

Consistent and unified customer practices

Routine compliance monitoring, audit and reporting

Regular training, guidance and supervision by Group compliance teams