We understood how Shell is complying with those frameworks by making enquiries of management, internal audit, and those responsible for legal and compliance procedures.Where instances of risk behaviour patterns were identified through our data analytics, we performed additional audit procedures to address each identified risk.Our procedures involved journal entry testing, with a focus on journals meeting our defined risk criteria based on our understanding of the business; enquiries of legal counsel, group management, internal audit and all full and specific scope management; review of the volume and nature of complaints received by the whistleblowing hotline during the year; review of internal audit reports issued during the year; review of news releases published by external parties; and
?If any instances of non-compliance with laws and regulations were identified, these were communicated to the relevant local EY teams who performed sufficient and appropriate audit procedures, supplemented by audit procedures performed at the group level.We assessed the susceptibility of Shell's Consolidated Financial Statements to material misstatement, including how fraud might occur, by embedding forensic specialists into our group engagement team.??