The effective understanding, acceptance and management of risk is fundamental to the long-term success of the Group. The Group has developed specialist knowledge in products, services, processes and regions which allows us to understand the associated risks and accept them in an informed way. Our approach is encapsulated in the key principles of our new Risk Management Policy:
- To understand the nature and extent of risks facing the Group.
- To accept and manage within the business those risks which our employees have the skills and expertise to understand and leverage.
- To assess and transfer or avoid those risks which are beyond our appetite for risk.
- By consideration of materiality, to establish the authority levels within the Group at which decisions on acceptance and mitigation of these risks are taken.
The Risk Committee has accountability for overseeing the risk management processes and procedures, and reports to the Board through the Audit Committee on the key risks facing the Group. It monitors the mitigating actions put in place by the relevant operational managers to address the identified risks. The Board has approved the acceptance of certain risks which are considered appropriate to achieve the Group’s strategic objectives. The degree of risk to be accepted within the business is managed on a day-to-day basis through the Board Delegated Authority levels. These provide the framework for informed risk taking within the businesses and the route for escalating decision making up to the Board.
Risk Management framework
The diagram below summarises our complementary approach based on utilising a top down plus a bottom up process: