The risk committee sets the group risk culture, framework and
strategy and ensures a robust risk management process is in place.
Membership of the committee
The committee comprises both non-executive and executive
members and is chaired by a non-executive director.
The committee had four meetings during the past financial year.
The table details the members of the committee and their
attendance of meetings during the year.
|
|
|
Member |
Number of
meetings attended |
Y Waja (chairman)* |
4 |
|
H Adler |
3 |
|
OS Arbee |
4 |
|
HR Brody |
4 |
|
S Engelbrecht* |
4 |
|
BJ Francis |
4 |
|
RL Hiemstra** |
3 |
|
MJ Leeming* |
4 |
|
PB Michaux |
4 |
|
G Rudman |
4 |
|
JJ Strydom |
2/2 |
|
A Tennick |
2/2 |
|
* Independent.
** Excused from meetings due to ill health at the time.
Risk management model
In line with its policy of aligning group corporate governance
with international best practice to safeguard the interests of
stakeholders, Imperial has implemented an enterprise risk model
to identify and assess relevant risks facing the group at strategic,
business and operational levels. The group’s risk model is based
on ISO 31000:2009 – Risk Management Principles and Guidelines.
Risk is not only viewed from a negative perspective. The assessment
process also identifies areas of opportunity, for example where
effective risk management can be turned into a competitive
advantage, or where taking certain risks could result in reward
for the group. Any risk taken is considered within the group’s risk
appetite and tolerance which are reviewed and updated annually.
The decentralised structure of the group consists of many business
units and therefore overall group risk is spread and minimised to
within group tolerance levels. Risk management responsibility and
accountability largely remain in divisional management structures
reporting to the divisional finance and risk review committees. The
risk committee formalises, standardises and monitors this process
by guiding management and assessing their effectiveness in
implementing the approved risk management framework.
The board determines the level of acceptable risk and requires
operations to manage and report accordingly. Material issues and
circumstances that could affect the group’s reputation and financial
affairs constitute unacceptable risk.
Senior management is committed to the established system of
internal control for managing risk, which requires transparency
and clear accountability. Aligned with our business principles,
our risk management processes are viewed as an integral
part of our business and strives to be dynamic, interactive and
responsive to change.
The system of internal control has been implemented in all key
operations and is tailored to suit the specific circumstances of
each business unit. It provides reasonable, rather than absolute,
assurance that the group’s business objectives will be achieved
within prescribed risk tolerance levels. The associated risk areas
and control processes are monitored and reported on across
the group continuously. Internal audit aligns its procedures
with the risks identified. Formal feedback is provided at both
divisional finance and risk review committees and to the quarterly
group risk committee meeting.
King III describes risk management as the identification and
evaluation of actual and potential areas of risk as they pertain
to a company, followed by a procedure of termination, transfer,
acceptance (tolerance) or mitigation of each risk. The group’s risk
management process therefore also uses internal controls as a
measure to mitigate and control risk.
Aligned to our residual risk profile the group participates in a
comprehensive insurance programme to ensure that material
financial consequence of risk incidences does not result in undue
hardship for group businesses.
In reviewing risk management reports and internal control, the
board has:
– |
considered what the group’s risks are and how they have been
identified, evaluated and controlled; |
– |
assessed the effectiveness of the related process of risk
management and, particularly, reports of significant failings or
weaknesses in the process; |
– |
considered if the necessary action is being taken in time to
rectify any significant failings or weaknesses; and |
– |
considered whether results from the review process indicate
that more extensive monitoring is required. |
A Risk Management Strategic Assessment Review was undertaken
by PricewaterhouseCoopers which concluded that Imperial has
achieved compliance with the principles set out in King lll.
Key inherent group risks
Imperial has identified key risk categories that affect the group as a whole in addition to the business and industry-specific risks identified by
operating divisions. The risk categories and strategies taken to mitigate these risks include:
|
|
|
|
Risk |
|
Strategies Implemented |
Low growth in the South African and European economies |
|
– |
Focus on niche products and services in our current offerings |
– |
Agility in operating model |
– |
Internal growth and acquisition strategies |
|
|
Impact on efficiencies due to increasing labour disruptions in our
own and customer industries |
|
– |
Active participation in industrial labour councils |
– |
Agility and diversification of supply chain channels |
– |
Review of operational labour plans to ensure continuity of
services |
– |
Diversification and spread of risk over industries |
|
|
Currency volatility |
|
– |
Established hedging policy |
– |
Diversification of business models and territories to minimise the
overall impact of currency risks |
|
|
Credit extension and customer affordability in the retail markets |
|
– |
Market assessment of customer affordability |
– |
Monitoring of bank appetite to extend credit |
|
|
Environmental and carbon taxes |
|
– |
Group-wide sustainability strategy implemented |
– |
Proactive involvement with industry and governmental bodies |
– |
Implementation of non-financial reporting systems to ensure
ongoing monitoring and reporting of key targets and initiatives |
|
|
Effective control of asset values given the fleet and inventory
holding of new and used assets that are core to the group’s
business model |
|
– |
Active management and investment in optimising inventory and
fleet levels |
– |
Regular review and application of latest accounting and
business principles |
– |
Enhanced governance oversight |
– |
Active review and monitoring of the realisable value of assets |
|
|
Reputation and brand perception |
|
– |
Group-wide branding and marketing position strategy for the
Imperial brand |
– |
Ongoing review of compliance to group ethics and legal
requirements |
|
|
Key to our success is our people, their commitment and
knowledge of the business and industry and growing the base of
skills within our country |
|
– |
Identification of key current and future skills required and
alignment with development programmes |
– |
Divisional and group-wide training and upliftment programmes |
– |
Establishment of specialist training academies and skills
development programmes |
– |
Coordinated transformation philosophy, policies and focused projects |
– |
Promotion and upliftment of internal candidates |
– |
Expansion of our current recruitment base |
|
|
Acquisitions in new business sectors and territories |
|
– |
Clearly defined expansion areas |
– |
Strong group mandate structure relating to investments |
– |
Regular review of acquisition risks and criteria at executive level |
– |
Formalised post-acquisition reviews |
|
|
Third-party dependence and reliance.
Some of our businesses have exposure to or depend on key
relationships and contracts |
|
– |
Proactive relationship and contract satisfaction management with
key suppliers and customers |
– |
Formalised and proactive management of service and product
level expectations |
– |
Ongoing oversight and monitoring of contract renewals and
negotiations |
|
|
Ensuring compliance with relevant legislation and regulations |
|
– |
Centralisation of selected specialist areas where compliance risk
is high |
– |
Proactive monitoring, input and operational implementation plans
and frameworks on emerging legislation |
– |
Increased resource allocation to legal and compliance units |
|
|
Increased exposure to risk related to the chemical industry
subsequent to the acquisition of Lehnkering |
|
– |
High level of compliance with hazardous materials regulations |
– |
Ongoing oversight and monitoring |
|
|
The board:
– |
recognises that it is accountable for the process of risk
management and system of internal control, which is regularly
reviewed for effectiveness, and for establishing appropriate risk
and control policies and communicating these throughout the
group; |
– |
is satisfied there is an ongoing process of identifying, evaluating
and managing the significant risks faced by the group. This
process has been in place for the review period and to the date
of approving the annual report, integrated report and
summarised financial statements; and |
– |
is satisfied there is an effective system of internal controls and
that group wide strategies are in place to mitigate the
consequences and impact of significant risks faced by the group
to an acceptable level. |
Legislative compliance
Each operational division, depending on its risk profile, employs
legal and compliance officers. To ensure that synergies and
cooperation is maximised, the relevant compliance and legal
officers meet in a quarterly forum. Key objectives of the forum
are to:
– |
monitor and report on emerging and key legislative and
compliance matters; |
– |
formulate group plans to facilitate the implementation of new
legislation; an |
– |
where applicable, coordinate group responses to draft legislation. |
Information technology (IT) governance
Aligned to our decentralised management model, Imperial
has implemented an umbrella IT governance framework. The
framework was developed and adopted by the divisions in respect
of key components and requirements set out in current best
practice benchmarks. Each operation is measured against the set
group minimum standard.
The objective of our standardised IT governance framework is to ensure the following:
– |
Guidance to divisional and operational IT functions; |
– |
A standard measurement of IT development and maturity
within the group; and |
– |
Compliance with King lll. |
|
|
|
Six principles of the Imperial operational IT governance
framework |
1. |
Business alignment and enablement
– |
IT strategy and responsibilities |
– |
Role and benefits of IT (internal and external) |
– |
Standards and core policies |
|
|
2. |
Operational performance
– |
People capacity and development |
– |
Internal processes and measurements |
|
|
3. |
Procurement and supplier selection
– |
Capital spending (hardware and software) |
– |
Partnerships and approved suppliers |
|
|
4. |
Supplier performance management
– |
Formalised service level agreements |
– |
Structured commercial agreements |
|
|
5. |
Business continuity/disaster recovery
– |
Business impact analyses |
– |
Testing of back-up and recovery |
|
|
6. |
Compliance and security
– |
Data privacy, security and access control |
– |
Internal control monitoring |
|
|
Operational strategies implemented include:
– |
Identification of a key responsible person within each division – divisional chief information officer (CIO); |
– |
An annual self-assessment questionnaire detailing the principles
and guidelines of expected IT policies, processes and behaviours; |
– |
An independent audit performed by Imperial IT audit function
of the self-assessment questionnaires; |
– |
A quarterly CIO forum, chaired by executive: risk management, with the objective of:
• |
sharing divisional information on best practice within the
group; |
• |
update and review of divisional IT strategies and projects; |
• |
highlighting common group IT risks and mitigations; |
• |
identifying transversal or cross-functional IT opportunities; |
• |
ongoing quality review and implementation with group
standards; |
• |
monitoring of operational disaster recovery and business
continuity plan implementation; and |
• |
feedback and communication with the group executive
committee on relevant matters of concern. |
|
Younaid Waja
Chairman of the risk committee
|