Imperial Holdings Limited - Integrated Report 2013

Integrated Report 2013

Annual Financial Statements 2013

Sustainability Report 2013

The risk committee sets the group risk culture, framework and strategy and ensures a robust risk management process is in place.

Membership of the committee

The committee comprises both non-executive and executive members and is chaired by a non-executive director.

The committee had four meetings during the past financial year.

The table details the members of the committee and their attendance of meetings during the year.


Member	Number of meetings attended
Y Waja (chairman)*	4
H Adler	3
OS Arbee	4
HR Brody	4
S Engelbrecht*	4
BJ Francis	4
RL Hiemstra**	3
MJ Leeming*	4
PB Michaux	4
G Rudman	4
JJ Strydom	2/2
A Tennick	2/2

* Independent.
** Excused from meetings due to ill health at the time.

Risk management model

In line with its policy of aligning group corporate governance with international best practice to safeguard the interests of stakeholders, Imperial has implemented an enterprise risk model to identify and assess relevant risks facing the group at strategic, business and operational levels. The group’s risk model is based on ISO 31000:2009 – Risk Management Principles and Guidelines.

Risk is not only viewed from a negative perspective. The assessment process also identifies areas of opportunity, for example where effective risk management can be turned into a competitive advantage, or where taking certain risks could result in reward for the group. Any risk taken is considered within the group’s risk appetite and tolerance which are reviewed and updated annually.

The decentralised structure of the group consists of many business units and therefore overall group risk is spread and minimised to within group tolerance levels. Risk management responsibility and accountability largely remain in divisional management structures reporting to the divisional finance and risk review committees. The risk committee formalises, standardises and monitors this process by guiding management and assessing their effectiveness in implementing the approved risk management framework.

The board determines the level of acceptable risk and requires operations to manage and report accordingly. Material issues and circumstances that could affect the group’s reputation and financial affairs constitute unacceptable risk.

Senior management is committed to the established system of internal control for managing risk, which requires transparency and clear accountability. Aligned with our business principles, our risk management processes are viewed as an integral part of our business and strives to be dynamic, interactive and responsive to change.

The system of internal control has been implemented in all key operations and is tailored to suit the specific circumstances of each business unit. It provides reasonable, rather than absolute, assurance that the group’s business objectives will be achieved within prescribed risk tolerance levels. The associated risk areas and control processes are monitored and reported on across the group continuously. Internal audit aligns its procedures with the risks identified. Formal feedback is provided at both divisional finance and risk review committees and to the quarterly group risk committee meeting.

King III describes risk management as the identification and evaluation of actual and potential areas of risk as they pertain to a company, followed by a procedure of termination, transfer, acceptance (tolerance) or mitigation of each risk. The group’s risk management process therefore also uses internal controls as a measure to mitigate and control risk.

Aligned to our residual risk profile the group participates in a comprehensive insurance programme to ensure that material financial consequence of risk incidences does not result in undue hardship for group businesses.

In reviewing risk management reports and internal control, the board has:

–	considered what the group’s risks are and how they have been identified, evaluated and controlled;
–	assessed the effectiveness of the related process of risk management and, particularly, reports of significant failings or weaknesses in the process;
–	considered if the necessary action is being taken in time to rectify any significant failings or weaknesses; and
–	considered whether results from the review process indicate that more extensive monitoring is required.

A Risk Management Strategic Assessment Review was undertaken by PricewaterhouseCoopers which concluded that Imperial has achieved compliance with the principles set out in King lll.

Key inherent group risks

Imperial has identified key risk categories that affect the group as a whole in addition to the business and industry-specific risks identified by operating divisions. The risk categories and strategies taken to mitigate these risks include:

Risk

Strategies Implemented

Low growth in the South African and European economies

–	Focus on niche products and services in our current offerings
–	Agility in operating model
–	Internal growth and acquisition strategies

Impact on efficiencies due to increasing labour disruptions in our own and customer industries

–	Active participation in industrial labour councils
–	Agility and diversification of supply chain channels
–	Review of operational labour plans to ensure continuity of services
–	Diversification and spread of risk over industries

Currency volatility

–	Established hedging policy
–	Diversification of business models and territories to minimise the overall impact of currency risks

Credit extension and customer affordability in the retail markets

–	Market assessment of customer affordability
–	Monitoring of bank appetite to extend credit

Environmental and carbon taxes

–	Group-wide sustainability strategy implemented
–	Proactive involvement with industry and governmental bodies
–	Implementation of non-financial reporting systems to ensure ongoing monitoring and reporting of key targets and initiatives

Effective control of asset values given the fleet and inventory holding of new and used assets that are core to the group’s business model

–	Active management and investment in optimising inventory and fleet levels
–	Regular review and application of latest accounting and business principles
–	Enhanced governance oversight
–	Active review and monitoring of the realisable value of assets

Reputation and brand perception

–	Group-wide branding and marketing position strategy for the Imperial brand
–	Ongoing review of compliance to group ethics and legal requirements

Key to our success is our people, their commitment and knowledge of the business and industry and growing the base of skills within our country

–	Identification of key current and future skills required and alignment with development programmes
–	Divisional and group-wide training and upliftment programmes
–	Establishment of specialist training academies and skills development programmes
–	Coordinated transformation philosophy, policies and focused projects
–	Promotion and upliftment of internal candidates
–	Expansion of our current recruitment base

Acquisitions in new business sectors and territories

–	Clearly defined expansion areas
–	Strong group mandate structure relating to investments
–	Regular review of acquisition risks and criteria at executive level
–	Formalised post-acquisition reviews

Third-party dependence and reliance.
Some of our businesses have exposure to or depend on key relationships and contracts

–	Proactive relationship and contract satisfaction management with key suppliers and customers
–	Formalised and proactive management of service and product level expectations
–	Ongoing oversight and monitoring of contract renewals and negotiations

Ensuring compliance with relevant legislation and regulations

–	Centralisation of selected specialist areas where compliance risk is high
–	Proactive monitoring, input and operational implementation plans and frameworks on emerging legislation
–	Increased resource allocation to legal and compliance units

Increased exposure to risk related to the chemical industry subsequent to the acquisition of Lehnkering

–	High level of compliance with hazardous materials regulations
–	Ongoing oversight and monitoring

The board:

–	recognises that it is accountable for the process of risk management and system of internal control, which is regularly reviewed for effectiveness, and for establishing appropriate risk and control policies and communicating these throughout the group;
–	is satisfied there is an ongoing process of identifying, evaluating and managing the significant risks faced by the group. This process has been in place for the review period and to the date of approving the annual report, integrated report and summarised financial statements; and
–	is satisfied there is an effective system of internal controls and that group wide strategies are in place to mitigate the consequences and impact of significant risks faced by the group to an acceptable level.

Legislative compliance

Each operational division, depending on its risk profile, employs legal and compliance officers. To ensure that synergies and cooperation is maximised, the relevant compliance and legal officers meet in a quarterly forum. Key objectives of the forum are to:

–	monitor and report on emerging and key legislative and compliance matters;
–	formulate group plans to facilitate the implementation of new legislation; an
–	where applicable, coordinate group responses to draft legislation.

Information technology (IT) governance

Aligned to our decentralised management model, Imperial has implemented an umbrella IT governance framework. The framework was developed and adopted by the divisions in respect of key components and requirements set out in current best practice benchmarks. Each operation is measured against the set group minimum standard.

The objective of our standardised IT governance framework is to ensure the following:

–	Guidance to divisional and operational IT functions;
–	A standard measurement of IT development and maturity within the group; and
–	Compliance with King lll.

Six principles of the Imperial operational IT governance framework

Business alignment and enablement

–	IT strategy and responsibilities
–	Role and benefits of IT (internal and external)
–	Standards and core policies

Operational performance

–	People capacity and development
–	Internal processes and measurements

Procurement and supplier selection

–	Capital spending (hardware and software)
–	Partnerships and approved suppliers

Supplier performance management

–	Formalised service level agreements
–	Structured commercial agreements

Business continuity/disaster recovery

–	Business impact analyses
–	Testing of back-up and recovery

Compliance and security

–	Data privacy, security and access control
–	Internal control monitoring

Operational strategies implemented include:

–

Identification of a key responsible person within each division – divisional chief information officer (CIO);

–

An annual self-assessment questionnaire detailing the principles and guidelines of expected IT policies, processes and behaviours;

–

An independent audit performed by Imperial IT audit function of the self-assessment questionnaires;

–

A quarterly CIO forum, chaired by executive: risk management, with the objective of:

•	sharing divisional information on best practice within the group;
•	update and review of divisional IT strategies and projects;
•	highlighting common group IT risks and mitigations;
•	identifying transversal or cross-functional IT opportunities;
•	ongoing quality review and implementation with group standards;
•	monitoring of operational disaster recovery and business continuity plan implementation; and
•	feedback and communication with the group executive committee on relevant matters of concern.

Younaid Waja
Chairman of the risk committee

Risk committee report