Effective risk management is an essential element of the Group’s operations and strategy. The accurate and timely identification, assessment and management of risks are key to the operational and financial success of the Group.

The Risk and Compliance Management Department:

  • Provides guidelines, standards and best practice examples of risk and compliance management at the corporate and business unit levels
  • Is responsible for risk and compliance management systems
  • Maintains the Group’s risk register
  • Organises and promotes risk and compliance workshops
  • Supervises the operations
  • Reviews the effectiveness of mitigating actions
  • Supports internal stakeholders in key strategic decisions

The Group's risk and compliance management framework can be divided into three tiers:


Communicating the Group’s vision, strategy and objectives throughout the organisation, and putting in place appropriate governance structures, policies and procedures to embed key aims and objectives.

Risk management

Ensuring that the Group’s vision, strategy and objectives are communicated throughout the organisation, and that appropriate governance structures, policies and procedures are in place to embed those key aims and objectives.

Ensuring that there are appropriate structures and processes in place to identify and evaluate risks, and that appropriate controls and mitigation techniques are developed to address those risks. Ensuring that the key risks, and the performance in managing those risks, are reported on a timely basis to the relevant parties.


Ensuring that the Group’s internal policies, procedures and control activities, as well as all relevant laws and regulations, are adhered to.