Effective risk management is an essential part of our culture and strategy. The accurate and timely identification, assessment and management of principal risks give us a clear understanding of the actions required to achieve our objectives.

The Risk and Compliance Management Department:

  • Provides guidelines, standards and best practice examples of risk and compliance management at the corporate and business unit levels
  • Is responsible for risk and compliance management systems
  • Maintains the Group’s risk register
  • Organises and promotes risk and compliance workshops
  • Supervises the operations
  • Reviews the effectiveness of mitigating actions
  • Supports internal stakeholders in key strategic decisions

Areas of focus and development during 2023:

  • Defined the methodology for identifying and updating our emerging risks, which will assist with the continuous monitoring process.
  • Continuation of on-site risk reviews of selected risk areas whilst accompanied by senior management, increasing the Company’s risk maturity level.
  • Co-coordinated Contingency Committees in line with our risk management process.
  • Updated the Company’s risk appetite statement, including the sections relating to Environmental Management, Corruption and Political, Legal and Regulatory. The updated statement was approved by the Board in November, with the level of risk appetite for all risk areas remaining unchanged.
  • Reported monthly to both the Company’s Executive Committee and individual risk owners, in order to identify and manage any deviation from expected performance.
  • Updated the Business Continuity Plan for each operating company, with considerations made for any new challenges encountered during 2023, and ensuring the incorporation of the lessons learned.
  • Continued monitoring of controls identified during the assessment of the impact of the conflict in Ukraine, with additional monitoring of the conflict in the Middle East.
  • Participated in the review of the FQAR (Functional Quality Assurance Review) project.
  • Continued training of risk owners and main users.
  • Updated and monitored critical controls and action plans.
  • Prepared new action plans to maintain risk exposure within acceptable limits.
  • Embedded timely and comprehensive risk analysis into each relevant decision-making process.
  • Shared best practices across our operating companies.

Our Risk Management Cycle

View our full risk management section from pages 74-75 of the 2023 Annual Report.