AI assistant
AUB GROUP LIMITED — Governance Information 2017
Jul 6, 2017
64456_rns_2017-07-06_23a6f960-a1c9-47b6-9a49-3c853c8ef0c8.pdf
Governance Information
Open in viewerOpens in your device viewer
==> picture [134 x 50] intentionally omitted <==
==> picture [223 x 113] intentionally omitted <==
7[th] July 2017
The Manager Company Announcements Australian Securities Exchange Level 6, Exchange Centre, 20 Bridge Street Sydney, NSW 2000
FOR RELEASE TO THE MARKET
Dear Sir / Madam,
Re: Risk Management Framework
Please find attached the Company’s Risk Management Framework which is to replace the existing Risk Management Policy with effect from today.
Yours faithfully,
==> picture [72 x 48] intentionally omitted <==
Justin Coss Company Secretary
For further information, contact Justin Coss Tel: (02) 9935 2224
==> picture [595 x 80] intentionally omitted <==
1. COMMITMENT TO AND PURPOSE OF THE FRAMEWORK
1.1 COMMITMENT TO RISK MANAGEMENT
AUB Group Limited ( AUB Group or the Company ), as a publicly listed company and provider of risk management, advice and solutions for clients, operates in a regulated environment and the AUB Group Board ( Board ) has ultimate responsibility for and commitment to effective risk management. The Board’s commitment is reflected through the establishment of appropriate governance structures and AUB’s Group Risk and Group Compliance functions led by the Chief Financial Officer.
The Board is receptive and embracing of considered risk recognising that in the absence of this, the Company will be unable to meet its strategic objectives.
1.2 PURPOSE
The purpose of the Risk Management Framework ( RMF ) is to document AUB’s approach to the management of risk across the Group and covers the governance structure, risk appetite statement, risk culture, roles and responsibilities and processes that support risk management at AUB Group.
1.3 SCOPE
The RMF applies to AUB Group and its wholly owned subsidiaries. AUB Group Partners are required to have a Risk Management Plan in place and AUB Group Risk and Compliance review this annually.
2. GOVERNANCE STRUCTURE SUPPORTING RISK MANAGEMENT
AUB Group’s Risk Management Framework is supported by an established governance framework. An overview of the Company’s Governance structure is shown in the diagram below.
==> picture [88 x 33] intentionally omitted <==
AUB Group Limited Risk Management Framework | Page 1
==> picture [568 x 367] intentionally omitted <==
----- Start of picture text -----
OVERVIEW OF AUB GROUP GOVERNANCE STRUCTURE
Board Setting Risk AUB GROUP BOARD
Appetite & Monitoring
BARC
Risk Appetite, BOARD AUDIT RISK & COMPLIANCE COMMITTEE – (BARC)
Monitoring Risk &
Performance.
Set the tone.
AUB Group R&C AUB MANAGEMENT GROUP RISK &COMPLIANCE COMMITTEE
Mgt Team Oversight
Divisional Committees
Manage risk within Australian Broking New Zealand Broking Austagencies Risk Services Group Support Services
risk appetite.
Monitoring Risk & Performance Austbrokers AUB Group NZ Board Austagencies Board Risk Services Council
Management Council
Finance
IT
Risk Support R&C TEAM: ADVICE / REPORTING / POLICIES Business Centre
Framework/ reporting HR
AIMS
----- End of picture text -----
The key components of which are:
AUB Group Limited Board (the Board): Responsible among other things, for setting the Risk Appetite, monitoring that appropriate processes and controls are in place to effectively and efficiently manage risk, so that the strategic and business objectives of the Group can be met.
Board Audit, Risk & Compliance (BARC): The purpose of the Committee is to also assist the Board in fulfilling its responsibilities relating to the risk management and compliance practices of the Company including monitoring and reviewing the effectiveness of internal financial controls policies on risk oversight and management. Ultimate responsibility for risk oversight and risk management rests with the Board.
The AUB Group Management Risk & Compliance Committee: The purpose of the committee is for management to fulfil its corporate governance and oversight responsibilities with regards to the AUB Group’s risk framework. The Committee reports on a bi-monthly basis any significant findings to the Board Audit Risk & Compliance Committee (BARC).
AUB Business Divisional Management Committees: Each business division has a Board or a Council charged with monitoring and managing performance, risk and compliance of the underlying Partner businesses and ensuring they remain within the stated Risk Appetite.
Risk Support: The AUB Group Risk & Compliance team co-ordinate the governance function. Including developing and maintaining the risk framework, reporting, and oversight of external monitoring and assurance programs for the business divisions.
==> picture [89 x 33] intentionally omitted <==
AUB Group Limited Risk Management Framework | Page 2
3. RISK APPETITE STATEMENT (RAS)
AUB Group’s RAS sets out the Board’s expectations regarding the consideration of risk in pursuit of strategy decision making processes and expected behaviours. The RAS sets out the risk appetite principles, risk appetite statements aligned to the three categories of risk namely strategic, operational and financial.
4. RISK CULTURE
One important attribute that influences how risk is managed within a business is its risk culture. The key elements that define an effective risk culture at AUB include:
-
Setting the tone at the top
-
Level of engagement from senior management in the risk management process
-
An understanding of the key risks that face the business
-
Understanding the level of risk that the business is prepared to accept
-
The integration of risk into the decision making process
AUB is committed to promote an effective risk culture, ensuring employees display the right behaviours in identifying and managing risk. The Group Code of Conduct requires our employees to:
-
Act with honesty and integrity in dealing with all stakeholders including shareholders and the community
-
Manage conflicts of interest
-
Comply with the law and company policies & procedures
-
Respect confidentiality & privacy
5. ROLES AND RESPONSIBILITIES
The Group adopts elements of the Three Lines of Defence Model, and continues to evolve this approach on a risk basis, across the AUB Group.
The framework model is designed to provide assurance to the Divisional Management Committees and the Board that risks are being identified, managed and reported effectively.
The Three Lines of Defence model is summarised as follows:
==> picture [89 x 33] intentionally omitted <==
AUB Group Limited Risk Management Framework | Page 3
Coordinated Risk Management Activities
1[st] Line of Defence
2[nd] Line of Defence
3[rd] Line of Defence
Business Management Manage
-
Responsible for identifying, analysing, managing, controlling, monitoring & reporting risks within the business.
-
Promoting & implementing a culture or managing risk exposure.
-
Ongoing management of risk.
Group and Partner Business Risk & Compliance Oversight
-
Responsible for the design & maintenance of the risk management framework.
-
Provide the tools & assistance to help the business manage risk.
-
Combination of oversight & trusted advisor.
-
Overarching risk oversight across all risk types.
Independent Review Assurance
-
Responsible for annual compliance reviews.
-
Reporting to the Audit & Risk Committee on effectiveness of controls.
-
External assurance engaged to conduct reviews as required.
6. RISK MANAGEMENT PROCESS
AUB Group’s risk management process is designed to align with the risk management principles defined in the International Standard ISO 31000:2009 “Risk Management Principles and Guidelines”. The risk identification and assessment process applied is set out below.
==> picture [414 x 208] intentionally omitted <==
----- Start of picture text -----
Risks are identified through a variety of programs.
Risk Identification
Risks are assessed using
traditional risk assessment
methodologies.
Risks are monitored on an on-going basis
Monitor and to ensure their ratings and treatments Risk Assessment
remain appropriate.
Report and Analysis
Regular risk reporting is provided to the
Board and management.
Treatment strategies are
identified and implemented
to reduce risk where desired.
Risk Treatment
----- End of picture text -----
==> picture [89 x 33] intentionally omitted <==
AUB Group Limited Risk Management Framework | Page 4
6.1 PROCESSES THAT SUPPORT THE AUB RISK MANAGEMENT PROCESS
Annual Risk Management Framework Review
An annual review of the RMF is conducted to ensure that the Framework is fit for purpose and remains relevant to the changes in the Group which have occurred during the year. Any changes proposed to the framework will be raised with the BARC, which will make a relevant recommendation to the Board.
Risk & Control Review Process
The objective of the risk and control review process is to identify and assess the risks material to the Group that could affect the Group’s strategies and business objectives, and identify and assess the controls which are currently in place or need to be implemented to manage risks. The reviews consider the context of the environment in which AUB Group and its Divisions operate.
The process consists of a series of workshops with the Executives of each Division to discuss changes in the risk register for their Division and control assessments and improvements. This is followed by a Risk workshop with the Executive Team at the AUB Management Group Risk & Compliance committee to collectively discuss and review all risks across the Group to produce the register of Top Risks to the Group.
The register of Top Risks to the Group plus executive summaries on mitigation strategies are provided and discussed at the BARC meeting twice a year.
Monitoring and Reporting
Monitoring includes the review of monthly reporting from the underlying Partner businesses and assessment of these results by the Divisional committees and the Risk & Compliance team at the AUB Management Group Risk & Compliance committee.
Monitoring across the Divisions follows the 3 Lines of Defence model described above and reporting of results is by exception to the BARC.
The Risk & Compliance function will in consultation with the BARC determine the frequency and format of risk reporting.
6.2 POLICIES AND PROCEDURES THAT SUPPORT THE AUB RISK MANAGEMENT PROCESS
Group policies and procedures that support the RMF are listed in Appendix 1.
==> picture [89 x 33] intentionally omitted <==
AUB Group Limited Risk Management Framework | Page 5
Appendix One
Supporting Committees, Policies and Procedures
Committees and Subsidiary Boards
In addition to the BARC, there are a number of other committees and boards that contribute to the oversight of risk management.
Subsidiary Board oversee aspects of risk management relevant to their specific divisions.
The Group has a number of group policies and committees that support the RMF. Committees include: the Executive Leadership Team, Finance Risk Management Committee, Group Risk & Compliance Committee, Due Diligence Committees, and the BT Committee.
All Boards and committees meet regularly and are governed by Terms of Reference and contain appropriately qualified and experienced members.
Policies and Procedures
The Conflicts of Interest and Related Party Transactions Policy
Delegations of Authority
Business Continuity and Disaster Recover Plans
Whistleblowing policy
Code of Conduct
Securities Trading Policy
M&A Playbook
Annual Insurance Program
==> picture [89 x 33] intentionally omitted <==
AUB Group Limited Risk Management Framework | Page 6