The Risk Committee is pleased to present its report for the financial year ended 31 March 2017 to the shareholders of TFG.
The Foschini Group Enterprise Risk Management (ERM) framework provides a structured, dynamic and consistent approach to risk management. It is an integrated approach and recognises that effective risk management is critical to the achievement of strategic objectives and the long-term sustainable growth of the business. The process is continuous and risks are updated throughout the year. The framework is in line with relevant standards, including ISO 31000, the COSO framework and the King Code of Governance for South Africa 2009 (King III).
Overall, the Supervisory Board is accountable to ensure that risks are effectively managed, and it has delegated the oversight of risk management to the Risk and Audit Committees in terms of two separate mandates. The Risk Committee reviews significant risks and their related mitigations and reports back to the Supervisory Board at each meeting. The Audit Committee focuses on the financial risks and reviews the effectiveness of the risk process. Each business area is responsible for identifying, assessing and managing the risks in their respective area.
Annual risk workshops are held across the Group and identified risks are documented in a risk register and assessed on the basis of likelihood of occurrence and potential impact on the Group (risk exposure). Mitigations are identified against each risk and the remaining residual risk assessed based on defined criteria. The risks with the highest exposure attribution are presented to the Operating Board to be reviewed and challenged ahead of being submitted to the Risk Committee and ultimately the Supervisory Board for review and approval. This process is facilitated by the Group Enterprise Risk function.
Quarterly updates on identified risks, related mitigations and emerging risks are provided to the executive Risk Committee for consideration. Significant matters and any revisions to risks are reported to the Risk Committee. The Group continuously seeks to improve and enhance the risk management process, while maintaining a practical and business-minded approach at the same time. The Supervisory Board’s approach to risk appetite is conservative without inhibiting or unduly restricting the Group from utilising opportunities.
The Supervisory Board confirms that the Group’s risk management, mitigation and monitoring processes have been effective in limiting the potential impact of risks on the business during the year under review.
INFORMATION TECHNOLOGY GOVERNANCE
An IT steering committee has been established, which includes representatives from the various trading and services divisions. The committee meets quarterly and reviews the emerging IT-related risks, disaster recovery plans and any significant IT initiatives. The Risk Committee receives feedback on matters discussed and monitors IT initiatives to ensure these do not pose a risk to the continuity of the Group’s operations.
At each Risk Committee meeting, an update on legal compliance is presented. This update includes a legislative radar or forecast of significant legislative developments in all of the countries in which the Group has a footprint. Key areas of non-compliance, if any, are also brought to the attention of this committee. During the financial year, no fines and/or other forms of sanction were issued against the Group and no directors or senior management members were accused of or held liable for non-compliance with any laws, regulations or codes of conduct.
Further information on legislative compliance is provided in the Corporate governance report.
KEY RISKS AND SIGNIFICANT UNCERTAINTIES
The landscape, five continents and 34 countries, in which the Group operates is impacted by the expansion into new territories. Global and local events have led to instabilities in the economy, influencing available capital and our consumer. Our consumer has less disposable income and this increases the risk to turnover and debtor delinquencies. The Group continues to monitor the progress of Brexit and to consider the implications it may have for our UK businesses.
|RISK DESCRIPTION||MITIGATING ACTIVITIES|
|The South African regulatory environment continues to increase with complexity. This complexity becomes heightened as the Group expands internationally, and as it is faced with understanding and applying differing regulatory requirements in multiple jurisdictions.||
|The introduction of revised credit legislation continues to pose challenges in terms of compliance and our customer base.||
|Continued high levels of crime (i.e. burglaries and armed robberies but excluding credit fraud) reduces operating margin.||
|A fire, flood or other natural disaster affects the warehouses or head office campus.||
|Failure of IT infrastructure.||
|The weakening economy and/or a financial and/or catastrophic disaster leads to the collapse of key suppliers.||
|Instability in the economy both locally and globally influences available capital and our consumer.||
|The impact of global financial instability and the effect of fluctuating exchange rates on purchasing power and the ability to remain price competitive.||
|A stagnant economic climate negatively affects TFG’s customers’ purchasing power and influences their ability to settle accounts.||
The Group’s risks continue to evolve as new risks emerge and appropriate mitigating activities are introduced to reduce the overall residual risk. The following risk has subsequently been removed from this year’s risk register:
- Power outages: During the last two reporting periods, limited power outages have been experienced.
Chairman: Risk Committee
29 June 2017