31 MARCH 2015ALEXANDER FORBES GROUP HOLDINGS LIMITEDINTEGRATED ANNUAL REPORT

GOVERNANCE OF RISK MANAGEMENT

The Alexander Forbes board and management acknowledge that risks accompany change and are often accompanied by potential benefits and opportunities. Better risk governance implies enabling the group to minimise the negative consequences of its associated risks.

The group embraces a strong risk governance model which is pragmatic and ensures oversight efficiency, accountability, responsibility, independence, reporting, communications and transparency – both internally and with all our key external stakeholders.

The Alexander Forbes board has approved and adopted the COSO model’s three lines of defence, as set out in the figure on the right, each with a specific role as follows:

  • First line of defence: centred on day-to-day management’s responsibility and accountability. Management’s role, through various operational committees, is to provide oversight, including strategy implementation, performance measurement, risk management, company controls and governance processes.
  • Second line of defence: in respect of the formal enterprise risk management (ERM) framework which includes policies and minimum standards. Objective oversight continuously challenges risk management in terms of its performance and reporting.
  • Third line of defence: the oversight/assurance provided by an independent third party on the adequacy and effectiveness of risk management governance and internal control within Alexander Forbes, as established by the first and second lines of defence.

RISK APPETITE

Risk appetite is the amount of risk that the group is willing to accept in pursuit of achieving its stakeholder objectives. It sets parameters within which the group can operate in order to achieve business objectives and drive important investment decisions. Risk appetite is used in setting strategies and in business planning and acts as a reference point for all important business decisions.

Alexander Forbes’ risk appetite has been broadly split into four key risk measures, namely capital, earnings, liquidity and operational risk. Thresholds and measurement principles are agreed at a group level. The qualitative statements in relation to each of these four measures are set out below:

  • Capital: The group will hold the larger of the economic capital requirement and the regulatory capital requirement.
  • Earnings: The group’s earnings at risk will not exceed 20% of the earnings projected over a 12-month forward-looking period.
  • Operational: The group will pursue a commercial balance between the costs of mitigating actions and the expected future (financial and non-financial) losses that may arise from the occurrence of operational risk events.
  • Liquidity: The group’s liquidity requirements for each relevant business/entity will be based on the best operational cash flow estimates over a 12-month forward-looking period, taking into account any minimum regulatory capital requirements that may apply.