Popular
BlogNEW
CompaniesNEW
Finance
Technology
Banking
Information Technology
Oil and Energy
Internet
Mining and Metals
Communications
Real Estate
Biotechnology
Automotive
Medical
Retail
Energy
SBN HOLDINGS LIMITED Annual Report 2022 slide image

SBN HOLDINGS LIMITED Annual Report 2022

144 OPERATIONAL RISK - UNAUDITED continued SBN HOLDINGS LIMITED Annual report 2022 145 Compliance risk Compliance risk is the risk of legal or regulatory sanctions, financial loss or damage to reputation that the group may suffer as a result of its failure to comply with laws, regulations, codes of conduct and standards of good practice that are applicable to its financial services activities. Approach to compliance risk management The group's approach to managing compliance risk is proactive and premised on internationally accepted principles of risk management, including those recommended by Basel. It is aligned with other group risk type methodologies. Group compliance supports business in complying with current and emerging regulatory developments, including money laundering and terrorist financing control, sanctions management, identifying and managing conflicts of interest and market abuse, TCF and mitigating reputational risk. Framework and governance Compliance risk management is a core risk management activity overseen by the BRC. The head of compliance has unrestricted access to the chief executive and to the chairman of the BAC, thereby ensuring the function's independence. The group's compliance framework is based on the principles of effective compliance risk management, as outlined in the Banking Institutions Act, and recommendations from international policy-making bodies. Our business compliance model includes dedicated compliance support and advisory services to business which is supplemented by training. A robust risk management reporting and escalation procedure requires both business unit and functional area heads to report monthly and quarterly on the status of compliance risk management in the group. Money laundering and terrorist financing control Legislation across SBN pertaining to money laundering and terrorist financing control imposes significant requirements in terms of: ■customer identification ■record keeping ■ staff training ■obligations to detect, prevent and report money laundering and terrorist financing. SBG minimum standards are implemented throughout the group. The group also subscribes to the principles of the Financial Action Task Force, an inter-governmental body developing and promoting policies to combat money laundering and terrorist financing, of which Namibia is a member country. Compliance training Employees are made aware of their responsibilities in terms of current and emerging legislative and regulatory requirements through ongoing training and awareness initiatives. Employees, including senior management, are made aware of their legislative responsibilities either through e-learning, face-to-face interventions or through targeted awareness campaigns. Training is key to embedding a culture of compliance in the group. Regulatory change The group aims to embed regulatory best practice in our operations in a way that balances the interests of various stakeholders, while supporting the long-term stability and growth in the markets where we have a presence. The group operates in a highly regulated industry across multiple jurisdictions, including the need to comply with legislation with extra-territorial reach. The group's regulator is the Bank of Namibia (BON). BoN supervises both the group and Standard Bank Namibia Limited, the banking entity, on a consolidated basis. Environmental and social risk Environmental and social risk assessment and management deals with two aspects, being those over which: ■we do not have control but which have potential to impact on our operations and those of our clients ■we have direct control such as waste management and the use of energy and water. The uncontrolled aspects include threats to the global environment result from changing global climate and its impact on weather patterns, fresh water, infrastructure, economic growth and social resilience. The group uses two approaches to screen and process projects, namely the Equator Principles for project finance loans and an internally developed appraisal system for other financial product types. These tools are designed to identify the risks associated with a transaction and the customer's ability to manage environmental and social issues, as well as the risks associated with the transaction itself such as the nature and value of the loan, and the industry sector involved. All project finance deals will in future be screened for climate change risk and human rights impacts. This is in addition to the more traditional environmental and social risks which include those associated with occupational health and safety, relocation of communities and the impact on livelihoods of individuals. From a governance perspective, the group's material issues are companied into six broad categories which form the basis of engagement on sustainability issues with the group executive committee and the board. These are: ■sustainable long-term financial performance ■governance, regulation and stakeholder engagement ■sustainable and responsible financial services ■socioeconomic development ■a positive and consistent employee experience ■the environment. Business continuity management and resilience Business continuity management is defined as a holistic management process that identifies potential impacts that threaten the group and provides a basis for planning in mitigation to these operational impacts. It further provides a framework for building resilience and the capability for an effective response that safeguards the interests of key stakeholders, reputation, brand and value-creating activities. The group has business resiliency and continuity plans in place to ensure its ability to operate on an ongoing basis and limit losses in the event of severe business disruptions. Crisis management is based on a command and control process for managing the business through a crisis to full recovery. These processes may also be deployed to manage non-operational crises, including business crises, at the discretion of senior management. Contingency and recovery plans for core services, key systems and priority business activities have been developed and are revisited as part of existing management processes to ensure that continuity strategies and plans remain relevant. Information risk management Information risk is defined as the risk of accidental or intentional unauthorised use, modification, disclosure or destruction of the group's information resources, which compromises confidentiality, integrity or availability. Information risk management deals with all aspects of information in its physical and electronic forms. It focuses on the creation, use, transmission, storage, disposal and destruction of information. Information risk management is responsible for establishing an information security management system inclusive of an information risk management framework, and promotes information risk management policies and practices across the group. The execution of these policies and standards is functionally overseen by the group chief information security officer. Financial crime control Financial crime includes fraud, money laundering, violent crime and misconduct by staff, customers, suppliers, business partners, stakeholders and third parties. The group will not condone any instance of financial crime and where these instances arise, the group takes timely and appropriate remedial action. Financial crime control is defined as the prevention and detection of, and response to, all financial crime in order to mitigate economic loss, reputational risk and regulatory sanction. The group's financial crime control unit is mandated by the BAC to provide capabilities which minimise the overall impact of financial crime on the group. This ensures the safety of our people and assets, and builds trust with our stakeholders. The group's financial crime control function reports to the head of risk. This function enables a holistic view of the status and landscape of financial crime prevention, detection and response, including emerging threats. The group head of financial crime control has unrestricted access to executives and the chairperson of the BAC, thereby supporting the function's independence. Occupational health and safety The health and safety of all employees remains a priority. Training of health and safety officers and employee awareness is an ongoing endeavour. Group policies are being rolled out to all operations and the number of incidents being reported is reducing. Other risks Business risk Business risk is the risk of loss due to operating revenue not covering operating costs and is usually caused by the following: ■inflexible cost structures ■market-driven pressures, such as decreased demand, increased competition or cost increases ■group-specific causes, such as a poor choice of strategy, reputational damage or the decision to absorb costs or losses to preserve reputation. It includes strategic risk and post-retirement obligation risk. Business risk is governed by Exco which is ultimately responsible for managing the costs and revenues of the group. The group mitigates business risk in a number of ways: ■ Extensive due diligence during the investment appraisal process is performed, in particular for new acquisitions. ■New product processes per business line through which the risks and mitigating controls for new and amended products and services are tabled and discussed. ■Stakeholder management ensures favourable outcomes from external factors beyond the group's control. ■The profitability of product lines and customer segments is consistently monitored. ■Tight control is maintained over the group's cost base, including the management of its cost-to-income ratio. This allows for early intervention and management action to reduce costs where necessary. ■Being alert and responsive to changes in market forces. ■There is a strong focus in the budgeting process on achieving headline earnings growth while containing cost growth. In addition, contingency plans are built into the budget that allow for costs to be significantly reduced in the event that expected revenue generation does not materialise. ■The group continually aims to increase the ratio of variable costs to fixed costs, allowing for more flexibility to proactively reduce costs during economic downturn conditions. Strategic risk Strategic risk is the risk that the group's future business plans and strategies may be inadequate to prevent financial loss or protect the group's competitive position and shareholder returns. The group's business plans and strategies are discussed and debated by members of management and non-executive board members. Post-retirement obligation risk Post-retirement obligation risk is the risk to the group's earnings that arises from the requirement to contribute as an employer to an under-funded defined benefit plan. The risk arises due to either an increase in the estimated value of medical liabilities or a decline in the market value of the fund's assets or reduction in their investment returns. The group operates a defined contribution plan. The group maintains a number of defined benefit pension and medical aid provider schemes for past and certain current employees, collectively termed post-retirement obligations. Refer to note 34. Reputational risk Reputational risk results from damage to the group's image which may impair its ability to retain and generate business. Such damage may result in a breakdown of trust, confidence or business relationships. Safeguarding the group's reputation is of paramount importance. Each business line, legal entity or support function executive is responsible for identifying, assessing and determining all reputational risks that may arise within their respective areas of business. The impact of such risks is considered alongside financial or other impacts. Matters identified as a reputational risk to the group will be reported to the group head of governance and assurance who, if required, will escalate these matters to exco. Should a risk event occur, the group's crisis management processes are designed to minimise the reputational impact of the event. Crisis management teams are in place both at executive and business line level to ensure the effective management of any such events. This includes ensuring that the group's perspective is fairly represented in the media.
View entire presentation

Product

HomeSearchAccount

Categories

Finance PresentationsTechnology PresentationsBanking PresentationsInformation Technology PresentationsOil and Energy PresentationsInternet PresentationsMining and Metals PresentationsCommunications PresentationsReal Estate PresentationsBiotechnology PresentationsAutomotive PresentationsMedical PresentationsRetail PresentationsEnergy Presentations

Company

InsightsContactSupport

Legal

Terms of ServicePrivacy Policy

Connect

TwitterLinkedInInstagramYouTube