Popular
BlogNEW
CompaniesNEW
Finance
Technology
Banking
Information Technology
Oil and Energy
Internet
Mining and Metals
Communications
Real Estate
Biotechnology
Automotive
Medical
Retail
Energy
Investor Presentaiton slide image

Investor Presentaiton

HOW WE MANAGE RISK CONTINUED BOOHOO GROUP PLC ANNUAL REPORT AND ACCOUNTS 2021 / STRATEGIC REPORT STRATEGIC RISKS Risk factors Risk owner CONTINUED ETHOS AND CULTURE Chief People Officer . As a result of business change, developing and implementing new systems, controls and significant acquisitions, there is a risk that culture is impacted, which could lead to a decrease in brand ethos and morale, impacting operations REGULATORY COMPLIANCE Group Legal Counsel . . . . As a result of complex data privacy regulations and continuous increase in threats to data, there is a risk of a regulatory breach, which could lead to regulatory investigation and financial penalties As a result of operating in many international markets and variations in local regulation in those different markets, compliance risks are increased. Specifically, those where websites are located, pricing and promotion restrictions are in place and any countries with complex legal marketplace compliance (e.g. US) laws, there is a risk of non- compliance and regulatory-related investigations that could lead to financial penalties and reputational damage As a result of emerging regulations, there is a risk that additional compliance costs are incurred in the future As a result of a large or high-profile acquisitions and the associated market share implementation, there is a risk of investigation and review by the competition authority, which may lead to financial costs and delays to processing of the deal TAXATION AND DUTIES CFO . . Governments may impose additional corporation taxes on online businesses Governments are increasingly reducing duty and tax-free thresholds on imports and imposing tax collection responsibility on sellers, thereby increasing prices to consumers BREXIT CFO As a result of required operational changes caused by the Brexit agreement, specifically in relation to trading costs and regulation, there is a risk of unplanned operational and financial impact, which could lead to unexpected trading levels and/or downtime in operations Mitigation Board commitment to positive change, led from within the business Investment in colleague engagement, including regular town hall meetings Investment in colleague training to support change Training of colleagues on GDPR and data security Additional resource relating to data privacy Privacy policies and procedures reviewed and updated Understanding and compliance to key laws and regulations Impact reduced by skilled legal team in house and utilising specific expert advice from external lawyers in territories concerned Monitoring of emerging regulations to ensure the business is best placed for any new compliance requirements - e.g. buy-now-pay- later Expert counsel taken to fully understand M&A risks prior to acquisitions Impact of potential future corporation tax rates is considered in future plans Sales taxes are already imposed in all major markets and the group believes that its products will remain competitive due to its online proposition and with customs warehousing, the impact of duty costs can be minimised Impacts are understood and additional costs are factored in to future plans and budgets, together with mitigating actions and cost savings Consideration being given to the availability of staffing and potential increase in labour costs OPERATIONAL RISKS Risk factors Risk owner IT AND CYBER SECURITY CIO There is a risk of a cyber-attack, which could lead to application, system and operational downtime, which may impact trading and operations across the group CHANGE CIO As a result of a high number of critical projects running in parallel, there is a risk that delivery is not completed in line with proposed timelines and business as usual activities are not appropriately established, thereby not meeting the expectations of both internal and external stakeholders, which could lead to reputational damage THIRD PARTIES CFO/CIO/Supply Chain Director As a result of reliance placed on third parties, there is a risk that key third parties are not performing in line with expectations, which could lead to operational and technological disruption BUSINESS CONTINUITY/DISASTER RECOVERY CFO/CIO/Supply Chain Director As a result of an unplanned business continuity incident/event, there is a risk that warehouses and key operations facilities are required to close, which could lead to reduced productivity and operations across the group As a result of a critical IT failure, when enforcement of disaster recovery is required, there is a risk that key recovery objectives are not met, which could lead to data and financial loss Mitigation Board I engagement in cyber risks, mitigations and plans Perimeter security regularly updated and tested • Industry leading tooling to prevent and detect attacks 24/7 security operations centre. Continued and expanding investment in IT and security teams Training of both technical and non-technical teams regarding cyber security Growth of projects capability including head of delivery and project function, business analysts and project managers • Change Advisory Board ('CAB') ensures that approvals are obtained in advance of changes being implemented Project Prioritisation Group ('PPG) - Assesses and agrees the need for changes/projects IT team includes appropriate skillset and talent within the team to deliver what is required Established project methodology including the right level of governance for each project • Sustainability strategy and targets in place First sustainability strategy published in March 2021 on group website ⚫ Recruitment of key roles to deliver the strategy . Warehouses are protected by 24-hour security, access control, fire protection and sprinkler systems Head office is protected by security alarm, access control, fire protection and sprinkler systems Electric power continuity is protected by back-up generators Consideration has been given to location diversification, resulting in more options to move sites in the event that a major incident occurs at one site IT disaster recovery covers critical applications and third party contracts with appropriate service level agreements Investment in monitoring and alerting, governance, change management 36 | 37
View entire presentation

Product

HomeSearchAccount

Categories

Finance PresentationsTechnology PresentationsBanking PresentationsInformation Technology PresentationsOil and Energy PresentationsInternet PresentationsMining and Metals PresentationsCommunications PresentationsReal Estate PresentationsBiotechnology PresentationsAutomotive PresentationsMedical PresentationsRetail PresentationsEnergy Presentations

Company

InsightsContactSupport

Legal

Terms of ServicePrivacy Policy

Connect

TwitterLinkedInInstagramYouTube