Governance and Sustainability

Risk committee

Mandate and terms of reference

1

Introduction

 

1.1

The risk committee (“the committee”) is constituted as a committee of the board of directors of Sun International Limited (“the company”).

1.2

The deliberations of the committee do not reduce the individual and collective responsibilities of board members in regard to their fiduciary duties and responsibilities, and they must continue to exercise due care and judgement in accordance with their statutory obligations.

1.3

These terms of reference are subject to the provisions of the Companies Act, the Company’s Memorandum of Incorporation and any other applicable law or regulatory provision.

 
2

Constitution

 

2.1

The effectiveness, quality, integrity and reliability of the Company’s risk management processes are delegated to the committee.

2.2

The primary objective of the committee is to monitor, develop and communicate the processes for managing risks across the Group. In this regard the committee is to assist the board in the discharge of its duties relating to corporate accountability and associated risk in terms of management, assurance and reporting.

2.3

The terms of reference of the committee are summarised herein and should be reviewed at least annually by the committee and may be amended from time to time, as required, subject to the approval of the board.

 
3

Membership

 

3.1

The committee shall be appointed by the board and shall be representative of the senior management of the Group and shall include no less than one executive and two independent non-executive directors.

3.2

Divisional or departmental heads, as may be deemed appropriate by the board to fulfil the functions of the committee, should be included in the membership of the committee.

3.3

The Chairman of the audit committee is an ex officio member of the committee.

3.4

The Chairman of the committee (“the Chairman”) shall be appointed by the board and should be an independent non-executive director.

3.5

The board shall be entitled to remove any members of the committee and to fill any vacancies.

3.6

All members of the committee shall have a working familiarity with risk assessments and risk management. The members of the committee shall be knowledgeable about the affairs of the Group and, where appropriate, specific skills shall be represented on the committee.

3.7

The members of the committee as a whole must have sufficient qualifications and experience to fulfil their duties.

 
4

Authority

 

4.1

The board supports and endorses the establishment of the committee and the committee acts in terms of the delegated authority of the board as recorded in these terms of reference.

4.2

The board has a responsibility to monitor and review the risk management strategy of the Company and of the Group, and the committee assists the board in fulfilling this responsibility.

4.3

The committee has unrestricted access to all information, including records, property and personnel of the Group, and must be provided with adequate resources in order to fulfil its responsibilities.

4.4

The committee, in carrying out its duties, is authorised by the board to:

 

4.4.1

investigate any activities within its terms of reference;

 

4.4.2

seek outside legal or other independent professional advice, where necessary, in terms of the Company’s Professional Advice Policy;

 

4.4.3

secure the attendance of outsiders with the relevant experience and expertise, where necessary, at the Company’s expense to assist with the execution of its duties; and

 

4.4.4

seek any information it requires from any employee, and all employees are directed to cooperate with any requests made by the committee.

 
5

Terms of reference

 

5.1

The committee shall:

 

5.1.1

oversee the development and annual review of a policy and plan for risk management to recommend for the approval of the board;

 

5.1.2

review and assess the effectiveness of the risk management systems and processes to ensure that the risk policies and strategies are appropriately managed;

 

5.1.3

monitor external developments relating to corporate accountability;

 

5.1.4

monitor external developments relating to emerging and prospective risks;

 

5.1.5

set out the nature, role and responsibility of the risk management function within the Group;

 

5.1.6

review the risk philosophy of the Group and ensure that issues such as market risk, credit risk, country risk, liquidity risk, operational risk and commercial risk, including disaster recovery, pricing, IT governance, stakeholder engagement, reputational, technological, sustainability risks and competitive risks are adequately addressed by management;

 

5.1.7

review the adequacy of insurance coverage;

 

5.1.8

monitor the assurance process of compliance against relevant legislation and regulations that govern the business areas in which the Group operates;

 

5.1.9

ensure that the combined assurances received from independent assurance providers are appropriate to address all significant risks facing the Group;

 

5.1.10

review the report concerning risk management that is to be included in the Integrated Annual Report for it being timely, comprehensive and relevant;

 

5.1.11

ensure risk disclosure to stakeholders is timely, relevant, accurate and accessible;

 

5.1.12

monitor and review the Company’s stakeholder register and engagement practices by identifying, assessing and dealing with stakeholder issues and concerns as part of the risk management process. The process of reviewing stakeholders’ legitimate interests, expectations and manner of engagement shall be reviewed by management and reported to the committee;

 

5.1.13

ensure the periodic review of risk assessments, to determine the material risks to which the Group may be exposed and to evaluate the strategy for managing those risks;

 

5.1.14

assess the appropriateness of management responses to significant risks to ensure that appropriate risk responses are being managed;

 

5.1.15

keep abreast of significant changes to the risk management and control system and ensure the risk profile and common understanding is updated, as appropriate;

 

5.1.16

annually evaluate the performance of the committee, by way of a self-evaluation, as part of the board’s review of the committee’s performance and effectiveness;

 

5.1.17

ensure and oversee the preparation of a Group risk register for presentation to the board which includes the levels of risk tolerance of each significant risk;

 

5.1.18

oversee that risks are managed within the levels of tolerance as approved by the board;

 

5.1.19

liaise closely with the audit committee to exchange information relevant to risk;

 

5.1.20

express the committee’s formal opinion to the board on the effectiveness of the system and process of risk management; and

 

5.1.21

oversee, monitor and assess the effectiveness of the Group’s IT governance through a review of the findings of the IT governance committee which has been constituted as a sub-committee.

5.2

The IT governance sub-committee:

 

5.2.1

is constituted in terms of IT governance principles outlined in King III;

 

5.2.2

shall review and assess the IT governance strategies, structures and processes of the Group;

 

5.2.3

reports to the committee on the manner in which it has discharged its duties to the satisfaction of the committee; and

 

5.2.4

will have its terms of reference approved by the committee and thereafter reviewed by the committee annually.

 
6

Meetings and reporting responsibility

 

6.1

Meetings shall be held no less than three times a year and additional meetings may be held as and when deemed necessary. A compulsory meeting should be held:

 

6.1.1

prior to the Company’s board meeting at which it considers its interim results, to consider, inter alia, the effectiveness of the Group’s risk management processes and review significant risks and management responses thereto; and

 

6.1.2

prior to the Company’s board meeting at which it considers its year-end results, inter alia, to consider the annual update of the Group risk register and disclosure requirements.

6.2

Meetings in addition to those scheduled may, with the approval of the Chairman, be held at the request of the Chief Executive, any other member of senior management or at the instance of the board.

6.3

The committee may hold its scheduled and/or ad hoc meetings either in person and/or via suitable electronic means including, without limitation, telephone conference or video calls or a combination as may be deemed appropriate by the members.

6.4

The Chairman of the committee may meet with the Chief Executive and/or the Secretary prior to a committee meeting to discuss important issues and agree on the agenda.

6.5

A detailed agenda, together with supporting documentation, must be circulated, at least one week prior to each meeting to the members of the committee and other invitees.

6.6

A quorum for meetings of the committee shall be a majority of members comprising the committee from time to time which shall include one independent non-executive director and one executive director of the Company, such quorum to be present throughout the meeting.

6.7

Decisions of the committee shall be carried by vote of the majority of members present at meetings.

6.8

Minutes of meetings of the committee shall be taken and circulated to the board by the secretary of the Company.

6.9

The Chairman or, in his/her absence, another member of the committee nominated by the Chairman, shall report to the board at each board meeting on matters relating to the committee in accordance with its terms of reference. The Chairman or, in his/her absence, another member of the committee nominated by the Chairman, shall also report to the audit committee on matters relating to risks and related controls which have been dealt with by the committee in terms of its mandate.

6.10

The Chairman shall attend the Company’s annual general meeting to deal with and dispose of matters relative to or arising from the mandate of the committee.