Mr PDS Bacon (Committee Chairman) Click here to view résumé |
Dr NN Gwagwa Click here to view résumé |
Mr IN Matthews Click here to view résumé |
Mr GR Rosenthal Click here to view résumé |
Independent non-executive director | Non-executive director | Independent non-executive director | Independent non-executive director |
Meeting attendance: 3/3 | Meeting attendance: 3/3 | Meeting attendance: 2/3 | Meeting attendance: 3/3 |
Mr GE Stephens Executive director Click here to view résumé |
Mr AM Leeming Executive director Click here to view résumé |
Ms KH Mazwai Executive director Click here to view résumé |
|
Chief Executive Officer | Chief Financial Officer | Director: Group Human Resources | |
Meeting attendance: 3/3 | Meeting attendance: 3/3 | Meeting attendance: 3/3 |
The following SIM directors are also members of the risk committee:
Mr Z Miller Chief Information Officer |
Mr S Montgomery Director: Development |
Ms C A Reddiar Click here to view résumé Director: Corporate Services and Legal |
Mr SD Wing Chief Operations Officer |
Meeting attendance: 1/1 | Meeting attendance: 3/3 | Meeting attendance: 3/3 | Meeting attendance: 3/3 |
The board is ultimately responsible for the governance of risk and the risk committee (“the committee”) has been delegated responsibility for monitoring, developing and communicating the processes for managing risks across the Group. The committee assists the board in the discharge of its duties relating to corporate accountability and associated risk in terms of management and reporting. As the Group operates in a dynamic and challenging environment, with new business opportunities being pursued both locally and internationally, the committee is tasked with assessing the related risks against the Group’s risk framework; risk appetite and risk tolerance.
Effective and sound risk management is imperative to the Group together with the realisation of the Group’s businesses strategies which depends on being able to take calculated risks without negatively impacting the business. This creates the interplay between risk appetite and tolerance and the committee’s mandate entails oversight of management’s controls and mitigating actions against the context of the Group’s risk management framework.
The committee Chairman reports to the board following each committee meeting on matters in accordance with the committee’s approved terms of reference. In fulfilling its mandate and with a view to overseeing the Group’s risk management, the committee met on three separate occasions during the year under review, including the annual risk workshop, to consider matters such as: the risk policy and identification of Group-wide risks (current, emerging and prospective); the Group’s stakeholder engagement initiatives; compliance with applicable laws; and the Group’s IT governance and IT related risks. In addition, the committee reviews the Group’s insurance policy, placement terms and related premiums with the Group’s insurance brokers on an annual basis.
In regard to IT governance and IT risks, the IT governance committee operates as a sub-committee of the risk committee and is comprised of an independent IT governance expert. The IT governance committee has its own mandate as established by the risk committee and reports into the risk committee at each meeting in order to provide the relevant assurance and/or elevate the necessary concerns to the committee.
The committee’s mandate also provides for a risk committee member to report on the matters canvassed by the committee to the audit committee. In turn, the audit committee Chairman is a member of the risk committee. These mechanisms enable the appropriate insights into the key risks faced by the Group and prevents the duplication of matters within the remit of the committees.
The Group has a strong risk management culture embodied throughout its business and the committee has overseen the robust risk management processes of the Group to ensure a sound and effective risk management system. This is crucial to the long-term development of the Group given the Group’s risk profile and its corporate reputation. The sound management of risk enables the Group to anticipate and respond to changes in its business environment, as well as to take informed decisions under conditions of uncertainty.
An enterprise-wide approach to risk management has been adopted by the Group, which means that every key risk in the business is considered in a structured and systematic process of risk management. All key risks are managed within a unitary framework that is aligned to the Company’s governance responsibilities. The risk framework is disseminated across the Group and each unit is responsible for the assessment and mitigating actions required on its part given the Group and local risks.
Risk management processes are embedded in the Group’s business systems and processes, so that its responses to risk remain current and dynamic. All key risks associated with major change and significant actions by the Group also fall within the processes of risk management. The nature of the Group’s risk profile demands that Sun International adopt a prudent approach to corporate risk whilst still effectively dealing with business realities. Controls and risk interventions are selected on the basis that they increase the likelihood that the Group will fulfil its strategic objectives responsibly.
The Group’s Internal Audit (“GIA”) department also reviews the effectiveness of the Group’s risk management processes and incorporates a review on the effectiveness of risk controls in its annual internal audit plan. GIA’s overall mandate includes the evaluation of risk exposure and the effectiveness and efficiency relating to:
GIA further conducts risk management reviews at each of the units and reports their findings to the risk committee. GIA is of the opinion that based on the audits conducted and the reviews performed that the risk management processes in place remain relevant and are adequate.
Management are tasked with identifying the relevant risks posed to the Group and present its report to the risk committee at each meeting. This report takes the form of a Group risk register reflecting the nature of the risk; the mitigating controls; impact and likelihood of the risks as well as the nature of inherent risk.
The risk committee assesses management’s review of the key risks and interrogates the controls and mitigating actions to ensure that management are mitigating the risk to the best of its ability. During the year under review each of the Group’s 41 identified risks were reviewed with the assistance of an external risk expert. Certain new risks were introduced whilst some risks had dissipated. In terms of the committee’s latest review and based on management’s view of its business, the following risks are reflective of the top 20 risks facing the Group:
Risk | Low | Medium | High | |||
GrandWest exclusivity renewal | ||||||
Impending smoking legislation | ||||||
Increased competition from alternate forms of gaming (EBTs/LPMs/online gaming) | ||||||
Impact of onerous travel restrictions | ||||||
Increase in gaming taxes | ||||||
Pressure on disposable income | ||||||
Non-compliance with new B-BBEE targets | ||||||
Failure to appoint and retain PDIs | ||||||
Unsuccessful international expansion and/or underperformance of new acquisitions | ||||||
Operational disruptions due to Union actions and staff dissatisfaction | ||||||
Increased competitor actions | ||||||
Gearing levels inhibit achievement of objectives | ||||||
Crime at units | ||||||
Change in licencing conditions | ||||||
Litigation arising from Wild Coast Land Claim | ||||||
Maturity of the South African market | ||||||
Failure to successfully implement ERP system | ||||||
Pressure on Group management fees | ||||||
Poor implementation of Marketing and Sales strategy | ||||||
Poor career and succession planning |
The Group’s risks are considered in terms of the impact and likelihood of the risk materialising together with the strength and effectiveness of the mitigating controls. The Group’s propensity for risk tolerance is used to guide decisions around risk management.
During this last review of the risk committee:
Each risk is comprehensively reviewed and is managed by the business through mitigating controls, key action plans and accountability by risk owners which permeates all levels of the organisation. This structure is depicted below.
Each risk owner is assigned the responsibility to oversee the effective mitigation of a particular risk. In so doing, three lines of defence are applied to each risk as follows:
The final and fourth level of defence in mitigation of the Group’s risks, requires that these lines of defence are reviewed by the board committees.
As reported earlier, the Group’s IT governance committee has been created as a sub-committee of the risk committee and provides a detailed report on the matters canvassed within its mandate for the year. The risk committee spent some time deliberating on the composition and positioning of the IT governance committee within its corporate structure. As the IT governance committee, under the stewardship of the Chief Financial Officer as Chairman, is performing effectively the committee therefore refrained from effecting any changes during the course of the year.
The IT governance committee Chairman reports to the risk committee on governance and risks within the IT domain and the risk committee has insight into the Group’s IT risk register. The committee confirms that appropriate mitigating controls around the Group’s IT risks are comprehensive. In particular the committee has spent time considering the implementation of an ERP system and have extensively canvassed possible risks together with ensuring that the relevant mitigating controls are in place.
The risk committee is tasked with overseeing the Group’s stakeholder engagement practices. The purpose of this mandate is to oversee that the key material issues with each of the Group’s stakeholders are being effectively addressed by management to the extent possible.
Our stakeholders are defined as those Groups that have an impact on the Group and with whom the Group may impact on. The Group has assessed its stakeholder universe as follows:
We assess our stakeholder universe in this manner so that the Group clearly understands the impact that these stakeholders can have on the Group and vice versa. It remains an imperative for management to effectively deal with critical issues and focus resources within areas that are crucial for the business. This enables management to allocate its resources and management time appropriately.
Management’s targeted focus for the year under review was to build on its relationships with its gambling board regulators. As is evident from our reporting, the Group’s casino licences are a critical enabler of our business and the Group’s compliance with its casino licence conditions remain imperative. Management has held focus Groups with most of its provincial gambling boards (with the remainder to take place in the forthcoming year) with a view to understanding the regulators perceptions of the Group’s compliance compared to the compliance audits and internal audits that are conducted. In addition, the Group sought feedback on areas of improvement and overall the Group has fared well in terms of the comments provided at such meetings. As reported last year, an executive team is responsible for building these relationships and reports to the risk committee on its developments.
There has been further significant engagement with our employees and unions in terms of the Section 189A process and the committee has overseen the associated risks of this process. The committee has received reports on management’s dealings with its impacted stakeholders and concurs with the Chairman’s statement that the process has been conducted with due and fair process to all stakeholders following extensive consultations.
The committee acknowledges that stakeholder perceptions shape corporate reputation and the Group will continually strive to engage in constructive dialogue with its stakeholders.
Given the significant developments within the Group, the committee has elected to hold a further meeting each year in order to dedicate additional time to assessing the Group’s risks during this growth era.
The committee is satisfied that the process of identifying and appropriately dealing with the material risks posed to the Group are adequately managed and that the Group’s risk management philosophy and frameworks are sound.