Page 44 - flipbook-ubp-IR
P. 44

INTRODUCTION ABOUT US
RISK REPORT
The Group’s operations take place in an environment that is constantly changing, exposing the business to a range of external, operational and financial risks.
Responsibilities with regards to risks are clearly defined for all entities within the Group. The core tenet is that risk owners are accountable for risk management under the supervision of the Group risk management function.
Risk Architecture
With a view to fully identify, measure, assess and mitigate our exposure to risks, an Enterprise Risk Management (ERM) framework and a Business Continuity Management (BCM) plan were implemented within the Group in 2016.
The Group’s strategic objectives were defined and the risk appetite was determined for each of these objectives based on a Group- wide approach considering risks across all departments, functions and activities.
RISK HIERARCHY
  BOARD
Approve and maintain the risk management policy.
Set and review the risk appetite on a periodic basis. Maintain oversight of the risk management framework.
   RISK MONITORING COMMITTEE
Review risk reports and monitor effectiveness of risk management. Report to the board on risks and controls.
Discuss with the Board the status of the mitigating action plan performance against the set risk appetite.
3rd
Line of Defence
Group Internal Audit
Carry out internal audits on a risk basis.
Provide assurance on adequacy of controls across specific risk areas (including risk management).
  CHIEF RISK OFFICER
Review and approve risk reviews.
Approve appropriate actions to bring organisational
risks within tolerance level.
Report to the Risk Monitoring Committee on key risk/control indicators.
 1st
Line of Defence
Risk & Compliance Officer
Implementation of the risk management framework.
 DEPARTMENT HEADS (RISK OWNERS)
Attend periodic meetings to discuss risk management reports. Maintain oversight of their respective risk/control owners.
  2nd Line of Defence
  ACTION & CONTROL OWNERS
Identify and assess new risks and update the ERM framework. Reassess the existing risks and send for approval. Update the ERM framework on controls performed at
the pre-defined frequencies.
Remediate control failures.
42
UBP INTEGRATED REPORT 2022
 MANAGEMENT APPROACH
   42   43   44   45   46