Governance of risk

Structure

The Board accepts its responsibility for the governance of risk, which includes the total process of risk management and the formation of its opinion on the effectiveness of the process. The Board forms its opinion on the process of risk management based on the recommendations of the Audit, Risk and Compliance Committee (ARCC) and is satisfied with the effectiveness of the risk management process. The ARCC is responsible for ensuring that the Group has implemented an effective policy and plan for risk management and that the risk disclosures are comprehensive, timely and relevant. The Board and Committees' responsibilities are documented in the Blue Label Integrated Risk Assurance Policy and Framework.

Management is accountable to the Board for designing, implementing and monitoring the process of risk management. The Internal Risk and Compliance Committee (IRCC), established by management, supports the enterprise-wide risk approach by identifying, evaluating and measuring Group-wide risks and compliance in all functional areas of the Group, as well as maintaining adequate internal controls. The IRCC reports to the ARCC bi-annually in this regard, which oversees the effectiveness of risk management arrangements.

Process

Group-wide strategic risk assessments are conducted bi-annually. These assessments are facilitated by the compliance officer, who plays an important role in evaluating the risk management process and guiding management to continuous improvement.

To encapsulate our focus on the capitals and the triple context in which we operate, the risk process incorporates value drivers that broadly reflect the expectations of our stakeholders and against which risks are identified. The risk assessments conducted involve risk identification and prioritisation at subsidiary and holding company level through interviews with Senior Management and key members of Executive Management to confirm risks, their descriptions and prioritisation. Each risk is evaluated in terms of the potential impact, the likelihood of occurrence and the perceived effectiveness of controls in place to manage the risks according to set criteria. The Group has identified its strategic risks and acknowledges that its appetite to accept risk varies across those identified. The assessment process includes the setting of risk appetite and tolerance on a qualitative basis .Risk appetite and tolerance levels are reviewed annually at the ARCC and ratified at Board level. The outcome of the risk assessments is integral in refining our strategic response and in developing a risk-based plan for internal audit engagements for the forthcoming year. Action plans are documented in response to risk appetite and tolerance thresholds that are breached. The Group's material risks are listed in Material risks.

Covid-19 pandemic

In spite of certain restrictions caused by the COVID-19 pandemic, Blue Label has continued to deliver essential services, including electricity, airtime, data and other digital services, as well as providing financial transactional services. The lockdown regulations and the downturn in economic activity have not negatively impacted airtime, data and electricity sales volumes. The Group's digital expertise has enabled uninterrupted access of all its products and services through banks, formal retailers, independent retailers, petroleum forecourts and spaza shops across South Africa. Cash flow generated by the core businesses within the Group has consequently not been negatively impacted. The products and services that Blue Label provides fulfil essential needs of the consumer, even more so during the lockdown period due to home confinement. In essence, such demand would only decline if consumer cash resources dwindle as a result of a decline in their income. In a situation of this nature, Blue Label's products and services would remain a priority in consumer spend and retain a level of resilience in comparison to other consumer goods and services.