The Board accepts its responsibility for the governance of risk, which includes the total process of risk management and the formation of its opinion on the effectiveness of the risk management process. Based on the recommendations of the Audit, Risk and Compliance Committee (ARCC), the Board is satisfied with the effectiveness of the risk management process. The ARCC is responsible for ensuring that Blue Label has implemented an effective policy and plan for risk management and that risk disclosures are comprehensive, timely and relevant. The Board and Committees’ responsibilities are documented in the Blue Label Integrated Risk Assurance Policy and Framework, which is reviewed annually by the ARCC.
Management is accountable to the Board for designing, implementing and monitoring the risk management process. The Internal Risk and Compliance Committee (IRCC), established by management, supports the enterprise-wide risk approach by identifying, evaluating and measuring Blue Label’s risks and compliance in all functional areas of the Group and maintaining adequate internal controls. The IRCC reports to the ARCC bi-annually in this regard, which oversees the effectiveness of risk management arrangements.
Blue Label’s strategic risk assessments are conducted bi-annually. The compliance officer, in a “second line of defence” role, facilitates these assessments and plays an important part in evaluating the risk management process and guiding management to continuous improvement.
To encapsulate our focus on the six capitals and the triple context in which we operate, the risk process incorporates value drivers that broadly reflect the expectations of our stakeholders and against which risks are identified. The risk assessments conducted involve risk identification and prioritisation at subsidiary and holding company level through interviews with senior management and key members of executive management to confirm risks, their descriptions, and their prioritisation. Each risk is evaluated according to set criteria in terms of its potential impact, the likelihood of occurrence and the perceived effectiveness of controls in place to manage the risks.
Blue Label has identified its strategic risks and acknowledges that its appetite to accept risk varies across those identified. The assessment process includes setting risk appetite and tolerance levels on a qualitative basis. Risk appetite and tolerance levels are reviewed annually at the ARCC and ratified at the Board level. The outcome of the risk assessments is integral in refining our strategic response and in developing a risk-based plan for internal audit engagements for the forthcoming year. Action plans are documented in response to risk appetite and breached tolerance thresholds. Blue Label’s material risks are listed in Material risks and opportunities.
Blue Label Integrated Annual Report 2024
