Risk Management

Although a level of risk awareness and response is embedded in daily management and operational activities, a large and complex Group faces corresponding risks. This in turn requires of management to design and implement a planned and structured approach to understand, identify, report, price, manage, mitigate and close out the Group’s large and complex risks.

This includes governance structures (such as the Board risk management committee, the executive committee and the operating platform risk structures), organisational leadership, strategic planning and effective management to ensure that the appropriate operational and functional capacities, controls, systems and processes are in place to manage risk. Underpinning this is the Group Integrated Assurance Framework.

The Group risk management framework comprises one of three building blocks that make up the Group Integrated Assurance Framework, and aims to:

  • Align strategy with risk tolerance
  • Improve decision-making which improves the Group risk profile
  • Promote the strategic and coordinated procurement of quality order book
  • Ensure equitable commercial terms and conditions are contracted, and the rational pursuit of commercial entitlement
  • Promote rigorous project reviews, and timeous response to contracts in distress
  • Promote continuous improvement through the application of key lessons learnt
  • Reduce operational surprises, improve predictability and build shareholder confidence
  • Build robust organisational risk structures and facilitate timeous interventions, to promote long-term sustainability
  • Promote the efficient and proactive utilisation of opportunities.

Regulatory Compliance

With the growth of the Group over time, in new geographies and disciplines, regulatory compliance is a large and complex area to understand. This in turn requires a structured approach to evaluate exposure and ensure adequate responses are initiated timeously to mitigate and avoid any negative impact on the Group’s performance through regulatory non-compliance.

The regulatory compliance function provides specific focus on regulatory compliance risk within the context of the Group. The implementation of the Group regulatory compliance framework focuses on the seamless integration of regulatory compliance in conjunction with risk management and internal audit into business planning, execution and management.