Principle 7 – Recognise and manage risk

The ASX Corporate Governance Council states that a company should “establish a sound risk management framework and periodically review the effectiveness of that framework.

Risk Management

It is the role of the Board to set the risk appetite for the entity, to oversee its risk management framework and to satisfy itself that the framework is sound. The assessment of the effectiveness of the risk management framework is delegated to the   Audit Committee and management is required to:

  • Identify the risk profile from a company-wide perspective and prioritise such risks;
  • Develop, implement, monitor, assess and review risk management, risk compliance and risk control strategies with an emphasis on continuous improvement;
  • Attend formal strategic planning sessions;
  • Prepare and review periodic reports to the Board and Audit Committee identifying and prioritising issues that represent risk and the manner in which these are being responded to.

During the current reporting period a formal review of the Group’s risk management framework was performed.

Risk Policies

For the 2016 year, the Risk Management function implemented the appropriate compliance and control elements by way of the management certification process (see below). OrotonGroup will continue to enhance its policies and processes around oversight, risk profile and risk management across all areas of the business.

Policy areas continuously under development include:

  • Business Risk – focusing on principles and policies to manage OrotonGroup’s strategic planning, decision making and execution risks;
  • Financial Risk – focusing on principles and policies to manage OrotonGroup’s exposures to foreign currencies and interest rates;
  • Legal Compliance Risk – focusing on principles and policies to manage compliance with all major legal requirements in the conduct of OrotonGroup business;
  • Safety, Health and Environment – focusing on principles and policies to manage OrotonGroup’s safety, health and environmental liabilities and legal responsibilities.

Risk Profile

Business risks are included in the Operating and Financial Review of the Annual Report.  Significant changes to OrotonGroup’s risk profile are communicated to investors by way of its continuous disclosure obligations. This is particularly so in cases where the change is likely to have a material impact on the value of OrotonGroup’s shares.

As noted in Principle 3, the Group is committed to compliance with local and internationally accepted labour, environmental and employment laws.  There is however an inherent risk that third party manufacturers’ practices may result in environmental, unethical labour or workplace practices in the factories from which the Group sources products, which could adversely impact Group reputation and brand equity.

Except as otherwise noted, the board does not consider that it has any material exposure to economic, environmental and social responsibility risks, however, acknowledges that material exposure outside of its control may arise.

Internal Audit Function

The Board is currently of the view that a formal internal audit function is not required as internal procedures and processes can be relied on to ensuring ongoing compliance obligations are met.  Given the size of the operations, considerable importance is placed on maintaining a strong control environment in the Consolidated Entity.

There is an organisation structure with clearly drawn lines of accountability and delegation of authority. Internal control reviews are undertaken on a periodic basis and the results are reported to OrotonGroup’s Audit Committee. The Board receives and reviews the minutes of the meetings of all Board committees.

The Audit Committee which also oversees risk did not have a majority of independent Directors for the full year ended 30 July 2016 and therefore the Group was not compliant with recommendation 7.1.

Notwithstanding this, the Board supports the comments made by the ASX Implementation Review Group (“IRG”) that regardless of whether Directors are defined as independent, all Directors are expected to bring independent views and judgement to Audit Committee deliberations.

At the date of this report the Audit Committee now has a majority of independent Directors.

The Board is also regularly provided with reports from management on the financial performance of OrotonGroup including details of all key financial results reported against budgets approved by the Board, and updates on forecasts for the year.

The external audit function is separate and independent of the above processes.