At the date of this report, the Risk Committee comprises: Mr Chris Seabrooke (Chairman); Dr Lulu Gwagwa; Ms Phumzile Langeni; Messrs Guy Hayward, Johannes van Lierop, Mike Spivey, Dhari Moodley and Norman Gray; three of the members are independent non-executive Directors and each have the requisite financial and commercial skills and experience to contribute to the Committee’s deliberations. Ilan Zwarenstein was a member of the Committee until he resigned as Group FD on 12 March 2015, at which time Johannes van Lierop was appointed as Chief Financial Officer (CFO) of Massmart. The Risk Committee met twice in the year ended December 2014.
The Board considers risk management to be a key business discipline designed to balance risk and reward, and to protect the Group against risks and uncertainties that could threaten the achievement of business objectives. The Board’s risk strategy has been established through debate with the executive Directors where the Group’s risk tolerance has been considered and balanced against the drive towards the achievement of its strategies and objectives.
The Committee is responsible to the Board for overseeing the Group’s risk management programme. The day-to-day responsibility for risk management, including maintaining an appropriate loss prevention and internal control framework, remains with the Executives of the Group and of each Division. Each division has developed a risk and loss prevention process that is best suited to its culture, structure and operations.
The Committee’s primary role is one of oversight and therefore it reviews and assesses the dynamic interventions, within the Group’s available resources and skills, required in response to business-specific, industry-wide and general risks. The Committee tables a Group risk register to the Board twice annually, in February and August, which is aggregated from those prepared by the Divisions and the Group Executive Committee. The Committee is also responsible for reviewing and reporting on the Group’s application of King III.
As part of the annual risk reporting process, the Divisions’ Risk Officers report any major risk incidents that occurred during the year. These incidents are defined in the Group Risk Policy as ones that:
- Directly or indirectly impact annual Divisional earnings before interest and tax or total assets by 5% or more (quantitative); or
- Have significant qualitative dimensions that may include:
- A major concern to Massmart Holdings’ public shareholders;
- Serious damage to the reputations of the Division and / or its executives and management;
- Affecting a major portion of the Division’s customer base;
- A large fraud or theft;
- A legal matter that may result in major financial or reputational risk;
- A material ethical or compliance breach, whether qualitative or quantitative;
- A major breakdown in the control environment;
- Significant IT system failure;
- Nationwide media coverage and/or public concern; or
- Affecting the Division or Group’s ability to implement or execute its strategy and business objectives.
The Committee considers there to be two categories of Group risk that can broadly be described as Strategic/Environmental risks and Operational risks.
Strategic/Environmental risks tend to be longer-term and more material in nature and can, in most cases, only be monitored, managed and partially mitigated through longer-term strategic or tactical business responses. These risks, which, for example, include executive talent retention and succession, transformation and supply chain, are the primary focus of the Group’s Risk Management process. The Group risk register summarises the major risks facing the Group, taking into account the likelihood of occurrence, the potential impact and any mitigating factors or compensating controls. The Risk Committee oversees the maintaining of a sound system of governance, risk management and control with regard to operations, safeguarding assets, reliability of management reporting, and compliance with laws and regulations.
Operational risks by their nature can be immediately addressed or mitigated by local management actions. These risks – which include in-store health, safety and security, compliance, fire prevention and detection, IT systems and food safety, amongst others – are therefore the direct responsibility of each Divisional Executive Committee where a Loss Prevention or Risk Officer has line-responsibility for overseeing these risks.
Internal control framework
Massmart maintains clear principles and procedures designed to achieve corporate accountability and control across the Group. These are codified in the Massmart Delegation of Authority policy that describes the specific levels of authority and the required approvals necessary for all major decisions at both Group and Divisional level. Through this framework, operational and financial responsibility is formally and clearly delegated to the Divisional Boards. This is designed to maintain an appropriate control environment within the constraints of Board-approved strategies and budgets, while providing the necessary local autonomy for day-to-day operations.
The Board is responsible for the risk management programme that attempts to balance the risks and rewards in achieving the Group’s objectives. On behalf of the Board, the Risk Committee oversees the Group’s risk management programme. Responsibility for risk management and loss prevention rests however with the Group and Divisional Executive Committees.
Litigation and legal
For the past two years we have defended several legal actions filed against our Massdiscounters/Game division by three of the major food retailers in South Africa and a prominent property fund also located in South Africa. These interdictory actions for injunctive relief are based on contractual and delictual theories of law relating to exclusivity and restrictive usage clauses in separate lease agreements between the relevant landlord and Game on the one hand, and one or more of the major food retailers on the other. These disputes arise when one or more of these retailers are co-located in a particular shopping centre with a Game store that seeks to offer a limited fresh food offering. Along with other legal defences, we have asserted that the blanket enforcement of these clauses by the major food retailers contravenes South African competition law. In October 2014, Massmart lodged a formal complaint with the South African Competition Commission and requested the Commission to initiate a formal investigation into this behaviour. In December 2014, the Commission notified us that they would proceed with a formal investigation of our claims, together with similar complaints raised by other stakeholders. The various proceedings, including the Commission’s investigation, are on-going. If the conclusion of these proceedings is not in our favour–in whole or in part–then a key Group strategy in certain localities in South Africa could be delayed or curtailed.
In addition to this matter, the Group and our subsidiaries are party to a variety of legal, administrative, regulatory and government proceedings, claims and inquiries arising in the normal course of business. While the results of these proceedings, claims and inquiries cannot be predicted with certainty, management believes that the final outcome of the foregoing will not have a material adverse effect on the Group’s financial position.
Financial risk and appraisal
Financial targets agreed in Group budgets and strategy processes are predicated on assumptions about the future that are uncertain and may prove incorrect or inaccurate. The monitoring and management of this risk is the responsibility of the Group Executive Committee. Monthly performance is measured and compared to the budget and prior year, and corrective or remedial action taken as appropriate.
Despite extensive financial, accounting and management controls and procedures, including reviews by Internal and External Auditors, there are risks arising from the Group’s cash management and treasury operations, direct and indirect taxation, and employee or third-party fraud or economic crime.
In addition to financial reviews, Massmart participates in externally-facilitated review and disclosure processes that enable independent reviews of its corporate accountability performances. These include a Carbon Disclosure Project participation, Broad-based Black Economic Empowerment verification and an annual JSE Socially Responsible Investment Index review.