The Group’s Enterprise Risk Management Policy follows the International Committee of Sponsoring Organizations of the Treadway Commission’s Internal Control – Integrated Framework and is reviewed annually. The policy defines the risk management objectives, methodology, risk appetite, risk identification, assessment and treatment processes, and the responsibilities of the various risk management role players in the Group.

Through risk management, an integrated and effective framework is established which seeks to identify, assess and manage important and emerging risks which could impact on our ability to achieve strategic, financial and operational goals, and regulatory compliance. The risk management process is fully integrated into the strategic planning process and supports the achievement of our strategy.


Tax Strategy

The Group’s tax strategy sets out our commitment to conduct tax affairs consistent with the objectives of complying with all relevant legislation, rules, regulations and reporting and disclosure requirements in the jurisdictions we operate, and maintaining mutual trust and respect in dealings with relevant tax authorities.


Protecting Information Assets

Our operations span multiple geographies, necessitating an adequate international data network and Group approach to threat management. Due to the importance of our information assets, we have an effective Information Security and Data Protection programme to protect our technology, information assets and users.

Dirk Lubbe
Group General Manager: Compliance and Data Protection