This report provides details of the role of the Risk and Regulatory Committee and the work it has undertaken during the year.
The Committee was established by the Board in January 2006 and held its first meeting in April 2006. The purpose of the Committee is to assist the Board in providing leadership, direction and oversight with regard to the Group’s governance and regulatory policies and procedures, including those related to compliance, risk management, financial malpractice and internal non-financial controls. The Committee was established as the Governance and Regulatory Committee but changed its name in June 2006 to the Risk and Regulatory Committee to more closely describe its main accountabilities. The full terms of reference for the Committee can be found on the Company’s website www.aviva.com and are available from the Group Company Secretary.
The following independent non-executive directors served on the Committee during the year:
| Period | ||
|---|---|---|
| Member | From | To |
| Mary Francis (Chairman | ||
| from 1 January 2007) | 14 January 2006 | To date |
| Russell Walls | 14 January 2006 | To date |
| Wim Dik | 14 January 2006 | To date |
Russell Walls served as the chairman of the Committee from its inception until 31 December 2006 when he was succeeded as chairman by Mary Francis. There were no other changes in the membership of the Committee during the year. The Group Company Secretary acts as the secretary to the Committee. The Committee met on three occasions in 2006 and each member attended every meeting. In addition the Committee held separate meetings with members of senior management and Ernst & Young for the purpose of induction and training.
The Group Chief Executive, Group Finance Director, Group Audit Director and the external auditor normally attend, by invitation, all meetings of the Committee. Other members of senior management are also invited to attend as appropriate to present reports. It is the Committee’s practice at each meeting to meet separately with the Group Audit Director and the external auditor without any members of management being present. In performing its duties, the Committee has access to the services of the Group Audit Director, the Group Regulatory and Tax Director, the Group Company Secretary, the Group Financial Management Director and external professional advice.
The responsibility for overseeing risk, regulatory and compliance issues, as well as the oversight of non-financial internal controls was transferred to the Committee from the Audit Committee in April 2006. The work of the Committee since its establishment has fallen into the following broad areas:
Risk management
The Committee has received regular reports on the Group’s risk management processes, including the key risks facing the business and the measures being taken by management to contain them. It has also reviewed the processes and governance used by management to define the Group’s risk appetite and has reviewed the internal non-financial controls used to monitor the effectiveness of the Group’s risk management processes.
Regulation and compliance
The Committee has reviewed the Group’s regulatory operating plan and has received regular reports on its relationships with its external regulators. In particular, the Committee monitors the actions being taken by management in relation to the Risk Mitigation Programme agreed with the Financial Services Authority. Reports on any material compliance issues are received by the Committee including any reputational issues which may arise. In addition, the Committee receives reports on legislative and regulatory developments which may impact the Group.
Business protection
Reports on financial malpractice are presented to the Committee including incidences of fraud, anti-money laundering procedures and arrangements whereby persons can report in confidence any concerns about matters of probity (whistleblowing). The Committee proposes to increase its focus into other areas of business protection as its work progresses.
The chairman of the Committee reports at the subsequent meeting of the Board on the Committee’s work and the Board receives a copy of the minutes of each meeting of the Committee.
In line with the Combined Code requirement the Board undertook a review of the effectiveness of all its committees during the year, including the Risk and Regulatory Committee.
This report was reviewed and approved by the Board on 28 February 2007.
Mary Francis
Chairman, Risk and Regulatory Committee