Risk committee

The principal purpose of the committee is to assist the Board in its oversight of risk within the Group, with particular focus on the Group’s risk appetite, risk profile and the effectiveness of the Group’s Risk Management Framework. We review the risks inherent in both our investment portfolios and in the insurance products we offer our clients. In addition to the risks inherent in investing and in providing assurance, we review the strength of our capital base and our liquidity position, the level of our operational risk, and the significant ongoing changes to the regulatory framework. The capital implications of Solvency II and the Group’s status as a Global Systemically Important Insurer pose risks to the Group and the committee has monitored development of these issues closely during the year and will continue to do so throughout 2017. The committee ensures that due diligence appraisals are carried out on strategic or material transactions, and also works with the Remuneration Committee to ensure that risk management is properly considered in setting the Group’s Remuneration Policy.

The committee is comprised of independent non-executive directors.

Membership

* Chairman from 1 September 2011

Membership and Attendance in 2016

Member Number of meetings attended Percentage attendance1
Michael Hawker (chairman) 7 100%
Glyn Barker 7 100%
Michael Mire 7 100%
Belén Romana García 7 100%
Bob Stein 7 100%
Scott Wheway 7 100%

1. This shows the percentage of meetings which the Committee member attended during the year whilst a member of the Committee.

The following officers normally attend, by invitation, all meetings of the committee:

  • Group Chairman
  • Group Chief Executive Officer
  • Group Chief Risk and Capital Officer
  • Chief Financial Officer
  • Chief Audit Officer

Other members of senior management are also invited to attend as appropriate, to present reports.

Committee role and responsibilities

The committee oversees all aspects of risk management in the Group, save for conduct and financial crime risk, and brand and reputation risk (oversight responsibility for which lies with the Governance Committee). Consequently the committee’s particular focus is on market, credit, liquidity, insurance and operational risk, and in considering their impact on both the financial and non-financial goals of the Group.The main responsibilities of the committee are to:

  • Review the Group's future risk strategy and its risk appetite, particularly in relation to capital and liquidity and to make recommendations on risk appetite to the BoardReview the implementation of management actions and strategic decisions required to meet the capital implications of the new SII and GSII regulations
  • Review the Group's investment risk strategy, credit limit framework and approve individual counterparty exposures in excess of limits
  • Review the design, completeness and effectiveness of the Risk Management Framework relative to the Group's activities and to assess the adequacy and quality of the risk management function and effectiveness of risk reporting within the Group
  • Review the methodology and assumptions used in the Group's model for determining its economic and regulatory capital requirements and satisfy itself that the assumptions and calibrations used reflect the Group's forward-looking risk profile
  • Review and approve risk policies and any relevant Group business standards, and to monitor compliance with these and management's actions to remedy any breaches
  • Satisfy itself that risks to the Group's business plan and any capital implications are adequately identified and assessed by management through appropriate stresstesting, and that mitigating actions are implemented
  • Satisfy itself that risk-based information is used effectively by management
  • Ensure that a due diligence appraisal of strategic or significant transactions due to be proposed to the Board is undertaken before the Board takes a decision on whether to proceed
  • Review the effectiveness of operational controls
  • Work with the Remuneration Committee to ensure that risk is considered in setting the overall remuneration policy for the Group
  • Review relationships with prudential regulatory authorities in relevant jurisdictions and developments in the prudential regulatory environment, and review significant actual or potential breaches of prudential regulation and actions being taken to address these
  • Review and recommend to the Board for approval any material regulatory filings
  • Review the security and resilience of the IT infrastructure of the Group.

Read the full  terms of reference  (PDF 37.1 KB)  for the committee.

Activities during 2016

A summary of the Committee’s activities during 2016 is shown below, full details can be found in the Committee’s report in the .

  • Reviewed reports from the CRO which included updates on significant risks facing the Group, the Group’s capital and liquidity position, the control environment, emerging risks and risk profile, and operational, regulatory and conduct risk
  • Approved the Group’s risk policies for recommendation to the Board
  • Approved the 2016 Group Capital and Liquidity Plan and subsequent updates
  • Assessed and monitored the IT risk in respect of the Company’s Digital First strategy
  • Reviewed capital and liquidity projections including the Group’s Shareholder cover ratio and liquidity cover ratio
  • Reviewed updates on credit risk, assessed scenarios to outline the Company’s exposure and reviewed mitigating actions
  • Approved the key principles for the 2016 G-SII Group Recovery Plan for managing its capital and liquidity in stress scenarios and received updates on the Plan
  • Oversaw the 2016 Group-wide Stress and Scenario testing exercise
  • Oversaw the Group’s internal reinsurance mixer model
  • Reviewed the Company’s employee pension schemes funding position
  • Undertook reviews of components of the key internal model, reviewed changes to the model, and reviewed independent internal model validation reports and associated assurance provided by the External Auditor
  • Reviewed risk identification reports, ensured material quantifiable risks were captured by the internal model, and that material non-quantifiable risks were managed appropriately
  • Approved the SII risk appetite
  • Reviewed regular updates on the performance of the Group’s  investment portfolios and on the external economic environment, and assessed the implications on the Group’s asset portfolio
  • Monitored the risk of cyber security, the progress against mitigating cyber risks, and reviewed the results of simulation cyber security attacks against the Group
  • Monitored an internal audit review of the Group’s outsourcing control framework
  • Reviewed the effectiveness of the systems of internal control and risk management
  • Reviewed updates on the outsourcing, cyber security and disaster recovery MCITs, and monitored and challenged progress by management