risk committee
The risk committee consists of three executive directors and three non-executive directors including the chair Mike Leeming. The presence of the executive directors on this committee is deemed important in ensuring that effective risk management is in place and part of the day-today operation of the company.
The responsibilities of the committee are set out in its terms of reference which is reviewed and updated on an annual basis. The main responsibilities include:
- assisting the directors in fulfilling their responsibility of ensuring that there is an effective and embedded risk management process in place throughout the group;
- assessing whether there are appropriate processes/controls in place to manage the key risks down to an acceptable level, in line with the board's risk appetite;
- assessing if the risk management process will ensure that emerging risks are identified and managed;
- assessing whether all new business opportunities have been appropriately considered from a risk perspective;
- assessing if appropriate processes/controls are in place to ensure regulatory compliance; and
- reviewing the adequacy of the group’s insurance portfolios.
Based on a review of management reports and appropriate discussion and enquiry by the members, the committee believes that it performed the functions set out in its terms of reference and continues to identify and prioritise the risks relevant to the business.
The committee met a total of four times during the year. The details of individual attendance at the risk committee meetings are set out below.
The Chairman attends the meetings in February and August following the group’s financial half year and year end.
risk management
The board recognises risk management as a key business tool, which is designed to:
- balance risk and reward within both existing and new businesses; and
- protect the group against uncertainties and hazards, which could prevent the achievement of business objectives.
The board is responsible for the risk management process and is assisted in its responsibilities by the risk committee. The dayto- day responsibility for risk management and the design and implementation of appropriate processes to manage the risks resides with management.
The risk management process is effective and adds value to the group by:
- improving the quality of business decisions, through a more formal identification and assessment of risk before new business ventures and/or projects are presented for approval; and
- contributing to an improvement in the processes and controls in place to manage the key risks.
The risk management process applied is designed to ensure that:
- all relevant risks are identified and appropriately evaluated, based on their impact if they were to occur and their likelihood of occurrence;
- risks and the required processes and controls to manage these risks are assessed in line with the board’s risk appetite; and
- appropriate management information and monitoring processes are in place to manage the exposure to each of the key risks, so that where required appropriate corrective action can be taken.
The focus for the year was to integrate risk management with the strategic and business planning process. This has further embedded risk management into our established business disciplines, as has the definition and measurement of objective metrics, to assess our exposure to the key risks. During the year:
- each business unit updated their business risk profile during their strategic and business planning. The purpose was to identify key risks linked to the strategy and our business model and the required processes and controls to manage these risks over the next three years;
- the key inherent risks for the group were re-evaluated, based on the revised business unit profiles and a reassessment of the prior year key inherent risks; and
- the required management information and metrics to objectively assess our exposure to the key risks were clearly defined.
The key inherent risks and their status are reported to the risk committee on a quarterly basis. This report is complemented by risk reports on specific focus areas including, crisis management, business continuity planning, disaster recovery, food safety and quality, occupational health and safety, legal risk management and insurance.
management of our key risks
The revision of the key inherent risk profile for the group reflected the dynamic nature of risk management and the effectiveness of the process within the group. A number of the key risks from the prior year are now being managed in a more effective manner and as such no longer require monitoring by the board.
In the prior year a key risk was the implementation of the Retek merchandise management system. This implementation represented a significant investment and required a redesign of a number of key business processes. This implementation has had an impact on the business during the current year, but a number of financial benefits have already been realised, particularly with respect to more effective stock planning. The implementation is at an advanced stage and as such the risk to the business has reduced and we now need to leverage this investment to deliver the expected stock management benefits.
There are also a number of areas where the processes and controls have been enhanced to improve the management of our risks as set out below.
clothing product
The ongoing implementation of our design-led process throughout the clothing groups has enhanced our product offering and ensured a more consistent taste level. The improvement in our product offering has been supported by the use of innovative technology and effective sourcing. Given the progress made, the risk of having an inappropriate clothing offering has reduced but this is an area which requires ongoing attention.
key suppliers
Woolworths is essentially a private label business and as such there is a key dependency on our suppliers. This is an inherent risk but during the year we rationalised our supplier base and implemented more formal processes to assess the capacity of suppliers to meet our volume requirements, whilst ensuring our high quality standards are maintained.
business continuity planning
We have continued to improve the continuity plans in place to maintain service levels and ensure rapid recovery in the event of a disaster at any one of our operations. These plans are formalised, well communicated and are tested on a regular basis. Therefore, given the processes in place this is now regarded as a low risk.
food safety
Food safety is a critical area to ensure we protect our customers. To enhance our processes, we redesigned our product recall process during the year to ensure that any product which could cause serious harm to our customers is removed from our stores and destroyed timeously. This process was formally tested twice during the year and these tests were used to further refine the process.
Whilst management has improved the control environment to more effectively manage a number of the key risks, the environment in which we trade is dynamic. Therefore there are certain new risks which require focus, including:
- the proposed implementation of quotas on goods imported from China;
- compliance to the Credit Act; and
- armed robbery.
key risk profile
Our key risks have been set out below.
proposed implementation of quotas
The government is proposing the implementation of quotas on goods imported from China. This could have a significant impact on our abiliy to provide the right quality products at good value, dependent on the mechanism of implementation.
ensuring the correct product offering
Our aim is to nurture and build lifetime relationships with our customers and to achieve this we need the correct product offering. This means we need to continue to provide innovative, high quality products for our customers, which are competitively priced.
Within clothing, the implementation of the design-led process in womenswear contributed to good growth. This process is being implemented in the other clothing groups and has now resulted in an improvement in the clothing offering.
Our food product offering continues to provide real differentiation and there has been excellent growth.
credit risk
The value of the instore card, personal loans and credit card books has continued to grow. These assets support the ongoing growth in our retail business and create significant revenue for the group. However, there is a risk that customers may default on their payments with a consequential impact on the level of debt write-offs.
delivery of the real estate plan
A key success factor in maintaining our growth, particularly in the food business, is selecting appropriate locations and formats for our stores. There is a risk that we are unable to source appropriate sites, which deliver the required rates of return and maintain our profitable growth.
The new stores continue to meet the required hurdle rates of return. However, it has been recognised that each new store opening requires close management involvement to ensure that the catalogue and product offering is correct.
attraction and retention of talent
In order to deliver our strategy and manage the key risks, it is important to attract and retain the right combination of technical and leadership skills. This is a challenge in a number of specialist areas including design and buying, property development, credit risk and store management.
During the year we recruited certain key talent within the clothing group with a focus on design, technology and stock management skills. This has assisted in the repositioning of our clothing offering.
There was an investment made to ensure that we could recruit and retain store management and this resulted in a significant decrease in the level of store management vacancies.
customer service
Our customers' expectations continue to increase and we are committed to understanding and meeting their expectations. Our customer service trial demonstrated that the key requirement is to ensure product availability throughout our trading period. In addition, the length of till queues requires attention to ensure that our customers enjoy their shopping experience.
compliance with the new Credit Act
The new Credit Act has been promulgated and we need to comply with the requirements from the effective date of 1 July 2007.
Compliance to the Credit Act will require enhancements to our current business process and system design.
armed robbery
We are concerned with the increasing level of armed robbery affecting retail stores. In the 2006 financial year there were fifteen armed robberies in our stores, compared to seven in the prior year. Whilst we were fortunate during the year that none of our employees or customers were seriously injured, the increase in armed robbery represents a real threat to safety.
Over and above the processes and controls in place to manage our key risks, the group has a comprehensive asset and liability insurance programme.
crime prevention and detection
A key priority is the implementation of effective processes to reduce the level of crime, which includes shrinkage, burglary, armed robbery, internal fraud, theft and corruption. Armed robbery has now been identified as a key risk given the increasing levels and the threat to employee and customer safety. Measures are in place to manage this as reported under our key risks.
With respect to fraud, theft and corruption we have continued to build on our progress and during the year we:
- extended the scope of our independent and confidential shrinkage hotline, to include fraud, theft and unethical practices;
- completed several investigations which resulted in disciplinary action and criminal charges being laid. This demonstrates our commitment and where required the results of the investigations are used to improve the control environment; and
- commenced the implementation of fraud risk assessments to identify our fraud risk and ensure appropriate controls are in place.
attendance at the risk committee meetings
| Aug | Nov | Feb | May | |
| Director | 2005 | 2005 | 2006 | 2006 |
| Mike Leeming C N |  |
|
|
|
| Simon Susman CEO | |
|
|
|
| Nigel Colne N | |
|
|
|
| Brian Frost N | |
|
|
|
| Richard Inskip E | |
|
|
|
| Kevin Stanford | |
|
|
|
| Norman Thomson E | |
|
|
|
| C | = | Chairman |
| CEO | = | Chief executive officer |
| N | = | independent non-executive director |
| E | = | executive director |
