3.7.2Design and Effectiveness of the Internal Risk Management and Control System
management approach
Risk Management is a management responsibility and is carried out with dedicated focus across the Company. The Group Risk & Compliance function brings the skills to support the business in identifying and managing risks, thereby ensuring the risks are managed within the Risk Appetite in order for the Company to achieve its strategic goals and objectives. The Risk Assurance Committee (RAC), chaired by the Group Risk & Compliance Director (GRCD) reviews the significant risks faced by the Company and the relevant control measures. The RAC guards an integrated risk management approach by bringing together the key heads of functions across the second and third line of defense, including the results of the annual Internal Control Over Financial Reporting (ICOFR) campaign. At least once every year, the Risk framework’s effectiveness is assessed and discussed with the Supervisory Board.