Risk operates a comprehensive risk management methodology which is closely integrated to its management structure to provide clear oversight and governance of the risks which are considered to be material to its business, and to maintain surveillance of its operating environment for emerging risks.
The approach endeavours to ensure that a clear risk appetite is set and balances risks and opportunities to contribute to the achievement of the Group’s strategic objectives.
The Board has responsibility for the risk framework and establishing the Group’s risk appetite, as well as ensuring that risk controls are built into management’s approach to operations. The Audit Committee holds the responsibility for assessing the effectiveness of the risk management systems which are in place and undertaking independent review of the risk mitigation plans which have been designed for material risks.
Rank’s risk committee meets a minimum of eight times per year with a remit to conduct a thorough review of the risk register and to ensure that management is working effectively to identify and manage risks as they arise and on a continuous basis. Working sessions of the committee are held with departmental and divisional management to ensure that risks are being identified in a timely manner, procedural controls over identified risks are effective, and action plans are put into place for emergent risks. This approach ensures that risk is identified in both a ‘top-down’ and a ‘bottom-up’ manner from the various management levels of the organisation to give assurance that risk registers are comprehensive.
Group internal audit works in support of the risk committee to help manage risk identification and conduct independent reviews of both the business’s risk and its progress in performing the mitigating action plans agreed for any relevant risks, the status of which is reported to the risk committee at each meeting.