Audit and Risk Committee

The Audit and Risk Committee comprises Mr Chris Seabrooke (Chairman), Ms Phumzile Langeni and Dr Lulu Gwagwa, all of whom are independent non-executive directors and who each have the requisite financial and commercial skills and experience to contribute to the Committee’s deliberations. With effect from 4 March, 2013, Mr. M J Lamberti has been appointed a member of the Audit and Risk Committee. This appointment will be put to shareholders for approval at the Company’s May 2013 annual general meeting.  Guy Hayward, the Group’s Chief Operating Officer, Ilan Zwarenstein, the Financial Director, and Michael Spivey, Massmart's General Council, attend the Committee meeting by invitation.  The Audit and Risk Committee met twice in the 26 weeks ended 23 December 2012.

Responsibilities of the Audit and Risk Committee:

  • Overseeing the effectiveness of the Group’s governance, risk and internal control systems.
  • With regard to the External Auditor, to nominate their appointment, to determine audit fees payable, to pre- determine fees and scope of non-audit services, and monitor their independence.
  • Reviewing the scope and effectiveness of the External and Internal Audit functions.
  • Ensuring that adequate accounting records have been maintained.
  • Ensuring the appropriate accounting policies have been adopted and consistently applied.
  • Reviewing and reporting on the application of King III.
  • Testing that the Group’s going- concern assertion remains appropriate.
  • Overseeing the quality and integrity of the annual financial statements.
  • Ensuring that Massmart Internal Audit Services (MIAS) reports functionally to the Committee, is considered independent, applies King III, standards and adheres to the Institute of Internal Auditors' Standards for the Professional Practice of Internal Auditing and Code of Ethics.
  • It approves MIAS’s plan and ensures that MIAS have sufficient resource and skill to effectively perform their function.
  • Reviewing the adequacy and effectiveness of combined assurance, compliance and IT.
  • Receiving and reviewing the assurance assertion of MIAS and presenting this to the Board.

Audit

The CEO, the COO, the FD, senior financial executives of the Group and representatives from the External and Internal Auditors attend all meetings by invitation.

The Internal and External Auditors have unfettered access to the Audit and Risk Committee and its members, and both present formal reports to the Committee.

The Chairman of the Committee meets quarterly with the CAE, and at the start of every Committee meeting the External Auditors have a private audience with the Committee.

In specific response to the requirements of the Companies Act, King III and in terms of its charter, the Committee can report as follows:

  • The Committee has reviewed the scope, quality, effectiveness, independence and objectivity of the External Auditors and is satisfied with all of these areas. The audit firm Ernst and Young Inc., and audit partner Allister Carshagen, will be proposed to the shareholders at the May 2013 annual general meeting for approval to be the Group’s auditor for the 2013 financial year. Ernst and Young Inc., are, in the Committee’s opinion, independent of the Group.
  • The Committee is satisfied that the internal financial controls of the Divisions and Group operated effectively during the 26 weeks ended 23 December 2012 and can be relied upon. In addition, the Committee is satisfied with the Group’s accounting policies and that these have been appropriately and consistently applied during the 26 weeks ended 23 December 2012.
  • The Committee reviewed this Integrated Annual Report and recommended it to the Board for approval.
  • The nature and extent of non-audit services provided by the External Auditors is reviewed annually to ensure that fees for such services do not become so significant as to call into question their independence of Massmart.
  • The nature and extent of any future non-audit services have been defined and pre-approved, and the total fee associated with those non-audit services may not exceed 50% of the total audit fee without approval of the Committee. During the 26 weeks ended 23 December 2012, there were no non-audit services included in the audit fee. If it appears that this guideline will be exceeded on a consistent basis, non-audit services will be outsourced to alternative auditors.
  • No reportable irregularities were identified and reported by the External Auditors to the Committee.
  • The Massmart website (www.massmart.co.za) has a link enabling the general public to lodge complaints with the Committee. Since establishing this functionality in 2009, no complaints have been received.

Annually the Committee considers whether it is meeting its duties and responsibilities as set out in the Committee charter and in terms of the requirements of the Companies Act.

As part of the Audit function, the Committee receives reports on Group companies’   financial   performance,   governance,   and   internal   controls, adherence to accounting policies, compliance and areas of significant risk, amongst others. The Committee also receives written reports by both the External and Internal Auditors, which are accompanied by discussion with Committee members. After considering these reports, the Committee formally reports to the Board, twice each year, regarding the overall control framework and effectiveness of controls.

Each of the four Divisions has at least one Financial Review Committee which meets twice a year – before the finalisation and release of the Group’s Interim and Preliminary financial results, respectively. These Committees effectively function as Divisional Audit Committees but not strictly in the manner required by the regulators or King III. The attendance at these meetings includes the following invitees: the Group’s Financial Director, Divisional Chief Executive and Divisional Finance Director, key finance and accounting staff, members of Internal and External Audit, and Massmart Corporate Finance executives.  Minutes from these meetings are included with the papers of the following Committee meeting. Twice a year the Audit and Risk Committee reviews the Financial Review Committee minutes and the External Audit report, and annually they review the annual financial statements to comply with the Companies Act requirements of a holding company audit committee and its responsibilities in regard to all Company subsidiaries.

The Group’s interim and provisional reports are always subject to independent review by the External Auditors.

The Committee’s report in accordance with section 94(7)(f) of the Companies Act, can be found in the Directors’ Report.

Suitability of the financial director

As required by the JSE, the Committee and Board have considered the skills, qualifications and performance of the FD, Ilan Zwarenstein, and are unanimously satisfied of his continuing suitability for the position. His biographical details can be found in Massmart at a Glance.

External audit

During the 26 weeks ended 23 December 2012, Ernst and Young Inc. were the External Auditors for all Group companies, with the exception of:

  • Massmart International Limited who are audited by RBC Trust Company (Guernsey) Limited;
  • Masscash Swaziland (Proprietary) Limited who are audited by Synergy Chartered Accountants;
  • Makro (Lesotho) (Proprietary) Limited, Maseru Cash & Carry (Proprietary) Limited and Game Discount World (Lesotho) (Proprietary) Limited who are all audited by MNM Chartered Accountants and Internal Auditors; and
  • the Massmart dormant companies (some of whom are in the process of de-registration) who are audited by Deloitte.

Total fees paid to Ernst and Young Inc. during the 26 weeks ended 23 December 2012 were R0.9m.

Internal audit

The Committee considers Massmart Internal Audit Services (MIAS) to be an independent, objective body providing assurance to the Group’s governance, risk and control activities. MIAS comprises a dedicated team that, although managed from Massmart Corporate, is deployed Group-wide.  The team comprises appropriately tertiary qualified and experienced personnel, including internal audit and retail/wholesale professionals, to ensure the delivery of a relevant and high-quality risk-based audit service. Pleasingly, 86% of the audit team is African, Coloured or Indian.

  • MIAS is an objective body providing assurance concerning the Group’s governance, risk and control activities.
  • MIAS has the unequivocal support of the Board and Audit and Risk Committee.
  • MIAS is considered independent and has been subjected to a quality review.
  • The MIAS team formally reports any material findings at the Divisional Boards and the Audit and Risk Committee on a quarterly basis.
  • There is significant MIAS involvement in Information Technology (IT) throughout the Group to ensure satisfactory IT governance and assurance.

The responsibilities of MIAS are defined and governed by a charter approved by the Audit and Risk Committee and the Board. MIAS has the unequivocal support of the Board and this Committee and has access to any part of or person in Massmart. All employees are expected to co-operate positively with MIAS.

To ensure independence, MIAS reports functionally to the Audit and Risk Committee and administratively to the CEO. Massmart does not apply the King III recommendation that this Committee be responsible for the appointment, remuneration, performance/assessment and where necessary dismissal of the CAE. This process is conducted jointly by the Committee and the Massmart Executive Directors as this is deemed more effective. The Internal Audit function has adopted a risk-based methodology for several years in order to ensure appropriate coverage of governance, risk management and control processes that are key to the realisation of strategic objectives.  The internal audit plan is based on risk assessments, risk registers, group strategies and input from management, the Board and the Audit Committee. The Audit and Risk Committee approves the annual MIAS plan and the MIAS budgets. The CAE has unrestricted access to anyone in the organisation, has frequent and independent discussions and updates with the Committee Chairman and Massmart Executive Directors. The CAE holds a senior executive position in the organisation and has an influential impact across the business strategically and operationally. The Board provides MIAS with the authority to attend any strategic session, Committee or Board meeting and to have unrestricted access to all information across the Group to assist with its determination of the types and levels of governance, control and risk that exist across Massmart.

The MIAS team formally reports any material findings and matters of significance to the Divisional Boards on a quarterly basis and to the Audit and Risk Committee when it meets. The reports highlight whether actual or potential risks to the business are being appropriately managed and controlled. Progress in addressing previous unsatisfactory audit findings is monitored until MIAS reports the proper resolution of the problem area.

There is significant MIAS involvement in IT throughout the Group in order to ensure satisfactory IT governance and assurance. All new major IT systems in the Group require specific MIAS sign-off prior to implementation and all significant IT projects are subject to MIAS review.  The MIAS role is twofold: to assess the process and controls around  large IT projects at significant phases of these projects; and to assess the control environment within existing IT systems and the Group’s general  computer control environment. MIAS adopted the Control Objectives for Information and related Technologies (COBIT) methodology for technology auditing several years ago.

MIAS and External Audit’s scope and work-plans, and those of other assurance providers, are properly co-ordinated and when appropriate are relied upon in order to provide efficient and effective assurance to the Committee and to reduce the governance burden.

MIAS applies the standards of the International Standards for the Professional Practise of Internal Auditor and the recommendations of King III.  In accordance with the International Standards for the Professional Practise of Internal Audit standards, it has been determined that MIAS will be subjected to an independent external quality assessment review at least once in five years. An independent external audit firm conducted the last quality review and concluded that Massmart’s Internal Audit function ‘generally conforms’ to the standards of the Institute of Internal Audit which is the highest standard possible.

Risk

The Board recognises its responsibility to report a balanced and accurate assessment of the Group’s financial results and position, its business, operations and prospects. Aspects of how this is achieved are covered in the section below.

Internal control framework

Massmart maintains clear principles and procedures designed to achieve corporate accountability and control across the Group. These are codified in the Massmart Governance Authorities that describes the specific levels of authority and the required approvals necessary for all major decisions at both Group and Divisional level. Through this framework, operational and financial responsibility is formally and clearly delegated to the Divisional Boards. This is designed to maintain an appropriate control environment within the constraints of Board-approved strategies and budgets, while providing the necessary local autonomy for day-to-day operations.

Risk model

The Board is responsible for the risk management programme that attempts to balance the risks and rewards in achieving the Group’s objectives.

On behalf of the Board, the Audit and Risk Committee oversees the Group’s risk management programme. Responsibility for risk management and loss prevention rests however, with the Group and Divisional Executive Committees.



Risk and the Audit and Risk Committee

The Board considers risk management to be a key business discipline designed to balance risk and reward, and to protect the Group against risks and uncertainties that could threaten the achievement of business objectives. The Board’s risk strategy has been established through debate with the executive directors where the Group’s risk tolerance has been considered and balanced against the drive towards the achievement of its strategies and objectives.

The Committee is responsible to the Board for overseeing the Group’s risk management programme. The day-to-day responsibility for risk management, including maintaining an appropriate loss prevention and internal control framework, remains with the executives of the Group and of each Division.

The Committee’s primary role is one of oversight and therefore it reviews and assesses the dynamic interventions, within the Group’s available resources and skills, required in response to business-specific, industry-wide and general risks. The Committee tables a Group risk register, aggregated from those prepared by the Divisions and the Group Executive Committee, to the Board annually in February. The Committee considers there to be two categories of Group risk which can broadly be described as Strategic/Environmental risks and Operational risks.

Strategic/Environmental risks tend to be longer-term and more material in nature and can, in most cases, only be monitored, managed and partially mitigated through longer-term strategic or tactical business responses. These risks, which, for example, include executive talent retention and succession, transformation and supply chain, are the primary focus of the Group’s Risk Management process.

The Group risk register summarises the major risks facing the Group, taking into account the likelihood of occurrence, the potential impact and any mitigating factors or compensating controls. The Audit and Risk Committee oversees the maintaining of a sound system of governance, risk management and control with regard to operations, safeguarding assets, reliability of management reporting, and compliance with laws and regulations.

Operational risks by their nature can be immediately addressed or mitigated by local management actions. These risks – which include in-store health, safety and security, compliance, fire prevention and detection, IT systems and food safety, amongst others – are therefore the direct responsibility of each Divisional Executive Committee where a Loss Prevention or Risk Officer has line-responsibility for overseeing these risks.

Litigation and legal

As part of the litigation relating to the Walmart/Massmart merger, in March 2012, the Competition Appeals Court ordered Massmart to commission a study comprising of experts appointed by Massmart and the two intervening parties to the litigation.  The objective of the study was to determine the most appropriate means by which South African suppliers could be empowered to respond to the challenges posed by the merger.  The commissioned study resulted in separate opinions offered by Massmart and the two intervening parties.  In October 2012, the Court issued its ruling relating to the study by ordering Massmart to establish a supplier development fund (Fund) to minimize the risks to micro, small and medium sized producers of South African products caused or potentially caused by the merger.  The Court further ordered Massmart to contribute up to a maximum amount of R 200 million to the Fund. This amount, in addition to the R40 million previously committed via the Fund, totals a Massmart commitment to supplier development initiatives of R240 million. Among other governance details related to the organization of the Fund, the Court further ordered Massmart to report annually to the Competition Commission of South Africa details of its supplier development activities.  Massmart is in the process of complying with the order.

Information Technology

Protecting Massmart’s electronic assets is increasingly complex as networks, systems and electronic data expand and, in some cases, are shared with third parties and business partnerships. Depending on the internet for communication brings additional risk. Ensuring proper system security, data integrity and business continuity is the responsibility of the Board, but is given effect by the Audit and Risk Committee, the Massmart Technology Information and Process Forum (TIP) and Massmart’s formally contracted  IT business partners and service providers and is independently reviewed by the  External Auditors and MIAS. 

The Massmart TIP Framework describes the structures, processes and mechanisms that will enable the delivery of value to the Group and reduce IT risk.  This framework is largely driven by the TIP forum through which all IT executives in the business meet monthly. This forum drives an agenda focused on synergies, peer review, standards and legislation, alignment against the business strategy and shared learning, and has a responsibility to facilitate the sharing of intellectual capital across chains relating to systems and processes and to enforce common system standards and methodologies where required by corporate governance or in the common interest of the Divisions.

The Chairman of the TIP forum, Mike Marshall,  has access to the Executive Directors and is suitably experienced to fulfil the requirements of his role.

Financial risk and appraisal

Financial targets agreed in Group budgets and strategy processes are predicated on assumptions about the future that are uncertain and may prove incorrect or inaccurate. The monitoring and management of this risk is the responsibility of the Group Executive Committee. Monthly performance is measured and compared to the budget and prior year, and corrective or remedial action taken as appropriate.

Despite extensive financial, accounting and management controls and procedures, including reviews by Internal and External Auditors, there are risks arising from the Group’s cash management and treasury operations, direct and indirect taxation, and employee or third-party fraud or economic crime.

In addition to financial reviews, Massmart participates in externally-facilitated review and disclosure processes that enable independent reviews of its corporate accountability performances. These include a bi-annual ethics review by the South African Institute of Ethics, Carbon Disclosure Project participation, Broad-based Black Economic Empowerment verification and an annual JSE Socially Responsible Investment Index review.

Group risk landscape – strategic/environmental risk

     DEFINITION    POTENTIAL IMPACT    RISK MITIGATION
             

BUSINESS MODEL/
STRATEGIC EXECUTION

RISK: Non-adherence to business model or poor strategic execution

  Through non-adherence to, or poor implementation and execution and/or prioritisation of, our business model and/or strategy, the Group’s longer-term financial performance and competitive positioning could be severely compromised. The resultant financial performance may be sub-optimal on either an absolute or relative basis.  
  • PROBABILITY
  • Financial impact
  • Business impact
  The Group insists on strategic clarity at the Divisions and Massmart Corporate.

The strategies of all Divisions and the Group are formally documented and are reviewed annually at Divisional level, at Group Executive Committee level and then by the Board. A Division’s strategies dictate management’s operational tactics and priorities. The annual budget process is an output of these reviews and on-going monthly monitoring of annual financial results and comparison to budget at Divisional Boards and Group Executive Committee level takes place.
             
             
BUSINESS MODEL/ STRATEGIC EXECUTION

RISK: Insufficient progress with Transformation
  There is the possibility of adverse reputational exposure due to the Divisions or the Group not fulfilling, or under delivering, in respect of BBBEE requirements. In the broader national context, inadequate transformation at all levels by Massmart and other South African businesses will curb the country’s longer-term growth potential and maintain the current, unacceptable and unsustainable levels of social and economic inequality. This issue includes insufficient Black representation at Executive level at the Group and Divisions.  
  • PROBABILITY
  • Financial impact
  • Business impact
  The Board-approved BBBEE strategy covering the elements of the Code of Good Practice, has been implemented Group-wide. The most recent annual external BBBEE rating resulted in Level 4 status. Transformation is an agenda item at all Divisional and Group Board meetings and a senior executive at Massmart has overall responsibility for delivering the strategy.

A BBBEE staff share issue amounting to 10% of the pre-dilution shares of Massmart was implemented in 2006 and all permanent Massmart employees, not already participants in the existing employee share trust, became beneficiaries at that time. In 2008, the Group’s five black non-executive directors, at the time, each purchased 20 000 heavily discounted Massmart shares.
             
             
HUMAN CAPITAL

RISK: Talent retention and succession
  This covers four broad issues being: the national scarcity of retail-specific skills; the challenge to develop and retain sufficient business and leadership skills internally to ensure our longer-term competitiveness; a possible over-dependence on key leaders in the Group; and the need for an actively managed leadership succession pipeline.  
  • PROBABILITY
  • Financial impact
  • Business impact
  This remains a major focus area. The Executive Committee actively monitors the progress, development and possible succession plans for the ‘Top 200’ employees, as well as monitoring a further 200 employees.

There are in- house education programmes prepared and presented in conjunction with local and international business schools that focus on developing middle and junior executives, and there is an in-house graduate recruitment programme in place.

Annual ‘fire-side chats’ are held with each executive in the Group, which are attended by that person’s superior and a third executive.

The Group’s remuneration policy, incorporating short- and longer-term incentives, is designed to reward significant outperformance and provides an opportunity for staff to accumulate wealth. The Share Scheme may act as a retention mechanism.
             
             
ECONOMIC

RISK: Economic volatility

  This concern focuses on three potential impacts, the first being the possible financial impact on the Group and the second being the possible adverse effect on consumer expenditure of dramatic changes in key economic variables including inflation, interest and exchange rates. The third concern is the potential adverse systemic socio-economic impact of the HIV/AIDS pandemic.

With approximately 30% of the Group’s merchandise being imported, directly and indirectly, any changes in the exchange rate will eventually affect the valuation of imported stock.

Foreign currency fluctuations in those African countries where the Group operates stores affects the level of sales and earnings reported by those stores in South African currency, and results in potentially adverse translation differences affecting earnings. The valuation of stock imported into those countries from South Africa becomes inflationary.

Increases in interest rates will make South African corporate funding more expensive, with an adverse impact on profitability.

Higher cost inflation may affect Group profitability where these cost increases cannot be controlled or no additional productivity is achieved. Consistently lower inflation rates may make long-term property leases with higher fixed escalation rates appear expensive and potentially affect profitability.

South African consumer behaviour appears to be more affected by sudden and large changes in economic variables, including exchange rates and local interest and inflation rates, than by gradual changes in these variables. It follows that a sudden deterioration in one or several of these economic variables may dampen levels of consumer expenditure, thereby reducing Group sales growth and potentially Group or Divisional profitability.
 
  • PROBABILITY
  • Financial impact
  • Business impact
  All direct foreign exchange import liabilities are covered forward, providing certainty about the expected landed cost of merchandise and also providing a four- to six-month buffer against changing the cost of imported inventory should there be any sudden deterioration in the exchange rate.

Interest rates on the Group’s medium-term debt have been fixed to provide certainty as to the future cost of this funding, and this will keep the Group partially immune to any adverse increases in corporate borrowing rates.

Property lease escalation rates are negotiated as low as possible, taking market conditions into account, and certain property leases are inflation-linked, within a cap (maximum rate) and collar (minimum rate).

Salary and wage increases are necessarily negotiated in the context of the South African socio-economic environment. Where a negotiated increase may be higher than is commercially desired or justifiable, productivity measures may be introduced to reduce the net cost of the higher wages.

The Group continually explores means of keeping the net assets of Game’s African operations to a minimum, thereby potentially reducing the translation effect of any currency movement. This includes repatriating cash profits as frequently as possible and settling cross-border liabilities timeously.
             
             
GOVERNANCE/REGULATORY

RISK: Expected standards of sustainability conduct

  There is a growing potential threat of significant reputational risk associated with the failure to meet stakeholders’ increased expectations around Sustainability in its many forms. These expectations may be shaped by a variety of standards of conduct as encapsulated in codes such as Global Reporting Initiative, Global Compact, JSE SRII, Broad-based Black Economic Empowerment Codes of Good Practice, Marine Stewardship Council (MSC), Forestry Stewardship Council (FSC) and ISO 14001 certification. Increasingly, the Group needs to comply with some or all of these standards.  
  • PROBABILITY
  • Financial impact
  • Business impact
  The Group has implemented transparent stakeholder interactions with special interest groups, which inform our view on stakeholder expectations and the management thereof. There is ongoing identification, monitoring and adoption of relevant principles and standards of sustainability that are consistent with Massmart’s core values and industry norms. Massmart is in the JSE SRII and it subscribes to MSC and FSC, inter alia.
             

DEFINITION
Strategic/environmental risks

tend to be longer-term and more material in nature and can, in most cases, only be monitored, managed and partially mitigated through longer-term strategic or tactical business responses. These risks, which, for example, include executive talent retention and succession, transformation and supply chain, are the primary focus of the Group’s Risk Management process.

Group risk landscape – operational risk

     DEFINITION    POTENTIAL IMPACT    RISK MITIGATION
             
OPERATIONAL

RISK: Supply chain
  Supply chain describes all the business processes concerning the movement of inventory in the Group, and is not restricted to logistics but extends into IT systems and business processes around those systems.

An efficient and effective supply chain should ensure the lowest-cost movement, and holding, of inventory and the optimisation of in-store inventory levels for given levels of demand.

An ineffective or inefficient supply chain may result in sub-optimal inventory management, with duplication of costs and over- or under-stocking affecting holding costs or rates of sales.
 
  • PROBABILITY
  • Financial impact
  • Business impact
  Massdiscounters, Makro and Builders Warehouse have implemented IT software to automate the forecasting and replenishment (F&R) of inventory. Massdiscounters has about 75% of their sales by value being automatically replenished. This ratio is about 70% in Builders Warehouse and 20% in Makro.

Massdiscounters now operates three substantial Regional Distribution Centres (RDCs) in Cape Town, Johannesburg and Durban. These have been very effective in addressing supply chain concerns and have improved inventory shrinkage levels and in-stock service levels in the stores. Makro operate two DCs in Johannesburg and Builders Warehouse is commissioning one.
             
             
OPERATIONAL

RISK: In-store health and safety
  The Group’s large warehouse format means that large and sometimes heavy quantities of inventory are moved, stored and stacked – sometimes at great heights – in our stores. Despite compliance with all relevant legislation, there remains the risk of injury or death to customers or employees should bulky items collapse, with the associated significant reputational risk.  
  • PROBABILITY
  • Financial impact
  • Business impact

  Risk officers in each Division are responsible for monitoring and improving compliance. Executive awareness and scrutiny is high. There is formal communication with suppliers and logistics providers around specified stacking protocols.

We continually use MIAS and third party service providers to review in-store health and safety procedures.

Warning signs are on display in higher risk areas.

There is a supply chain focus to reduce inventory volumes.
             
             
OPERATIONAL

RISK: Reliance on IT systems
  With millions of transactions daily, the Group is dependent upon reliable, secure, effective and efficient IT systems, including the management and storage of data and information. Major IT implementations or initiatives can distract management, be costly, destabilise other IT platforms and the business, and/or perform sub-optimally post-implementation. The Group may overly rely on one or more service providers. Secure and reliable connectivity with key transactional intermediaries including banks is critical. Finally, at a strategic level, there exists the potential for misalignment between business strategy and IT capability, which can result in reduced operational effectiveness.  
  • PROBABILITY
  • Financial impact
  • Business impact

  All the Group’s IT development, hardware and software, must be specifically approved and then monitored by the Group’s TIP Forum, representing all the Divisions’ IT executives, MIAS and, where appropriate, the external service providers. Divisional Boards must sign off all IT developments. MIAS has significant IT expertise and independently assesses all IT developments and is part of the ‘go-live’ decision on any project. External Auditors review the IT general control environment in the major Divisions on an agreed rotation basis.
             
             
GEO-POLITICAL/ECONOMIC

RISK: Complexity of the Group’s
African operations
  This refers to the multiple levels of risk, and the associated complexity, of doing business in 12 countries across Africa, each with different regulatory, fiscal and customs environments. Political risk can become an issue. African currencies can be illiquid, making them vulnerable to any withdrawal of hard currencies. Bureaucracy and/or currency illiquidity can delay cash repatriations. There are also operational and logistical challenges in managing the lengthy supply chain. There are, in addition, often challenges presented in securing legal title to land in some countries.  
  • PROBABILITY
  • Financial impact
  • Business impact

  Careful pre-selection of countries for new stores, with a thorough evaluation of customs, tax, exchange control and business legislation. Regular repatriation of cash.

Although there is a natural economic hedge in place because our SA operations supply the African stores, IFRS accounting standards have broken this hedge, resulting in increased volatility of reported foreign currency movements. Dedicated executives across several functions monitor and manage the African operations.

Keep supply chain as short as practical.

Develop relationships with key government and regulatory authorities in those countries.
             
             
COMPETITIVE

RISK: Competitor attack on our major merchandise categories
  This refers to the potential adverse impact of a sustained attack by a major competitor (local or international) on one or more of the Group’s major merchandise categories or formats.  
  • PROBABILITY
  • Financial impact
  • Business impact
  Maintain a relevant and competitive product offering that offers affordable value to our customers. Invest in brand awareness and loyalty.

Manage low-cost efficient operations.

Ensure suppliers believe that our stores and associated supply chain offer an ideal route to market.

Optimise our store locations, and ensure regular store refurbishments and format renewal.
             

DEFINITION
OPERATIONAL RISKS
by their nature can be immediately addressed or mitigated by local management actions. These risks – which include in-store health, safety and security, compliance, fire prevention and detection, IT systems and food safety, amongst others – are therefore the direct responsibility of each Divisional Executive Committee where a Loss Prevention or Risk Officer has line-responsibility for overseeing these risks.