Strategic Report | Governance | Financial Statements | 63
ANTI-BRIBERY AND ANTI-CORRUPTION MATTERS
MATERIAL AREAS OF IMPACT
RELEVANT POLICIES AND FRAMEWORKS
Financial crime policy Sets high level standards for the Group and colleagues to meet to manage the risks from financial crime. All colleagues are trained to understand what constitutes financial crime, the regulatory requirements and their obligations. Compliance policy Sets out the Group’s approach to ensuring that it operates in compliance with the relevant laws and regulations. Gifts and hospitality procedure Sets out rules and guidance for all to follow to ensure that no undue influence has been applied to an external organisation or anyone else dealing with the Company, and that the Company has not applied any undue influence or is perceived to have unduly influenced a business decision. Whistleblowing policy Refer to “Colleagues” above.
• Prevention of bribery and corruption
DUE DILIGENCE AND OUTCOMES OF OUR POLICIES ON OUR MATERIAL AREAS OF IMPACT We have a Financial crime policy which is a zero tolerance policy. This policy helps us to prevent and detect financial crime.
We have a comprehensive mandatory compliance training programme which covers the above policy and procedure as well as other important areas of compliance which all colleagues must complete on an annual basis. Completion is monitored by the Compliance team and reported to the Board. Repeated failure to complete the training is a disciplinary matter.
Our gifts and hospitality procedure supports the financial crime policy, by providing the rules and guidance to help prevent all colleagues receiving or providing an undue influence over the making of a business decision.
RESPECT FOR HUMAN RIGHTS
MATERIAL AREAS OF IMPACT
RELEVANT POLICIES AND FRAMEWORKS
Modern slavery statement Sets out our policies and processes to combat modern slavery in all its forms. It is available to view on our website at www.justgroupplc.co.uk . Data protection – personal information policy Sets out a framework of high level controls and processes to enable the Group to safeguard personal data and manage the risks of processing personal data to comply with regulatory requirements.
• Reinforce an ethical business culture • Speak up against wrongdoing • Approach to human rights and modern slavery • Support vulnerable customers
Group conduct and operational risk policy Refer to “Colleagues” above. Conduct and customer risk framework Refer to “Social Matters” above. Whistleblowing policy Refer to “Colleagues” above.
DUE DILIGENCE AND OUTCOMES OF OUR POLICIES ON OUR MATERIAL AREAS OF IMPACT While the Board considers that the risk of human rights violations is low, we have implemented effective systems and controls to ensure slavery and human trafficking is not taking place anywhere in our supply chains or in any part of our business anywhere we operate. We conduct due diligence on potential suppliers, impose obligations on those suppliers, and monitor their compliance with those obligations. Our modern slavery statement available on our Group website provides further information.
All of our colleagues, including those who are not customer facing, are trained on data protection and rigorous steps are taken to ensure the security of all the personal data we handle. Some of our customers may have additional or different needs, and we want to ensure that they receive a fair outcome with the appropriate support being provided when needed. Our conduct and customer risk framework defines our approach to ensuring vulnerable customers receive consistently fair treatment across our Group. Relevant training is provided to colleagues to help them identify the characteristics of vulnerability and provide appropriate support to our customers. Our policies and processes will be adapted if necessary, and where possible, to accommodate specific customer needs. Each policy has a policy owner and an executive sponsor, who review and approve the policy at least annually and provide an attestation as to its adherence and any material breaches. Under the new framework, the GRCC and Board will receive updated Group Risk policies with details of all underlying company risk policies established to address each subordinate risk for approval together with an opinion from Risk and Compliance on the effectiveness of the risk management framework and how this has been addressed through the Group Risk Policy Framework. Material breaches of policies are recorded in our risk management system and escalated to the Group Chief Risk Officer. Any serious breaches are reported to the GRCC or Board. This ongoing management of risks highlighted by breaches enables the business to take necessary action to mitigate the risk such as through training or improving a process or policy.
We have a responsibility to protect our customers’ privacy when processing and using their data. We handle our customers’ sensitive personal data and are aware of the importance that this is used appropriately and is protected.
NON-FINANCIAL RISK MANAGEMENT The Risk management report sets out our approach to risk management. Our approach enables all colleagues to take more effective business decisions through a better understanding of risk. The Annual Report and Accounts sets out our principal risks and uncertainties including non-financial risks and how we mitigate those risks. The Group Risk and Compliance Committee (“GRCC”) considers various non-financial risks. These include risks arising from people and culture, operational processes, information security, conduct and climate change. The aim is to prevent non-financial risks from materialising and having a detrimental impact on our business (including our reputation), colleagues, customers, suppliers and other stakeholders. Our Risk team manages the Group’s Risk Policy Framework. The framework comprises three Group Risk policies and underlying company risk policies.
Powered by FlippingBook