GOVERNANCE REPORT
77
Committee considered steps taken by the Group to remain resilient in a remote working model for its operations following the introduction of lockdown restrictions. The Committee was also responsible for monitoring the Group’s progress in developing its operational resilience arrangements to meet future regulatory requirements. During the year there was a focus on the key financial risks and operational risks to the Group arising due to the COVID-19 pandemic. Financial risks considered included, amongst others, short and long-term liquidity risk, property risk, investment credit risk and interest rate risk. The impact of market participants’ risk aversion, economic slowdown and extensive quantitative easing on interest rate risk was an area that received close attention by the Committee during the year. The prospect of house price movement due to economic uncertainty was discussed given the Group’s property risk exposure. Longevity risk also received close attention in light of the potential significant increase in mortality over long-term expectations due to the impact of COVID-19. Operational risks due to the COVID-19 pandemic were reviewed including the impacts on our people, productivity, technology and third party providers. The Committee was particularly interested in gaining comfort that the appropriate steps were being taken by the Group to ensure the mental and physical wellbeing of employees, particularly during the periods of lockdown, and that the necessary cyber security measures were in place for remote working. Protecting vulnerable customers during this difficult period was also a key area of concern for the Committee. The Committee was satisfied with the steps taken by the Group to protect its key stakeholders’ needs, and to assess the direct and indirect risks impacting the business, including property risk. The direct and indirect impacts of COVID-19 continue to be a key focus area for the Committee. Regulatory risk During 2020, there continued to be a high level of regulatory activity as covered in more detail in principal risks and uncertainties on page 34. This included engagement with the regulators concerning the potential impact of COVID-19. The regulation of lifetime mortgages both in terms of prudential regulation and customer outcomes featured significantly in the work of the Committee. The Committee reviewed the approach adopted on the treatment of lifetime mortgages in solvency capital in light of the significant fall in interest rates during the year. It concluded that no change was necessary. Letters from the FCA in October 2020 set out its view of the key risks lifetime mortgage providers and mortgage intermediaries pose to their consumers or the markets in which they operate together with the FCA’s expectations including how firms should be mitigating these risks. In response, the Committee assessed the Group’s current position and concluded that there were appropriate systems and controls in place to The Committee regularly reviews and challenges management’s view of conduct risks across the Group. The risk to appropriate customer outcomes is considered against a dashboard of measures in general, and against the quality of advice provided by advisers in the HUB Group and the number and root cause of complaints arising within the Group. During the year, the Committee received an update on the programme of work to update the conduct risk framework to ensure that consumer outcomes are properly considered and to develop the Group’s approach tomanaging conduct risk in general. This included proposed changes to the conduct risk dashboard to incorporate lessons learned during the COVID-19 pandemic. The Committee considered and approved changes to various Group policies and the 2021 compliance monitoring plans during the year. It received regular conduct and prudential compliance reports, money laundering reporting officers’ reports and an annual report from the Group Data Protection Officer. The Committee also received regulatory updates to assess whether there were any matters that required specific attention and to oversee the Group’s actions to ensure compliance with regulatory changes relevant to the business. mitigate the significant risks. Compliance and conduct risk
AREAS OF FOCUS The Committee follows an annual rolling forward agenda with standing items considered at each quarterly meeting in addition to any matters arising and risk or compliancematters which the Committee has decided to focus on. Key areas of focus during the year included the followingmatters. Deep dive reports The Committee carried out in depth reviews of key risks to the business during the year. This helps the Committee gain a thorough understanding of different aspects of the Group’s risks and consider whether the risk management framework adequately monitors and reports on the risk exposures in each business area. The deep dives also allow a fuller discussion of the approaches taken by management in mitigating the risks and enable appropriate challenge from the Committee. Deep dive reviews in 2020 included an overview of reinsurance counterparty risk exposure and how it is managed, and an update of the primary elements of property risks impacting the Group, how they are measured, where property risk is relative to risk appetite and options available to manage the risks. Risk governance and oversight The Committee ensured that the risk framework continued to be developed in line with the business needs, and that policies and practices were kept up to date. It reviewed and approved the risk management plan for the year. It considered the appropriateness of the risk appetites, against which the business plan and strategy are assessed, and concluded that they should remain unchanged following a significant update the previous year. Contingency arrangements were also considered and approved during the year. Following an external review of the effectiveness of the Group’s risk management in 2019, the Committee has overseen the progress in implementing the recommendations from this review, which have now been addressed. During the year, the Committee approved a statement of risk culture expectations for the Group. The Committee also considered and agreed an initiative to assess the Group’s existing risk culture through line manager and employee surveys, and to implement remedial action where appropriate. Positive progress on further improvements to risk culture was reported to the Committee later in the year. The Committee considered and approved the Group’s annual Own Risk and Solvency Assessment (“ORSA”) report during the year, which provided a risk review of the Group as at a specific date together with a forward looking assessment of the key risks it faces. The Committee also received quarterly updates on the Group’s evolving risk profile for review and discussion. A key area of focus for the Committee was on the actions being taken by management to ensure the Group’s residential property risk exposure is within appetite and to achieve greater diversification of investment risk in accordance with the PRA’s Prudent Person Principle. Further details of the Group’s principal risks can be found on pages 34 to 37. Emerging risks Various emerging risks were considered by the Committee during the year with particular focus on the potential impacts of a failure to conclude a post-Brexit trade deal, climate change and COVID-19. The Committee received reports on the status of the Group’s climate change project, which covered primary workstreams on risk management, sustainable investments and property risk. The Committee concluded that good progress had been made on this initiative. It was agreed that there needed to be continued focus on managing this risk with ongoing development of the Group’s climate change strategy, disclosures and modelling capabilities for climate risks. The Committee considered the potential impact on the Group’s business of the UK failing to conclude a trade deal with the EU by the end of the post-Brexit transition period. A key area of focus was the steps taken to ensure that the Group could continue to discharge its contractual obligations to make payments to its policyholders resident in an EEA state
from 1 January 2021. Business resilience
On behalf of the Group Risk and Compliance Committee
Operational resilience, including cyber security, continued to be an area of focus during the year. The Committee received regular updates on the status of the Group’s business continuity planning, disaster recovery arrangements and information security position. As part of its review, the
Keith Nicholson Chair, Group Risk and Compliance Committee 15 March 2021
Powered by FlippingBook