Protecting value creation

Our integrated and responsive approach to assurance supports the Group’s pursuit of success and long-term sustainability. Several assurance providers and reliable risk assurance mechanisms currently exist across the Group to preserve and protect value creation.

Internal control environment

The internal control environment has processes to manage operational risk and performance and identify and remediate control breakdowns. 

We have a Control Management Framework to drive improvements in the maturity of the internal control environment. The application of the Control Management Framework goes beyond financial controls and aims to improve the robustness of the entire control environment.

Compliance and risk

We comply with the applicable legislation and standards set by its regulators, the Financial Sector Conduct Authority and the Prudential Authority, a South African Reserve Bank division. 

Out Group’s compliance function embeds a culture of compliance and provides the Board and senior management with the assurance of regulatory compliance. 

The Board has the ultimate accountability for regulatory compliance oversight while delegating effective compliance to management. The Group compliance function assists the Board and management in fulfilling their compliance obligations by providing compliance risk management services. The Group compliance function works closely with the Group Enterprise Risk Management, Legal and internal audit to ensure an aligned approach to monitoring and reporting.

We constantly monitor the changing regulatory environment to ensure that any changes are identified and incorporated.

This diagram depicts an overview of our internal control management arrangements.

Compliance and Risk Diagram

Group Internal Audit

We have an independent in-house Group internal audit function responsible for all internal audit services. The internal audit’s purpose is to be a proactive business partner, providing integrated, risk-based, objective assurance, insight, and related advisory services.

The Group internal audit function is headed by the chief audit executive, who reports functionally to the Group Audit Committee chairman and administratively to the Group CEO. Our internal audit function maintains a database of audit findings and tracks the monitoring of remediation efforts. 

The Group Audit Committee receives regular reports from the internal audit function on any weaknesses in controls identified, including financial controls, along with the corrective actions to be implemented by management. The Group Internal Audit meets with the external auditors regularly to ensure alignment. 

External Audit

Ernst & Young is the Group’s appointed external auditor, a firm that consistently provides high-quality external audit services according to an annual audit plan.