Risk governance

Group-level framework

Group level framework

Organisation

Prudential's risk governance framework requires that all of the Group's businesses and functions establish processes for identifying, evaluating and managing the key risks faced by the Group. The framework is based on the concept of 'three lines of defence' (LoD): risk management, risk oversight and independent assurance.

The diagram above outlines the Group-level framework.

Risk management (1st LoD): As described in the corporate governance report, primary responsibility for strategy, performance management and risk control lies with the Board, which has established the Risk Committee to assist in providing leadership, direction and oversight, and with the Group Chief Executive and the chief executives of each business unit.

Balance Sheet and Capital Management Committee: Meets monthly to monitor the Group's liquidity and oversee the activities of Prudential Capital.

Risk oversight (2nd LoD): Risk exposures are monitored and reviewed by Group-level risk committees chaired by the Group Chief Risk Officer or the Chief Financial Officer.

Group Executive Risk Committee: Meets monthly to oversee the Group's risk exposures (market, credit, liquidity, insurance and operational risks) and to monitor capital.

Group Operational Risk Committee: Reports to the Group Executive Risk Committee and meets quarterly to oversee the Group's non-financial (operational, business environment and strategic) risk exposures.

Group Credit Risk Committee: Reports to the Group Executive Risk Committee and meets monthly to review the Group's investment and counterparty credit risk positions.

Solvency II Technical Oversight Committee: Will be created when the Solvency II programme is complete, to provide ongoing technical oversight and advice to the executive and the Board in carrying out their duties with regard to the Group's Internal Model.

The committees' oversight is supported by the Group Chief Risk Officer with functional oversight provided by:

Group Security: Develop and deliver appropriate security measures to protect the Group's staff, physical assets and intellectual property.

Group Compliance: Verify compliance with regulatory standards and inform the Group's management and the Board on key regulatory issues affecting the Group.

Group Risk: Establish and embed a capital management and risk oversight framework and culture consistent with Prudential's risk appetite that protects and enhances the Group's embedded and franchise value.

Independent assurance: As described in the Corporate Governance Report, the Group Audit Committee, supported by Group-wide Internal Audit, provides independent assurance and oversight of the effectiveness of the Group's system of internal control and risk management.

Principles and objectives

Risk is defined as the uncertainty that Prudential faces in successfully implementing its strategies and objectives. This includes all internal or external events, acts or omissions that have the potential to threaten the success and survival of Prudential.

The control procedures and systems established within the Group are designed to manage rather than eliminate the risk of failure to meet business objectives. They can only provide reasonable and not absolute assurance against material misstatement or loss and focus on aligning the levels of risk-taking with the achievement of business objectives.

Material risks will only be retained where this is consistent with Prudential's risk appetite framework and its philosophy towards risk-taking, that is:

  • the retention of the risk contributes to value creation,
  • the Group is able to withstand the impact of an adverse outcome,
  • the Group has the necessary capabilities, expertise, processes and controls to manage the risk.

The Group has five objectives for risk and capital management:

Framework: Design, implement and maintain a capital management and risk oversight framework consistent with the Group's risk appetite and Risk-Adjusted Profitability (RAP) model.

Monitoring: Establish a 'no surprises' risk management culture by identifying the risk landscape, assessing and monitoring risk exposures and understanding change drivers.

Control: Implement risk mitigation strategies and remedial actions where exposures are deemed inappropriate and manage the response to extreme events.

Communication: Communicate the Group risk, capital and profitability position to internal and external stakeholders and rating agencies.

Culture: Foster a risk management culture, providing quality assurance and facilitating the sharing of best practice risk measurement and management across the Group and industry.

Reporting

The Group's economic capital position and overall position against risk limits is reviewed regularly by the Group Executive Risk Committee. Key economic capital metrics, as well as RAP information, are included in business plans, which are reviewed by the Group Executive Committee and approved by the Board.

The Group Audit Committee and Group Risk Committee are provided with regular reports on the activities of Group Risk. These reports include information on the activities of the Group Operational Risk Committee and Group Credit Risk Committee.

Group Head Office oversight functions have clear escalation criteria and processes for the timely reporting of risks and incidents by business units. As appropriate, these risks and incidents are escalated to the various Group-level risk committees and the Board.

Internal business unit routine reporting requirements vary according to the nature of the business. Each business unit is responsible for ensuring that its risk reporting framework meets both the needs of the business unit (for example, reporting to the business unit risk and audit committees) and the minimum standards set by the Group (for example, to meet Group-level reporting requirements).

Business units review their risks as part of the annual preparation of their business plans, and review opportunities and risks against business objectives regularly with Group Head Office. Group Risk reviews and reports to Group Head Office on the impact of large transactions or divergences from business plan.

 

Feedback

Your comments and ideas help us to shape future reports to suit your needs.

Tell us your views

Shareholder services

Get the most out of your shareholding in Prudential.

View shareholder services