Aviva 2007 Annual Report Download - page 95
Download and view the complete annual report
Please find page 95 of the 2007 Aviva annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.This report provides details of the role of the Risk and
Regulatory Committee and the work it has undertaken
during the year, and should be read in conjunction with
the report on the Group’s approach to risk and capital
management on pages 54 to 62.
The purpose of the Committee is to assist the Board in
providing leadership, direction and oversight with regard
to the Group’s risk and regulatory policies and procedures,
including those related to compliance, risk management,
financial malpractice and internal controls. The full terms
of reference for the Committee can be found on the
Company’s website, www.aviva.com, and are available
from the Group Company Secretary.
The following independent non-executive directors served
on the Committee during the year:
Period
Member From To
Mary Francis
(Chairman from 1 January 2007) 14 January 2006 To date
Nikesh Arora 1 July 2007 To date
Wim Dik 14 January 2006 To date
Russell Walls 14 January 2006 To date
Nikesh Arora joined the Committee on his appointment
to the Board on 1 July 2007. There were no other changes
in the membership of the Committee during the year.
The Group Company Secretary acts as the secretary to
the Committee. The Committee met on seven occasions
in 2007 and the members’ attendance record is set out
in the Corporate governance report above. In addition
the Committee held separate meetings with members
of senior management and Ernst & Young for the
purposes of induction and training.
The Group Chief Executive, Group Finance Director,
Group Audit Director, the Chief Risk Officer, the Director
of Group Compliance and the external auditor normally
attend, by invitation, all meetings of the Committee.
Other members of senior management are also invited
to attend as appropriate to present reports. It is the
Committee’s practice at each meeting to meet separately
with the Group Audit Director and the external auditor
without any members of management being present.
In performing its duties, the Committee has access to the
services of the Group Audit Director, the Chief Risk Officer,
the Director of Group Compliance, the Group Company
Secretary and external professional advisors.
The work of the Committee falls into the following
broad areas:
Risk management
A particular focus of the Committee’s work in 2007 was
on improvements to the framework for risk and control
across the Group. The Committee was involved in a review
of the risk policy (including risk appetite) statements for
each of the main categories of risk faced by the Group,
and in a review of the processes for identifying, controlling
and reporting risks in the business units, regions and
Group centre. A new Chief Risk Officer has been
appointed. The Committee has also received regular
oversight reports on the Group’s key risks and the
measures being taken by management to contain them.
It has increased its focus on market and other financial
risks and will continue to do so in the year ahead.
Regulation and compliance
The Committee has reviewed the Group’s regulatory
operating plan and has received regular reports on its
relationships with its external regulators. In particular,
the Committee monitors the actions being taken by
management in relation to the Risk Mitigation Programme
agreed with the Financial Services Authority (FSA) and
the overall relationship with the FSA as the Group’s lead
regulator. Reports on any material compliance issues are
received by the Committee, including any reputational
issues which may arise and the lessons learned.
In addition, the Committee receives reports on legislative
and regulatory developments which may impact the
Group, such as the FSA’s Treating Customers Fairly
initiative and the European Union’s Directive on Markets
in Financial Instruments.
Group Internal Audit
The Group Internal Audit function provides the Committee
with independent and objective assurance over the
appropriateness, effectiveness and sustainability of the
Company’s system of internal controls in place to mitigate
significant risks. The Group Internal Audit plan is based
on a robust and structured planning process using a risk
based methodology that allows for quarterly updates to
reflect changes to the Company’s risk profile. Key control
issues reported by Group Internal Audit to management
and to the Committee members are monitored on a
quarterly basis until the risk exposure has been properly
mitigated. Reports on financial malpractice are also
presented to the Committee including incidence of
fraud, anti-money laundering procedures and, at least
on an annual basis, arrangements whereby persons
can report in confidence any concerns about lack of
probity (whistleblowing).
Business protection
The Committee has reviewed plans for maintaining
and further enhancing the Group’s business continuity
management, systems for information security and
management of IT risks.
During the Board’s visit to the Group’s North American
operations in September 2007, the Committee held
joint meetings with the Audit Committee and members
of the local business unit audit committees. The meetings
allowed the Committee to gain a deeper understanding
of the relevant local issues and assess how the Group’s
risk, and regulatory policies and procedures were being
embedded in the business.
The chairman of the Committee reports at the subsequent
meeting of the Board on the Committee’s work and the
Board receives a copy of the minutes of each meeting of
the Committee.
In line with the Combined Code requirement the
Board undertook a review of the effectiveness of all
its committees during the year, including the Risk and
Regulatory Committee.
This report was reviewed and approved by the Board
on 27 February 2008.
Mary Francis
Chairman, Risk and Regulatory Committee
Aviva plc
Annual Report and
Accounts 2007
91
Governance
Risk and Regulatory Committee report