P: +61 2 8046 2799

Suite 6, Level 5
189 Kent Street
Sydney NSW 2000

GPO Box 2733
Sydney NSW 2001
Australia

Email us

Risk Management Policy

In managing risk, it is the Company’s practice to take advantage of potential opportunities while managing potential adverse effects. Managing risk is the responsibility of everyone in the Company.

This Policy sets out the Company’s approach to risk, including the responsibilities of the Board, management and others within the Company in relation to risk management.

1. Risk Management Procedure

The Company’s yearly risk management activities are divided into quarters as follows:

Quarter One commencing July

Senior management undertakes the following activities:

  1. documents and/or reviews the Company’s Risk Management Policy;
  2. publishes  any  updates  to  the  Company’s  Risk  Management  Policy  on  the Company’s website;
  3. reviews the Company’s Board Charter and role descriptions for management to ensure accountability for all risk management is included;
  4. identifies  or  reviews  material  business  risks,  develops  risk  management strategies and presents full company risk profile by completing a risk register. The form of the risk register is included in Appendix A; and
  5. allocates and/or reviews owners of critical material business risks in the risk register.

The Board determines the Company’s overall risk tolerance levels, approves senior management’s risk management policy and provides input into the Company’s risk profile.

Quarter Two commencing October and Three commencing January

Senior management reviews the status of risk management strategies and reviews and updates the risk register and/or completes an individual risk report for critical material business risks and provides the register and/or the report to the Board.

The Board notes the updated risk register / individual risk reports and questions management as it considers necessary.

Quarter Four commencing April

Senior management undertakes the following activities:

  1. reviews and updates the risk register and/or completes an individual risk report for critical material business risks and provides the register and/or the report to the Board;
  2. the Chief Executive Officer and Chief Financial Officer provide a certification that the declaration provided in accordance with section 295A of the Corporations Act is founded on a sound system of risk management and internal control and that the system is operating effectively in all material respects in relation to financial reporting risks, in accordance with the requirements of Recommendation 7.3;
  3. the Chief Executive Officer provides a summary of the Company’s management of its material business risks and report to the Board on the effectiveness of whether those risks are being managed effectively, in accordance with the requirements of Recommendation 7.2; and
  4. prepares the annual report disclosure with respect to Recommendation 7.4 for the Board’s approval.

The Board undertakes the following activities:

  1. notes the updated risk register and/or individual risk reports and questions management if required;
  2. notes the Chief Executive Officer/Chief Financial Officer certification for the purposes of Recommendation 7.3;
  3. notes the Chief Executive Officer summary regarding the effectiveness of the Company’s management of material business risks for the purposes of Recommendation 7.2; and
  4. approves the annual report disclosure with respect to Recommendation 7.4.

2. Role of the Board and Delegated Responsibility

The Board is responsible for approving the Company’s policies on risk oversight and management and satisfying itself that management has developed and implemented a sound system of risk management and internal control. Further details of the Board’s responsibility is set out in section 1 of this document.

Implementation of the risk management system and day-to-day management of risk is the responsibility of the Chief Executive Officer, with the assistance of senior management, as required.

Audit  Committee Charter

The  Audit  Committee  Charter  sets  out  the  role  of  the  Audit  Committee  (or  its equivalent) which includes, among other things, monitoring and reviewing the integrity of  the  financial  reporting  of  the  Company  and  any  significant  financial  reporting

judgements; and reviewing the Company’s internal financial control system and, unless expressly addressed by a separate risk committee or by the Board itself, risk management systems.

3. Role of the Chief Executive Officer  and Accountabilities

The Chief Executive Officer has responsibility for identifying, assessing, monitoring and managing risks.  The Chief Executive Officer is also responsible for identifying any material changes to the Company’s risk profile and ensuring, with approval of the Board, the risk profile of the Company listed in this Policy are updated to reflect any material change.

The Chief Executive Officer is required to report on the progress of, and on all matters associated with, risk management on a quarterly basis. The Chief Executive Officer is to report to the Board as to the effectiveness of the Company’s management of its material business risks, at least annually.

4. Authority of the Chief Executive Officer

In fulfilling the duties of risk management, the Chief Executive Officer may have unrestricted access to Company employees, contractors and records and may obtain independent expert advice on any matter they believe appropriate, with the prior approval of the Board.

5. Role of Managers and Supervisors

Managers and supervisors must:

  1. monitor material business risks for their areas of responsibilities;
  2. provide adequate information on implemented risk treatment strategies to senior management to support ongoing reporting to the Board; and
  3. ensure  staff  are  adopting  the  Company’s  risk  management  framework  as developed and intended.

6. Role of Individual Staff

All staff within the Company should:

  1. recognise,  communicate  and  respond  to  expected,  emerging  or  changing material business risks;
  2. contribute to the process of developing the Company’s risk profile; and
  3. implement risk management strategies within their area of responsibility.

7. Risk Profile

The Company considers that any risk that could have a material impact on its business should be included in its risk profile.  The risk profile of the Company as at the date this policy was adopted by the Board can be categorised as follows:

  1. Market-related
  2. Financial reporting
  3. Operational
  4. Environmental
  5. Sustainability
  6. Occupational Health & Safety
  7. Political
  8. Strategic
  9. Ethical conduct
  10. Economic cycle/marketing
  11. Reputation
  12. Legal and compliance.

The individual risks which fall within these categories are included in the Company’s risk register.

8. Risk Management Strategies

The Company maintains a number of policies and practices designed to manage specific business risks. These include:

  1. Insurance ProgramThe Company maintains the following insurances, which are reviewed annually:Directors and Officers Liability
    Workers Compensation
    Public Liability
    Travel Insurance
    Vehicle Insurance
  2. Regular budgeting and financial reporting
    The Company has regular budgeting in place.   It is the role of the Audit Committee (or its equivalent) to review the integrity of the financial reporting of the Company.
  3. Clear limits and authorities for expenditure levels
    The Company’s Board Charter sets out Materiality Thresholds. These include quantitative and qualitative thresholds as well as triggers for the materiality of contracts.
  4. Procedures/controls  to  manage  environmental  and  occupational  health  and safety matters, established and maintained by Atlas Partners Pty Ltd, a service provider to the Company.
  5. Procedures for compliance with continuous disclosure obligations under the ASX Listing Rules and the Corporations Act
    The Company’s Compliance Procedures have been designed for the purpose of ensuring the Company complies with its continuous disclosure obligations.
  6. Procedures to assist with establishing and administering corporate governance systems and disclosure requirements
    The Company has adopted a Corporate Governance Manual which contains policies and procedures to assist the Company establish and maintain its governance practices.

9. Responsibility to Stakeholders

The Company considers the reasonable expectations of stakeholders particularly with a view to preserving the Company’s reputation and success of its business.  Factors which affect the Company’s continued good standing are included in the Company’s Risk Profile.

10. Continuous Improvement

The Company’s risk management system is evolving.  It is an on-going process and it is recognised that the level and extent of the risk management system will evolve commensurate with the development and growth of the Company’s activities.

Summary of Risk Management Policy

The Board has adopted a Risk Management Policy.  Under the Policy, the Board delegates day-to-day management of risk to the Chief Executive Officer (or equivalent).   The Policy sets out the role of the Chief Executive Officer (or equivalent) and accountability.   It also contains the Company’s risk profile and describes some of the policies and practices the Company has in place o manage specific business risks.

The Chief Executive Officer is required to report on the progress of, and on all matters associated with, risk management on a quarterly basis.  The Chief Executive Officer is to report ot he Board as to the effectiveness of the Company’s management of its material business risks at least annually.

The Board is responsible for approving the Company’s policies on risk oversight and management and satisfying itself at least annually that management has developed and implemented a sound system of risk management internal control.

In 2011 the Company formalised its approach to risk management by documenting all material business risks in a risk register and allocating ownership for material business risks to the Chief Executive Officer and management of individual material business risks to senior management and individuals within the organisation.  The risk register is reviewed by management and updated on a quarterly basis and presented to the Board.   All risks identified in the risk register will be reviewed and assessed by management and the Board at least annually.]

The Board also receives a written assurance from the Chief Executive Officer and the Chief Financial Officer that the best of their knowledge and belief, the declaration provided by them in accordance with section 295A of the Corporations Act is founded on a sound system of risk management and internal control and that the system is operating effectively in relation to financial reporting risks.

The Policy incorporates some material from “Principle 7: Recognise and Manage Risk – Guide for Small-Mid Market Capitalised Companies” produced by ASX Markets Supervision Pty Ltd (ASXMS), Deloitte Touche Tohmatsu and Blakiston & Crabb.

“Principle  7:  Recognise  and  Manage  Risk  Guide  for  small-mid  market  capitalised companies” was provided as general information only and does not consider specific objectives, situations or needs.  The Guide was not intended to be relied upon or disclosed or referred to in any document.  ASXMS accepts no duty of care of liability to you or anyone else regarding the application of the Guide in the document and we are not responsible to you  or  anyone  else for  any loss  suffered in  connection  with  use  of  the  Guide  in  this document or any of the content contained in this document.

Appendix A: Template Risk Register