POL00423255
POL00423255
TERMS OF REFERENCE FOR THE RISK AND COMPLIANCE COMMITTEE
1. Purpose
The purpose of the Risk & Compliance Committee (R&CC) is to support the Executive
Committee (ExCo) in fulfilling their effective oversight of risk management by:
e¢ Developing and promoting a risk culture that emphasises and demonstrates the
benefits of risk management throughout the business
e Focusing on the top risks in the business as defined by the Executive Committee
¢ Monitoring and assessing significant risk events and near misses
e Developing the stewardship of risk and policy frameworks
2. Responsibilities
The Risk & Compliance Committee responsibilities will be:
e¢ Developing and promoting a risk culture in the business by:
>» Enhancing the profile of risk management
Driving the behaviours of risk management
Recognising good risk management
Promoting a risk management agenda
Vv
Vv
Vv
« Focusing on the top risks in the business by:
Reviewing and assessing the management of risks
Identifying actions required to manage risks
Making recommendations to ExCo
Reviewing key risks, controls and relevant action plans
Vv
VV V
e Monitoring and assessing significant risk events and near misses and:
> Considering the implications of internal or external risk events and near
misses including financial impact as appropriate
> Commissioning action plans to manage risks.
e Developing the stewardship of risk and policy frameworks by:
Ensuring policy governance is in place
Reviewing and approving business policies
Ensuring business policies are maintained and regularly reviewed
Receiving and reviewing compliance reports relating to
= Anti-Money Laundering
= Bribery / Gifts & Hospitality
= Whistleblowing
= Internal Audit
VVVV
Page 1 of 4
TERMS OF REFERENCE FOR THE RISK AND COMPLIANCE COMMITTEE
3.
Authority
The Risk & Compliance Committee is authorised by ExCo to:
4.
To seek any information it requires from anyone in the organisation in order to
perform its duties.
To obtain outside legal or other professional advice on any matter within its
terms of reference.
To call anyone to be questioned at a meeting of the committee as and when
required.
Composition
The committee is a management committee and the chair and members shall be
appointed by the Chief Executive Officer:
The committee membership shall comprise the General Counsel (Chair), Chief
Executive Officer, Chief Financial Officer, Group People Director and Company
Secretary. The Head of Risk & Compliance whilst not a member of the committee
will be a regular attender
The chair of the committee may require other senior managers to attend all or
part of meetings as appropriate.
The quorum shall be two members and will be deemed competent to exercise all
or any of the authorities, powers and discretions vested in or exercisable by the
committee.
Meetings
The committee shall meet at least six times a year aligned to every second ExCo
meeting and otherwise as required.
Notice of each meeting confirming the venue, time, date and agenda of items to
be discussed shall be forwarded to each member of the committee and any
other person required to attend no later than five working days before the date
of the meeting. Any supporting papers will also be provided
Once approved by the Chair minutes of committee meetings shall be circulated
promptly to all members of the committee.
The committee will arrange for an annual review of its own performance to
ensure it is operating effectively and recommend any changes it considers
necessary to ExCo for approval.
The committee will ensure its terms of reference and membership are reviewed
on an annual basis and updated as required
Page 2 of 4
POL00423255
POL00423255
POL00423255
POL00423255
TERMS OF REFERENCE FOR THE RISK AND COMPLIANCE COMMITTEE
6. Reporting
« The committee shall report to ExCo on its proceedings after each meeting on all
matters within its purpose and responsibilities highlighting significant risk and
compliance matters for their attention
« The committee shall report to the Audit, Risk and Compliance Committee as
requested
¢ The committee shall input to the Post Office annual reporting as appropriate.
7. Membership
Members
General Counsel (Chair) Chris Aujard
Chief Executive Officer Paula Vennells
Chief Finance Officer Chris Day
Group People Director Neil Hayward
Company Secretary Alwen Lyons
Other attendees
Head of Risk & Compliance Dave Mason
Secretariat Rob Bolton
7. Document Control
Risk & Risk &
Compliance Compliance
Committee Committee
Secretariat Secretariat
2.0 February 2014
March 2014
March 2015
07/01/2014 Bolton I Revised draft
1.2 08/01/2014 Rob Bolton I Re-write of draft
1.3 08/01/2014 Rob Bolton I Amendments to responsibilities
and membership
1.4 17/01/2014 Rob Bolton I Updated purpose and
responsibilities
1.5 17/01/2014 Rob Bolton I Change to order of priority in
purpose
1.6 17/01/2014 Rob Bolton I Purpose & responsibilities
Page 3 of 4
TERMS OF REFERENCE FOR THE RISK AND COMPLIANCE COMMITTEE
POL00423255
POL00423255
updated
11/02/2014
Rob Bolton
Final changes to reporting and
responsibilities
Page 4 of 4