Group Risk and Compliance Committee
The Group Risk and Compliance Committee comprises Ben Thompson (Chair), Stephen Smith, Nathan Imlach, Katherine Innes Ker, and David Preece. The Risk and Compliance Committee (RCC) meets on a monthly basis to review the adequacy and effectiveness of the Company’s internal controls, compliance and risk management systems (including conduct risk), ensuring that it is fulfilling its regulatory responsibilities. The RCC reports to the Group Risk Committee (GRC), escalating major risk events as and when applicable. This ensures at least two independent risk and compliance reviews.
The GRC meets at least four times per annum to review and discuss the following:
• All major Group-related existing and potential risks, including a full review of the Group Risk Register and any RCC escalations;
• Senior Managers and Certification Regime (SM&CR);
• General Data Protection Regulation (GDPR);
• Operational resilience;
• Environmental, Social and Governance (ESG), vulnerable clients, diversity, and any other relevant regulatory themes; and
• Other major risk considerations and relevant upcoming legislation.
The Groups’ risk framework is designed to ensure that risks are identified, managed and reported effectively. The Group has been investing in its risk management framework to meet the requirements of key regulatory changes on the Group, such as MIFID II, the GDPR and the SM&CR, as well as implementing its own Risk Profiler system. The Group’s risk management framework remains subject to ongoing review.