Jobs Direct from Employers

Risk management policy

1.Introduction

ApplyDirect Limited ACN 123 129 162 (Company and, together with its controlled entities, the Group) views effective risk management as a key to achieving and maintaining its operational and strategic objectives.

2. Risk oversight

2.1The directors of the Company are responsible for reviewing and ratifying the risk management structure, processes and guidelines which are to be developed, maintained and implemented by management. The active identification of risks and implementation of mitigation measures is also the responsibility of management.

2.2 The audit and risk committee of the Company's board of directors (Board) or the Company's management (Management) may also refer a particular matter or financial risk to the Board or a separate risk committee for consideration and direction.

2.3 To assist the Board in discharging its financial responsibility in relation to risk management, the Board has delegated certain activities to the audit and risk committee. The objectives of the audit and risk committee include, among other things:

(a)promoting a culture of compliance;

(b)providing a forum for communication between the Board and Management in relation to audit, risk and compliance matters affecting the Group; and

(c)reviewing and commenting on Management's plans for managing the material business, financial and reporting risks faced by the Group.

2.4To achieve these objectives, the responsibilities of the audit and risk committee in relation to risk management and internal compliance and control systems include among other things:

(a)overseeing the establishment and implementation of risk management and internal compliance and control systems and ensuring that there is a mechanism for assessing the ongoing efficiency and effectiveness of those systems;

(b)reviewing (annually) and approving policies and procedures on risk oversight and management to ensure that there is a practical, effective and efficient system for:

(i)identifying, assessing, monitoring and managing risk; and

(ii)disclosing any material change to the Group's risk profile; and

(c)receiving reports from Management concerning the Group’s material risks in order to assess the internal processes for determining, monitoring and managing these risks and to monitor the risk profile of the Group;

(d)reviewing the Group's financial risk management procedures to ensure that the Group complies with its legal obligations, including to assist the Chief Executive Officer/Managing Director (CEO) or Chief Financial Officer/Finance Director (CFO) to provide declarations in relation to each of the Group's financial reports required by both section 295A of the Corporations Act 2001 (Cth) and Recommendation 4.2 of the ASX Corporate Governance Principles and Recommendations (3rd edition).

2.5Further detail in relation to the responsibilities of the audit and risk committee are contained in the audit and risk committee's charter that is available on the Company's website, www.applydirect.com.au;

3. Role of management

3.1Management is responsible for designing and implementing risk management and internal compliance and control systems which identify the material risks facing the Group. These compliance and control systems are designed to provide advanced warning of material risks before they eventuate

3.2Management must regularly monitor and evaluate the effectiveness of these processes and risk plans and the performance of the employees implementing them, including through the procedures listed in Appendix A. In addition, Management must promote and monitor the culture of risk management and compliance with internal risk systems and processes by employees within the Group.

3.3All employees are responsible for implementing, managing and monitoring these processes and risk plans with respect to material business risks, as appropriate.

3.4 Each Board meeting agenda will include risk management as a standing item. Management is expected to report to the Board (or the audit and risk committee) on new material risks and/or changes in identified material risks as and when they occur, including, where relevant, the extent to which:

(a)the Company’s ongoing risk management program effectively identifies all material areas of potential risk;

(b)the adequacy of the risk management policies and procedures in managing the identified risks;

(c)the recommended steps (and audits) to be undertaken to test the adequacy of and compliance with the prescribed policies; and

(d)proper remedial action is undertaken to redress areas of weakness.

4. Identified risks

There are a number of risks that are inherent to the business activities that the Group undertakes. These risks may change over time as the external environment changes and as the Group expands its operations. The risk management process requires the regular review of the Group's existing risks and the identification of new and emerging risks facing the Group, including financial and non-financial matters. It also requires the management, including mitigation where appropriate, of these risks.

5 Review of risk management

5.1 The division of responsibility between the directors, the audit and risk committee and Management aims to ensure that specific responsibilities for risk management are clearly communicated and understood by all.

5.2 The reporting obligations of Management ensure that the directors and the audit and risk committee are regularly informed of material risk management issues and actions. This is supplemented by the audit and risk Committee:

(a)overseeing the establishment and implementation of risk management and internal compliance and control systems and ensuring that there is a mechanism for assessing the ongoing efficiency and effectiveness of those systems;

(b)reviewing (at least annually) and approving policies and procedures on risk oversight and management to establish an effective and efficient system for:

(i)identifying, assessing, monitoring and managing risk; and

(ii)disclosing any material change to the Group's risk profile;

(c)receiving reports from Management concerning the Group's material risks in order to assess the internal processes for determining, monitoring and managing these risks and to monitor the risk profile for the Group; and

(d)reviewing and/or evaluating:

(i)the effectiveness of the Company's risk management and internal control processes; and

(ii)the Company's risk management framework at least annually, and ensuring that the Company discloses in relation to each reporting period whether such a review has taken place, as well as any insights gained and any changes made to the risk management framework as a result; and

(e)ensuring that the Company disclosed whether, and if so how, it has regard to, and manages, economic, environmental and social responsibility risks.

5.3When considering the audit and risk committee's review of financial statements for a financial period, the directors must request to receive a written statement, signed by the CEO and the CFO, that in their opinion the Company's financial reports give a true and fair view, in all material respects, of the Company's financial position and performance and comply in all material respects with relevant accounting standards. If requested, the statement may also confirm that the Company's financial statements are founded on a sound system of risk management and internal control and that the system is operating effectively in relation to financial reporting risks.

5.4Similarly, when reviewing risk management reports, the directors may request a separate written statement from the CEO and CFO confirming that the Company's risk management and internal control systems have been operating effectively in relation to all material business risks for the relevant accounting period and that nothing has occurred since the period-end that would materially change this position.

6.Approved and adopted

This risk management policy was approved and adopted by the Board on 24 November 2015.

Appendix A

The following are intended to form part of the normal procedures for Management’s risk and compliance responsibilities:

  • Evaluating the adequacy and effectiveness of Management reporting and control systems used to monitor adherence to policies and guidelines and limits approved by the Board for the management of balance sheet risks.
  • Evaluating the adequacy and effectiveness of the Group’s financial and operational risk management control systems by reviewing risk registers and reports from Management and external auditors.
  • Evaluating the structure and adequacy of the Group’s business continuity plans.
  • Evaluating the structure and adequacy of the Group’s insurances on an annual basis.
  • Reviewing and making recommendations on the strategic direction, objectives and effectiveness of the Group’s financial and operational risk management policies.
  • Overseeing the establishment and maintenance of processes to ensure that there is:

    • an adequate system of internal control, management of business risks and safeguard of assets; and
    • a review of internal control systems and the operational effectiveness of the policies and procedures related to risk and control.
  • Evaluating the Group’s potential exposure to fraud and overseeing investigations of allegations of fraud or malfeasance.
  • Disclosing whether the Group has any material exposure to economic, environmental and social sustainability risks and, if it does, how it manages or intends to manage those risks.
  • Reviewing the Group’s main corporate governance practices for completeness and accuracy.
  • Reviewing the procedures that the Company has in place to ensure compliance with laws and regulations (particularly those which have a major potential impact on the Company in areas such as trade practices and consumer laws, industrial relations, occupational health and safety, and the environment).
  • Reviewing the procedures in place to ensure compliance with insider trading laws, continuous disclosure requirements and other best practice corporate governance processes (including requirements under the ASX Listing Rules, Corporations Act and AASB requirements).
  • Advising the Board on the appropriateness of significant policies and procedures relating to financial processes and disclosures and reviewing the effectiveness of the Company’s internal control framework.
  • Reviewing the Company’s policies and culture with respect to the establishment and observance of appropriate ethical standards.
  • Reviewing and discussing with management and the internal and external auditors the overall adequacy and effectiveness of the Company’s legal, regulatory and ethical compliance programs.

Google Analytics Alternative