MISSION

ADD VALUE THROUGH EFFECTIVE ENTERPRISE RISK MANAGEMENT

Financial Perspective For our ERM Framework to be successful what will our financial benefits look like to our stakeholders VALUE CREATION FINANCIAL SOUNDNESS THROUGH RISK MITIGATION COST REDUCTION

The risk team has a comprehensive approach to Enterprise Risk Management

Risk Management

Compliance Management

Business Continuity

Stakeholders
For the ERM Framework to be successful and sustainable what will our stakeholders say about the risk team? Internal Processes For the ERM Framework to be successful which risk processes must we excel at? Identification Assess and Evaluate Actions Monitoring Reporting T

People & Systems Organizational Capital For risk management to be successful what are the capabilities we need to develop and embed.? Human Capital Information Technology Capital

KPQs and KPIs

Objective 1. Cost Reduction Key Performance Question 1a. How well are we identifying and quantifying operational losses arising from unmitigated risks or threats? 1.b To what extent are we reducing losses and costs through risk management interventions? 2. Risk Mitigation 2.a To what extent have we identified the Top 10 Risks for each Britam business entity? 2.b. To what extent are Key Risks mitigated? Key Performance Indicator 1a(i) No. operational loss incidents per month 1a(ii) Value of operational losses per month 1a(iii) No of repeated operational loss incidents 2a(i) No of operational loss incidents YOY 2a(ii) Value of operational losses YOY 2a(i) Top 10 Risks per Britam entity 2b(i) Key Risks without adequate controls 2b(ii) Significant Audit Findings not closed within specified due date

Financial

1. Risk Management

1a. To what extent is the ERM framework embedded within the business and a key input to decision making?

1a(i) No. of Operational Risk Committees held per quarter per entity 1a(ii) % Critical business Units without Risk analysis 1a(iii) No. of products launched without Risk analysis

2. Compliance Management Stakeholders

2a. How well are we meeting our AML compliance obligations across all entities?

2a(i) % Staff trained / Total Relevant Staff 2a(ii) No. of Suspicious Transactions reported 2a(iii) No. of Suspicious Transactions reports forwarded to FRC 2a(iv) No. of clients exited due to Suspicious Transactions 2b(i) No of incidents of non-compliance on Key regulatory obligations 2a(ii) No. and value of regulatory penalties and fines 3a(i) Percentage of business processes with BC plans 3a(ii) Number of identified gaps in the preparation for disaster events (major threats without any defined counter measures) 3a(iii) Number of disaster practices actually carried out 3a(iv) Number of tests that fail to meet recovery /plan objectives 3a(v) Number of plans not tested / reviewed in the last 2 years

2.b To what extent are we meeting our key Regulatory Compliance Obligations across all Britam entities. 3. Business Continuity 3.a To what extent is Britam resilient enough to withstand and/or recover from a disaster?

1. Human Capital People and Processes

1a. How well are we recruiting, developing and equipping the risk champions for their role? 1b. To what extent are the Risk & Compliance staff technically equipped for their role and succession planning?

1a(i) No. of Risk Champions recruited / Target No. of Risk Champions 1a(ii) % of Risk Champions not up to date with training 1a(iii) % of Risk Champions performing below target 1b(i) No of Risk staff currently enrolled for Professional qualifications 1b (ii) No. of Risk staff with Professional qualifications

2. Information Technology Capital

2a. To what extent is the Barn Owl System being leveraged to generate timely risk & compliance information for the department and for management?

2a(i) Real time availability of Risk Registers in Barn Owl 2a(ii) Compliance Surveys administered in Barn Owl