Risk management and oversight

The board is committed to effective risk management and all executives are accountable for managing risk within their area of responsibility.  They are also required to manage risk as part of their business objectives.

The board is responsible for monitoring that management has an appropriate risk framework in place and that they comply with regulatory, prudential, legal and ethical standards. The board reviews Perpetual’s key risks, mitigants, action plans and risk ratings as part of its annual strategic planning process in March.  The Audit Risk and Compliance Committee oversees the implementation and maintenance of Perpetual’s risk management program.  

Regular reports are received by the board and the Audit Risk and Compliance Committee from management on risk matters throughout the year.

Perpetual’s Chief Risk Officer reports to the Audit Risk and Compliance Committee and leads a centralized group of risk management professionals who are co-located with the business.  Perpetual's risk framework also includes an internal audit function which reports to the Chief Risk Officer and is independent from the external auditor.  The Audit Risk and Compliance Committee reviews the annual Internal Audit Plan and also reviews reports issued by the Head of Internal Audit.

Perpetual has specific policies and processes which deal with the key areas of business risk, financial risk and compliance risk. These policies cover areas such as information security, business continuity, compliance and regulatory obligations, business operations, human resources requirements and occupational health and safety.  View details of Perpetual’s risk management framework.

Audit process

The group's financial accounts are subject to an annual audit by an independent, professional auditor, who also reviews the group's half-yearly financial statements. The Audit Risk and Compliance Committee oversees this process on behalf of the board.

The auditor attends each meeting of the committee, and it is the committee's policy to meet with the auditor for part of these meetings in the absence of all management executives. The committee chairman meets with our audit partner usually once every quarter also in the absence of executives. The auditor has a standing invitation to meet with the committee, its chairman or with the group's chairman in the absence of management.

The auditor attends board meetings at which annual and half-yearly accounts are adopted. For part of these meetings, the board has discussions with the auditor in the absence of executives. In addition, the auditor attends the annual general meeting for the purpose of answering shareholder questions about the audit report and audit process.

Auditor independence

The board has in place processes to help ensure independence of the group's external auditor. Those processes include the following:

• The group's audit is tendered at least every seven years and after the fifth year, the board must make a positive decision each year to retain existing arrangements;
• The audit partner is rotated at least every five years, with a two year gap before a partner may be reappointed; and
• Former audit partners and audit firm employees involved in our audit cannot become directors or employees of group companies for at least two years.

In addition, our policies prohibit our external audit firm being engaged to provide non-audit services that may materially conflict with its ability to exercise objective and impartial judgment on issues that may arise within our audit, such as services related to mergers and acquisitions, tax planning and strategy, senior management recruitment, significant valuations and appraisals, design and implementation of financial information systems.

The current external auditor is KPMG.