Risk Management

RXP Services Limited (ACN 146 959 917)
Board Policy 02/11: Risk Management
Adopted by the Board on 29 April 2011

1 Purpose of this Policy

1.1 In its governance role, and particularly in exercising its duty of care and diligence, and associated legal duties, the Board is responsible for ensuring that appropriate risk management policies and procedures are in place to protect the assets and undertaking of the company.

1.2 This Policy is adopted to ensure fulfilment of those duties and responsibilities.

2. Policy

General approach

2.1 Underpinning this policy, the Board adopts an active approach to risk management which recognises that the Company is engaged in activities, which necessarily demand that the Company take certain usual business, entrepreneurial and operational risks.

2.2 Accordingly, and in the interests of the enhanced performance of the Company, the Board embraces a responsible approach to risk management, as a risk-aware Company, and not a risk-averse one. The Board required the CEO to ensure that an approach to managing risk is implemented as part of the day to day operations of the Company, identifying and managing the material risks in the following categories:

2.2.1 core business and strategy risks;

2.2.2 operational and commercial risks;

2.2.3 risks associated with the regulatory environment in which the Company operates;

2.2.4 legal and contractual risks;

2.2.5 financial risks; and

2.2.6 governance risks (includes legal and ASX listing compliance).

2.3 Separate Risk Management Plans for these areas are to be developed with a view to ensuring that, rather than being a complete and stand-alone document, the Company’s risk management plans are part of the day to day business and project decision-making within in the Company.  In particular the Board requires that the CEO link risks to the strategic plan of the organisation.  This process should identify the organisation’s risks appetite and tolerance, identify the links with other business initiatives, i.e, and outsourcing, assure the security of RXP Services Limited’s asset’s and assure the robustness of the business model.

2.4 The Company’s approach to prudent risk management does not require that all risks be identified and eliminated, but that procedures are in place to identify material risks and, where the likelihood and/ or consequences of such a risk occurring so demand, that steps be taken to minimise. Eliminate or transfer that risk.

2.5 Specifically, in managing risk, the Board and Management are to adhere to the following principles;

2.5.1 When considering new strategic or projects, management is to analyse the major risks of those opportunities being secured or being lost, and will consider appropriate strategies for minimising or mitigating those risks where they are identified.

2.5.2 Ensure that the application of risk management practices adds value to the Company.

2.5.3 Ensure that management is aware at all times that they are responsible for maintaining an adequate framework of internal control which supports the management of risk.

2.5.4 The Company will, where thought prudent by the CEO, the Chief Financial Officer, or the Board, take appropriate external advice to determine the best way to manage a particular risk.

2.5.5 Financial risk will be managed by the whole of the Board working closely with the CEO and the Chief Financial Officer, to ensure:

– that the financial statements and other financial reporting are rigorously tested prior to submissions for audit;

-that the transfer of potentially damaging events to third parties (i.e insurance and other contractual arrangements) where applicable.

2.5.6 The Company’s approach to risk management, and the effectiveness of its implementation, is to be:

-as a minimum in accordance with the Australian and New Zealand Standards AS/NZS 4360:2004, which provides a generic guide for the establishment and implementation of the risk management process involving the identification, analysis, evaluation, treatment and ongoing monitoring of risks; and

-reviewed formally at least annually by the Board.

2.6 (ASX Best Practice Corporate Governance Principles: Recommendations 4.1 and 7.2) The CEO and the Chief Financial Officer will at least on an annual basis provide written assurances to the Board in writing that:

2.6.1 all assurances given by Management in respect of the integrity of financial statements are founded on sound systems of risk management and internal compliance and control which implements the policies adopted by the Board; and

2.6.2 the Company’s risk management and internal compliance and control system is operating efficiently and effectively in all material respects.