To ensure the successful delivery of our strategic objectives the Group has a mature and embedded Risk Management Framework that identifies, assesses and prioritises risks. It is through this structured approach that we are able to effectively mitigate and monitor the impact and probability of these risks materialising.

Due to the current UK and global economic volatility, it is vital more than ever that the Group has a structured and mature approach to risk management that ensures a systematic and planned method to identifying, assessing, prioritising, mitigating and monitoring risks across the business.

Our culture of effective risk management is based upon a balance of risk and reward, established through an assessment of the likelihood and impact of the risk, whilst considering the Group’s risk appetite. As shown opposite, the Group’s risk management framework incorporates both a top-down approach to identify our principal risks and a bottom-up approach to identify our operational risks.

The Board receives regular risk updates which include emerging risks facing the Group, analysis of risk trends and the subsequent actions taken to mitigate risks. The Board also performs an annual review of the Group’s principal risks. In the intervening period risks are reviewed by the Group Risk Committee which met four times during the course of this year.

The delivery of our strategic objectives and the sustainable growth of our business is dependent on effective risk management. The Board is responsible for maintaining the Risk Management Framework to ensure that the Group has appropriate mitigating actions and treatments for its risks. The Board delegates this responsibility to the Group Risk Committee which is chaired by the Chief Financial Officer and consists of a number of key internal stakeholders including Heads of Departments and the Head of Risk and Internal Audit.

The Audit Committee provides further independent assurance over the Group’s Risk Management Framework and system of internal controls through the established in-house Internal Audit team who during the year completed a number of reviews across the Group and reported no significant failings or weaknesses in the system of internal controls or the Risk Management Framework.

Principal risks graph FY23


The Group is exposed to a variety of risks, however, in common with other businesses, it only reports on those risks with a higher likelihood and greater current or near-term impact on strategic objectives, operational plans, or reputational damage. The Board has carried out a detailed assessment of the principal risks facing the Group, being those risks that could compromise its business model, future performance, solvency or liquidity.

The principal risks and uncertainties facing the Group are summarised here