To ensure the successful delivery of our strategic objectives the Group has a mature and embedded Risk Management Framework that identifies, assesses and prioritises risks. It is through this structured approach that we are able to effectively mitigate and monitor the impact and probability of these risks materialising.

Effective risk management is key to delivering the Group’s strategic objectives. Our established Risk Management Framework identifies, assesses, and prioritises risks, enabling us to mitigate potential impacts and identify emerging opportunities.

The Group adopts a structured and mature approach to risk management, ensuring that a systematic and planned process for identifying, assessing, prioritising, mitigating and monitoring risks is taken throughout the business.

The Group’s Risk Management Framework involves a top-down approach to identify principal risks and a bottom-up approach to identify operational risks. Our culture of effective risk management focuses on balancing risk and reward, which is determined by assessing the likelihood and impact of risks in line with the Group’s risk appetite statements. The Group has an embedded risk management IT system and a dedicated Risk and Internal Audit team who facilitate the risk management process by offering support to management teams to ensure a consistent application of the Risk Management Framework and its supporting processes across the business.

The Board conducts an annual review of the Group’s principal risks and receives regular updates on key emerging risks, risk trends and the actions taken to mitigate risks. The Group Risk Committee reviews risks during the intervening periods and met four times over the course of the year.

To achieve our strategic objectives and support the sustainable growth of the business, effective risk management is essential.

The Board oversees the Risk Management Framework to ensure the Group has suitable mitigation strategies in place for its key risks. This responsibility is delegated to the Group Risk Committee, chaired by the Chief Financial Officer, and includes key internal stakeholders such as Directors, Executive Directors, Heads of Departments and the Head of Risk and Internal Audit.

The Audit Committee receives additional assurance on the Group’s Risk Management Framework and internal control system through the work of the established Risk and Internal Audit team. Throughout the year, the Risk and Internal Audit team conducted a series of reviews across the Group, including in-depth risk reviews on several of the Group’s principal risks, and found no significant issues or weaknesses in the Risk Management Framework or internal control system.

Risk Management Framework FY25

PRINCIPAL RISKS AND UNCERTAINTIES

The Group recognises that it is exposed to a variety of risks however, in common with other businesses, it focuses reporting on those with a high likelihood and significant near-term impact on strategic objectives, operational plans or reputational damage. The Board has undertaken a comprehensive assessment of risks that could compromise the Group’s business model, future performance, solvency or liquidity.

The principal risks and uncertainties facing the Group are summarised here.