Risk management at JMI Brokers is all about managing our threats and opportunities. By managing our threats effectively we will be in a stronger position to deliver our objectives. By managing our opportunities we will be in a better position to provide improved services and maximize returns for our shareholders.
In this strategy risk is defined as something happening that may have an impact on the achievements of our objectives. When it fails, however, the consequences can be significant and high profile. Effective risk management is needed to prevent such failures.
A risk management strategy is an essential element of strategic planning. The Board has a corporate plan covering the whole of the Groups activities and the risk management strategy should be seen as sitting under this broader umbrella.
The risk management strategy describes the processes that the Board has put in place and link together to identify, assess, address and review and report on our risks. The strategy provides a framework for the management of risk across the whole Group.
Overall, the goals of our risk management strategy are to have procedures in place to:
The four linked elements of the strategy:
These are the four principles that underpin the Groups risk management strategy. The mainstay of the strategy is to embed these in the culture of the organization. Managers will need to review risk management as an integral part of their job and the groups management team will keep the top risks faced by the group under regular strategic review.
Risk management will only become common practice if there is better understanding of what it involves and the benefits that it can help secure in terms of securing the group's objectives. The group will retain a proactive approach to risk management, which ensures that less time is spent reacting to situations and more time is spent taking advantage of opportunities.
We are open in our approach to managing risks. Employees, outside organizations and regulators should have access to information on our current risks and how we are managing them.
The group is consistent in how we assess and manage our risks throughout the organization. We identify risk owners for both specific risk and cross cutting risks.
We take proportionate actions in addressing risk, the cost of our time and efforts should be in balance with the impact of the risk, both in the short and long term.
We have a robust approach to risk management aiming to identify, assess, address and review and report on risk in a way that can stand scrutiny, building on best practice and protecting the interest of our shareholders.
We will develop our website so that shareholders can obtain information on our approach to risks. We will conduct appropriate training to promote the awareness of risk management throughout the Group.
Risks are assessed in terms of how likely they are to occur and the magnitude of the consequences if they were to occur. The board identifies both strategic and operational risks and will establish an appropriate organizational structure to facilitate this process.
The risk management committee, made up of senior management, is responsible for identifying, assessing and monitoring key risks.
Once risks have been identified we capture essential information about them in the group risk register. This is a key building block of our strategy. The register will be a working document and a key source of information for the efficient management. This process however must not be allowed to become overly bureaucratic.
We recognize that the identification of risk is an ingoing task, all board members and employees have a part to play.
To assess risk we will identify the consequences of a risk materializing and give each risk a risk rating. The initial assessment will be refined by the risk committee and a risk owner will be identified who will be responsible for reviewing and accepting the assessment that will feed into the risk register.
We need to have some means of comparing our risks so that we can concentrate on addressing those that are the most important. We will use the basic approach to giving each risk a weighting depending on the likelihood and it impact as shown in the matrix below.
Methods for assessing the likelihood of occurrence and the impact on the groups business are not specifically defined due to the different types on risks facing the groups business. The significance of the risks in the risk assessment matrix is further enhanced by using a traffic light colour coding system.
The Board will take a strategic view on risks. It will receive a report on key risks on a quarterly basis and assess those risks against the high level objectives and priorities of the board.
Having properly identified and assessed our risks, we select one of the following approaches;
Transfer the risk; this might be done through arrangements as conventional as insurance or by asking a third party to take the risk in another way.
Tolerate the risk; our ability to take effective action against some risks may be limited, or the cost of taking action may be disproportionate to the potential benefit gained. In this instance, the only management action required is to monitor the risk to ensure that its likelihood or impact does not change.
The purpose of mitigation is not necessarily to terminate the risk but more importantly to contain the risk to an acceptable level.
This involves decisive action to eliminate a risk altogether.
Appropriate and effective reporting arrangements will reinforce and support the risk management activities. This will allow up to date and accurate performance information to be passed to senior management.
This is intended to be a living document which will be continuously reviewed on an ongoing basis.