Sitemap
Search 

Risk Management Report

Managing the risk of uncertainty

Introduction
The Clicks Group is committed to applying risk management principles which effectively manage uncertainty and the related risks and opportunities in order to enhance returns to investors.

The group follows the risk management principles outlined in the King ll Report. A new enterprise-wide risk management methodology was developed, approved and adopted during the year, with detailed risk registers being compiled for the group and individual business units based on this new process.

The directors confirm that risk mitigation and monitoring processes have proved to be robust and have been effective in limiting the impact of risks on the business in the 2009 financial year.

The recommendations of King lll are currently being reviewed by management and group practices will be amended where appropriate to align with these new requirements.

Responsibility for risk management

The board retains overall accountability for risk management and the directors have delegated specific responsibility to the risk committee.

The risk committee, which operates within written terms of reference, is responsible for assessing risk management processes and procedures adopted by management and ensuring compliance with the risk management principles of King ll. The role, functions and composition of the risk committee are included in the Corporate Governance Report.

The audit committee is responsible for monitoring and assessing the role and effectiveness of the internal audit function in the overall context of the group’s risk management system, ensuring the work undertaken by the internal audit department is aligned with the group’s risk priorities.

The group executive committee is responsible for designing and implementing the risk management process and monitoring ongoing progress. The executive regularly reviews the group’s risks to ensure mitigation strategies are being implemented by the business units. Senior executives and line management within each business unit are accountable for managing risk in achieving their financial and operating objectives.

Group internal audit monitors the progress of the group and business units in managing risks and reports its findings to the audit committee on a quarterly basis.

Risk management process

Risk management is embedded in the group’s annual business planning cycle. In determining the strategic and operational plans for the year ahead, each business unit is required to compile a risk register. This includes a review of the risks of the previous financial year, considering new or emerging risks, facilitated workshops with all levels of management and, where appropriate, presentations by external consultants on the environment and market conditions.

A risk framework sets out the various risks that should be considered as part of the risk identification process. The risks are broadly classified according to the following categories: strategic, environmental, financial, reputational, regulatory, people, economic, process and competition. These potential risks are updated annually to ensure all relevant industry issues are considered.

Each risk on the register is assigned an impact and probability rating:

  • The impact assigned to a risk covers financial, compliance, reputational and people criteria and is based on a ten-point rating scale from “insignificant” to “catastrophic”.
  • The probability of a risk materialising is measured on a five-point scale from a “remote” possibility of the risk occurring to an “almost certain” likelihood that it will take place.

The impact and probability ratings are then multiplied to determine the inherent (gross) risk and its significance to the group.

Detailed risk mitigation plans are developed for each risk which then determine the level of residual (net) risk. Residual risk ratings are then assigned to each risk.

The major risks, together with mitigation strategies, are outlined in the adjacent table.

As the new risk methodology was introduced this year it is not possible to compare the current major risks with those published in the 2008 annual report, although the directors do not believe there has been any material change in the overall risk profile of the group over the past year.

Financial risk management

A comprehensive financial risk management programme focuses on the unpredictability of financial markets and seeks to minimise the potential adverse effects on the group’s financial performance. Management recognises that the failure to manage financial risks could impact negatively on profitability and ultimately lead to the destruction of shareholder value.

Through its business activities the group is exposed to a variety of financial risks, including market risk (currency, interest rate and price risk), credit risk and liquidity risk. The group’s exposure to these risks and policies for measuring and managing the risk are included in notes 28 and 29 to the annual financial statements.

The group’s treasury function provides a centralised service for funding, foreign exchange, interest rate management and counterparty risk management. The treasury function reports to the chief financial officer and group financial manager and operates within the parameters of the group’s treasury policy. The treasury committee, which comprises the heads of finance of the business units together with the chief financial officer and group financial manager, meets with the group treasurer on a quarterly basis. The treasury committee reviews the performance of the treasury function against agreed benchmarks, adopts procedures to minimise financial risk and ensures the accurate cash flow forecasting of the group.

Derivative financial instruments are used to hedge certain risk exposures, including the phantom share scheme, the long-term incentive scheme and foreign exchange risk on the import of merchandise. Foreign exchange risk is mitigated by entering into forward exchange contracts which are matched with anticipated future cash flows in foreign currencies. Details of the group’s foreign exchange exposure is contained in note 29.

Insurance

Insurance forms a key element of the risk management process to protect the group against the adverse consequences of risk. The group recognises that although insurance is a means of mitigating the impact of certain identified risks, management has responsibility to manage these risks with the purpose of limiting their occurrence and their impact.

The risk committee approves the annual insurance renewal, cover levels and the schedule of uninsured and uninsurable risks. It is the policy of the group to insure assets to replacement value, carry appropriate levels of self-insurance and only contract with reputable insurance companies. The group self-insures assets and liabilities based on recommendations from its advisers. Amounts in excess of the self-insured limits are covered by reinsurers.

Major group risks

RISK IMPLICATION FOR BUSINESS RISK MITIGATION PLANS RISK RATING*
Current economic climate Downturn in economy is impacting on discretionary spending which could affect sales and margin of retail brands and also increase bad debts in UPD
  • Defensive nature of the core health and beauty business has enabled the group to withstand the impact of the consumer slowdown to date
  • Continued store openings and pharmacy roll-out plan will increase customer footfall and store sales
  • UPD has insurance to cover bad debts and follows rigorous debt management practices
 28
Attraction and retention of pharmacy professionals The group employs pharmacists in Clicks, UPD and Clicks Direct Medicines and is the largest employer of pharmacists in the private sector. Shortage of healthcare professionals is an industry challenge and could limit growth plans and increase costs.
  • Employer of choice programme in place across the group
  • In-house pharmacy academy, training initiatives with educational bodies and continuous professional development programmes aimed at attracting and retaining pharmacists
 		 28
Healthcare legislation Lack of clarity on the implementation of maximum logistics fees and changes in pharmacy legislation creates uncertainty with investors
  • Ongoing engagement with regulatory authorities such as the Department of Health (DoH), as well as making submissions to the DoH
 27
Process non-compliance Non-compliance with policies, procedures and processes could impact on sales, shrinkage and cash losses
  • Comprehensive control self-assessment process followed in each business unit
  • Shrinkage plan and audit process
 24
Increasing competition in retail pharmacy Aggressive expansion by competitors could increase the shortage of pharmacists as well as negatively affect sales and market share growth in Clicks
  • Clicks currently has the largest retail pharmacy footprint in SA
  • Continued roll-out of pharmacies, with 30 – 40 dispensaries planned for 2010
  • Plan to open dispensaries in all Clicks stores (currently in 207 out of 346 stores)
  • Continuous improvement in pricing, product offer and customer service
 24
Retention of key staff Inability to attract and retain people in key positions across the group could ultimately compromise service delivery
  • Total rewards remuneration framework implemented to ensure market competitiveness in terms of cash and benefits
 24
Legislative and regulatory compliance Non-compliance with onerous legislation could result in fines and penalties, criminal implications for directors and reputational damage
  • Internal legal capacity enhanced with the creation of the position of head of group legal counsel
  • Legal compliance officer appointed to monitor compliance with existing and new legislation and regulation
 21
Service disruption due to natural disaster Natural disasters could result in stock being destroyed or deliveries disrupted and lead to loss in sales through an inability to trade
  • Business continuity plan developed
 21
* The risk rating is calculated by multiplying the impact assigned to each risk (10-point scale) by the probability (5-point scale) of the risk materialising, providing a risk rating out of 50 points.