2020 INTEGRATED REPORT

CORPORATE GOVERNANCE REPORT (CONTINUED) MANAGEMENT OF FRAUD AND CORRUPTION RISK AND CONFIDENTIAL REPORTING The PPS Group maintains a PPS Group Fraud and Corruption Policy and Response Plan, and a PPS Group Confidential Reporting Policy to manage fraud and corruption risk in the PPS Group, and to ensure that employees are able to report suspicious activities without fear of retribution. An anonymous reporting hotline, operated independently from the PPS Group by Deloitte, provides a facility to enable employees to report suspicious activities and unethical behaviour in a safe environment. All financial crime-related suspicious transactions and reports are managed by the Fraud Committee and other unethical behaviour is managed by the Human Resources Department. PRINCIPLES AND PRACTICES OF FINANCIAL MANAGEMENT PPS Insurance issues insurance policies with a discretionary element of bonuses and is required to establish and maintain a document setting out its Principles and Practices of Financial Management (PPFM) and provide this document to policyholders. This document outlines PPS Insurance’s principles and practices of financial management, in order that policyholders can better understand the profit distribution principles and practices in place at PPS Insurance, as well as the investment strategy adopted by the PPS Insurance Board. The PPFM document is available to all policyholders on the PPS Group website at www.pps.co.za . TECHNOLOGY AND INFORMATION GOVERNANCE During 2020 significant enhancements were done on the PPS business application solutions, as well as a continuation of cloud migration to allow agility. The PPS Group also focused on the consolidation and rationalisation of systems and applications and the decommissioning of old systems. The industry experienced a substantial increase in cyber related activities, with threats becoming more complex and real-time. The PPS Group continued its focus on the proactive prevention, detection and the remediation activities for Information security. Digitalisation activities in the PPS Group were accelerated during 2020, with the need to enable organisation wide communication and collaboration tools and technologies to enable staff to work remotely and provide uninterrupted services to our intermediaries and members. During the year, the PPS Group focused on the creation of a revised operating model for the Information Technology (IT) Division in the group. The appointment of the Group Chief Information Officer (GCIO), reporting to the Group Chief Operating Officer (GCOO), coincided with the consolidation of functional areas of IT into a single unit. The new IT operating model also introduced focused areas around Program Management & Digitalization, as well as Security, Risk and Governance. The internal relationship between business and IT has been enhanced with the introduction of Sector CIO’s, with each having a defined portfolio with domain knowledge and acting as a bridge between business and IT. The Group Technology Steering Committee (GTSC), established in 2019, continues to provide valuable strategic insight, support and prioritisation of initiatives in the PPS Group. This increased the impact of IT and enhanced the quality of IT delivery to stimulate and support the PPS Group’s strategic and organisational objectives. The PPS Group conducted the annual Information Technology Infrastructure Library (ITIL) maturity review, as well as reviews by Internal Audit and other independent assurance providers on, inter alia, IT control audits, King IV governance and an internal and external security penetration testing. REGULATORY DEVELOPMENTS During the year under review, there was a significant volume of proposed legislation and amendments to existing legislation, all of which will impact the governance and reporting of governance within the PPS Group. This has placed additional responsibilities on the PPS Group Boards and management to ensure adherence to, and compliance with, the new requirements. The most important legislative changes for PPS are highlighted below: 1. COVID-19 On 18 March 2020 regulations were published under the Disaster Management Act, 2002, prescribing the steps necessary to prevent an escalation of COVID-19, or to alleviate, contain and minimise the effects of COVID-19. The PPS Group heeded the President’s call and all PPS Group employees were appropriately enabled to work from home. In addition to the changing regulations issued under the Disaster Management Act, there have been many circulars issued by the Financial Sector Conduct Authority (FSCA) and the PPS Group has complied with all of the legislation emanating from the disaster. 84 | PPS INTEGRATED REPORT 2020