PPS
INTEGRATED REPORT 2018
56
CORPORATE
GOVERNANCE REPORT
(continued)
Members of the PPS Group boards have access to
independent professional advice, as may be required,
through the office of the Group Company Secretary at
the PPS Group’s expense, in order to discharge their
responsibilities as directors and trustees.
Group Legal
The Group Legal Department is the centralised legal
function, with the main responsibility of identifying and
managing legal risks that may arise during the course
of the PPS Group’s activities, and ensuring that these
risks are appropriately mitigated across all entities. This
is achieved by providing or sourcing appropriate legal
advice, ensuring that legal risks are optimally negotiated,
documented, and monitored, and that the necessary
controls are implemented. The Group Legal Department
regularly reports to the Group Executive Committee and
the Group Risk Committee on the management and status
of all material legal risks. All Group Legal Advisers employed
in such capacity report to the Head of Group Legal and
Compliance.
The Group Legal Department is also responsible for
implementing and maintaining legal policy standards
throughout the PPS Group and ensuring that the standards
are adopted and followed by all subsidiary companies and
their internal legal staff (where applicable).
Group Compliance
The PPS Group boards are ultimately accountable for
compliance with applicable laws and adopted non-binding
rules, codes, and standards. The primary objective of
the compliance function is to assist the boards with this
responsibility. Management is committed to ensuring
that the business is run with integrity, complies with all
regulatory and best practice requirements, and is conducted
in accordance with the highest ethical standards. The
appointed Compliance Officer is responsible for the effective
implementation of the Compliance Risk Management
Framework and for facilitating compliance throughout the
business by creating awareness, independent monitoring,
reporting and the provision of practical solutions or
recommendations. However, the primary responsibility
for complying with any regulatory requirement lies with
all members of staff conducting the particular transaction
or activity to which the requirement applies.
PPS has implemented a combination of a centralised and
a decentralised compliance function. Group Compliance is
the central department, with the main role of developing
the compliance policy (the boards approve such policy) and
related standards to ensure a consolidated compliance risk
management and reporting process throughout the PPS
Group. The decentralised compliance function consists of
business units which have their own compliance functions
that are responsible for implementing the PPS Group
policies, monitoring the activities of the business units and
reporting the status of compliance to Group Compliance.
PPS Investments, PPS Healthcare Administrators, PPS
Short-Term Insurance and Professional Provident Society
Insurance Company (Namibia) Limited (PPS Namibia)
have their own business unit compliance officers with
oversight by Group Compliance for compliance-related
matters. Group Compliance assumes direct responsibility
for compliance risk management in PPS Insurance and
its divisions.
The compliance function performs its activities in
accordance with these five principles:
• All legislative requirements, such as acts, bills, directives,
practice notes, industry codes of conduct, and relevant
discussion documents, which impose obligations on PPS
are identified and interpreted continuously.
• Compliance requirements are addressed in business
processes.
• Management and staff are trained on the compliance
requirements relevant to their roles.
• Compliance monitoring is conducted to provide
assurance on the level of compliance.
• Compliance incidents or suspected incidents are
reported and managed.
Group Risk Management
The taking of risk, in an appropriate manner, is an integral
part of business. Success relies on optimising the trade-
off between risk and reward, following an integrated risk
management process, and by considering all internal
and external risk factors. While conducting its business,
PPS is exposed to, and needs to take on, a variety of
risks. The long-term sustained growth, continued success,
and reputation of PPS are critically dependent on the
quality of risk management. Management is committed
to applying best practice and standards, including the
implementation of the ISO 31000 standard on Risk
Management, Prudential Standards, Risk Management
and Internal Controls for Insurers (GOI 3) and King IV.
The PPS Group Enterprise Risk Management Framework
is aligned to such standards.
PPS’ risk philosophy is underpinned by its objective
of member value creation, meeting member benefit
expectations and achieving sustainable profitable growth,
in a manner that is consistent with members’ expectations
of PPS’ risk appetite. This means the PPS Group must
ensure that a high-quality risk management culture is
instilled throughout its operations, built on the following
main elements:
• Adherence to the value system of PPS.
• Proactive risk management.