About IAG

IAG Share Prices

Manage your shareholding

Related Links

Site Tools

Managing risk is central to the delivery of value to our shareholders. The Group risk management framework is based on the interaction of the oversight structure, internal policies, key risk management processes and culture.

On this page:
Oversight structure
Internal policies
Key risk management processes
Culture

Oversight structure

Whilst all employees have a responsibility for the Group's management of risk, a number of key forums and executives oversee the Group's management of risk. These are summarised in the diagram below and detailed in approved charters and role descriptions.

Corporate governance pyramid (from IAG's 2010 annual report)


Customers Board IAG board; IAG Audit, Risk Management & Compliance Commitee (ARMCC); Nomination, Renumeration & Sustainable Committee (NRSC); Subsidiary Boards and Audit/Risk/Compliance Committees Group Management Committee EXCO meetings; Group Asset & Liablity Committee (ALCO); Quarterly Performance Reviews Shareholders Community Regulators Oversight roles Execution roles CEO & Executive Team; Group Actuary; Corporate Treasurer; Group Risk; Group Legal; External/Appointed Auditor; Internal Audit; Appointed Actuaries Divisional Risk Functions; Project Managers; All Managers; Entire Workforce External stakeholders


Executive Committee

The IAG Group Executive provides the operational oversight and management of the Group’s risks, Risk Management Framework and fulfils an advisory role to the Group CEO via the Group Executive (EXCO) Meetings.

Asset & Liability Committee

The Asset & Liability Committee (ALCo) includes the chief executive officer (chairman), Chief Financial Officer and the Corporate Office Group executive and other key senior Corporate Office management. Its role is to:

  • provide input into the formulation of recommendations to the IAG Board, ARMCC, CEO and the IAG Executive Committee concerning strategy and policy related to underwriting, reinsurance, capital and asset/liability management risk levers;
  • oversee implementation of the related strategies and policies; and
  • ensure consistency of approach across the Group in relation to these areas.

BACK TO TOP


Internal policies

IAG's Risk Management Strategy (RMS) describes the Group's risk management framework and details the principles, risk appetite, and key processes for managing the risks outlined in the diagram 'IAG's Risk Categories' below.

IAG’S risk categories

IAG’S Risk Categories

The RMS is a statement of minimum requirements for managing the full spectrum of risks associated with pursuing corporate objectives and fulfilling the Group's purpose.

The RMS evolves with IAG's corporate strategy and is reviewed annually by the board and, if considered appropriate, updated consistent with APRA prudential standards.

BACK TO TOP


Key risk management processes

Six key risk management processes are used to meet and monitor the requirements of the Group's RMS.

Risk profiling

Comprises activities associated with risk and control identification and assessment, and related action planning. Risk profiling is undertaken at the business divisional level and the group level.

Control activities

Refers to documented business processes and procedures, together with actions taken to perform controls (eg a reconciliation procedure).

Risk reporting and escalation

Reporting on significant risk management initiatives and issues is supplied to:
  • the Group risk function by each business division;
  • the key management committees (i.e. EXCO and ALCo) relating to the specific risks that these bodies oversee;
  • each meeting of the IAG Audit, Risk Management & Compliance Committee; and
  • regulators, where relevant and appropriate.

Business monitoring

Focuses on ongoing review of the effectiveness of controls and includes activities such as control self assessments, monitoring of project risks and execution of compliance plans.

Management assurance framework

A framework including self assessment questions posed to, and answered by, management relating to the effectiveness of risk management processes and internal controls. The answers support the chief executive officer, chief financial officer and board declarations on risk management, internal control and external financial reporting.

Independent review

Internal independent reviews of key risk areas, processes, projects and internal control are undertaken by the internal audit function (Group audit & risk). This function reports to the IAG Audit, Risk Management and Compliance Committee and the Group Executive Corporate Office.

External independent reviews of key financial risk areas, processes and issues are provided by the independent external auditor.

BACK TO TOP


Culture

The board and management promote the values of integrity, performance, respect and a considered sense of urgency, and encourage early and open communication of risk.

In particular, the Group has established:

  • mechanisms for rapid escalation of important matters to relevant executives and/or board members; and
  • whistleblowing processes via the ActionLine facility.

BACK TO TOP


Risk management framework Operational Risk Corporate & Strategic Risk Insurance Risk Reinsurance Risk Liquidity Risk Market Risk Credit Risk Operational Risk