Risk and assurance

Graph showing our risk management process

Enterprise Risk Management

Our Enterprise Risk Management process, as illustrated above, continues to be used for the identification and assessment of risks to significant business objectives. The process ensures clear ownership for risks, mitigating controls and improvement actions by assigning accountability to relevant line management. Risks are reported to the Executive Committee and Audit Committee every six months. Notwithstanding this, risks are normally reviewed within the business on a quarterly basis to ensure they remain at the forefront of the management’s agenda, that no significant risks have been overlooked, that controls continue to be effective and mitigating actions are being addressed in a timely manner.

Having established our approach to risk management over the previous 18 months, this year we have started to implement further improvements to our process regarding the risk of non-compliance with critical legal and regulatory obligations. In particular, we are looking to increase the visibility of measures in place across the company to help demonstrate compliance. We are doing this for a number of reasons, including:

  • to improve our understanding of key compliance obligations and compliance control awareness generally;
  • to ensure that as specific processes are redesigned and improved as part of our Safer Better Faster initiative, compliance is ‘built in’ such that by following the process, compliance will be achieved; and
  • to provide transparency over compliance management to our executive and any interested external third parties.

In addition to this work we have continued to further embed our Enterprise Risk Management process within all areas of the business, including significant change programmes and with steps now being taken to roll out in our capital programmes.

Principal risks

Our principal risks are described in the table in this section of the report. These and other risks have been monitored by the Executive Committee and Audit Committee during the past year.

Assurance framework

Severn Trent has made solid progress in implementing the key components of its governance framework which are based on clear organisational structures and decision making, sound policies and standards, and assurance of the outcomes. The board and other key stakeholders need a transparent methodology which delivers and validates the outcome of activities.

The company expects roles to be performed in line with specific annual job objectives. Employees performing their roles properly, preparing and reporting outcomes on time and to the required standard is a key component in our Assurance Framework.

The company continues to embed the compliance, verification and performance management activities in Severn Trent. These are within business areas and sometimes within discrete functions. These confirm that operational activities have been performed properly in the line.

Lastly, the company maintains an independent perspective on the overall framework by obtaining confirmation that the components of the governance structure are working properly. In Severn Trent, this is obtained from our assurance providers including Internal Audit.

In order to provide an appropriate understanding of how these responsibilities come together for Severn Trent, the company has developed a description of the key elements over which assurance is required by the board. This is maintained by the Director of Internal Audit on behalf of the board.

A map details the areas over which Severn Trent has decided to gain specific assurance. These may vary from year to year. The criteria by which each area for assurance is selected are:

  • potentially damaging to reputation;
  • material financial impact; and
  • linked to the corporate KPIs.

Internal Audit will confirm the details of the assurance provision to cover:

  • who is responsible;
  • what is the activity; and
  • how is this recorded.

Internal Audit will confirm the details of the assurance provision to cover:

  • who is responsible;
  • what is the activity; and
  • how is this recorded.

Internal Audit deliver an audit plan to confirm that key business risks are being mitigated.

Principal risk description

Risks relating to the ongoing implementation of our coordinated change programme and achieving the significant and sustainable forecasted benefits. (See page 15 – Having the lowest possible charges).

Specific examples include:

  • successful implementation of our IT strategy and our ability to continue to provide a robust and secure technology platform to meet the needs of the business;
  • the implementation of SAP and the potential impact of the implementation on ongoing business activities; and
  • the planned major change to processes (including those necessitated by the successful implementation of our SAP system).

 

 

 

 

 

 

 

As a regulated business, we are subject to numerous and changing obligations with which we must comply and management of these is often dispersed across and through the organisation. We pay particular attention to management of risks in these areas, particularly in relation to changing legal and regulatory requirements.

Specific examples include:

  • changes in the regulatory regime and market within which we operate (including increased competition);
  • the taking on of private sewers and lateral drains (See page 13 – Dealing effectively with waste water); and
  • non-compliance with legal requirements.

External financial market factors could adversely impact on our financial position.

Specific examples include:

  • developments in the capital markets which could affect our ability to attract funds; (See page 25 – Financial review section)
  • counterparty exposure risks;
  • our ability to meet our forecasted operating and capital expenditure targets; and
  • the impact of the financial environment on our pension funds.

Key mitigation activities

  • We have a programme management office which monitors and coordinates the activities of the various change programmes and ensures effective governance within each of the programmes, including ensuring that benefits are defined and tracked. There are also defined escalation procedures, including escalation to the executive committee, if problems are identified.
  • We ensure that significant training and support is provided before and after each implementation and business readiness for change is monitored by the programmes prior to going live.
  • We have undertaken an upskilling programme to ensure that all our employees are able to work in different ways and understand how their work fits into the business as a whole.
  • Our change programmes have processes in place to ensure extensive and effective consultation takes place with all those affected by the change. For example, business deployment leads have been identified from each business area and work closely with projects prior to implementation to ensure all processes and systems are fit for purpose and business readiness for implementation to take place.
  • We continue to work closely with our regulators and other stakeholders to influence policy decisions in order to ensure the best possible outcome for our shareholders and customers. (See page 16 – Promoting an effective regulatory regime).
  • We are improving our compliance management framework to further enhance transparency and consistency of our management of controls in place to ensure compliance with key legal and regulatory obligations.
  • We plan and monitor our cash flows and borrowings to ensure that sufficient liquidity is available to meet our requirements.
  • We have policies in place which limit the available counterparties and are designed to ensure a spread of investments. There is also regular monitoring of counterparties and investment performance. (See page 25 – Financial review section).
  • We make use of cross currency swaps with the intention of eliminating foreign currency risks. (See page 25 – Financial review section).
  • We have processes in place to monitor and manage our long term pensions obligations with the intention of ensuring that they do not become a major drain on the company. (See page 26 – Pensions information within Financial review section).

Principal risk description

Due to the nature of our business we continue to face risks arising during our normal course of business, including risk of failure of our assets, processes, or systems which could otherwise impact on the health, safety and security of our people or customers, or on our financial position and our reputation.

Specific examples include:

  • the health and safety of our people, contractors and visitors (in line with our “Zero By Choice” policy towards accidents);
  • physical security of our assets, security and safety of our people, and security of our information; and
  • effective prioritisation of our asset maintenance and investment activities to ensure our assets continue to be safe and fit for purpose.

 

Whilst acceptance of the price determination from Ofwat leads to greater certainty over what we need to achieve for the coming AMP period, nevertheless we must still manage the risk associated with our ability to effectively meet the challenging targets set.

An example of this is the achievement of our regulatory performance targets and objectives to ensure that these commitments are met.

Our ability to influence customer behaviour or to operate in an environmentally responsible way could affect our financial position and our reputation.

An example of this is our reputation, as we recognise that our customers’ trust is essential to do business.

 

 

 

 

 

In the challenging economic environment, we continue to closely monitor risks to the achievement of the growth plan for our unregulated businesses.

An example of this is our ability to effectively implement appropriate organisation, processes and systems to support the growth plan.

Key mitigation activities include…

  • We are entering year three of a four year improvement plan to further enhance safety across all of our sites and operations and will continue to monitor implementation of the agreed improvements. (See page 14 – A safer workplace).
  • We have developed a prioritised capital investment programme using models which take into account the consequence, likelihood and severity of a service failure.
  • We have an annual business planning process which ensures that the prioritisation of investment delivers the required service levels.
  • We have robust processes for monitoring operating and capital spending.
  • We are implementing a new model for working with our key partners for delivery of our critical programmes over the next five years. (See page 16 – Focus on innovation in our supply chain).
  • We have detailed processes in place for planning and performance monitoring to ensure we achieve agreed regulatory outputs including targets for efficiency in our capital and operating expenditure.

 

 

 

  • We have a holistic approach to communicating with the aim of ensuring that the importance of the efficient use of water and waste water resources is fully understood, and we continuously monitor the effectiveness of these plans.
  • We are working to find ways to improve river quality while keeping carbon emissions and costs down, for example through our catchment management programme. (See page 13 – Dealing effectively with waste water).
  • We are working to develop new sources of renewable energy and have set ourselves a target of 30% renewable energy by 2014/15. (See page 14 – Minimising our carbon footprint).
  • We regularly monitor economic conditions and forecast growth to maximise the likelihood of achieving our growth targets for this part of the business.
  • We have strong, market leading products and good market knowledge, and we are establishing a local presence in our target markets. (See pages 20 to 21 – Severn Trent Services Performance).