Enterprise governance is the framework adopted by Nedcor,
covering both the corporate governance and business governance
aspects of an organisation. It refers to good governance
that is linked strategically with performance management,
thereby enabling companies to focus on the key areas that
move their business forward.
Enterprise governance and compliance constitutes part of
the entire accountability framework of the organisation,
and calls for a balance between accountability and assurance
(conformance) and value creation and resource utilisation
Conformance can also be referred to as corporate governance and
covers issues such as board structures and roles and executive
remuneration, while the performance dimension, also referred
to as business governance, focuses on strategy and value
helping the board to:
- provide strategic decisions;
- understand its appetite for risk and its key drivers
for performance; and
- identify its key principles to decision-making.
Focusing on important business aspects of governance, enterprise
governance considers the whole picture to ensure that strategic
goals are aligned and good management is achieved.
In tandem with management of governance issues, the compliance
function ensures compliance not only with regulatory laws
and standards, but also with internal policies and procedures.
In line with this holistic thinking, the group corporate
governance and compliance functions were merged at the end
of 2004, as their roles and responsibilities overlap and
complement each other extensively, under the leadership of
Adv Selby Baqwa, who has been appointed as Chief Compliance
Officer to the Group Executive Committee (Group Exco).
The merger will also allow improved compliance with all
the provisions of the Banks Act and regulations. Avoiding
duplication of structures and ensuing cost savings from a
combined unit have resulted, as well as better interaction
between the awareness, training and monitoring roles of the
governance and compliance functions.
The status and reporting lines of the divisional governance
and compliance officers have been realigned at the end of
2004 to allow for them to be independent of the risk management
function in the divisions and to have adequate stature to
carry out their roles, as well as create synergies in the
founding of a governance and compliance culture within the
This dedicated division now deals with governance, compliance
and sustainability issues throughout the organisation.
Philosophy, strategy and objectives
Good governance and
compliance essentially constitute the practice by which
companies are managed and controlled and
are about being responsible and exercising disciplined,
practical and accountable leadership in a transparent, fair
The enterprise governance and compliance function is an
essential part of Nedcors control structure, having
responsibility for the management of regulatory and reputational
risk. A comprehensive Enterprise-wide Compliance Framework
has been developed in line with the requirements stipulated
in section 60A of the Banks Act, read with the provisions
of Regulation 47.
Nedcor recognises that good governance and compliance practices
form a crucial step in developing and sustaining any successful
business, and is committed to infusing good governance and
compliance processes into all its operations going forward.
Nedcors governance and compliance strategy, objectives
and structures have been designed to ensure that the group
with the myriad of codes and legislation, not only on a local
level, but also internationally in respect of its relationship
with Old Mutual, while at the same time moving beyond accountability
and assurance issues to value creation and resource utilisation
issues. Internally, the function has expanded in five complementary
The enterprise governance and compliance function operates,
among others, at the following levels within the organisation:
- enterprise-wide corporate governance;
- business governance;
- corporate accountability;
- triple bottomline/sustainability management and reporting;
- board (including boards of subsidiaries and joint ventures);
- executive management (dealing with business governance
and internal controls);
- employees (for example ethics, etc); and
- triple bottomline (creation of a sustainable bank).
The Enterprise Governance and Compliance Division works
closely together with the Company Secretary and various risk
management functions in promoting a culture of good governance
and compliance within the group.
Adv Baqwa reports directly to the Chief Executive, as well
as having direct access to the Chairman of the Nedcor Board
of Directors on all aspects related to enterprise governance
and compliance. He is an official invitee to all board and
board committee meetings.
The departments key objectives are to:
- provide an independent assurance function with regard
to governance and compliance issues to the board, the Group
Exco and the banking business;
- implement and monitor good business governance practices
throughout the organisation;
- internalise a culture of governance, ethics and compliance
across the group through ongoing training and development;
- set governance and compliance frameworks that will be
aligned to applicable regulations and local and international
- build and enhance relationships with key internal partners
(Risk, Internal Audit, Legal, Company Secretary, and especially
business governance and compliance champions) and external
- achieve balanced economic, social and environmental performance
and implementation of a best-practice corporate citizenship
framework, including comprehensive sustainability reporting
and targeted stakeholder engagement;
- provide tools and expert
guidance on governance/sustainability/compliance matters
to the business; and
- inform the business of new and existing
At an executive management level the Group Corporate Governance
Management Committee and Group Corporate Citizenship Committee
take responsibility for driving good governance, compliance
and sustainability practices within the group.
Relationship with Old Mutual plc
The relationship between
Nedcor and its parent company, Old Mutual plc, has remained
strong over the past year, as
evidenced by Old Mutuals support for the recovery programme
and rights issue. A formal relationship agreement, covering
a wide range of issues such as the appointment of officers,
strategy, reporting and policy or structural changes, governs
the relationship between the two companies and ensures that
synergies between the companies are being promoted.
The agreement further deals with how to manage potential
conflicts of interest in order to protect the interests of
minority shareholders. The board monitors Nedcors compliance
with the provisions of the relationship agreement on an ongoing
King II (the code) implementation
Nedcor fully subscribes
to and supports the code and has developed a comprehensive
implementation and monitoring plan
to meet its requirements and recommendations. The plan also
incorporates the corporate governance requirements of the
Regulations to the Banks Act, the recommendations of the
Myburgh Report and the Combined Code on Corporate Governance.
The plan has been approved by the board and its implementation
is facilitated by the governance team and monitored by the
Directors’ Affairs Committee.
The Nedcor Group is in substantial compliance with the code.
The only areas of non-compliance with the code, which the board
is satisfied does not impair the governance integrity or perceptions
of it, are as follows:
In other respects:
- the Chairman, Warren Clewlow, is a non-executive director,
but not independent, as defined by the code, by virtue
of the fact that he also serves on the board of the groups
holding company, Old Mutual plc; and
- chairmen of the following board committees are non-executive,
but not independent directors, as defined by the code:
- Directors’ Affairs Committee (Warren Clewlow);
- Risk Committee (Michael Katz).
- at 31 December 2004 50% of the board comprises independent
- the Group Directors’ Affairs Committee consists entirely
of non-executive directors, half of whom are independent
(the Chief Executive attends as an invitee);
- the Group Audit Committee (previously ARC) consists entirely of non-executive directors, the majority
of whom are independent;
- the Group Remuneration Committee consists entirely of
non-executive directors, the majority of whom are independent;
- the Group Risk Committee consists of a majority of non-executive
directors, the majority of whom are independent.
As enterprise governance
is a phenomenon that requires commitment at every level
of the organisation, it is essential
to create an effective governance and compliance culture. The
initial phase of entrenching this culture involves the
creation of awareness at every level. This culture creation
the alignment with the ethics and values of the bank.
During 2005 the focus will be on the rolling out of an interbank
(Bankseta) governance and compliance training and awareness
programme to all employees.
Governance and compliance conferences
In 2004 the Governance Division hosted its first annual corporate
governance conference. Attendance consisted of approximately
90 delegates, including representatives from various business
areas, mostly compliance officers, and the company secretaries
of African subsidiaries. A similar compliance conference was
also held. A merged governance/compliance conference will be
held during 2005.
African and offshore subsidiaries
The mandate of the Enterprise Governance and Compliance Division
is enterprise-wide and, given the fact that the Nedcor Board
is required to report on the state of corporate governance within
the entire organisation (in terms of Regulation 38 of the Banks
Act), the Enterprise-wide Governance Manager began liaising
with company secretaries and compliance officers of offshore
entities in 2003.
In 2004, as the organisation was undergoing a rationalisation
process of selling off offshore assets and enhancing its strategy
to expand into Africa, the Governance Division focused on corporate
governance entities in Africa by:
- establishing contact with managing directors, company
secretaries and compliance officers to ascertain the state
of corporate governance within each entity;
- serving as a point of reference (providing advice and
support) for the aforementioned parties in respect of corporate
governance and compliance issues; and
- arranging visits to each of these entities, which entailed:
- conducting director induction on corporate governance;
- addressing employees and executive committees on
- consulting with company secretaries on their policies,
board structures and practices;
- establishing contact with the local regulator of
- consulting with managing directors on the challenges
they face; and
- reporting back to the Chief Executive and the Head
of the Nedbank Africa Division.
Enterprise Governance Framework incorporates a full range
of governance objectives, a delineation of responsibilities
at board, board committee, Group Executive Committee and
management level, and the identification of champions and
key functions for governance integration into all operations.
The cooperation between executive management and non-executive
directors, and the significant emphasis, resources and structure
given to executive management functions to champion corporate
governance on a day-to-day basis and assist the board, board
committees and individual non-executive directors with corporate
governance and compliance responsibilities are key features
in achieving an effective governance process. The framework
is included in the Nedcor 2004 Sustainability Report.
Corporate governance strategy
Formalised governance objectives
The board has formalised its governance objectives and annually
assesses and documents whether the process of corporate governance
implemented by the group successfully achieves these objectives,
measured as part of the Regulation 38(5) Report on the State
of Corporate Governance at Nedcor.
The boards corporate governance objectives are:
- reaching the maximum level of efficiency and profitability
of the group within an acceptable risk profile;
- implementing the groups strategy and compliance
within the strategic framework of the group;
- ensuring commitment by executive officers of the group
to adhere to corporate behaviour that is universally recognised
and accepted as correct and proper;
- balancing the interests
of shareholders and other stakeholders, who may be affected
by the conduct of directors or executive
officers of the group, within a framework of accountability;
and maintaining mechanisms to minimise or avoid potential
conflicts of interest between the business
interests of the group and personal interests of directors
or executive officers;
- disclosing matters that are material
to the business of the group or the interests of stakeholders
- finding the correct balance between conforming
with governance constraints and performing in an entrepreneurial
- achieving a balanced economic, social and environmental
performance and implementing a best-practice corporate
- enabling efficient and effective
functioning of the Enterprise-wide Risk Management Framework;
- complying, in substance, with the provisions of the Code
of Corporate Practice and Conduct of the King Report on
Corporate Governance (King II), the Banks Act Regulations,
other sources of corporate governance best practice and
requirements of Nedcors holding company, Old Mutual
The board is responsible to the shareholders
and other stakeholders for setting the strategic direction
of the group
through defining objectives and key policies together with
top management, which are then cascaded throughout the organisation.
Stringent investment and performance criteria are determined
and refined by the board. These are monitored on an ongoing
basis through business plan reviews, key operational and
management performance indicators, economic policies and
trends, annual budgets and major capital expenditure programmes,
significant acquisitions, disposals and other transactions,
as well as criteria important to Nedcors relations
with its primary stakeholders and its reputation and conduct
as a good corporate citizen.
The above process is supported by a schedule of matters
reserved for the board, versus those that are delegated to
board committees, to ensure that the directors maintain full
and effective control over the group of companies, specifically
regarding significant strategic, financial, organisational
and compliance matters.
The board is accountable to Nedcors shareholders
for exercising leadership, enterprise, integrity and judgement
in directing the organisation to achieve continuing prosperity
in the interests of all the groups stakeholders.
There has been significant work done to ensure consistency
between the boards objectives and strategy and the
Strategic Recovery Programme/management strategy as a key
means of ensuring closer strategic alignment between the
board and management, as well as closer alignment with the
strategy of Old Mutual plc.
Dedicated strategy sessions for Group Exco and between
the board and Group Exco are held to focus on strategy determination
The board of directors
Role and composition at 31 December
Nedcor has a unitary board structure comprising 18 directors.
Of these, nine are considered to be independent non-executive,
as defined by King II, six non-executive and three executive
The Nedbank Limited Board has the same structure and composition
but separate meetings are held.
33% of the directors are black generic
in terms of the Financial Sector Charter definitions at 31
Of the six non-executive directors, five,
including the Chairman, are disqualified as independent by
virtue of the
fact that they also serve as directors on the board of the
groups holding company, Old Mutual plc.
The non-executive directors all have a high degree of integrity
and credibility, and the strong independent composition of
the board provides for objective input into the decisionmaking
ensuring no one director holds unfettered decisionmaking
The directors come from diverse backgrounds and bring to
the board a wide range of experience in commerce and banking. The
directors have access to management, whenever required.
A brief resumé of each director can be found here.
Board appointment and evaluation
Board appointments are conducted in a formal and transparent
manner, in line with the board appointment policy, by the
as a whole, assisted by the Nedcor Directors’ Affairs
Committee. Any appointments to the Nedcor Board are made taking
the need for ensuring that the board provides a diverse range
of skills, knowledge and expertise, the necessity of achieving
a balance between skills and expertise and the professional
and industry knowledge necessary to meet the groups
strategic objectives, as well as the need for ensuring demographic
In general, directors are given no fixed term of appointment,
while executive directors are subject to short-term notice
periods.An executive director is required to retire from
the board at age 60, while a non-executive director is required
to retire at age 70. Reappointment of non-executive directors
is not automatic. Executive directors are discouraged from
holding a large number of directorships outside the group.
The recent spate of corporate failures has ensured and
reaffirmed that boards have to be concerned not only with
organisational and management performance, but also with
their own performance. Board evaluation is one way in which
boards can show that they are serious about their performance
and even good boards can benefit from a properly conducted
A full assessment of the effectiveness of the board and
board committees, as well as evaluation of the Chairman of
the board, has taken place during 2004, to elicit feedback
from board members, which ensures constant refinement of
the governance structure and responsibilities. The feedback
from this board evaluation process also contributed to the
production of the Regulation 38(5) report addressing the
state of corporate governance within the organisation.
The board has a formal written charter that has been updated
in respect of legislative requirements, local and international
codes of conduct, including King II, and best practice.
The main functions of the board covered by the charter are:
- determining the overall objectives for the company;
- developing strategies to meet those objectives in conjunction
- formulating company policies;
- rating the companys own performance;
- assuming overall responsibility for risk management;
- appointing the Chief Executive for the company; and
- evaluating the performance of the companys directors.
The charter also formalises the policies regarding board
membership and composition, board procedures, the conduct
of directors, risk management, remuneration, board evaluation
The board committee structure has been revised during 2004 to
ensure that it can best assist the board in the discharge of
its duties and responsibilities.
The current committees are:
- Group Audit Committee;
- Group Risk Committee;
- Group Remuneration Committee;
- Group Credit Committee;
- Group Directors’ Affairs Committee;
- Group Transformation
and Sustainability Committee;
- Board Strategic Innovation
Management Committee; and
- Group Finance Oversight Committee.
The combined Audit Risk and Compliance Committee (ARC)
was separated into individual Risk and Audit Committees,
with separate charters, following discussions with the South
African Reserve Bank, and in line with the new Banks Act
amendments and recommendations of various good-practice codes.
The previous Social and Environmental Committee has been
replaced by a Group Transformation and Sustainability Committee,
reflecting the importance that these issues hold for the
finance sector in South Africa.
Separate Risk and Directors’ Affairs Committees have
been established for the Nedcor Group and Nedbank, and separate
meetings held to ensure adequate focus on the interests of
Other changes are as follows:
- Compliance responsibility has been mandated to the Directors’ Affairs
- In future operational risk shall be monitored by the
Group Risk Committee.
- The previous Group Market Risk Committee is now absorbed
into the Group Risk Committee.
- The Heads of Credit Risk and Group Risk are to be members
of the Group Credit Committee for the approval of large
Each board committee has formal written terms of reference
that are reviewed on an annual basis and are effectively
delegated in respect of certain of the boards responsibilities,
which are monitored by the board to ensure it retains effective
coverage and control over the operations of the group.
Group Audit Committee
The functions of the Group Audit Committee are primarily to
assist the board of directors in its evaluation and review of
the adequacy and efficiency of the internal control systems,
accounting practices, information systems and auditing processes
applied within a bank in the day-to-day management of its business;
and to introduce measures to enhance the credibility and objectivity
of financial statements and reports prepared with reference
to the affairs of a banking group. The Group Audit Committee
has satisfied its objectives for the year in accordance with
its terms of reference.
Group Finance Oversight Committee
As of 1 March 2004 Nedcor
established the Group Finance Oversight Committee under the
chairmanship of experienced
banker, Chris Ball, who is an independent non-executive director
of the group. The mandate of this committee is to ensure
that the groups accounting and control systems meet
the highest standards. The committees objective is to
act primarily as a board discussion forum to ensure that
the groups risk universe, spectrum of activities, organisational
structure and management methodologies are appropriate and
Group Directors’ Affairs Committee
The primary role of the Directors’ Affairs
Committee is to consider, monitor and report to the board on strategic
risk, reputational and compliance risk, compliance with
King II and the corporate governance provisions of the South African
Banks Act 1990 and the regulations issued thereunder, as
well as to act as a nomination committee.
Group Credit Committee
The primary role of the Group Credit Committee is
to approve credit policies and philosophy, set credit limits and guidelines,
confirm that procedures are in place to manage and control
credit risk, approve the adequacy of interim and year-end
provisions and ensure that the quality of the groups
credit portfolio is in accordance with these requirements
by monitoring various credit risk information, processes
and disclosure. This primary role is a monitoring function.
An important secondary role of this committee is the approval
of advances above sanctioned and regulatory authority levels.
Group Risk Committee (formerly Group Market Risk Committee)
In terms of the
Banks Act a risk committee is required to assist a board of directors in
evaluating the adequacy
and efficiency of risk policies, procedures, practices
and controls identifying the build-up and concentration of risk
developing risk mitigation techniques ensuring formal risk
assessment identifying and monitoring key risks facilitating
and promoting communication through reporting structures
and ensuring the establishment of an independent risk management
function and other related functions.
The Group Risk Committees primary focus is therefore
the monitoring across the group of the management and assessment
of risk, including market and trading risks, financial instruments
(derivatives) usage, Asset and Liability Management Division
(ALM) risks, the Group Asset and Liability and Executive
Risk Committee (Group ALCO) process and functions, intragroup
investment exposures and risks related to the underwriting
of share issues.
Group Remuneration Committee
The Group Remuneration Committee
consists of non-executive directors only and is chaired
by an independent non-executive
The committee is authorised to approve the aggregate of
adjustments to the remuneration of staff below executive director
and divisional director level. Adjustments to the total remuneration
of members of the Group Exco are individually approved by
the Remuneration Committee. Adjustments to executive directors
total remuneration are individually approved by the board
following recommendations made by the Remuneration Committee.
This committee is also charged with the supervision of the
Nedcor Group Employee Incentive Scheme, and is involved in
executive officer succession policy. The Remuneration Committee
considers remuneration in its totality in an integrated and
holistic manner, thereby assisting the board in discharging
its corporate governance duties related to remuneration strategy,
structure and costs.
The Remuneration report covers
all the corporate governance aspects and disclosure with respect
to remuneration of directors.
Board Strategic Innovation Management Committee
Strategic Innovation Management Committee has the broad
responsibility to monitor all issues pertaining
to information technology, both operational and strategic,
in as much as these may impact the business, financial,
performance, risk profile and information technology strategy
of the group. This
committee aims to ensure alignment
of the prioritisation and magnitude of IT development spend and investment
with overall group strategy and direction.
Group Transformation and Sustainability Committee
newly constituted committee has a broad responsibility
to monitor all issues pertaining to the integrated economic,
social, environmental and transformation performance of
This committee is charged to assist the board in discharging
its responsibility to ensure the group proactively addresses
the requirements/recommendations for integrated sustainability
reporting as laid out in King II and the Global Reporting
Initiative, an international multi-shareholder process whose
mission is to develop guidelines for sustainability reporting,
as well as to give the needed attention at board level to
the Financial Sector Charter (FSC), black economic empowerment
and social and environmental responsibility
The board committee structure is also supported by a structure
of group executive management committees.
Chairman and Chief Executive
In line with the requirements
of a myriad of best-practice codes the roles of Chairman
and Chief Executive are separate. The
board is led by the Chairman, Warren Clewlow, and the
executive management of the group is the responsibility of
Executive, Tom Boardman.
This clearly accepted division of responsibilities at
the helm of the company ensures a balance of authority and
so that no one individual has unrestricted decisionmaking
powers. At the same time the board and executive management
work closely together in determining the strategic objectives
of the group.
Company Secretary and director development
have access to the advice and services of the Company Secretary,
as well as the Enterprise Governance
Division, who are responsible for ensuring that board procedures
and applicable rules and regulations are fully observed.
Further to this, the board has agreed and established a
procedure in furtherance of its duties whereby directors
independent professional advice at the expense of the company.
New directors are informed of their duties and responsibilities
by way of an induction course that is run by the Company
Secretary and other experts on board effectiveness, corporate
governance and banking/technical information, familiarising
the directors with the banks senior management and
strategies. Briefing of the board takes place on an ongoing
basis to ensure that members are kept up to date with local
and international industry developments, technology issues,
risk management and corporate governance best practice.
Succession planning is an important
focus area at board as well as executive
and senior management level. Detailed and intensive planning
is conducted through the Chairmans Office in consultation
with the Directors’ Affairs and Group Remuneration
The Chief Executive is required to report regularly to
the board on the groups management development and
employment equity programmes.
This area of governance performance
focuses on adding value to the business by leveraging the
worth created by conformance.
Business governance forms the link between the strategic
objectives set by the board and board committees and the
actions and decisions taken by the management committees.
Primary attributes of this portfolio are the reviewing,
implementing and monitoring of structures, internal controls
to the principles of good governance at a management level,
involving the functions of the Group Exco, divisional executive
committees, operational risk committees, Group Exco subcommittees
and all other management committees. Business governance
will drive the culture of good governance at all levels
of the organisation.
The Executive Strategic Innovation Management Committee assists the Group Exco and the Board Strategic Innovation
Management Committee in discharging their responsibilities
to ensure that the Nedcor Group has a well-coordinated, efficient,
effective and properly resourced IT strategy that enables
the organisation to remain highly competitive and that this
strategy is timely implemented. Group ALCO and Executive Risk Committee is
responsible for ensuring that the impact of the following risks
are being effectively managed in the Nedcor Group:
- liquidity risk;
- interest rate risk, both local and foreign;
- foreign exchange rate risk, including currency translation
- trading market risk; and
- market risk in respect of financial instruments used
for purposes other than trading (eg balance sheet hedges
The roles of the Basel II Steering Committee is
to promote, direct and oversee the successful implementation
of the new
Basel Capital Accord (Basel II) across the Nedcor Group
and, particularly, to monitor and direct its implementation.
Transformation Committee is responsible for
transformation and the implementation of FSC requirements.
The Mergers and Acquisitions (M&A) Steering
Committee ensures proper corporate
governance, oversight and control of corporate actions
taken by the group as a whole. All operational
acquisitions, disposals, restructuring and major corporate
actions within the group will be brought to the M&A Steering
The Group Capital Management Committees primary
role is to review, monitor, recommend and execute the utilisation/investment/disposal/optimalisation
of shareholders capital throughout the
The primary role of the Human Resources Committee is twofold:
statutory compliance in respect of labour legislation and
the recruitment, selection, remuneration, performance management,
maintenance, training, development and, where necessary,
termination, of Nedcor Group employees and potential employees.
The Strategic Recovery Committee has responsibility to
establish and maintain the recovery process and infrastructure,
synthesise the recovery plan, monitor and facilitate the
recovery of the bank, and identify and coordinate crosscutting
initiatives. The committee is assisted in discharging the
responsibilities stated above by the Strategic Recovery and
Turnaround Office (SRTO).
The primary role of the Executive Taxation Committee is
monitoring tax compliance and tax policy and ensuring the
management of tax risk throughout the Nedcor Group in accordance
with the Nedcor Limited tax policy. Furthermore, the committee
assists the Group Audit and Group Risk Committees in discharging
their responsibilities relative to the management and monitoring
of tax risk.
The Nedbank Capital Investment Committees primary role
is considering private equity and mezzanine equity investments
and the underwriting of share issues, including initial approval,
periodic reviews and any material changes.
The primary role of the Property Investment Committee is
considering private equity investments in client-driven property
ventures and strategic investments in the listed property sector
and allied service companies.
Risk management in the financial services
industry is a fundamentally important process in ensuring
profitability, growth and long-term
- Regulation 38 of the Banks Act states that the .
. . process of corporate governance includes the maintenance
of effective risk management.
- The King Report on Corporate Governance 2002 has a dedicated
risk management section (Section 3) detailing a boards
responsibility for designing, implementing and monitoring
the process of risk management and setting risk appetite
limits or tolerance.
- The proposed new Basel II will enforce a significant increase
in risk management sophistication and reporting internationally.
These driving forces have ensured ongoing focus on the role
played by risk management in the corporate governance process
and vice versa.
The Nedcor Board acknowledges its responsibility for the
entire process of risk management, as well as for forming an
opinion on the effectiveness of this process. Management is
accountable to the board for designing, implementing and monitoring
the process of risk management, and integrating it within the
day-to-day activities of the group. The board is ultimately
responsible for any financial loss or reduction in shareholder
value suffered by the group. It is therefore responsible for
ensuring that proper risk management and monitoring systems
are in place.
The Group Risk Committee is responsible for assisting the
board in reviewing the risk management process and any significant
risks facing the group. Nedcor has adopted a comprehensive
risk management strategy and methodology, enterprise-wide risk
management, which has the
principles of corporate governance best practice embedded in
The Enterprise-wide Risk Management Framework consists of
what it calls its three layers of defence:
- enterprise-wide risk management forums and individual responsibilities;
- risk management and corporate governance committee structures;
- executive management responsibility by key risk area and
A Key Issues Control Log has been developed as a tool to
assist in achieving good governance. It represents a holistic,
yet focused, view of any issues that require attention, raising
concerns around these as well as actions being taken to address
them. This form of risk reporting strongly supports the move
towards greater transparency in reporting.
The Basel II requirements are being dealt with by way of
a comprehensive Basel II compliance plan, which will further
enhance the risk management process. The group approach to
Basel II involves building advanced risk and capital management
capabilities, leveraging off the significant investment in
Nedcors Basel II Programme as the catalyst. This approach
also facilitates the comprehensive implementation of enterprise-wide
risk management in Nedcor.
See the Risk Management and
Basel II sections for a more
internal audit operational risk functions
within the Enterprise Governance Framework of the bank
are Group Internal Audit and Operational Risk.
The Group Internal Audit Division is the one centralised assurance
unit whose functions have not in any way been transferred down
to divisional level in the recent restructuring. The Head of
Internal Audit, Terry Lamont-Smith, reports to the Chair of
the Audit Committee and to the Head of Internal Audit for Old
Mutual plc. For day-to-day operations he forms part of the
Risk Officers management team, from where the optimal
sharing of risk identification information can take place.
the Operational Risk Management Unit reported to Internal Audit,
but it now reports directly into Group Risk.
A formal charter is in place to regulate the functions
of the Internal Audit Division. Internal Audit plays an essential
independent assurance and monitoring role. An audit plan
Internal Audit is also in place, based on risk assessments
and issues raised at board and subcommittee meetings.
Internal Audit has dedicated teams that perform the internal
audit functions for Nedcors subsidiaries and joint ventures.
Audits are conducted throughout the various business units
at 12-, 24- or 36-month intervals, depending on the risk profile
of a business unit, with high-risk areas being audited on an
The 2004 audit plan focused on the following key areas:
adequacy of credit provisioning and AC133 impacts; DI500 reporting, Treasury;
suspense accounts; anti-money-laundering; Group Finance restructuring;
Group ALCO and capital management; Strategic Recovery Programme;
overall risk management and governance; and Peoples Bank credit
provisioning and process.
Internal Audit also works closely with the Enterprise Governance
and Compliance Division to ensure that any audit issues of
an ethical or governance nature are made known for followup
The board of directors approved the Barnowl operational
risk assessment and monitoring methodology during 2003 as
the official tool to meet the qualitative requirements of operational
risk management within Nedcor. Barnowl is a sophisticated
tool with an embedded risk assessment methodology used for
the identification, assessment, management, monitoring and
reporting of risk. Risk profiling can be performed at different
levels within the organisation, ie strategic, business unit
Its implementation across the group, first by division, then
by business unit, has not advanced as far as originally planned
due to significant organisational restructuring and the fact
that risk officers had to be appointed and trained to drive
the risk assessment processes in the business.
A revised implementation
plan has been approved by the Chief Risk Officer, and full implementation
is scheduled for 2005.
An essential part of the boards responsibility
is reviewing the effectiveness of internal control, making
use of the monitoring
processes within the company.
The detailed design, implementation and operation of adequate
internal controls are generally delegated to the management
team of Nedcor Limited. These controls provide reasonable assurance
that significant risks are appropriately managed, that management
and financial information emanating from Nedcor Limited is
reliable and that assets are safeguarded. This, together with
the associated responsibility for reviewing periodically the
effectiveness of such internal control, is formally acknowledged
by the head of each business unit once a year. Regulation 39(4)
of the Banks Act requires that a board of directors reports
annually to the Registrar of Banks on the adequacy of internal
controls, adherence to these, maintenance of ethical standards,
any material malfunctions and whether a bank will continue
as a going concern.
The board reports that:
- no material malfunction in the groups internal control
system has occurred during the period under review;
- it is satisfied with the effectiveness of the groups
internal controls and risk management;
- whenever there is an indication of any significant business
risk, or any weakness in controls, that may result in loss
or reputational damage, these are recorded and disclosed
in a formal Key Issues Control Log, which is lodged periodically
with the board (management has reviewed the issues recorded
in the Key Issues Control Log during the year and considered
when and why the issues arose, whether they have been resolved
and, if not, action plans and timelines for their resolution);
has no reason to believe that the group will not operate
as a going concern for the year ahead;
- it has no reason to
believe that the groups code
of ethics has been transgressed in any material respect;
has no reason to believe that the groups policies
and authority levels have not been enforced and adhered to
in any material respect;
- there have been no material breaches
of compliance with any laws and regulations applicable
to the group during the
period under review; and
- there is a documented and tested
process in place that will allow the group to continue
its critical business processes
in the event of a disastrous incident affecting its activities.
In the Nedcor Group a process and hierarchy for reporting
on internal control have been approved by the Group Audit Committee
on behalf of the board, and is reviewed on an ongoing basis
by Internal Audit and Group Risk.
Personal share dealings
Nedcor has a formal policy and set
of rules for personal account trading in place, which are
based on current legislation
and international good practice. These rules prohibit directors
and employees from dealing in Nedcor shares during defined
closed periods prior to the announcement of interim and final
results or in any other period considered sensitive.
All personal account trading is subject to authorisation
by the independent Compliance function. Such dealings also
require the prior approval of an individuals senior manager.
Any non-compliance with the policy is reported to the Directors’ Affairs
Committee by the Chief Compliance Officer, and disciplinary
action is taken.
All dealings by directors in Nedcor shares are advised to
the Listings Division of the JSE, as dictated by the JSE Listings
Requirements, and such information is published through SENS.
The group further has an insider-trading policy to assist
directors and affected employees with their commitment towards
maintaining a culture of integrity, adhering to legislative
requirements and enforcing zero tolerance of crime.
Financial statements and external review
The directors of Nedcor confirm that they are
satisfied that the group has adequate resources to continue
in business for
the foreseeable future. The assumptions underlying the going-concern
statement are debated and recorded at the time of the approval
of the annual financial statements by the board.
This was also done as part of the interim results process.
For this reason the Nedcor Board continues to adopt the going-concern
basis for preparing the financial statements.
The directors of Nedcor confirm
and acknowledge that:
- it is the directors responsibility to prepare financial
statements that fairly present the state of affairs of the
company at the end of the financial year, and the profit
or loss and cash flows for that period;
- the auditors are responsible for reporting on whether the
financial statements are fairly presented;
- adequate accounting records and an effective system of
internal control and risk management have been maintained;
- appropriate accounting policies, supported by reasonable
and prudent judgements and estimates, have been used consistently,
except as otherwise disclosed; and
- applicable accounting standards have been adhered to or,
if there has been any departure in the interest of fair presentation,
this has been disclosed, explained and quantified.
The groups joint external auditors are Deloitte & Touche
and KPMG Inc.
The report of the independent auditors sets
out the responsibilities of the external auditors with regard
to reviewing the financial statements and the groups
compliance with both statutory and accounting standard requirements.
The external audit is structured to provide sufficient evidence
to give reasonable assurance that the financial statements
are free from material misstatement. The audit review also
considers the external auditors support of the directors statements
on going concern and adequacy of the internal control environment.
The external auditors provide non-audit services to Nedcor
through their consulting divisions.
A policy, in line with that of Old Mutual plc, regarding
the provision of non-audit services by the groups auditors
is in place. This process is structured between management and
the external auditors to ensure that the guidelines, requiring
approval by the Chief Financial Officer, Chief Executive or
Audit Committee, depending on the amount of fees involved,
are adhered to and monitored by the Audit Committee and Old
Mutual plc Audit Committee on a six-monthly basis.
The total fees for non-audit services provided by the external
auditors for the year ended 31 December 2004 were
R41,4 million (2003: R41 million). This amounts to 41% of
total audit and non-audit services (2003: 44%). The non-audit
services focused on the rights offer circular, credit impairment
modelling, AC133 implementation, value-added tax (VAT) and
International Financial Reporting Standards (IFRS) implementation.
A governance review by the external auditors found that Nedcor
was substantially in compliance with the structural components
of corporate governance and that Nedcor is making progress
in the continual improvement of its governance processes.
Nedcor believes that open discussion and interaction with all
our stakeholders is fundamental to strengthen our operations
continuously and ensure that their needs and concerns are addressed
within the strategy of the group. Share owners specifically,
as well as the other stakeholders, are encouraged to attend
the annual general meeting and other meetings as vital communication
forums. Clients of the bank are also communicated with by way
of letters and statements through the post, flyers, information
within the branch network and the internet. Employees are briefed
on developments through regular business communication emails,
staff periodicals and by way of a very comprehensive intranet.
Nedcors internet site (www.nedcor.com)
has extensive information on the group, its annual, preliminary,
interim and sustainability reports and the price of its shares.
It also provides a regular update on business developments and
other matters of interest in relation to the Nedcor Group.
Code of ethics and organisational integrity
Nedcor is committed to organisational
integrity and high standards of ethical behaviour in its dealings with all
A revised code of ethics has been approved for the group,
which focuses on both the internal behaviour of our employees,
linked to the group values, as well as our commitments to external
stakeholders. The code is available on our internet and intranet
Training and awareness programmes for our employees regarding
the code will be rolled out during 2005, as well as an ethical
barometer to measure our progress in further embedding ethics
into our culture.
Code of Banking Practice
Nedcor subscribes to the Code of
Banking Practice of the Banking Council of South Africa.
This code governs Nedcors
conduct regarding relationships with authorities, clients,
competitors, employees, shareholders, local communities and
other primary stakeholders.
The group has in place appropriate procedures and mechanisms
to ensure that all elements of the code are adhered to fully. The
Nedcor Group, primarily through its Client Services Advisory
Unit, also works constructively with the Ombudsman for Banking
Services office to ensure that client complaints are
resolved appropriately and timely.
Nedcor fully supports the South
African democratic system, but does not contribute to individual
The groups stance is apolitical, a principle that extends
to not funding projects that are specifically undertaken under
the auspices of political parties. Nedbank assists with worthy
causes initiated by civic organisations and it is not inconceivable
that these initiatives may involve political figures.
Fraud prevention and money laundering
Nedcor will not be
associated with money laundering and has introduced policies
and procedures to ensure statutory duties
and regulatory obligations or, in their absence, that minimum
standards are complied with.
The Money Laundering Control Programme (MLCP) was implemented
during 2004. The programme is governed by a steering committee
consisting of business unit executives and overseen by the
Chief Risk Officer to ensure ownership at all levels.
Nedcor has developed a global money laundering control policy,
which is currently also being implemented in all of Nedcors
subsidiaries to ensure compliance with the Financial Intelligence
Centre Act (FICA).
Financial Advisory and Intermediary Services Act (FAIS)
This new act is designed to regulate the function of giving
advice on and selling financial products. The Financial Services
Board, assisted by the Advisory Committee, industry representative
bodies and the statutory Ombudsman for Banking Services,
will regulate the act. The act consists of 17 pieces of subordinate
legislation, including four codes of conduct, fit and proper
requirements, regulations and statutory reports/disclosure.
The risk of non-compliance arises from the enormity of ensuring
that all affected staff (approximately 7 000 employees in the
Nedcor Group) are trained and have the necessary fit and proper
qualification requirements associated with the type of financial
products that are being sold.
This will ensure that the selling of products and advice offered
to clients is through Nedcor staff that are licensed, authorised
and accredited as fit and proper by the Financial Services
Compliance with FAIS is being managed centrally through a
team in Group Compliance, with the assistance of the affected
Nedcor has issued a separate sustainability
report in accordance with the Global Reporting Initiative
and taking into account the recommendations of King II.
In 2004 the board met 12 times. It is policy
for the board to meet frequently, and a formal schedule of
matters is required
to be submitted to the board on the basis of an annual work
Additional or other matters of significance to Nedbank and
the group are required to be brought to the boards attention
in a timely manner, and in a number of instances this
has required the board to convene outside the scheduled plan of meetings.
The record of attendance at board and board committee meetings
for Nedcor Limited and Nedbank Limited for 2004 is set out
in the table below.
|Refer to enterprise governance and
Occupational health and safety
Nedcor is committed to providing a healthy and safe environment
for employees and clients.
For the last two years Nedcor has contracted Makrosafe to
manage the online hosting and administration of the Environmental
Occupational Health and Safety Management Programme. The programme
has been designed to ensure that branches and buildings
comply with the Occupational Health and Safety Act, 85 of
1993, as well as best international practice.
The overall compliance percentage for branches and head
offices participating in the programme for 2004 is 95,7%.
More information on these aspects can be found in the Nedcor
2004 Sustainability Report.