Responsibility for risk management and compliance extends across the entire TCorp organisation.
The risk management framework and key financial parameters are established by the Board and documented in Board policies. This framework includes the establishment and regular monitoring of limits for market, credit and other risks.
The Board’s Audit Committee acts as an advisory body on audit, operational risk management and financial matters. In respect of risk management and compliance, the Audit Committee reports on the adequacy and suitability of TCorp’s systems, controls and plans. To assist in this process, the Audit Committee receives regular reports from internal audit, external audit and TCorp management.
The Executive Risk and Compliance Committee (ERiCC) is a management committee reporting to the Chief Executive. It is charged with ensuring that Board policies are adequately embedded in business practice, and there are adequate levels of supervision, controls, procedures, monitoring and training within the business units. ERiCC’s activities are also subject to oversight by the Audit Committee.
The Risk and Compliance department is the centralised function responsible for the day-to-day monitoring of Board policies, client mandates, management procedures and any other risk matters identified as potentially requiring attention. The department is responsible for daily reporting to management, monthly reporting to the ERiCC and the Board, and quarterly reporting to the Audit Committee.
In conjunction with the Risk and Compliance department, the individual business units identify risks specific to their areas and develop controls to reduce those risks to acceptable levels. This decentralised approach ensures comprehensive identification of risks and entrenches their management in the most appropriate areas.
This organisation-wide approach to risk management fosters a risk aware culture, with all levels of TCorp contributing to the framework and the detailed systems and processes that identify, control, monitor and report on risk.
Legal and regulatory compliance
TCorp is regulated by several items of New South Wales legislation, including its own Act, the Treasury Corporation Act 1983, as well as the Public Finance and Audit Act 1983, and the Public Authorities (Financial Arrangements) Act 1987. TCorp is ultimately accountable to the New South Wales Parliament, through the New South Wales Treasurer.
TCorp is not regulated by the Australian Prudential Regulation Authority (APRA) or the Australian Securities and Investments Commission, which govern most operators in the Australian financial markets. However, TCorp voluntarily adopts relevant industry practices which impose conventional market constraints.
TCorp’s activities are subject to review and monitoring by a number of external parties including:
- the New South Wales Treasurer, who is a Member of Parliament and the New South Wales Government shareholder representative;
- the New South Wales Treasury, which maintains a shareholder monitoring role through quarterly and annual reporting requirements common to all New South Wales Government agencies, and by representation on the TCorp Board; and
- the New South Wales Auditor-General, who reports to Parliament, provides an independent audit of TCorp’s financial statements and expresses an opinion on those statements in line with the requirements of the Public Finance and Audit Act 1983.
Compliance is a key element of risk management and TCorp’s compliance framework is structured to ensure adherence to applicable laws, regulations, contracts, industry standards and internal policies. Consistent with TCorp’s risk management approach, compliance measures are subject to continuous monitoring and improvement. Any compliance issues are referred to the Chief Executive, the ERiCC, the Audit Committee and/or the Board as appropriate.
Use of capital
TCorp does not hold subscribed share capital in the conventional commercial sense. In consultation with our shareholder, the New South Wales Government, TCorp has retained from past profits an amount of $43 million.
TCorp operates under self-imposed capital requirements based on prudential statements published by APRA. Within these TCorp-specific capital constraints, we manage market, credit and operational risks to ensure that the level of capital is sufficient to cover the financial risks incurred in ourdaily business.
Capital usage is calculated daily and monitored against Board approved limits. Management reports are produced daily and summary reports are presented monthly to the Board.
Market risk
TCorp uses a Value-at-Risk model based on historical simulation to assess capital requirements arising from market risk. The model captures the potential for loss of earnings or changes in the value of TCorp’s assets and liabilities arising from movements in interest rates and key credit spreads and from fluctuations in the prices of bonds or other financial instruments.
Credit risk
In conducting its business, TCorp invests in high grade financial assets issued by parties external to the whole of the New South Wales Government grouping. The return achieved on these financial assets must be sufficient to protect against loss in value caused by a decline in the counterparty’s creditworthiness or ultimate default.
Credit exposures are monitored daily against Board approved limits.
Operational risk
Operational risk can arise from events such as settlement errors, system failures, procedure breakdowns and external factors. TCorp reviews all possible risks of this nature, assesses the mitigating factors and controls and evaluates the residual risks. TCorp uses “KnowRisk” software to aid the identification and measurement of risk and implementation of associated internal controls. High risks are managed by improving procedures and process flows, ensuring appropriate segregation of duties, insurance cover and business continuity plans. TCorp allocates capital to cover operational risk.
Auditor independence
TCorp is audited annually by the Audit Office of New South Wales, which reports directly to the New South Wales Parliament. The Public Finance and Audit Act 1983 further promotes independence of the Audit Office by ensuring that only Parliament, not the Executive Government, can remove the Auditor-General and by precluding the provision of non-audit services to all public sector agencies.
Deloitte Touche Tohmatsu is engaged by TCorp to undertake internal audit projects as agreed by the Audit Committee under its Internal Audit Charter and to report findings independently to the Audit Committee.
Code of Conduct
All TCorp staff members sign the TCorp Code of Conduct & Ethics. The code sets out what is expected of staff in their business affairs and in dealings with clients and other parties. It demands high standards of personal integrity and honesty in all dealings and a respect for the privacy of clients and others. By signing the code, staff acknowledge that they have read and understood it and agree to act according to its requirements.