Our Business
Risk and opportunity management
Edward Senyonjo, Chief Risk Officer
"Over the past four decades, risk management at the Fund has matured from a compliance-driven practice into a culture of resilience and opportunity. Our greatest achievement has been embedding this awareness into the DNA of the organisation, with staff at every level actively linking risk to their daily performance. This collective ownership not only powers growth and safeguards member value today but also strengthens the foundation for generations to come."
In FY2024/25, the global landscape was characterised by increasing complexity and interconnectivity, accentuated by rapid technological advancements, geopolitical conflicts, and the growing impacts of climate change.Wars in the Middle East, Sudan, and Ukraine continued to cause devastating loss of life, destruction of property, and severe disruptions to global supply chains.
According to the Global Risks Report 2025, 20th Edition, the global outlook has become increasingly fractured across geopolitical, environmental, societal, economic, and technological domains. This has manifested in escalating conflicts, more frequent and severe extreme weather events, amplified by climate change, widening societal and political polarisation, and the, accelerating spread of misinformation driven by technological advancements.
In this environment, both businesses and governments face mounting challenges, from cybersecurity threats and economic volatility to social and political instability, emphasising the need for proactive, resilient, and adaptive risk management strategies.
Risk management framework
The Fund’s enterprise risk management (ERM) is robust and enables us to respond to the dynamic risk environment effectively, while taking advantage of the opportunities to create value for our stakeholders. The framework is aligned to ISO 31000, the international standard for risk management, and is guided by our risk appetite statement, which upholds the principle of prudence in pursuing opportunities, while avoiding risks that could significantly erode member value or damage our reputation. We recognise that value is created through taking risks, but only when those risks are effectively identified, assessed, and managed. Our framework ensures that this balance is maintained, supporting both sustainability and growth.
Risk assessment process
1
Risk Management Framework
2
Context Establishment
3
Risk Identification
- Identification of sources of risk, events and consequences
4
Risk Analysis
- Assessment of consequences
- Assessment of incident likelihood
- Level of risk determination
5
Risk Evaluation
- Evaluation of levels of risk based on risk evaluation criteria
6
Risk Treatment
- Risk treatment options
- Risk treatment plan
- Evaluation of residual risk
7
Risk Communication and Consultation
8
Risk Monitoring and Review
Risk management as a shared responsibility
At the Fund, ERM is a shared responsibility, with the Board holding ultimate accountability for overseeing risk, but this responsibility is delegated to management and cascades throughout the organisation, ensuring that every level plays an active role in identifying, assessing, and managing risks.
Board of Directors
The Board oversees the Fund’s overall risk management strategy, ensuring effective enterprise risk management and compliance with relevant policies, laws, and regulations.
Audit & Risk Assurance Committee (ARC)
The ARC ensures the integrity of financial reporting, the effectiveness of internal controls, and compliance with policies and regulations. It reviews risk reports from management and advises on the adequacy of the Fund’s risk management strategy.
Executive Committee (EXCO)
Management handles risks and opportunities within the Board-approved risk appetite to create value, ensuring alignment with strategic objectives and creating value through effective risk management.
Risk Management Committee (RMC)
The RMC evaluates the effectiveness of the enterprise risk management strategy and activities, providing guidance to the Chief Risk Officer on managing risk exposures.
Enterprise Risk Management (ERM) Department
The ERM Department is crucial in coordinating the Fund’s risk management processes and in delivering risk awareness training and sensitisation across the organisation.
Risk Owners
Risk Owners are employees responsible for managing risks by implementing actions to mitigate them.