Responsibility for risk management and compliance extends across the entire TCorp organisation.
The risk management framework and key financial parameters are established by the Board and documented in Board policies. This framework includes the establishment and regular monitoring of limits for market, credit and liquidity risks.
The Board’s Audit Committee acts as an advisory body on audit, operational risk management and financial matters. In respect of risk management and compliance, the Audit Committee reports on the adequacy and suitability of the corporation’s systems, controls and plans. To assist in this process, the Audit Committee receives regular reports from internal audit, external audit and TCorp management.
Executive Risk and Compliance Committee (ERiCC) is a management committee reporting to the Chief Executive. It is charged with ensuring Board policies are adequately embedded in business practice, and that there are adequate levels of supervision, controls, procedures, monitoring and training within the business units. ERiCC’s activities are also subject to oversight by the Audit Committee.
The Risk and Compliance Department is the centralised function responsible for the day-to-day monitoring of Board policies, client mandates, management procedures and any other risk matters identified as potentially requiring attention. The Department is responsible for daily reporting to management, monthly reporting to ERiCC and the Board and quarterly reporting to the Audit Committee.
In conjunction with the Risk and Compliance Department, the individual business units identify specific risks within their areas and develop the controls necessary to reduce those risks to acceptable levels. This decentralised approach is designed not only to ensure comprehensive identification of risks, but to entrench ownership of risks within the areas best able to control them.
This organisation-wide approach to risk management assists in creating a risk-aware culture, with all levels of TCorp involved in creating the framework and developing the detailed systems and processes necessary to identify, control, monitor and report on risk.
Legal and regulatory compliance
TCorp is regulated by several items of NSW legislation, including its own Act, the Treasury Corporation Act 1983, as well as the Public Finance and Audit Act 1983, the Annual Reports (Statutory Bodies) Act 1984 and the Public Authorities (Financial Arrangements) Act 1987. TCorp is ultimately accountable to the NSW Parliament, through the NSW Treasurer.
TCorp is not regulated by the Australian Prudential Regulation Authority (APRA) or the Australian Securities and Investments Commission, which govern most Australian financial markets operators. However, TCorp voluntarily adopts relevant industry practices which impose conventional market constraints.
TCorp’s activities are subject to review and monitoring by a number of external parties including:
- the NSW Treasurer – a member of Parliament and the NSW Government shareholder representative;
- the NSW Treasury, which maintains a shareholder monitoring role through quarterly and annual reporting requirements common to all NSW Government agencies, and by representation on the TCorp Board; and
- the NSW Auditor-General, who reports to Parliament, provides an independent audit of TCorp’s financial statements and expresses an opinion on those statements in line with the requirements of the Public Finance and Audit Act 1983.
Compliance is a key element of risk management and TCorp’s compliance framework is structured to ensure adherence to applicable laws, regulations, contracts, industry standards and internal policies. Consistent with TCorp’s risk management approach, compliance measures are subject to ongoing monitoring and continuous improvement. Any compliance issues are referred to the Chief Executive, ERiCC, the Audit Committee and/or the Board as appropriate.
Use of capital
TCorp does not hold subscribed share capital in the conventional commercial sense. In consultation with our shareholder, the NSW Government, TCorp has retained from past profits an amount of $43 million.
TCorp operates under self-imposed capital requirements based on prudential statements published by APRA. It is within these TCorp-specific capital constraints that we manage market, credit and operational risks to ensure that the level of capital is sufficient to cover the financial risks incurred in our daily business.
Capital usage is calculated daily and monitored against Board-approved limits. Management reports are produced daily,
with summary reports presented monthly
to the Board.
Market risk
TCorp uses a Value-at-Risk model based on historical simulation to assess capital requirements arising from market risk. The model captures the potential for loss of earnings or changes in the value of TCorp’s assets and liabilities arising from movements in interest rates and key credit spreads and from fluctuations in the prices of bonds or other financial instruments.
Credit risk
TCorp, in the conduct of its business, will invest in high grade financial assets issued by parties external to the whole of the NSW Government grouping. The return achieved on these financial assets must be sufficient to protect against loss in value caused by a decline in the counterparty’s creditworthiness or ultimate default.
Credit exposures and capital usage are monitored daily against Board-approved limits.
Operational risk
Operational risk can arise from events such as settlement errors, system failures, procedure breakdowns and external events. TCorp reviews all possible risks of this nature, assesses the mitigating factors and controls, and evaluates the residual risks. TCorp uses ‘KnowRisk’ software to assist in the identification and measurement of risk and implementation of associated mitigating internal controls. High risks are managed by improving procedures and process flows, ensuring appropriate segregation of duties, insurance cover and business continuity plans. TCorp allocates capital to cover operational risk.
Auditor independence
TCorp is audited annually by the Audit Office of New South Wales, which reports directly to the NSW Parliament. The Public Finance and Audit Act 1983 further promotes independence of the Audit Office by ensuring only Parliament, not the Executive Government, can remove the Auditor-General and by precluding the provision of non-audit services to all public sector agencies.
Deloitte Touche Tohmatsu is engaged by TCorp to undertake internal audit projects as agreed by the Audit Committee under its Internal Audit Charter and to report findings independently to the Audit Committee.
Code of Conduct
All TCorp staff members sign the TCorp Code of Conduct. By signing the code, staff acknowledge that they have read and understood it and agree to act according to its requirements. The code sets out what is expected of staff in their business affairs and in dealings with clients and other parties. The code demands high standards of personal integrity and honesty in all dealings and a respect for the privacy of clients and others.