Corporate Governance – Principal risks and uncertainties

Credit risk – The risk that debtors or guarantors will default.

A major loss could have a serious effect on group profit. Although loans to insurance broking finance companies can be substantial, we have a claim on the underlying agreements which are considerably smaller. This is an ongoing situation.

There has been no change in this risk since 2020.

Our risk appetite in the current climate is 0.2% of income generating assets.

Any losses are likely to come from relatively small debts, therefore these would have little impact on liquidity or solvency. In most cases money is only lent for periods up to one year through regulated introducers who guarantee the loans. Borrowing limits are set based on prudent underwriting principles. Impairment reviews are regularly conducted to identify potential problems early. In addition, our documentation is reviewed by our legal team to ensure that debts are not subject to challenge at a later date.

Liquidity risk – A lack of funding to finance our business.

Without adequate funding we cannot conduct our business.

Risk has not changed this year. We refinanced this year during a turndown in the economy at a lower headline rate indicating that risk is certainly no greater than in the past.

Our risk appetite is to aim to have 5% more funds than would be sufficient for our plans to be met.

In the past our borrowing facilities have been renewed (and on occasion increased) every year. This year we refinanced and obtained better rates as well as increasing our non-restricted funds from £17m to £20m. Our funders have indicated, so far as they are able, that they have no wish to withdraw their support.

Interest rate risk – The risk that we lend at one rate and have to repay at a higher rate.

Reduced margins mean reduced profits.

Risk has changed insofar as we now have longer term fixed rate lending. At present this business represents a small proportion of our lending. Any change in short term lending (up to one year) would have very little impact.

Or risk appetite is 25% above the interest rate that we are paying when a loan is made without being able to pass this on to our customers.

Management is in regular contact with its funders and routinely reviews the financial situation in the economy. The majority of loans made are relatively short term (no more than twelve months with the average at ten) so any increase is likely to have a fairly short-term impact. Longer term loans are still a very small percentage of the business.

IT risk –Disruption to or failure of our IT systems;
           Cyber threats – data being accessed illegally.

Persistent or serious failures could lead to lack of confidence in our system and reduce our operational capabilities.

Penalties for allowing data breaches are severe and could lead to us not being able to operate at all.

Our new system has been fully operational for almost two years now and we are over the settling down period. The system is proving robust. The risk of cyber-crime has not increased.

There is no risk appetite for either failure or cyber-crime.

Remote support access enables prompt resolution of incidents. Internet connection provides guaranteed access.

We have commissioned a risk assessment of our system by external IT specialists. Our controls are such that even a minor disruption is very quickly picked up and action taken. Systems are covered by a support contract which enables quick identification of any problems.

The group continues to develop its processes for prevention of cyber threats. If prevention is not guaranteed, the systems in place give us the capability to detect, respond and recover from those attacks.

All our staff are well trained in the use of our systems and are well placed to notice and unusual activity.

Conduct risk –Any action that leads to unfair customer outcomes or has an adverse effect on market stability or effective competition.

Failing to deal effectively with conduct risk faces regulatory action, fines, and reputational damage.

Risk has not changed.

The board has no appetite for non-compliance with regulation or for any instance of fraud within or on the organisation.

The board sets standards which comply with regulation and best practice. The CEO monitors staff compliance with those standards, reports deficiencies to the board and provides staff with advice on the interpretation of the standards. Controls are in place to prevent internal fraud with day to day supervision by the CEO. Regular monitoring of introducing partners is conducted including a review of sources of loan repayments. Our documentation is reviewed by our legal team to ensure that it is meets the requirements of the FCA.

Controls

There are rigorous controls in place to ensure risk is minimised in the group. The major areas are:

For selling – Staff have approvals at authorised levels to lend; they obtain financial and other credit information in respect of the borrower and the partner; arrears are reviewed regularly; proper legal documentation is supplied for signing; cash advances are made by the financial controller. On an ongoing basis reviews are carried out as each new tranche of borrowing is requested. Where necessary, authorisation is sought from the head of operations or the CEO.

FCA compliance – this is monitored regularly by use of a worksheet; it is completed by either the head of operations or the CEO depending on the level of compliance required (e.g. the CEO would be responsible for reporting breaches). Compliance is reported to the board at board meetings.