AUB Group Limited Annual Report 2023

DIRECTORS’ REPORT YEAR ENDED 30 JUNE 2023

RISK MANAGEMENT Effective risk management is an integral element in AUB Group in achieving its strategic objectives.

Overseen by the Board and the Board Audit and Risk Committee, the Risk Management Framework underpins identification and management of enterprise-wide and emerging risks and allows for effective decision-making that is within the Board approved risk appetite and specific limits. The content and status of risk profiles and mitigation plans is considered and updated, in line with changes to the environment and operations, through regular reviews by management. The Board reviews the Group’s key risks and assesses the effectiveness of the risk management framework annually in accordance with the ASX Corporate Governance Principles and Recommendations. AUB Group continues to review and enhance its governance structure and processes in accordance with the ‘three lines model’ recommended by the Institute of Internal Auditors (see below). – Management: responsible for achieving the organisation’s objectives through first-and second-line activities and risk-based decision-making. Businesses, the ‘first line’, are responsible for evaluating their risk environment, putting in place appropriate controls and ensuring that these controls are implemented effectively. The ‘second line’ provides complementary expertise and continuous monitoring systems in areas including legal and compliance, information and technology security, sustainability, and risk management. – Internal audit function: undertake assurance and activities to promote and facilitate continuous improvement. – the Board: responsible for organisational oversight through integrity, leadership, and transparency.

GOVERNING BODY

Governing body roles: integrity, leadership, and transparency Accountability to stakeholders for organizational oversight

EXTERNAL ASSURANCE PROVIDERS

MANAGEMENT

INTERNAL AUDIT Independent assurance

Actions (including managing risk) to achieve organizational objectives

First line roles: Provision of products/ services to clients; managing risk

Second line roles: Expertise, support, monitoring and challenge on risk-related maters

Third line roles: Assurance on key processes and the control environment

Delegation, direction, resources, oversight

Alignment, communication, coordination, collaboration

KEY:

Accountability, reporting

(source: The Institute of Internal Auditors, Australia.)

AUB GROUP ANNUAL REPORT 2023

17