Publication of Annual Report and AGM update
Network International Holdings Plc
Annual Report and Accounts 2019
and
COVID-19 likely impact on the Annual General Meeting
Network International Holdings Plc (LSE: NETW) (the "Company"), the leading enabler of digital commerce across the Middle East and Africa (MEA), announces that further to the release of the Company's preliminary results announcement on 09 March 2020, the Annual Report and Accounts for the year ended 31 December 2019 ("2019 Annual Report") has been published today and is available on the Company's website at https://investors.networkinternational.ae/. It has also been submitted to the National Storage Mechanism and will shortly be available at http://www.morningstar.co.uk/uk/nsm .
The appendix to this announcement contains additional information which has been extracted from the 2019 Annual Report for the purposes of compliance with the FCA's Disclosure & Transparency Rules and should be read together with the Company's preliminary results announcement, which can be found at https://investors.networkinternational.ae/ . The 2019 Annual Report was approved by the Board on 08 March 2020 and the COVID-19 situation has rapidly evolved since then. The Group continues to monitor COVID-19 developments closely and has conducted an internal planning exercise to assess the impacts to its operational resiliency and third party supply chains.
Together these constitute the information required by DTR 6.3.5 to be communicated to the media in unedited full text through a Regulatory Information Service. This information is not a substitute for reading the full 2019 Annual Report.
COVID-19 LIKELY IMPACT ON THE ANNUAL GENERAL MEETING ('AGM')
We are closely monitoring the COVID-19 situation, including UK Government measures, and will continue to do so up to the AGM. The situation continues to develop rapidly and as a result the arrangements for the AGM may change at short notice.
The AGM will be held as a hybrid meeting, which will allow members to participate electronically or, subject to UK Government restrictions, in person.
In normal circumstances, the Board values greatly the opportunity to meet shareholders in person. However, the UK Government has published further compulsory measures in relation to the fight against the COVID-19 situation (the 'Stay at Home Measures') prohibiting, amongst other things, public gatherings of more than two people. The Stay at Home Measures are expected to be set out in more detail in (or pursuant to) emergency legislation currently before the UK Parliament, but currently, they can be found at:
https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/875246/Full_guidance_on_staying_at_home_and_away_from_others__1_.pdf
If the Stay at Home Measures are extended and/or amended such that restrictions remain in place on 30 April 2020, shareholders must not attend the AGM in person.
Your vote remains important to us. We encourage you to appoint your proxy and cast your vote in paper or electronically, in advance of the AGM, by following the instructions set out in the Notice convening the AGM.
Updates on the status of the AGM and any changes to the proceedings of the meeting will be published at https://investors.networkinternational.ae/.
Any questions that the shareholders may have related to the business at the AGM can be submitted at InvestorRelations@Network.Global and network-lon@finsbury.com . Answers to questions will be published on our website following the AGM.
Enquiries
|
Network International |
InvestorRelations@Network.Global |
|
Amie Gramlick: Head of Investor Relations |
|
|
|
|
|
Finsbury |
network-lon@finsbury.com |
|
James Leviton, Angy Knill: Media Relations |
|
Appendix: additional information required by DTR 6.3.5R
In compliance with DTR 4.1.12R, the Annual Report and Accounts 2019 contain Directors' responsibilities statements. These are reproduced below, along with the Statement on Risks & Uncertainties and Related Party Balances and Transactions, in line with DTR 6.3.5R. The statements relate to and have been extracted from the 2019 Annual Report.
Page and note references in this appendix refer to page numbers and notes in the 2019 Annual Report.
DIRECTORS' RESPONSIBILITIES STATEMENTS
Statement of Directors' responsibilities
The Directors are responsible for preparing the Annual Report and Accounts and the Group and Parent Company financial statements in accordance with applicable law and practice.
Company law requires the Directors to prepare Group and Parent Company financial statements for each financial year. Under that law they are required to prepare the Group financial statements in accordance with International Financial Reporting Standards as adopted by the European Union (IFRSs as adopted by the EU) and applicable law and have elected to prepare the Parent Company financial statements in accordance with UK accounting standards, including FRS 102 Reduced Disclosure Framework.
Under company law, the Directors must not approve the financial statements unless they are satisfied that they give a true and fair view of the state of affairs of the Group and Parent Company and of their profit or loss for that period. In preparing each of the Group and Parent Company financial statements, the Directors are required to:
• Select suitable accounting policies and then apply them consistently;
• Make judgements and estimates that are reasonable and prudent;
• For the Group financial statements state whether they have been prepared in accordance with IFRSs as adopted by the EU.
• For the Parent Company financial statements, state whether applicable UK Accounting Standards have been followed, subject to any material departures disclosed and explained in the Parent Company financial statements;
• Assess the Group's and Parent Company's ability to continue as a going concern, disclosing, as applicable, matters related to going concern; and
• Use the going concern basis of accounting unless they either intend to liquidate the Group or the parent Company or to cease operations, or have no realistic alternative but to do so.
The Directors are responsible for keeping adequate accounting records that are sufficient to show and explain the Parent Company's transactions and disclose with reasonable accuracy at any time the financial position of the Parent Company and enable them to ensure that its financial statements comply with the Companies Act 2006. They are responsible for such internal control as they determine is necessary to enable the preparation of financial statements that are free from material misstatement, whether due to fraud or error, and have general responsibility for taking such steps as are reasonably open to them to safeguard the assets of the Group and to prevent and detect fraud and other irregularities.
Under applicable law and regulations, the Directors are also responsible for preparing a Strategic report, Directors' report, Directors' Remuneration report and Corporate Governance statement that complies with that law and those regulations.
The Directors are responsible for the maintenance and integrity of the corporate and financial information included on the Company's website. Legislation in the UK governing the preparation and dissemination of financial statements may differ from legislation in other jurisdictions.
Responsibility statement of the Directors in respect of the Annual Report
We confirm that to the best of our knowledge:
• The financial statements, prepared in accordance with the applicable set of accounting standards, give a true and fair view of the assets, liabilities, financial position and profit or loss of the Company and the undertakings included in the consolidation taken as a whole; and
• The Strategic Report includes a fair review of the development and performance of the business and the position of the Company and the undertakings included in the consolidation taken as a whole, together with a description of the principal risks and uncertainties that they face.
We consider the Annual Report and Accounts, taken as a whole, is fair, balanced and understandable and provides the information necessary for shareholders to assess the Group's position and performance, business model and strategy.
PRINCIPAL RISKS AND UNCERTAINTIES
Overview
At Network International we are committed to embedding a strong culture of risk management which supports good governance and sound risk management practices across the Group. We operate in dynamic markets across the Middle East and Africa which can be impacted by a multitude of geopolitical events and regulatory changes. Therefore our continued growth in the region, together with our expansion plans for the Saudi Arabia market alongside rapid technological developments in the payments industry present shifting demands on our operational and technology capabilities. All of these factors expose our business to multiple challenges, risks and uncertainties. Consequently, the effective and efficient identification and management of these risks is key to the successful achievement of our strategic objectives.
Since the listing of the Group on the London Stock Exchange in 2019, we have embarked on a journey to enhance our existing risk management model to further align with international standards including the 'Committee of Sponsoring Organizations of Treadway Commission' ('COSO') and 'International Standards Organization' ('ISO'). During 2019 we engaged PwC to support us in the development of an appropriate best-fit 'Enterprise Risk Management Framework ('ERMF')' for our business.
The Group's overarching ERMF has since been approved by the Board, and builds upon and enhances our risk management approach. We have established a clear risk governance model utilising the three lines of defence model to ensure effective risk management, oversight and assurance. Our third line of defence (internal audit function) is now further strengthened following the appointment of a new Chief Internal Auditor in 2019, as discussed further on page 88.
The Internal Audit function reports independently to the chair of the Board Audit and Risk Committee ('BARC').
Our approved risk strategy, risk appetite and principal risks are derived from our five year business strategy. Our key risks identified in 2018 have been further refined by the Board to form our eleven principal risks. For each principal risk we have a defined risk appetite and key risk indicators ('KRIs') to ensure effective monitoring of risk trends.
Our reporting standards have also been enhanced to meet the requirements of the 2018 UK Corporate Governance Code. All of these efforts will help us in the coming years to make better risk based strategic decisions and enable us to provide safe and secure payment solutions to our partners in the Middle East and Africa.
We have generally seen the risk trends remaining stable for our principal risks with investments in our cyber security and technology infrastructure being particularly noteworthy. However, we recognise that we operate in a dynamic business environment and that our risk profile will continue to evolve over time. We remain focused on new and emerging risks which could adversely affect our accepted risk profile and strategic planning in the longer term.
We have identified a number of these risks which are primarily driven by external factors including cyber, regulation, market stability and climate change over which we can have limited control. However we continue to monitor each of them closely to ensure we understand the potential impact to our operations and to ensure we modify our risk mitigation plans accordingly. The increasing risk on execution is much more within our control and we continue to assess and increase our capacity to deliver against our strategic objectives. Further detail on the new and emerging risks can be found below on page 60.
How we manage Risk
We have a dynamic, practical and action-oriented ERMF, which helps us in proactively responding to changes in our business environment, whilst continuing to deliver on our expectations of increased transparency, value protection and creation.
Please refer to Graphic 1 in the attached Appendix pdf document
http://www.rns-pdf.londonstockexchange.com/rns/6668I_1-2020-4-2.pdf
Our approach to Risk Management:
At Network International, we maintain a robust and sustainable ERMF, which ensures risks are properly identified, assessed against tolerance levels and appropriately managed across the Group. Our ERMF is designed to minimize the potential threats to achieve our objectives. We have approached the bottom up risk assessment process on a risk assessed basis and this work will be completed during the course of 2020 for lower risk business units. The overall approach is underpinned by a bottom-up approach and examined from a top-down perspective.
Please refer to Graphic 2 in the attached Appendix pdf document
http://www.rns-pdf.londonstockexchange.com/rns/6668I_1-2020-4-2.pdf
During the year, Management have sought to build a richer picture of the risk facing the Group's operations. Below we have listed a number of our successes as part of the management of our operational risks:
• During 2019, we completed over 70 functional risk assessments across all group locations and over 400 project/product risk assessments Operational Risk Assessment of Projects ('ORAP') during the product life cycle;
• Introduced significant changes to enhance our approach to risk assessments including automation, an improved change management process and working efficiencies;
• We completed 10 on-site vendor risk assessments on our critical vendors to provide comfort over those partners critical to our delivery and supply chain cycle.
• Approval of the Group's Enterprise Risk Management Framework by the Board.
From a business continuity perspective, we have made great strides in implementing a robust Business Continuity Management ('BCM') framework. The Group risk team completed 98 Business Impact Analysis ('BIA') and over 45 business resiliency tests and exercises across the Group.
Risk Culture:
The Group is committed to embedding a strong risk culture to support good governance and sound risk management practice. The Board and the Executive Management Team play a key role in directing and influencing this by ensuring:
• that a risk based approach is used during key decision making;
• consistent tone from the top and clear responsibilities for risk identification and challenge;
• employees have risk management accountability and escalate issues on a timely basis;
• our incentive structures promote a risk aware culture to effectively manage risk and remunerates employees accordingly; and
• we adopt a culture of "earning from our mistakes" to foster continuous improvement of processes and controls.
Risk awareness is embedded within the Group and is grounded in our strong ethical values and pro-active corporate culture. Our risk management philosophy is cascaded top down and bottom up and runs through all our management, employees and connected stakeholders.
To improve risk awareness across the organisation, multiple online training modules were launched and successfully completed in addition to class-room and instructor led training sessions on Information Security, Cyber Incident Management, Payment Card Industry Data Security Standards, Business Continuity Management, Operational Risk, Sanctions, Anti- bribery and Anti- Corruption, AML and Code of Conduct.
The importance of risk culture is reinforced in the Group's policies and standards and the Code of Conduct, to which all employees receive annual training as part of the attestation process.
Focus Areas for 2020:
Work will be undertaken in 2020 that will focus on further embedding our approach to risk management throughout our business, markets and support functions to build an even richer picture of risk information.
The priorities for Group Risk throughout 2020 will be:
• Complete the rollout and to embed the framework across all Group functions;
• We have also invested in a new GRC platform - RSA Archer. This will provide us with a common foundation for managing risks, controls, risks assessments and loss management. The platform enables cross-functional collaboration and alignment.
• Complete 'bottom-up' risk assessments for all functional units. Each of these units will then implement risk and control self-assessments ('RCSA') as part of our ongoing push for greater risk understanding and awareness;
• Development of contingency planning across our markets and territories to manage any geo-political uncertainty we are subject to as a business; and
• Based upon our assessment of new and emerging risks facing the business, we will carry out deep-dive thematic reviews into each risk. These risks are outlined below on page 61.
Our Principal Risks
Having completed a robust assessment of emerging and principal risks, the Board considers these to be the most significant risks facing the Group. Not all risks facing the business are listed; however, we have highlighted on page 61 those emerging risks that we consider may have an impact on the business.
These risks are not listed in any particular order of priority.
For 2019, the overall risk profile of the Group is being managed at acceptable levels with the majority of the Group's Principal Risks falling within the 'Informed' risk rating. There are small number of 'High' ratings within Cyber Security and Geopolitical Risks which we expect to remain high given the underlying inherent risks associated with Cyber Risk and the Group's geographical focus on the Middle East and Africa.
The overall risk trend when compared broadly to the risk profile for the prior 12 months has been stable due to the continuous investments in the Group's infrastructure, resources, governance model and internal control framework.
The following section contains information about the principal risks, including a summary of the progress made in 2019 and the priorities for 2020, their potential impact, our risk appetite and the link to our strategic priorities.
Risk appetite rating defined:
Low - We will ensure that we have sufficient controls and mitigations in place to allow for a low level of risk whilst recognizing there may be a limited reward potential.
Informed - An approach which we feel could deliver reasonable rewards, economic or otherwise, by managing the risk in an informed way.
High - Willing to consider opportunities with higher levels of risk in exchange for potential greater reward.
Risk trends defined: | ||
↓ | - Decrease in principal risk impact and/or probability at residual level. |
|
↔ | - No change in principal risk impact and/or probability at residual level. |
|
↑ | - Increase in principal risk impact and/or probability at residual level. |
|
Cyber Security | |||||||
A breach of the Group's infrastructure resulting in the compromise of data or service disruption through cyber security breaches. | |||||||
Risk Impact |
| Progress during 2019 |
| 2020 mitigation plan |
| Risk Trend | |
An external cyber-attack, insider threat or 3rd party breach could cause the loss of confidential data or service disruption. | Approved information security standards and policies are applied and reviewed on a regular basis. All annual audits were passed with zero non-conformities.
Earlier in the year, Protiviti (Global Consulting Firm) completed a Cyber Security Maturity Assessment ('CSMA') of the Group. Based on the findings of the report, current security trends and to standardized the security posture across the group, further investments and multiple remediation solutions were in the process of implementation to improve the overall security maturity levels.
Robust cyber security systems cover all areas of the business. Crisis management and business continuity frameworks are also in place for all IT systems. | The Group will continue to focus on the below areas: · To standardize our security solutions across regions · Ensure closure of the remaining identified gaps from the CSMA review. · Continue to invest and implement new age security solutions to safeguard the Group from emerging risks.
Continued education and cyber security awareness programs for all personnel.
| ↑ | ||||
Risk appetite: Low
The Group will not accept risks which may compromise the confidentiality, integrity and availability of its data and its customer's data. | |||||||
Link to strategy: | |||||||
|
| ||||||
|
Technology Resilience |
|||||||
|
Risk of interruption to critical production services and delays to projects caused by limited availability of technical skills, poor delivery by vendors, software defects introduced to production which could expose the Group to financial losses (e.g. client claims and loss of business) and reputational impact. |
|||||||
|
Risk Impact |
|
Progress during 2019 |
|
2020 mitigation plan |
|
Risk Trend |
|
|
Undesired level of service to customers due to failure in or poor performance of technology and/or system operating environment resulting in customer attrition, financial and/or reputational loss. |
Completed major enhancements across our critical systems including upgrades to our 'Network One Platform' and Network Lite Platform.
Developed a Group-wide consistent IT disaster recovery and business continuity program, with some testing activity underway in 2019. |
Further investment into our technology and security infrastructure, including the opening of a world-class data center in Dubai and expansion of the existing facility in Abu Dhabi.
Group-wide IT disaster recovery and business continuity testing to be completed during 2020. |
↔ |
||||
|
Link to strategy: |
|||||||
|
Risk appetite: Informed
We are accepting of some level of modest disruption, within the relative norms of the markets in which we operate. However we ensure appropriate levels of resilience are in place to minimize the impact to our customers. |
|||||||
|
|
|||||||
|
Operational Resilience |
|||||||
|
Risk of inability to execute operational processes and deliver on contractual obligations due to operational inefficiencies and discontinuity, defects, errors and delays, which could damage customer relations, decrease potential profitability and expose the Group to liability. |
|||||||
|
Risk Impact |
|
Progress during 2019 |
|
2020 mitigation plan |
|
Risk Trend |
|
|
An unexpected disruption to operational performance that may cause damage to customer relations or financial loss to the business. |
The Group has initiated a digitisation road map as we look to automate many of the manual processes across operations. This includes the introduction of robotic process automation ('RPA') and the removal of redundant processes.
Crisis management and business continuity framework in place to support operational resilience, with some testing activity underway in 2019. |
The Group will further continue to automate processes through RPA for next set of manual activities
Continue to strengthen the first line of defence through the completion of risk and control self-assessments for all first line operational functions.
|
↔ |
||||
|
Risk appetite: Informed
Whilst we continue to enhance our control framework across the Group we are accepting of some degree of operational failure from time to time provided the impact of failures remain within acceptable limits. |
|||||||
|
Link to strategy: |
|||||||
|
|
|
||||||
|
Strategy & Business |
|||||||
|
Risk of the Group's inability to achieve growth, failure to enter into new markets and maintain its position as the best payments partner in the Middle East. |
|||||||
|
Risk Impact |
|
Progress during 2019 |
|
2020 mitigation plan |
|
Risk Trend |
|
|
We do not retain our strategic position as the best payments partner in the Middle East and Africa impacting our ability to maintain market share and to meet growth and profit targets. |
Focus on diversified revenue streams across multiple markets.
Development of a product road map linked to the Group's business strategy.
Five year business plan in place aligned with market consensus forecasts. |
Development of Digital Proposition with MasterCard to increase attractiveness of the 4-party model and develop specific strategy to address the non 4-party threat.
The Group also has specific plans to enter new markets like KSA which would further enhance our position and lead to diversification of our portfolio. |
↔ |
||||
|
Risk appetite: Informed
Revenue growth in line with investor expectations and no dilution of Group's market position in its markets of operation. |
|||||||
|
Link to strategy: |
|||||||
|
|
|||||||
|
People |
|||||||
|
Inability to attract, develop & retain a skilled workforce and inconsistent organisational culture across the Group. |
|||||||
|
Risk Impact |
|
Progress during 2019 |
|
2020 mitigation plan |
|
Risk Trend |
|
|
We are unable to effectively manage our workforce to ensure consistent delivery of the Group's strategy and/or operational performance. |
Continued to celebrate the success of our employees through new reward and recognition initiatives.
Recruited widely across the Group to bring in additional capacity and capability to support our growth.
|
Integration of training requirements into the annual performance appraisal process to encourage healthy interaction between line managers and employees.
Assimilation of inputs from the Training Needs Analysis Survey to form the basis of the training calendars that would be rolled out on a quarterly basis in the various regions of operations .
Implementation of additional career planning and job shadowing schemes as part of our people upskilling program. |
↔ |
||||
|
Risk appetite: Informed
Group annual attrition rate not to exceed defined parameters however we accept a modest number of regretted losses which do not materially impact operational efficiency or impact our customers.
|
|||||||
|
Link to strategy: |
|||||||
|
|
|||||||
|
Regulatory Compliance |
|||||||
|
Failure or inability to comply with relevant laws, regulations and scheme obligations; Failure to identify monitor and respond to changing regulations or scheme rules; Failure to comply with regulatory reporting requirements in a timely manner. |
|||||||
|
Risk Impact |
|
Progress during 2019 |
|
2020 mitigation plan |
|
Risk Trend |
|
|
A breach or non-compliance to legal or regulatory standards leading to penalties, sanctions or reputational damage. |
Continued to monitor for regulatory change in existing markets and to ensure we are adequately addressing all compliance risks as per our compliance framework.
We introduced a market abuse and insider dealing Policy. Awareness training was also provided to all staff including senior management and Board.
The Group implemented and updated the obligations register for all jurisdictions where the Group has a physical presence. |
The Group will automate its AML transaction monitoring process.
Completion of our annual compliance plan and target assurance reviews.
Continue to ensure all KYC/AML documentation is maintained and reviewed for all markets and territories.
Continue training programs provided to employees and monitoring of the 24/7 whistle-blower hotline.
|
↔ |
||||
|
Risk appetite: Low
The Group will not accept practices which could cause breaches of laws, regulations or scheme rules; or a delay and/or failure to adapt its systems, processes and controls to prevent material compliance breaches and/or regulatory censure. |
|||||||
|
Link to strategy: |
|||||||
|
|
|||||||
|
Geopolitical |
|||||||
|
Risk of significant political, social and economic instability in one or more of the Group's target markets which could have a material adverse effect on the Group's business, financial condition and results of operations. |
|||||||
|
Risk Impact |
|
Progress during 2019 |
|
2020 mitigation plan |
|
Risk Trend |
|
|
A geo-political event within our markets that impacts our ability to do business or to meet our strategic objectives. |
Further diversification of our markets and territories including developing on soil capabilities in the KSA.
Strong revenue growth in Africa increasing revenue diversification.
Country risk assessments are currently being done for all cross border markets. |
Execution of the KSA strategy and building a sustainable business model.
Continued management focus on executing acceleration opportunities to further diversify business mix.
The Group will continue to explore acquisition options to more rapidly diversify business
Management will continue to monitor the geo-political within the region.
All outstanding country risk assessments will be completed in 2020.
|
↔ |
||||
|
Risk appetite: High
The Group's growth strategy is focused on markets which are likely to be subject to higher levels of political, legal, economic and social instability than those in more developed markets.
|
|||||||
|
Link to strategy: |
|||||||
|
|
|||||||
|
Financial |
|||||||
|
Financial risks for the Group arise mainly from the following three elements: (1) Not having sufficient liquidity to meets its obligations as they fall due; (2) Exposure to adverse movements in foreign exchange rates arising from Group's foreign operations and transactions in currencies other than AED and pegged currencies; and (3) Exposure to adverse Interest rate risk primarily on its variable rate long-term borrowing/revolving line of credit, which it uses to manage its working capital needs. |
|||||||
|
Risk Impact |
|
Progress during 2019 |
|
2020 mitigation plan |
|
Risk Trend |
|
|
Our liquidity, foreign exchange or interest rate risks are not effectively managed affecting the businesses ability to meet its financial obligations, profitability targets or working capital needs. |
Liquidity requirements continued to be managed and monitored through efficient planning.
We realised savings in interest and acquisition costs. This was due to downward trends in interest rates and effective renegotiation on margin. |
The Group is in the process of developing its financial risk management policies related to Liquidity, FX and Funding.
Continued automation of manual processes that support data consolidation and reporting.
|
↔ |
||||
|
Risk appetite: Informed
The Group will manage its liquidity, FX and Interest rate risks in line with agreed policies and thresholds. |
|||||||
|
Link to strategy: |
|||||||
|
|
|||||||
|
Fraud |
|||||||
|
Risk of compromise of card or merchant data or compromise of systems or networks or collusive merchants with the intention of performing unauthorised payment transactions for financial or non-financial gain resulting in losses to the Group or Group's clients. |
|||||||
|
Risk Impact |
|
Progress during 2019 |
|
2020 mitigation plan |
|
Risk Trend |
|
|
Internal or external parties intentionally and/or illegally misrepresenting the Group or any of Group's clients resulting in financial losses, legal action or damage to our reputation. |
Fraud detection and awareness training is provided to relevant internal stakeholders.
Established e-commerce authorisation controls to reject unsecure, high velocity transactions.
Enhancement of 24/7 suspicious transaction monitoring prior to payment to merchants.
Investment in additional fraud monitoring tools for the Network One Platform. |
Continue to develop and expand our fraud detection capability in line with the latest technology and fraud trends.
. |
↓ |
||||
|
Risk appetite: Low
Acquiring fraud losses vs sales percentage to be less than market averages. |
|||||||
|
Link to strategy: |
|||||||
|
|
|||||||
|
Credit |
|||||||
|
Risk of merchants' inability to satisfy obligations resulting in chargebacks or scheme fines. Risk that the Group will be liable for meeting the settlement obligations of sponsored issuing clients where such clients are unable to do so or comply with scheme rules. |
|||||||
|
Risk Impact |
|
Progress during 2019 |
|
2020 mitigation plan |
|
Risk Trend |
|
|
Failure of our sponsored banking clients to meet their settlement obligations and our merchants failing to meet their obligations to customers resulting in financial losses or reputational damage to the Group. |
The Group initiated periodic reviews (annual and quarterly) to ensure high risk merchant exposures remained within risk appetite.
Implemented Group-wide acquiring portfolio risk reviews. |
The Group is in the process of enhancing its merchant assessment to minimize merchants' risk levels.
The Group will implement early risk warning monitoring of SME merchant portfolio. |
↓ |
||||
|
Risk appetite: Informed
Credit losses should not exceed defined threshold of total merchant sales volume by portfolio.
|
|||||||
|
Link to strategy: |
|||||||
|
|
|||||||
|
Third Party Risk |
|||||||
|
The Group's reliance on third-parties to provide systems, technology infrastructure, product development and service delivery. Risk of data breaches of third parties systems, service disruptions with no alternatives, non-compliance to contractual obligations, applicable laws and international standards. |
|||||||
|
Risk Impact |
|
Progress during 2019 |
|
2020 mitigation plan |
|
Risk Trend |
|
|
A third-party provider does not meet its obligations, which are negatively impacting our customer relationships, and causing disruption to business performance. |
Classification exercise completed across all vendors to identify critical and high-risk vendors.
Contracts for all other vendors have been reviewed ensuring they incorporate mandated provisions.
|
Conduct assurance programme for high-risk vendors.
Monitoring for vendor service performance for high-risk vendors.
|
↔ |
||||
|
Risk appetite: Informed
The Group will not accept risks which may compromise the confidentiality, integrity and availability of its data and its customers data. |
|||||||
|
Link to strategy: |
|||||||
|
|
|||||||
RISK APPETITE
Risk appetite is the amount of risk we are willing to take in pursuit of our objectives. It defines the level of risk at which appropriate actions are needed to reduce risk to a level that we are willing to accept. As defined in our principal risks disclosure we consider risks from a low, balanced and high perspective. Each principal risk has a number of Key Risk Indicators that provide objective evidence of status of risk against risk appetite. Our risk appetite is not static and may change over time in line with changing capabilities for managing risk and our business environment.
The risk appetite statement has been approved by the Board.
Group Risk Appetite Statement
"At Network International ('NI'), our growth strategy is focused on maintaining our position as the best payments partner in the Middle East and Africa. We accept that these markets are subject to higher levels of geo-political uncertainty and business risk than those in more developed markets, and are also accepting of any concentration risk based upon our entry into these markets and territories, though we act to mitigate this through revenue diversification.
We will aim to balance this against a low appetite for any risks that compromise the confidentiality, integrity or availability of our data, our customers' data or our cyber security posture. Additionally, we look to minimize our exposure to any risk which will adversely impact our stakeholders, operational performance or compliance with relevant regulation and legislation. NI has a low appetite to incur losses from financial risk.
We will support this appetite with a level of investment that ensures we have suitable levels of policy and controls to effectively manage these risks, facilitate decision making and continue to support our growth strategy.
This means as a business that we have an informed appetite to taking risks which will enable us to drive growth in a sustainable manner providing an adequate return on investment and which limits our exposure to those areas where we have a low risk appetite and effectively control those to which we have a greater appetite for risk. We believe that managing these risks in the right way will support out our aim of enabling commerce in the world's most under penetrated payments markets."
EMERGING RISKS
Emerging risks have the potential to increase in significance and affect the performance of the Group and, as such, are continually monitored through our existing risk management processes by risk owners at all levels of the Group. We also use tools such as horizon scanning, operational risk aggregation and external sources to support our analysis. The outputs of these processes are reported to the BARC and Board of Directors for their review and assessment.
Our ERM process ensures emerging risks are considered to aid the Board Audit and Risk Committee's assessment of whether the Group is adequately prepared for the potential threats they present. The process enables new and changing risks to be discussed at an early stage allowing us to analyse them thoroughly and assess potential exposure.
We closely monitor emerging risks and with time they may become principal risks as they mature. Emerging risks may also be superseded by other risks or cease to be relevant as the internal external environment in which we operate evolves. A non-exhaustive list of some current emerging risks of relevance to the Group are set out below.
NEAR TERM RISK
Increasingly sophisticated Cybersecurity Threats
We expect to see an increase in the level of sophistication of cyber related attacks as a result of the shifting geo political tensions in the MEA. We regularly intercept sophisticated and malicious third party attempts to identify and exploit system vulnerabilities, or which aim to penetrate or bypass our security measures, in order to gain unauthorised access to our networks and systems or those of our associated third parties.
We follow a defence-in-depth model to ensure we are proactively employing multiple methods of defence at different layers to protect our systems against intrusion and attack. However, we cannot always be certain that these measures will be successful and will be sufficient to counter all current and emerging cyber threats.
Risk of Execution: Operational & Technical Capabilities
Our ambitious growth and expansion plans could be compromised if we are not able to deliver critical internal transformational projects or strategically important projects to clients within expected deadlines.
Our growth plans will create heightened levels of risk with regard to people and management capacity to ensure on time delivery without disruption to our day to day operations. Failure to do so could cause us to lose business, increase our costs and expose us to negative publicity, and/or diversion of operational, technical and other resources to correct or re-perform such services.
Coronavirus
We observe the recent emergence and spread of the coronavirus ('COVID-19 virus') in many regions. We are monitoring developments closely and are conducting internal planning to assess any impact to our operational resiliency and third party supply chains.
MEDIUM-TERM RISK
Evolving payments regulation in the MEA
With the increase in growth and innovation of payments services in our region and particularly in Africa, we recognize the need for regulators to create new regulatory frameworks to drive innovation and competition but also to safeguard the interests of participants in the payments ecosystems. These regulatory initiatives which may be diverse in nature, could present increased complexity and cost to our operating model.
LONG-TERM RISK
Political Change
Our business focus is on the emerging markets of Middle East and Africa. We recognize some countries within this region have a history of political volatility. The risk of continued political and economic change could affect our operating results. Changes in governments may increase the complexity of serving customers in a country due to actual or potential political or military conflict; the imposition of UN, US or other sanctions which may restrict our ability to service customers in those countries.
Climate Change
In an ever-changing world, we recognise that we have a responsibility to meet our environmental and sustainability commitments and obligations. This includes failing to understand our impact on the local environment or reporting requirements.
RELATED PARTY BALANCES AND TRANSACTIONS
Parties are considered to be related if one party has the ability to control the other party or exercise significant influence over the other party in making financial and operating decisions. Related parties include associates, parent, subsidiaries, and key management personnel or their close family members. The terms and conditions of these transactions have been mutually agreed between the Group and the related parties. Key management personnel consists of the Network Leadership Team.
The Group enters into transactions with Emirates NBD PJSC and its subsidiaries. In the normal course of business, Emirates NBD PJSC also acts as a banker to the Group.
The management believes that the terms and conditions of these transactions are comparable with those that could be obtained from third parties.
The amounts due from Emirates NBD PJSC (and its subsidiaries and group associate) are receivable on demand.
|
|
2019 USD'000 |
2018 USD'000 |
|
Emirates NBD PJSC Group |
|
|
|
Transactions for the year |
|
|
|
Revenue |
60,714 |
48,384 |
|
Expenses |
7,399 |
7,772 |
|
Net Interest expense/(income) |
1,981 |
(96) |
|
|
2019 USD'000 |
2018 USD'000 |
|
Balances as at 31 December |
|
|
|
Receivable balances |
18,603 |
10,955 |
|
Bank balance |
72,154 |
101,822 |
|
Prepaid amounts included under: |
|
|
|
Long term receivables |
2,326 |
- |
|
Receivables and prepayments |
1,078 |
- |
|
Overdraft facility |
(51,204) |
(97,995) |
|
Performance and other guarantees (refer to note 30) |
7,506 |
1,764 |
|
|
|
|
|
Transguard Cash LLC |
|
|
|
Transactions for the year (refer to note 9) |
|
|
|
Balances as at 31 December |
|
|
|
Payable balances |
- |
122 |
|
|
|
|
|
Directors remuneration |
|
|
|
Directors remuneration during the year |
2,363 |
- |
|
End of service benefits (one executive Director) |
31 |
- |
|
Key management personnel remuneration |
17,510 |
17,206 |
**END**
This information is provided by RNS, the news service of the London Stock Exchange. RNS is approved by the Financial Conduct Authority to act as a Primary Information Provider in the United Kingdom. Terms and conditions relating to the use and distribution of this information may apply. For further information, please contact rns@lseg.com or visit www.rns.com.
COMPANIES COVERED:
Latest directors dealings
- 45 minutes ago SpaceandPeople
- 51 minutes ago GSK
- 1 hour ago Irish Continental Group Units (Comp) (CDI)
- 1 hour ago Irish Continental Group Units (Comp) (CDI)
- 1 hour ago International Personal Finance