Compliance Policy AGL Energy Limited



Similar documents
COMPLIANCE CHARTER 1

Policy (Board Approved)

Policy (Board Approved)

University of New England Compliance Management Framework and Procedures

Compliance Management Framework. Managing Compliance at the University

ING Group Compliance Risk Management Charter and Framework

ENTERPRISE RISK MANAGEMENT POLICY

3 August 2012 Policy updated to reflect name changes and alignment with current Aurora Energy Group Policy standards.

Aegon Global Compliance

Guide to the National Safety and Quality Health Service Standards for health service organisation boards

SAI GLOBAL LIMITED Risk Management Policy

RISK MANAGEMENT STRATEGY AND FRAMEWORK

CORPORATE GOVERNANCE STATEMENT

APPENDIX 50. Enterprise risk management - Risk management overview

RISK MANAGEMENT FRAMEWORK. 2 RESPONSIBLE PERSON: Sarah Price, Chief Officer

Governance, Risk and Compliance Charter

COMPLIANCE FRAMEWORK AND REPORTING GUIDELINES

Compliance Management Systems (CMS) Division of Depositor and Consumer Protection

A Guide to Corporate Governance for QFC Authorised Firms

RISK AND COMPLIANCE COMMITTEE CHARTER

The Compliance Universe

Qualification details

Risk Management. Policy

APPLICATION OF THE KING III REPORT ON CORPORATE GOVERNANCE PRINCIPLES

APPLICATION OF KING III CORPORATE GOVERNANCE PRINCIPLES 2014

Board of Directors Meeting 12/04/2010. Operational Risk Management Charter

RISK MANAGEMENT AND COMPLIANCE

Health and Safety Management Standards

Risk Management Policy Adopted by:

Audit, Risk and Compliance Committee Charter

Risk Management Policy and Framework

La Trobe University is committed to maintaining a comprehensive and effective Compliance Framework.

How To Write A Risk Management Policy For The University Of Kerry

HEALTH SAFETY & ENVIRONMENT MANAGEMENT SYSTEM

How To Manage Risk At Atb Financial

Crime Statistics Data Security Standards. Office of the Commissioner for Privacy and Data Protection

Standard 1. Governance for Safety and Quality in Health Service Organisations. Safety and Quality Improvement Guide

Consequence Management

FINANCIAL ASSESSMENT CRITERIA (The Assessment Criteria should be read in conjunction with OSFI s Supervisory Framework)

Issue 1.0. UoG/ILS/IS 001. Information Security and Assurance Policy. Information Security and Compliance Manager

APES 320 Quality Control for Firms

MARCH Strategic Risk Policy Update March 2012 v1.10.doc

Board Charter. HCF Life Insurance Company Pty Ltd (ACN ) (the Company )

Following up recommendations/management actions

Internal Audit Terms of Reference

RISK MANAGEMENT POLICY

Information Governance Strategy and Policy. OFFICIAL Ownership: Information Governance Group Date Issued: 15/01/2015 Version: 2.

Risk & Compliance Committee Charter. HCF Life Insurance Company Pty Limited (ACN ) (the Company )

Prudential Practice Guide

INFORMATION MANAGEMENT STRATEGIC FRAMEWORK GENERAL NAT OVERVIEW

Financial Services Guidance Note Outsourcing

Corporate Governance Guidelines

Information Governance Strategy & Policy

Risk Management Strategy

Bridgend County Borough Council. Corporate Risk Management Policy

Risk & Compliance Committee Charter. HCF Life Insurance Company Pty Ltd (ACN ) (the Company )

INTERNAL AUDIT FRAMEWORK

Application of King III Corporate Governance Principles

INTERNAL AUDIT CHARTER AND TERMS OF REFERENCE

Business Resilience and Risk Management

Audit, Risk Management and Compliance Committee Charter

ENTERPRISE RISK MANAGEMENT POLICY

Submission in response to the Life Insurance and Advice Working Group Interim Report on Retail Life Insurance

THE SOUTH AFRICAN HERITAGE RESOURCES AGENCY ENTERPRISE RISK MANAGEMENT FRAMEWORK

Council Meeting Agenda 27/07/15

Application of King III Corporate Governance Principles

POSITION DESCRIPTION. General Manager Network Operations (dotted line to Chief Architect)

treasury risk management

ENTERPRISE RISK MANAGEMENT FRAMEWORK

The PNC Financial Services Group, Inc. Business Continuity Program

Audit and Risk Committee Charter. Knosys Limited ACN (Company)

Principles for An. Effective Risk Appetite Framework

REGULATIONS FOR COMPLIANCE OFFICERS

Code of Corporate Governance

POSITION DESCRIPTION, PERFORMANCE MEASURES AND TARGETS

Preparation of a Rail Safety Management System Guideline

CORPORATE GOVERNANCE TREASURY WINE ESTATES ANNUAL REPORT FY2014 / 33

II. Compliance Examinations - Compliance Management System. Compliance Management System. Introduction. Board of Directors and Management Oversight

MANAGING LEGAL RISK IN AN INTEGRATED GRC FRAMEWORK A BRIEFING PAPER.

Risk Management. Group Standard

Policy. VBA Enterprise Risk Management. Governance Unit

Risk Management: Coordinated activities to direct and control an organisation with regard to risk.

Practice Note. 10 (Revised) October 2010 AUDIT OF FINANCIAL STATEMENTS OF PUBLIC SECTOR BODIES IN THE UNITED KINGDOM

Compliance and Enforcement Policy. November 2013

FSPFCC04(SQA Unit Code-F88P 04) Ensure you comply with regulations in your financial services environment

COMPLIANCE MANAGEMENT SYSTEM

Debt collection compliance guide

Background: POSITION DESCRIPTION. Position Number: Facilities & Infrastructure, MUSUL Services. Classification Level: Professional Level 6

GLASGOW SCHOOL OF ART OCCUPATIONAL HEALTH AND SAFETY POLICY. 1. Occupational Health and Safety Policy Statement 1

Request for feedback on the revised Code of Governance for NHS Foundation Trusts

Intelligent Customer Function (ICF)

MISSION VALUES. The guide has been printed by:

Integrated Risk Management Policy

Information Management Responsibilities and Accountability GUIDANCE September 2013 Version 1

AUSTRALIAN GOVERNMENT INFORMATION MANAGEMENT OFFICE CYBER SECURITY CAPABILITY FRAMEWORK & MAPPING OF ISM ROLES

PART B INTERNAL CAPITAL ADEQUACY ASSESSMENT PROCESS (ICAAP)

AUDIT AND RISK MANAGEMENT COMMITTEE CHARTER

Transcription:

Compliance Policy AGL Energy Limited November 2013

Table of Contents 1. About this Document... 3 2. Policy Statement... 4 3. Purpose... 4 4. AGL Compliance Context... 4 5. Scope... 5 6. Objectives... 5 7. Responsibilities... 5 8. Compliance Requirements... 8 9. Audit and Review... 9 10. Reviewing and Maintaining The Policy... 9 11. Glossary of Terms... 10 Document Management Date Version Author Comment 11/06/10 1 Chris Papas (AGL Corporate Compliance Manager) 20/06/11 2 Chris Papas (AGL Corporate Compliance Manager) 11/11/13 3 Chris Papas (AGL Corporate Compliance Manager) This Policy version replaces the former AGL Legislative Compliance Policy dated August 2008. Revision to change the periodic review of this Policy from annually to every two years. Revision incorporating modification to responsibilities in line with Ernst & Young Risk Management and Compliance Frameworks audit report recommendations dated August 2013. 2

1. About this Document This Policy is a formal representation of AGL Energy Limited s ( AGL ) commitment to compliance and has been approved by the AGL Board. This Policy is supported by the AGL Compliance Program which describes the processes necessary to help maintain and manage AGL s compliance with its obligations and outlines the key elements of the AGL Compliance Framework. 3

2. Policy Statement AGL is committed to embedding compliance risk management (Compliance Management) practices within the broader risk management and governance frameworks, and integrating it in to all business processes and operations to drive consistent, effective and accountable decision making. The Policy is also consistent with our Code of Conduct which represents and upholds AGL s commitment to the highest standards of integrity, fairness and ethical behaviour. This Policy complies with the Australian Standard on Compliance Programs (AS 3806-2006). 3. Purpose This Policy sets out the objectives of the AGL Compliance Management Framework (Compliance Framework) so that it is structured, consistent and effective. The AGL Compliance Policy and Compliance Program are two key documents that together formalise and set out AGL s Compliance Framework. 4. AGL Compliance Context Compliance risk is inherent in all AGL s external and internal operating environments. AGL is committed to managing compliance risk effectively and efficiently. Effective Compliance Management is a means of achieving competitive advantage through cost efficiencies and enhanced public image for corporate governance. It is pivotal to enabling the ongoing growth and success of our business. The Compliance Framework is integral to embedding an integrated and sustainable Governance Risk Compliance (GRC) Management Framework across the business. AGL is subject to a wide range of compliance obligations which include: Regulatory and Legal: Commonwealth and State legislation, enforceable codes, guidelines and similar instruments, licenses, permits and contractual obligations. Organisational: AGL s own internal policies and procedures. Compliance management is essential to establishing good corporate governance and is a fundamental component of good risk management practice. 4

5. Scope This Policy applies to AGL, its directors and all its employees, and contractors (collectively referred as Employees ). 6. Objectives Compliance Management has a number of key objectives: Promote an enterprise wide approach by integrating compliance management processes with:» business strategy and decision making; and» risk, audit and general governance functions to achieve a fully integrated and overarching corporate governance framework (managing financial and non-financial risks); Develop and foster a compliance culture within the business which means:» proactive and accountable management of our Compliance Framework;» ownership of compliance obligations and risks within the business through established formal reporting lines with clearly defined roles and responsibilities; and» providing adequate resources to discharge our compliance management obligations; Identifying and managing AGL s compliance obligations. This includes identifying relevant compliance risks against these obligations to rank the likelihood and consequences of potential compliance failures and allocate resources for their treatment accordingly; Recognise that compliance risk is an aspect of all our business activities and that the underlying compliance risk appetite is key to effective decision making; Raising the level of awareness of our compliance obligations throughout the business by providing relevant compliance related training, education and guidance; Enable the design and implementation of compliance controls that:» are structured to promote effective realisation of the stated objectives,» provide appropriate assurance to Management and the Board that AGL has satisfied its compliance obligations, and» are cost effective and appropriate; Provide timely and accurate monitoring, review, communication and reporting of compliance risks. 7. Responsibilities AGL Board The Board has ultimate responsibility for overseeing the performance of AGL, including effectively monitoring the organisation s compliance management objectives. It is responsible for reviewing and approving changes to this Policy and for satisfying itself that AGL systems of compliance risk management and internal compliance controls are operating effectively. 5

To assist it in discharging its compliance responsibilities the Board has established the Audit and Risk Management Committee (ARMC). AGL Audit and Risk Management Committee In accordance with its Charter, the ARMC is responsible for maintaining and overseeing a sound system of internal controls based on the adoption by the Board of a risk-based approach to the identification, assessment, monitoring and management of risks that are significant to the fulfilment of AGL s business objectives. More specifically, the ARMC is required to: Review, and recommend to the Board, AGL s Compliance Policy and Program for identifying, assessing, monitoring and managing compliance; Regularly review and update AGL s compliance risk profile; Monitor the effectiveness of the Compliance Framework, including compliance performance by way of periodic management reports and assurances. Review at least annually, AGL s implementation of the risk management policy and framework (which will include the Compliance Policy and Program); and Review the adequacy of AGL s insurance policies, including the terms of annual policy renewals and the creditworthiness and claims payment histories of AGL s principal insurers. Group Audit Group Audit is an independent appraisal function established to provide assurance to the Board, the ARMC and the Executive Team about the adequacy and effectiveness of existing internal controls. Group Audit is responsible for: Developing and implementing an annual audit plan having regard to AGL s compliance risk and internal controls; Reviewing the effectiveness of AGL s Compliance Framework by conducting ongoing audits of compliance performance and programs established throughout the business; and Notifying Group Risk & Compliance of new and emerging compliance risks identified in the course of implementing the audit plan and, where necessary, modifying the audit plan to take account of the impact of new risks. Group Risk & Compliance Group Risk & Compliance is responsible for: Identification and reporting of AGL Tier 1 Risks; Promoting and facilitating a standardised approach to effective risk and compliance management; Assisting the business to understand and manage risk and compliance and facilitating the integration of AGL s approved processes for managing risk and compliance within the business; Reporting to the ARMC no less frequently than quarterly on risk and compliance issues as appropriate; 6

Supporting the business in identifying and implementing risk and compliance management improvement processes; Keeping abreast of factors in the internal and external environments that may affect the achievement by AGL of its strategic objectives and/or operating targets; Maintaining and reviewing the AGL Risk Management and Compliance Frameworks (including relevant policies and processes). Executive Team (including Chief Executive Officer) The Chief Executive Officer (CEO) has primary responsibility for designing, implementing and reporting on AGL s Compliance Framework. The Executive Team collectively has responsibility for promoting a compliance management culture throughout AGL, including consistent application of this Policy across AGL. Management Leadership Team AGL s Management Leadership Team (excludes the Executive Team) are responsible for: Promoting AGL s Compliance Framework and expectations for the management of compliance; Promote awareness and understanding of our compliance obligations; Providing appropriate resources to manage compliance risk in accordance with the Compliance Framework; Managing and escalating compliance risks, issues and opportunities in accordance with the Compliance Program; The design and implementation of cost effective compliance risk management and internal control systems to manage compliance risk, encourage efficiencies and take advantage of opportunities; Continuous monitoring and reporting of the effectiveness of compliance controls; Monitoring compliance, investigating breaches, material incidents or risks, recommending and/or approving improvement opportunities. Compliance Strand Managers In accordance with AGL s Compliance Program, Compliance Strand Managers (and Owners who are the Executive Team except for the CEO) will be accountable for overseeing and managing their assigned compliance strands which represent key compliance risk areas the business is required to comply with. Compliance Strand Managers may appoint other Employees within the Business to coordinate and report on compliance activities (including non-compliances) relevant to the compliance strand. 7

Employees It is the responsibility of all other AGL employees to: Adhere to AGL s compliance obligations. Where formal programs exist to monitor such compliance (a Compliance Function), all breaches, material incidents or risks must be communicated to such functions promptly and accurately; Look for opportunities to improve compliance efficiencies and optimise compliance outcomes.; and Ensure that they have the relevant competencies to perform their roles in accordance with management expectations. 8. Compliance Requirements Compliance Awareness and Management AGL takes compliance seriously and expects all employees to fulfill its compliance obligations. Each area of the business is accountable for managing key compliance risks and ensuring that employees understand and are aware of their compliance obligations. The necessary structures and processes to achieving effective compliance and embedding a compliance culture within the business are provided for in the AGL Compliance Program. Management Assurance Management s accountability for compliance is reinforced by a twice-yearly requirement for business unit managers to provide a formal assurance, ultimately to the AGL Board, regarding the state of compliance within the areas of their management responsibility. Full details of this management assurance process are detailed in the Compliance Program. Non-Compliance with AGL s Compliance Obligations AGL is committed to promoting a culture of identifying and managing compliance risk. This commitment is consistent with our Code of Conduct. It is also important in ensuring that we protect the business from material loss or reputational damage that the risk of non-compliance evokes. Under no circumstance is it acceptable for AGL Employees to knowingly and deliberately breach the organisation s compliance obligations, or to act unethically in the course of performing or advancing AGL s business. Breach Reporting and Complaints Handling AGL actively encourages the proactive reporting and remediation of compliance related complaints, breaches, incidents and issues through established breach reporting and complaints handling processes. 8

AGL Employees are required to observe breach reporting and complaints handling processes relevant to the requirements of their employment responsibilities. Compliance Awareness - Education and Training AGL recognises that the Compliance Framework should be fully understood by all those participating in the business and that education and training are fundamental to this understanding. As part of AGL s Learning and Development Framework, Group Risk & Compliance will have oversight of AGL s compliance training program so that Employees have the necessary competencies to understand their compliance obligations and perform their roles efficiently and effectively. AGL s Learning and Development Framework will provide consistency in how we develop our Employees in terms of technical, product, operational and behavioural programs. With underlying business support, it is also incumbent on Employees to ensure that they have the necessary competencies to perform their roles. Compliance Program AGL will maintain a Compliance Program which, together with this Policy, will form the basis upon which AGL s Compliance Framework is established. The purpose of the Compliance Program is to provide more detail and clarity on the roles and responsibilities and the steps and processes needed to maintain AGL s compliance with the varied compliance obligations that it is subject to. The Compliance Program will be reviewed no less frequently than every two years. 9. Audit and Review Group Audit facilitates good governance by periodically reviewing the continuing suitability and effectiveness of the Policy and reporting its findings and recommendations for improvement to the Audit and Risk Management Committee. Group Audit also conducts ongoing audits of compliance performance and the compliance programs established throughout the business. 10. Reviewing and Maintaining The Policy This Policy is administered by Group Risk & Compliance. The Policy is to be reviewed no less frequently than every two years. Changes to the Policy require Board approval. 9

11. Glossary of Terms Descriptor Compliance Compliance Framework Definition In conformity with the AS 3806-2006 definition, relates to adhering to the requirements of laws, organisational policies and procedures, codes, licenses, permits and contractual obligations, including but not limited to being consistent with voluntary standards and industry guidance on best practice and principles of good governance. Is the structure which requires AGL to take responsibility for ensuring that compliance is embedded into the business. It also defines key roles, responsibilities and processes within AGL to ensure we manage our compliance obligations effectively and efficiently. Compliance Risk Used interchangeably with compliance failure as defined in AS 3806-2006, refers to the risk of regulatory or legal penalties, material loss or reputational damage that AGL may suffer as a result of failure to comply with its compliance obligations. Compliance Risk Appetite Risk Management Breach Incident The broad-based amount of compliance risk a company or other entity is willing to accept in pursuit of its mission (or vision). The policies, processes and controls that are put in place to reduce the uncertainty of outcomes. Is used interchangeably with the term Issue and means an event found to be non-compliant with any regulatory or legal requirement, licence conditions or contractual obligations, as well as organisational policies and procedures (that also adopt industry standards and guidance on best practise and principles of good corporate governance considered appropriate in relation to the administration and operation of AGL s business). Is an event that is not a breach but has the potential to result in noncompliance by AGL 10

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information