The CEFC Board is ultimately responsible for the overall performance of the business, including oversight of risk management.
To assist in risk oversight, the Board has established an Audit and Risk Committee which is in turn assisted by the Executive Risk Committee, Executive Investment Committee, the Joint Investment Committee (with ARENA) for the Clean Energy Innovation Fund and the Asset Management Committee.
The Board has established an enterprise-wide Risk Management Framework to monitor and manage all areas of risk that our business faces, including strategic, investment and financial, reputational, operational and regulatory risks.
We employ a “three lines of defence model” where the front line is responsible for risk, supported and challenged by the (second line) independent risk function and the (third line) internal audit function.
Consistent with section 68 of the CEFC Act, the Risk Management Framework sets out the manner in which risk is managed for CEFC investments and for the Corporation itself. Further, the Board has articulated its appetite for risk through the Risk Appetite Statement that guides the organisation’s risk-taking activities.
The CEFC does not accept risks that compromise the integrity of the organisation and we require our people to behave ethically. We do have tolerance for the risks necessary to deliver on our statutory and strategic objectives.
Establishing and maintaining a culture where risk identification, evaluation and management is valued and promoted throughout the organisation is a critical enabler of effective risk management. An independent review of risk culture was conducted during 2019–20 with identified areas for improvement addressed. Further, we continue to monitor risk culture as an integrated part of our ongoing employee engagement and alignment assessment.
Our Values and the Code of Conduct and Ethics set the standards of behaviour we require of our people. We promote a risk aware culture where:
- Our people are required to conduct themselves in a manner consistent with the highest professional and ethical standards
- We consistently consider “should we” do things and not just “can we” do things
- Our incentive and reward systems are structured to encourage behaviour consistent with our risk appetite and do not reward excessive risk taking
- We empower our people to the full extent of their abilities and we hold them accountable for their actions
- We seek to apply leading practices in identifying, assessing, managing and pricing risk
- We invest in our risk management capabilities, including implementing cost-effective controls.
With respect to investment risk, we have a Credit Risk team that reviews and assesses credit and other risks associated with each proposed investment, independent of the investment origination team.
The Credit Risk team provides advice to the Executive Investment Committee, Joint Investment Committee and the Board on transaction level risks, as well as to the Asset Management Committee and the Audit and Risk Committee on investment portfolio matters.
The Risk Management Framework, together with the CEFC Investment Policies, embeds active identification, management and mitigation of risks into all areas of our investment functions, portfolio management and broader business operations.
The Risk Appetite Statement that is set by the Board is implemented throughout the business by establishing risk limits and risk indicators that are monitored and regularly reported. These cover areas including, but not limited to, sector-specific risks, equity risk, counterparty risk and technology risk.