11

11 Our risks
and their
management

Risk management plays an integral part in helping ensure that ACCA achieves its vision to be #1 in developing the accountancy profession the world needs.

We consider risk across three broad types:

  • risks to the accountancy profession and the value that accountancy brings to society
  • risks to (the needs of) members and future members
  • risks that if left to crystallise could impact on our ability to deliver our corporate plans, strategy and our long-term sustainability.
    • The overall objective of our enterprise risk management (ERM) approach is to help link strategy and risks as clearly as possible so that our decision-making is transparent, both internally and externally, and based on robust evidence.

      To strengthen our risk management approach, we have introduced new risk software, Protecht ERM, to provide a holistic view of organisation-wide risks and opportunities in one central repository. This process is supported by internal subject matter experts and contributions from wider stakeholders across the business, while we continue to monitor changes in our wider environment that could impact our strategy.

      Eleven risks are currently held on our corporate level risk register (11 for the year ended 31 March 2020). Most of these risks are long-standing ones that are intrinsic to the achievement of our strategy and our operations as a global professional accountancy body. Following the inclusion of two new risks in 2019-20 (the risks around the evolution and ongoing attractiveness of the ACCA Qualification and the profession as a career, and those associated with our significant programme of digital transformation), an existing risk on student progression has been broadened and rephrased to recognise the importance of our affiliates in growing our future membership base.

       

      Ownership and oversight

      Our corporate risk register records the top cross-cutting risks and uncertainties that we believe ACCA faces. These risks, should they crystallise, have been judged to pose a significant threat to the successful delivery of our strategy and to ACCA’s longer-term sustainability.

      Each corporate-level risk is owned by a member of the Executive team, with the entire team reviewing all corporate-level risks every month to reflect any market, legislative and/or operational developments, adjusting mitigation and threat levels accordingly.

      Our Audit Committee, comprised of Council members, exercises independent oversight of both ACCA’s corporate risks and our ERM framework, providing assurance to ACCA’s Council, via the Council Board, on the effectiveness of our risk management approach.

       

      Risk appetite statement

      In achieving our vision of being #1 in developing the accountancy profession the world needs, we seek opportunities to operate in every country where we believe we can positively contribute to the accountancy profession and create public value. We have an open appetite for taking well-managed risk where innovation and transformation can create change for public good, build long-term value, and create opportunities for clear improvements in our ability to achieve our vision and strategy. Trust and integrity sit at the heart of our ambition. To this end, we hold an averse appetite to risks that call into question the ethics of the profession, the value accountancy creates, or establish doubts about our own ethics as an organisation.

Corporate risks and uncertainties

Risks

Key mitigations

Unable to accurately forecast income and costs

  • Monthly review of variances in key income streams
  • Quarterly forecasting of financial performance to give early warnings of shortfalls
  • Ongoing financial scenario development based on latest information
  • Key costs forecasted on driver-based modelling
  • Exam Forecasting Forum reviews exam volume forecasts in consideration of capacity

Supporting our students in exam progression and ensuring affiliates accomplish their journey to full membership

  • Supporting capability building of learning partners and tutors to adapt to qualification changes and address market-specific challenges
  • Strategic partner approach with key Approved Learning Partners
  • Monitoring of future member progression rates
  • Partner support – train the trainer
  • Enhanced resource offering to improve employability

Failures in our end-to-end exam processes

  • Robust end-to-end processes and controls
  • Contracts with strategic suppliers to ensure process deliveries within required performance measure and governance framework
  • Exam Contingency Group monitors and addresses potential and actual disruption to exams
  • Contingency plans in place and reviewed each exam session
  • Exams compensation and insurance policies in place

Ability to operate is restricted

  • Monthly monitoring and escalation of recognition risks
  • Leveraging existing forms of recognition and partnerships across our markets, including those with national bodies, regulators and relevant ministerial authorities
  • Cross-functional support, expertise and collaboration to strengthen the profession, develop and deliver partnerships, and market recognition initiatives for enhancement of global recognition portfolio

Failure to comply with existing, changing or new regulatory or legislative requirements

  • Internal/external audit process in place to address compliance
  • In-country legal advisers identify changing and new legislation
  • Subject matter experts across ACCA provide expert compliance advice
  • Global compliance policies in place owned by the Compliance Review Group

Loss of data or sensitive information

  • Regular reviews against ACCA’s industry-standard controls framework to measure IT security status and maturity improvements, and ensure that targeted activities provide value to ACCA’s overall cyber security posture
  • Cyber Security Team contributes to compliance and regulatory governance forums to ensure understanding of compliance position and requirements on ACCA

Distribution network unable to support changes to ACCA’s business model

  • Market Adoption Steering Group to support marketplace in embedding changes to ACCA Qualification model
  • Increasing global computer-based exam capacity to support exam delivery
  • Global tutor support plan to support changes

Failure to comply with educational regulators' requirements

  • Quarterly review to confirm compliance with Ofqual conditions
  • Customer Service Regulatory Compliance Group established
  • Annual review and statement of compliance with Ofqual and SQA conditions
  • Continual improvement of production and delivery systems and/or processes to detect and prevent error

Challenges and opportunities arising as a result of the UK’s exit from the EU

  • EU Exit Oversight and Working groups to oversee and direct risk and control activities
  • Scenario analysis undertaken covering ACCA people, procurement and supply chain, data, recognition (audit) and EU student flows, with action plans for each area
  • Representing interests of ACCA and our members through responding to consultations
  • Maintaining brand through messaging and guidance to ACCA members and other stakeholders
  • Detailed and ongoing engagement with regulators
  • Management of foreign exchange risk with forward hedges in place

Digital transformation

  • Rolling external assurance plan in place for each financial year focused on benefits realisation, change management approach, areas of potential risk of scope creep
  • Monthly financial review meetings
  • Quarterly benefits review
  • Benefits tracked and incorporated into five-year plan and reviewed every six months
  • Digital Maturity Model to support realisation of benefits to both internal and external stakeholders

Relevance and attractiveness of the accountancy profession

  • Developing a consistent, compelling message around why accountancy presents a strong and viable career
  • Review of member value proposition
  • Demonstration of our sustainability credentials
  • Enhanced segmentation of, and research into, prospect groups to better define outreach