Principle 7 of the ASX Corporate Governance Council’s Corporate Governance Principles and Recommendations1 (ASX Principles) states: “A listed entity should establish a sound risk management framework and periodically review the effectiveness of that framework”.
The ASX Principles suggest that the role of a risk committee is usually to review and make recommendations to the board in relation to:
- the adequacy of the entity’s processes for managing risk;
- any incident involving fraud or other break down of the entity’s internal controls; and
- the entity’s insurance program, having regard to the entity’s business and the insurable risks associated with its business.
Where a company does not have a risk committee, then the audit committee may be tasked with exercising that function and thereby have the responsibilities of a risk committee.