RISK MANAGEMENT
RISK MANAGEMENT Vestcor faces a number of risks in fulfilling our various client mandates. A summary of our recently updated Enterprise Risk Management Framework, available at vestcor.org/corporate, provides guidance and structure for ensuring that the organization can assess and adapt to emerging risks. Risk management is a key element in helping provide stability to both pension plan contributions and benefits and making sure that our investment management activities do not bring undue risk to our clients’ assets. All decisions are made in a risk context that not only focuses on the expected returns of our activities but also on the potential gains or losses that could be realized by those activities.
BOARD OVERSIGHT Although management has the primary responsibility for managing risk, under its terms of reference, the Board of Directors is responsible for understanding the risks and the systems that management has put in place to mitigate and manage those risks. The Board is assisted in this responsibility through the efforts of its Committees to which certain risk oversight has been delegated. The Board maintains specific responsibility for the oversight of fiduciary, business strategy and investment risk, however. Within the Board structure, the Human Resources & Compensation Committee focuses on risks relating to our employees and work environment. These include the leadership of the President and CEO, the ability to attract and retain qualified and motivated staff, leadership development and succession plans, and our Human Resource policies and practices. The Governance Committee focuses on the leadership and effectiveness of the Board and the reputation and public image of Vestcor. The Audit Committee focuses on oversight of financial risks including risks relating to the systems of internal control and financial reporting as well as cybersecurity and fraud risk.
INTERNAL AUDIT FUNCTION The Audit Committee of the Board uses an independent internal audit function, consisting of internal employees and external independent audit consultants, to assist the Committee in ensuring that the internal controls and information systems used by Vestcor are appropriate and effective. The internal audit function reports directly to the Audit Committee. Internal audit pursues a rotating, risk-focused examination of an audit universe that covers the expanse of Vestcor’s corporate policies and processes.
MANAGEMENT ACTIVITIES Vestcor has an independent Risk Team overseen by the Risk Manager. The Risk Manager is responsible for development, communication and administration of Vestcor’s Enterprise Risk Management Framework, leads the Enterprise Risk Management Council and reports directly to the Chair of the Audit Committee.
24 | VESTCOR ANNUAL REPORT 2021
