Risk Management

Robust, integrated and effective risk management is central to Wesfarmers’ broader governance framework and is fully supported by the Board and the Wesfarmers Leadership Team, as demonstrated through its commitment outlined in the Wesfarmers Board approved Risk Management Policy which is available in the corporate governance section of the company’s website at www.wesfarmers.com.au/cg.

Wesfarmers’ approach to risk management is aligned with the principles and requirements of International Standard ISO 31000:2018 – Risk Management Guidelines. These elements are necessary to support effective risk identification and awareness, and to support appropriate behaviours and judgements about risk-taking within the parameters and risk appetite set by the Board.

Wesfarmers has adopted a three-lines approach to risk management whereby all team members have an important role in the operation of the risk framework. The three-lines approach:

The framework was last comprehensively reviewed in December 2020 following the appointment of the Group Chief Risk Officer. The Group Risk Appetite Statement was reviewed and updated in May 2021 to reflect new and emerging risks and changing circumstances.

The framework is comprised of the following elements:

• Group Risk Management Policy (Policy) - the Policy outlines Wesfarmers’ approach to risk management, confirms the Group’s commitment to maintaining a risk-aware culture and embedding risk management practice within operations and outlines risk management roles and responsibilities. The Policy was approved by the Board in December 2020.

• Group Risk Appetite Statement (RAS) - the RAS outlines the Board’s appetite for risk within various categories, as well as the behaviours and mindsets it expects to be embedded in decision-making and operational practice. The RAS for the 2021 financial year was approved in June 2020, with guidance being further reviewed in December 2020.

• An independent Board, consisting of directors possessing the required values and bringing a suitable mix of skills, experience and diversity to Board oversight and decision-making.

• Board committees, including an Audit and Risk Committee, a Nomination Committee and a Remuneration Committee, established by the Board as standing committees, each with its own charter, to assist with the discharge of the Board’s responsibilities.

• Divisional audit and risk committees at Bunnings, Kmart Group, Officeworks, WesCEF, and Industrial and Safety to strengthen the divisional risk management processes.

• The Group Code of Conduct which sets out the standard of conduct expected by the Board of all persons employed by or working for the Wesfarmers Group built on the principles of honesty, integrity, fairness, respect and ethical behaviour.

• Dedicated, suitable qualified, personnel in the second and third lines who support the design of the risk management framework and are directly responsible for risk management activities.

• Group and divisional structures, reporting lines, immediate reporting requirements and appropriate authorities built upon Group policies which focus on three pillars of governance, operations and oversight (review and approvals) detailing specific processes and responsibilities and setting out guidelines for conduct to mitigate and manage risk.

• Group-wide risk assessment criteria designed to consistently guide materiality assessment, reporting and risk acceptance delegations, aligned with Wesfarmers’ values and reflective of risk appetite.

• A formal corporate planning process as part of setting strategy, which requires each division to assess the environment for trends that are likely to affect and shape relevant industries, perform scenario planning and prepare a SWOT analysis.