The management of risk is embedded in the day-to-day operations of divisional management teams.
A key element of this is the regular review and update of detailed ‘risk registers’ in each division, in which risks are identified and assessed in terms of both the probability of the risk occurring and its potential impact.
Group-level risks are either derived from a ‘top‑down’ review, or from the divisional risk registers, because either the risk affects multiple divisions, or is of a materiality in itself that is considered of Group significance. Each of these Group-level risks is then assessed by the Board in terms of its potential impact on the Group and its key stakeholders. The Group prioritises risk mitigation actions by considering risk likelihood and potential severity.
The Covid-19 pandemic has had a significant impact on the public transport sector with mobility significantly restricted by lockdowns across the world. The Group has limited the impact of the pandemic by renegotiating contracts, entering in new arrangements with transport authorities and other customers to continue to operate on a pay-per-mile basis, and taking swift and decisive cost reductions.
Whilst there is good reason to believe that the deployment of vaccination programmes, and the development and introduction of new therapeutic treatments and drugs will speed recovery from the pandemic, the risk remains that new virus mutations or problems with the delivery of the vaccine may delay the recovery. We have introduced a new moderate likelihood, significant impact risk to cover both a materially slower recovery than base forecasts and lasting implications such as residual fear of travelling on public transport; significantly less travel for shopping; or a material change in working patterns with more of our passengers working from home.
The Emerging Risk Register is reviewed and approved by the Board. The Group considers an emerging risk to be one that is not currently having a material impact on the business, but has a reasonable likelihood of impacting future strategy or operations. The Group’s approach to managing emerging risk exposure is to:
- establish a wide universe of potential emerging risk, using horizon scanning techniques, published external research and peer/competitor review;
- assess these risks taking into account our industry sector and market position, and our strategy, to determine broad relevance;
- consider the potential impact of each risk on the Group’s strategy, finances, operations and reputation, taking into account the likelihood of the risk occurring, and the speed with which it may manifest; and
- develop actions to address the risks where appropriate.
As with the Group’s principal risks, many of the emerging risks present equal or greater opportunities. For example, climate change and ageing population demographics, which are risks fundamental to many sectors, are more of an opportunity than a threat to the Group.
As part of the process to identify emerging risks, Group businesses continue to monitor events that may develop anywhere in the world which have the potential to become global (e.g. a health pandemic, political conflict, climate/weather catastrophes) or to impact the markets where the Group operates.
From a very wide universe of potential emerging risks, the Group has, through the above process, identified a number of risks that warrant closer review. These have been further segregated into those requiring only a monitoring approach at present and those where actions are being developed alongside the principal risks. There are four risks that currently fall into the latter category.
These broadly cover the risk of disruption from integrators and/or demand‑responsive MaaS operations as well at the future possibilities offered by autonomous vehicles. It should be noted that the Group considers all these areas to be significant opportunities as well as risks.
Principle risk matrix