Strategic report Governance Financial statements Other information RISK MANAGEMENT AND THE PRINCIPAL RISKS AND UNCERTAINTIES EVALUATING AND MANAGING RISKS CONTINUED Taxonomy Level 1 Operational Taxonomy Level 2 IT Operational Environment Owner: Risk Mitigation and controls Key risk indicators Chief Executive Officer1 Risk that HL fails to manage and maintain existing IT Architecture plan Unplanned downtime of client facing applications • • Link to strategy: technological architecture, environment or •Rolling internal and external monitoring • Status of critical projects components effectively that are key to of IT environment • Core system monitoring operational delivery. •Operational Plan, including prioritisation • System patching status of IT development • Technology risk events Potential impact •Identification of contingency providers • Inability to maintain operational efficiency for technology 2020/21 activity Link to HL values: Increased costs Continued development and evolution of our core Do the right thing, make it easy • • • Poor client outcomes architecture and the overseas dealing functionality 2020-2021 Change • Reputational damage • Platform security improvements INCREASING • Enhanced monitoring of technology environments • Further technology risk oversight developed • Refresh of technology strategy Taxonomy Level 1 Operational Taxonomy Level 2 Operational delivery core Owner: Risk Mitigation and controls Key risk indicators Chief Executive Officer, Risk that HL fails to design or implement • Group Risk Management Framework • Risk events and Compliance breach monitoring Chief Financial Officer appropriate policies, processes or technology. • Ongoing First Line of Defence monitoring of • Regulatory scrutiny or issues Link to strategy: controls, control testing and self-assessment • Third party breaches Potential impact • Process manuals and process mapping • Complaints referred to and upheld by FOS • Incorrect or inefficient delivery of activities • Training and development • Service level monitoring • Regulatory or policy breaches • Operational MI • Helpdesk call quality • Poor client outcomes • Control focus at key governance forums, including: • Employee retention rates Link to HL values: Financial losses including compensation CASS Committee, Executive Risk Committee and Operational processing transaction errors • • Put the client first, do the right Reputational damage Board Risk Committee • thing, make it easy, do it better 2020/21 activity 2020-2021 Change • Process improvements across operational functions INCREASING • IT solutions to reduce dependency on paper and increase efficiency of AML processes • Increased automation linked to drawdown calculations • Improved payments solution • Improved workforce planning 1Chief Executive Officer is the temporary owner whilst a new Chief Information Officer is appointed 55 Hargreaves Lansdown Report and Financial Statements 2021