Strategic report Governance Financial statements Other information RISK MANAGEMENT AND THE PRINCIPAL RISKS AND UNCERTAINTIES EVALUATING AND MANAGING RISKS CONTINUED Taxonomy Level 1 Operational Taxonomy Level 2 Data Owner: Risk Mitigation and controls Key risk indicators Chief Executive Officer1 Risk that HL fails to design or implement Dedicated Chief Information Security Officer Data related Risk Events • • Link to strategy: appropriate frameworks, including policies, and Data Protection Officer • Data reporting issues processes or technology, to manage data • Data Governance function • Data Privacy Impact Assessment completions and data storage. •Data storage standards • Cyber events •Data usage standards • Fraud events Potential impact Link to HL values: Loss of sensitive data 2020/21 activity • Put the client first, go the extra Poor client outcomes (including fraud) Increase in data governance specialists • • mile, do the right thing, make it Inefficient processing Creation of Data Governance Forum • • easy, do it better Regulatory censure Updated Data Strategy • • 2020-2021 Change INCREASING Taxonomy Level 1 Operational Taxonomy Level 2 Duties to Clients Owner: Risk Mitigation and controls Key risk indicators Chief Executive Officer, Client Risk that HL’s culture and the HL values fail to • Employee Communication and Training • Glassdoor rating Director, Chief Financial Officer support and appropriate client focused conduct • Conduct and Risk policies • E e surveysmploye Link to strategy: by all colleagues, leading to poor client outcomes. • Risk and incident monitoring and review • Client survey results • Product Governance Committee • Colleague retention Potential impact • Corporate and social responsibility programme • Complaints • Poor client outcomes • Business-led diversity, inclusion and wellbeing • Clients cancelling a new product or service • Negative reputational impact programme of activity Link to HL values: Regulatory censure Colleague Performance Development model 2020/21 activity • • Put the client first, go the extra E holder valuerosion of share Whistleblowing process CEO Communications and client strategy • • • mile, do the right thing, make it Negative impact on achievement of AUA Improvements to Product Governance agenda • • easy, do it better and client number strategic targets Improvements to core conduct related process and • 2020-2021 Change training, i.e. whistle blowing and the SMCR regime conduct STABLE breach process • HL Way used to reinforce HL ‘values’ 1 Chief Executive Officer is the temporary owner whilst a new Chief Information Officer is appointed 57 Hargreaves Lansdown Report and Financial Statements 2021