PPC (Cement, Lime, Aggregates)
 
 

Corporate Governance

Corporate governance review

Corporate governance is the process by which companies are controlled and directed - and this is the ultimate responsibility of a company’s board.

Governance codes and guidelines are extremely valuable in determining an appropriate standard of conduct for directors. The more established these governance practices become, the more likely a court would regard conduct that conforms with these practices as meeting the required standard of care. Corporate governance practices, codes and guidelines therefore set the bar on appropriate standards of conduct.

In the South African context, the King committee and its interpretation of corporate governance best practice has become the established standard and the release of King III in September 2009 cemented South Africa’s commitment to world-class principles and guidelines on corporate governance.

King III (the code) has raised the bar on the appropriate standard for governance practices. In contrast to the King I and II codes, King III applies to all legal entities, regardless of the manner and form of incorporation or establishment and whether in the public, private or non-profit sectors. All entities are also required, by way of explanation, to make a positive statement about how the principles have or have not been applied.

The King committee recognises that the manner of applying the code will differ for each entity. The aspirational nature of the code, however, should drive entities to continually improve governance practices. It is important to understand that the ‘apply or explain’ approach requires more consideration and explanation of what has been done to implement the principles and best-practice recommendations of governance.

In this section of the report, we explain what PPC has achieved in implementing best practices recommended by the code. We regard our efforts as a journey, however, and acknowledge that we are continually moving towards better governance practices.

The code was written from the perspective of the board as the focal point of corporate governance. The group has made good progress during the year to align its board and board committees with the best-practice recommendations of the code.

Compliance with King III and the JSE listings requirements on corporate governance

The King III code came into effect on 1 March 2010. The JSE, however, will only require full compliance with the code in PPC’s 2011 financial year. For most of the financial year, PPC has been implementing the principles of King III and considering its best-practice recommendations. The company therefore cannot claim to have been fully compliant with the code throughout the review period.

While a substantial application of the code and the report has been achieved in the review period, the aspirational nature of the code will require the company to continually improve its governance practices. In addition to issues raised elsewhere in the report, the following key principles have not been fully implemented to date:

  • The code suggests the board should be responsible for information technology (IT) governance. In this regard, it should be noted that a SAP system was implemented during the period and with the first phase of the SAP system implementation it was management’s intention to simply replace its previous ERP system. There was no stated intention to enhance processes and controls and thus the full functionality of SAP was not implemented. To align the company with best practice, management will define appropriate levels of IT governance for approval by the board, which in turn will be reflected in appropriate levels of SAP controls.
  • Best practice requires that the board should approve the risk management policy and plan and that the risk management policy should be widely distributed throughout the company. While the risk management policy has been approved, the risk management plan as required by the code is still being considered, although significant progress has been made. Management is endeavouring to ensure that PPC’s strategy and objectives are aligned with the risk management process by conducting high-level risk assessment in conjunction with PPC strategic sessions. In addition, bottom-up risk assessments have been facilitated at all PPC business units and most of the functional disciplines. The process of implementing and embedding enterprise-wide risk management is a journey and the objective is to design a risk management framework that is right-sized for the company and industry.
  • While internal audit frequently reports on the effectiveness of internal controls, the audit plan for the year under review did not include a formal report on these controls as prescribed by the code. Such a report will be submitted to the board in the next financial year.

Integrated reporting

The board is responsible for the integrity of the company’s integrated report. As proposed in the code, the board has delegated the responsibility to evaluate sustainability disclosures to the audit committee. At its meeting in May 2010, the board, based on the recommendation of the audit committee, confirmed the appointment of Deloitte & Touche as the external assurance provider for the sustainability report.

The Global Reporting Index (GRI) G3 has been used as the basis for reporting and nine indicators for assurance were identified through the standard risk review process as material risks to PPC. For more detail refer to Independent audit report.

The external assurance report of Deloitte & Touche was tabled at the audit committee meeting in November and was referred to the board for consideration at its November meeting. The board was satisfied with the assurance provided by Deloitte & Touche.

The board’s statement on the company’s status as a going concern is in Certificate by company secretary.

Board review

Board governance

The PPC board is the focal point and custodian of corporate governance in the PPC group. More detail on members of the board appears in Directorate. Board members are expected to act in the best interest of the company and the group company secretary maintains a register of directors’ interests as required by law.

In line with its annual meeting plan, the board meets six times a year and has adopted a board charter which includes a statement of governance principles that guide the activities of the board. This charter also details the roles of the chairman of the board and chief executive officer (CEO).

According to the charter, the roles and responsibilities of the board are to:

  • Act as the focal point and custodian of corporate governance by conducting its relationship with management, shareholders and other stakeholders of the company according to sound corporate governance principles
  • Appreciate that strategy, risk, performance and sustainability are inseparable and give effect to this by:
    • contributing to and approving the strategy
    • satisfying itself that the strategy and business plans do not give rise to risks that have not been thoroughly assessed by management
    • identifying key performance and risk areas
    • ensuring the strategy will result in sustainable outcomes
    • considering sustainability as a business opportunity that guides strategy formulation
  • Provide effective leadership on an ethical foundation
  • Ensure the company is, and is seen to be, a responsible corporate citizen by considering not only the financial aspects of its business but also the impact business operations have on the environment and society within which it operates
  • Ensure the company’s ethics are managed effectively
  • Ensure the company has an effective and independent audit committee
  • Be accountable for the governance of risk
  • MoEnsure the company complies with applicable laws and considers adherence to non-binding rules and standards nitor information technology governance
  • Ensure the company complies with applicable laws and considers adherence to non-binding rules and standards
  • Ensure there is an effective risk-based internal audit
  • Appreciate that stakeholders’ perceptions affect the company’s reputation
  • Ensure the integrity of the company’s integrated report
  • Act in the best interests of the company by ensuring that individual directors:
    • adhere to legal standards of conduct
    • are permitted to take independent advice related to their duties following an agreed procedure
    • disclose real or perceived conflicts to the board and deal with them accordingly
    • deal in securities only in accordance with the policy adopted by the board
  • Initiate business-rescue proceedings as soon as the company is financially distressed
  • Elect a chairman of the board who is an independent non-executive director
  • Appoint and evaluate the performance of the CEO.

In fulfilling its duty, the full board annually selects a chairman at its meeting in February and appoints the CEO.

The current chairman of the board is Bheki Sibiya. At its meeting in November, the nominations committee confirmed his status as an independent non-executive director. The role of the chairman has been formalised in the board charter and requires that he should:

  • Lead the board, not the company
  • Safeguard the integrity of corporate governance processes and actions as determined collectively by the board
  • Be the link between the board and management, particularly the CEO
  • Be the main link between the board, shareholders and the public at large.

The duties of the chairman must be viewed in the broadest terms. All the chairman’s specific actions should fall into one of the categories above. Other core functions to be performed by the chairman include:

  • Actively participating in selecting board members and overseeing a formal succession plan for the board and executive directors
  • Ensuring new directors are properly inducted and that board evaluations and director appraisals are carried out
  • Formulating, in conjunction with the board, an annual work plan for the board against agreed objectives and goals
  • Acting as the main informal link between the board and executive directors, particularly between the board and the CEO
  • Ensuring all directors play a full and constructive role in the affairs of the company and taking a lead role in removing non-performing or unsuitable directors from the board
  • Ensuring all relevant information and facts are timeously placed before the board to enable the directors to reach an informed decision.

In line with best practice, the chairman’s ability to add value and his performance against what is expected of his role and function were assessed in the second half of this financial year (see annual board evaluation report).

The CEO and chief financial officer (CFO) are ex officio members of the board.

The current CEO is Paul Stuiver. In the board charter, the board and the chairman recognise that the CEO is the leader of the company and of the management team, is responsible for day-to-day operations and is the principal spokesperson for the company, while the chairman is the leader of the board. The framework for delegating authority is reviewed annually in September. The CEO provides regular reports during board meetings on progress in executing strategy against the formalised company scorecard. The board has set specific targets for management on the CEO succession plan and the CEO is responsible for the execution of this plan. The performance of the CEO and his management team is evaluated annually by the remuneration committee and the outcome of this evaluation is the basis for salary increases, bonus payments and participation in share incentive schemes.

The current CFO is Peter Esterhuysen and his experience and expertise are annually evaluated by the audit committee and the outcome reported to the board.

The ultimate authority and responsibility for the company resides collectively in the full board of directors and not any one individual.

A copy of the board charter can be obtained from the company secretary.

Board composition

The nominations committee annually evaluates whether its size, diversity and demographics make the board effective. At year end, the board comprised a non-executive chairman, five executive and seven non-executive directors. At its meeting in November, the nominations committee evaluated the independence of non-executive directors and concluded that the following directors are independent as defined in the code and the JSE listings requirements:

  • Zibu Kganyago
  • André Lamprecht
  • Ntombi Langa-Royds
  • Tim Ross
  • Joe Shibambo
  • Bheki Sibiya.

André Lamprecht has been a member of the board since November 1997, but after rigorous review of his independence and performance by the board, it was concluded that he has maintained his independence.

The following graphs illustrate the composition and demographics of the board as at 30 September 2010:

Board balance

Board race balance

Board gender balance

Board composition

Directors are appointed through a formal process and the nominations committee assists in identifying suitable candidates to be proposed to shareholders.

A formal induction programme is established for new directors, and inexperienced directors are developed through mentorship programmes. For continuing development, the company encourages directors to attend the professional development programmes of the Institute of Directors.

While no limitations are imposed by the board charter, or otherwise, on the number of other appointments directors can have, approval must be obtained from the chairman prior to accepting additional commitments that may affect the time directors can devote to the group.

The board succession plan was reviewed by the nominations committee at its meeting on 4 November 2010, taking into account the results of the annual board evaluation.

At the annual general meeting in January 2011, at least one-third of non-executive directors will retire by rotation. All these directors are available for re-election and their re-election to the board is supported by the nominations committee after considering their performance and attendance.

The group company secretary

The group company secretary is Jaco Snyman and he provides the board as a whole and directors individually with detailed guidance on discharging their responsibilities. He is a central source of information and advice to the board and within the company on matters of ethics and good governance. He also ensures the proceedings and affairs of the board, its committees, the company itself and, where appropriate, owners of securities in the company are properly administered in accordance with pertinent laws. He is responsible for compliance with the rules and listings requirements of the JSE Limited and the Zimbabwe Stock Exchange on which the company’s securities are listed and administers the statutory requirements of the company and its subsidiaries in South Africa.

Board and committee meeting attendance between 1 October 2009 and 8 November 2010

Status/position Board AGM Audit BEE and transformation* Nominations Remuneration Risk and compliance
Board members
ZJ Kganyago Independent non-executive 7/7 1/1 3/4
AJ Lamprecht Independent non-executive 6/7 1/1 2/5 1/3
NB Langa-Royds Independent non-executive 5/7 1/1 5/5C 3/3 6/6C
TDA Ross Independent non-executive 7/7 1/1 4/4C 4/4
J Shibambo Independent non-executive 7/7 1/1 4/4 5/5 3/3 5/6 4/4C
BL Sibiya Independent non-executive 6/7C 1/1 2/3C
MP Malungani Non-executive director 6/7 1/1 3/5
JS Vilakazi Non-executive director 6/7 1/1 4/6 2/4
 
Management
S Abdul Kader MD cement (SA) 6/7 1/1
RH Dent MD lime, aggregates, Botswana and Zimbabwe 6/7# 1/1
P Esterhuysen Chief financial officer 7/7 1/1 4/4
SG Helepi Director: organisational performance and transformation 6/7 1/1
P Stuiver Chief executive officer 7/7 1/1

C Chairman of committee
# Mr Dent resigned from the board with effect from 1 November 2010
* Reconstituted as the social and ethics committee

Annual board evaluation

The code requires annual board performance evaluations by the chairman or an independent service provider and that the results of these evaluations should identify training needs for directors. The code further requires that an overview of the appraisal process, results and action plans should be disclosed in the annual integrated report.

Process

For the review period, the board agreed to the assessment of its effectiveness by an external facilitator to ensure objectivity and independence. The Institute of Directors in Southern Africa (IoDSA) was selected to facilitate the appraisal.

This process was essentially a self-assessment of the performance of the board of PPC with IoDSA playing a facilitating role. This report therefore reflects the opinion of members of the board on its performance.

Results

The evaluation found that the board has significantly more areas that are satisfactory or good than concerns.

The following areas of concern were identified by the board:

  • Reporting on the pension fund was insufficient. More comprehensive reporting is required.
  • There was general acceptance that more needed to be done in terms of succession planning. The board will consider appointing a deputy chairman (to stand in for the chairman if he is unavailable) who can be groomed to succeed the chairman. The CEO will come to the end of his contract in the 2012 financial year and a successor will be identified in good time.
  • IT governance received a low rating, indicating a need for improvement.

Strategic planning

As a key performance area of the board, group strategy is mapped by the board in consultation with the executive committee of the company (exco). The board appreciates the fact that strategy, risk, performance and sustainability are inseparable and annually reviews the strategy at its meeting in August. During the review period, two board meetings were devoted to strategy development. In these meetings, exco members presented the group and individual business units’ strategies to the board. The board has ensured that the strategy is aligned with the purpose of the company, value drivers of the group and legitimate interests and expectations of its stakeholders. In addition, the board has satisfied itself that the strategy and business plans are not encumbered by risks that have not been thoroughly examined by management. The board-approved strategy has been incorporated into the company scorecard against which the performance of management is measured annually.

At its meeting in August, the board approved the reconstitution of the black economic empowerment and transformation committee into the social and ethics committee. As part of its responsibility, this committee will ensure the company’s strategy results in sustainable outcomes taking account of people, planet and profit.

Ethics

Responsible corporate citizenship implies an ethical relationship of responsibility between the company and the society in which it operates. As a responsible corporate citizen of the societies in which it does business, the company has accepted its legal and moral obligations for its economic, social and natural environment.

The company has adopted a group ethics policy. In this policy, the board acknowledges that ethical business conduct is in PPC's long-term interest because it creates loyalty and trust in employees, customers, suppliers, the communities in which PPC operates, and other stakeholders. The recently constituted social and ethics committee has been mandated by the board to assist it in monitoring the company's activities, with due regard to all relevant legislation, other legal requirements and prevailing codes of best practice on various sustainability issues including good corporate citizenship.

The company has provided an independent, confidential and safe system by which employees or other parties can report unethical or risky behaviour. Such reports can be submitted to the PPC Ethics Line, detailed below.

PPC Ethics Lines

South Africa
Deloitte & Touche Tip-Offs Anonymous

Telephone 0800 00 67 05
Free fax 0800 00 77 88
Address PPC Ethics Line
Free post c/o Tip-Offs Anonymous
Free Post DN298
Umhlanga Rocks
4320
South Africa
Email ppc@ethics-line.com
International +27 31 508 6493

Botswana
Deloitte & Touche

Telephone 0800 60 06 44
Facsimile 0800 00 77 88
Email ppc@ethics-line.com

Zimbabwe
Deloitte & Touche

Telephone 0800 4100
Facsimile +263 91 8240 921
Address The Call Centre
Free post PO Box HG 883
Highlands
Harare
Zimbabwe
Email reportszw@tip-offs.com

The board's responsibility for ethics and good corporate citizenship is confirmed in its charter.

Internal control

Reporting within the company is structured so that key issues are escalated through the management team ultimately to the board if appropriate.

The board has delegated to the audit committee responsibility for reviewing in detail the effectiveness of the company's system of internal controls. After completing these reviews, the committee reports to the board on its findings so that the board as a whole can take a view on this matter. This has been subject to regular review over a number of years, resulting in a number of refinements.

Delegation

The board delegates certain functions to well-structured committees but without abdicating its own responsibilities. Delegation is formal and involves:

  • Formal terms of reference are established and approved for each committee of the board
  • The committees' terms of reference are reviewed once a year
  • The committees are appropriately constituted with due regard to the skills required by each committee
  • The board establishes a framework for delegating authority to management.

Board committees

During the review period, the board had five standing committees through which it operated. Formal terms of reference have been established and approved for each committee of the board, and reviewed by the relevant committee. Committees play an important role in enhancing good corporate governance, improving internal controls and therefore the sustainable performance of the company. The board committees and their chairpersons were:

  • Audit committee - Tim Ross
  • Risk and compliance committee - Joe Shibambo
  • Nominations committee - Bheki Sibiya
  • Remuneration committee - Ntombi Langa-Royds
  • BEE and transformation committee - Ntombi Langa-Royds

The chairpersons of these committees are independent non-executive directors.

During the year, the board also appointed an ad hoc committee known as the deal committee, to assist the board in executing its expansion strategy. The chairperson of this committee is Peter Malungani. Although Peter is not an independent director, the board has appointed him based on his experience and skills and the fact that the committee would be convened on an ad hoc basis only.

In the interest of free information flow and good oversight, the minutes or summary minutes of board committees are included in board packs. In addition, the chairpersons of the committees are required to present an annual report on the activities of the committees at the board's meeting in November. Based on these reports and the minutes of the committees, their performance and conformance to terms of reference are annually evaluated by the board. At its meeting in November, the board concluded that all committees had executed their responsibilities within the scope of their respective terms of reference in the 2010 financial year.

Audit committee

In the review period, the members of the audit committee were: Tim Ross (chairperson), Zibu Kganyago and Joe Shibambo who has since resigned from the committee (8 November 2010). All members were independent in accordance with provision of the code and the Companies Act. The committee may obtain, at the company's expense, independent professional advice on any matters covered by its terms of reference. The committee was in place throughout the 2010 financial year, and the external auditors and head of internal audit have direct access to its chairperson.

Tim Ross has been chairperson of the committee since 2009. He was a partner with Deloitte for 36 years and retired in May 2008. Tim is a member of the South African Institute of Chartered Accountants. The chairperson of the committee will be available for re-election as chairman at the board meeting in February 2011.

Members of the executive team, including the CFO and CEO, attend committee meetings by invitation. Similarly, external and internal auditors attend committee meetings by invitation and have no voting rights. The chairperson reports to the board on the activities and recommendations made by the committee. The head of internal audit reports to the chairperson of the audit committee and to the CFO on day-to-day matters. The latest minutes of committee meetings are included in board packs.

The audit committee has its own terms of reference approved by the board, to assist members of the committee to understand their roles and enable them to add value in discharging their duties. The audit committee's terms of reference are reviewed annually. In line with the code, the 2010 review of the audit committee's terms of reference resulted in expanding its mandate to cover new areas of responsibility, such as integrated reporting and information technology. Among other items, the audit committee's terms of reference include:

Terms of reference

Financial statements

The committee reviews the annual financial statements, interim and preliminary announcements, accompanying reports to shareholders and any other announcements on the company's results or other financial information to be made public, prior to submission and approval by the board.

Integrated reporting

The committee oversees integrated reporting, and in particular:

  • Takes cognisance of all factors and risks that may impact on the integrity of the integrated report, including factors that may predispose management to present a misleading picture, significant judgements and reporting decisions made, monitoring or enforcement actions by a regulatory body, any evidence that brings into question previously published information, forward-looking statements or information
  • Reviews the disclosure of sustainability issues in the integrated report to ensure this is both reliable and supported by the external audit assurance report on sustainability
  • Recommends to the board whether or not to engage an external assurance provider on material sustainability issues
  • Recommends the integrated report for approval by the board
  • Considers whether the external auditor should perform assurance procedures on interim results
  • Engages the external auditors to provide assurance on summarised financial information
  • Prepares a report, to be included in the annual financial statements for that financial year (see audit committee report).

Combined assurance

The committee will ensure that a combined assurance model is applied to provide a coordinated approach to all assurance activities. In particular, the committee will:

  • Ensure the combined assurance received is appropriate to address all significant risks facing the company
  • Monitor the relationship between the external assurance providers and the company.

Internal audit

The committee is responsible for overseeing internal audit. In particular, the committee will:

  • Be responsible for the appointment, performance assessment and/or dismissal of the chief audit executive
  • Be responsible for the appointment, performance assessment and/or dismissal of the outsourced internal audit service provider
  • Approve the internal audit plan and any significant changes and satisfy itself that the audit plan effectively addresses the critical risk areas of the business
  • Ensure the internal audit function is subject to an independent quality review, when the committee determines it appropriate
  • Review internal audit's compliance with its charter as approved by the audit committee and consider whether the internal audit function has the necessary resources, budget and standing within PPC to discharge its functions.

Risk management

The committee is an integral component of the risk management process. Specifically, the committee oversees:

  • Financial reporting risks
  • Internal financial controls
  • Fraud risks as these relate to financial reporting
  • IT risks as these relate to financial reporting.

External audit

The committee is responsible for recommending the appointment of the external auditor and overseeing the external audit process. As such, the committee must:

  • Nominate an independent external auditor for appointment by shareholders
  • Determine the fees to be paid and terms of engagement of the auditor
  • Ensure the appointment of the auditor complies with the Companies Act and other relevant legislation
  • Monitor and report on the independence of the external auditor in the annual financial statements
  • Define a policy for non-audit services provided by the external auditor
  • Pre-approve contracts for non-audit services to be rendered by the external auditor
  • Ensure there is a process for the committee to be informed of any reportable irregularities (as identified in the Auditing Profession Act, 2005) identified and reported by the external auditor
  • Review the quality and effectiveness of the external audit process.

Financial director

In addition, each year the audit committee must consider and satisfy itself on the appropriateness of the expertise and experience of the financial director (chief financial officer). The committee must confirm its findings in its annual report to the board.

Financial function

The committee must review the expertise, resources and experience of the company's finance function, and disclose results in the integrated report.

Compliance with terms of reference

The committee reported on its activities for the review period at the board meeting on 8 November 2010. At this meeting, the committee confirmed it has complied with its terms of reference and recommended:

  • The financial statements for the year ended 30 September 2010 to the board for approval
  • Approval for reporting on the sustainability performance indicators to the board, based on assurance provided by the external auditors
  • The nomination of Deloitte & Touche for appointment as auditor of the company under section 270 of the Companies Act subject to shareholder approval after confirming the independence of the auditor. Mr Michael John Jarvis (IRBA no 342297) from this firm of auditors has been nominated as the designated auditor.

The committee's principal activities in the review period are set out in its report below.

Audit committee report - 2010

We are pleased to report to you on the audit committee's activities in 2010. The committee executes its responsibility in compliance with the Companies Act (the Act) and within the mandate given by the PPC board as stipulated in its terms of reference. During the year under review, the terms of reference of the committee were expanded to align these with King III.

Membership and meetings. The committee is comprised solely of independent non-executive directors as required by legislation. The members are Mr Tim Ross (chair), Ms Zibu Kganyago and Mr Joe Shibambo. In accordance with its annual meeting plan, the committee has held three meetings during the period and we confirm it has discharged its oversight responsibilities within the scope of its mandate.

External audit. The committee reviewed with the external audit firm, which is responsible for expressing an opinion on the conformity of the audited financial statements and related schedules with IFRS and its judgements as to the quality, not just the acceptability, of the company's accounting principles. There is a formal procedure that governs the process whereby the external auditors are considered for the provision of non-audit services and the engagement letter for such services is reviewed by the committee in advance. The committee has satisfied itself through enquiry that the external auditor is independent as defined by the Act.

The committee has met with the external audit firm without management present, to discuss the results of their examinations; their evaluations of the company's internalcontrol, including internal control over financial reporting; and the overall quality of the company's financial reporting. The committee also discussed the expertise, resources and experience of the company's finance function with the external auditors. No matters of concern were raised during those meetings.

The committee has agreed to an audit fee for the 2010 financial year which is disclosed in note 17 to the financial statements. We are of the view that this fee, which is in line with the budget, is appropriate.

Relying on the reviews and discussions referred to above, the committee has nominated Deloitte & Touche as external auditors for the 2011 financial year subject to approval at the annual general meeting. Mr Michael John Jarvis (IRBA no 342297) from this firm of auditors has been nominated as the designated auditor.

Internal audit. The committee has confirmed the reappointment of Ernst & Young to fulfil PPC's internal audit requirements. The internal audit function reports to the audit committee on its findings and has unrestricted access to that committee and its chairperson. During the period, no major breakdowns in internal controls were identified.

In terms of King III, the committee has appointed a chief audit executive and will be responsible for the performance assessment and/or dismissal of this executive.

The committee has met with the internal audit firm without management present, to discuss the results of its examinations; its evaluations of the company's internalcontrol, including internal control over financial reporting; and the overall quality of the company's financial reporting. No matters of concern were raised during those meetings.

Financial director review. The committee has also reviewed the performance, appropriateness and expertise of the chief financial officer, Mr Peter Esterhuysen, and confirms his suitability for appointment as financial director in terms of the JSE listings requirements.

The integrated report. The committee has considered all factors and risks that may impact on the integrity of the integrated report. In fulfilling its oversight responsibilities, the committee has reviewed and discussed the audited financial statements and related schedules as reported in the integrated report with company management and the external auditors. The committee considers that the report complies with the Act and IFRS and has therefore recommended the annual financial statements for approval to the board. The committee has also facilitated the appointment of an external assurance provider on material sustainability issues. With the exception of one matter, the auditors confirmed that the selected performance indicators are fairly presented to shareholders.

TDA Ross Audit committee chair
ZJ Kganyago Audit committee member
J Shibambo Audit committee member

8 November 2010

Please refer to notice of annual general meeting regarding the appointment of the external auditor and members of the committee.

Risk and compliance committee

The members of the risk and compliance committee were: Joe Shibambo (chairperson), Peter Esterhuysen, Tim Ross and Jerry Vilakazi. Peter, an executive director, was appointed to the committee to align it with the best-practice recommendations of the code. All other members of the committee are non-executive directors. The committee may obtain, at the company's expense, independent professional advice on any matters covered by its terms of reference.

Members of the executive team responsible for risk and compliance management, including the CEO, attend committee meetings by invitation. Similarly, external and internal auditors attend committee meetings by invitation but have no voting rights. The chairperson of the committee reports to the main board on the activities and recommendations made by the committee and the latest minutes of committee meetings are included in board packs.

The committee has its own terms of reference approved by the board, to assist its members to understand their roles and enable them to add value in discharging their duties. The committee's terms of reference are reviewed annually. In line with the code, the 2010 review of the committee's terms of reference resulted in expanding its mandate to cover new areas of responsibility.

Terms of reference

Among other issues, the committee's terms of reference include responsibility to:

  • Oversee the development and annual review of a policy and plan for risk management to recommend for approval to the board
  • Monitor implementation of the policy and plan for risk management taking place by means of risk management systems and processes
  • Make recommendations to the board on the levels of risk tolerance and appetite, and monitoring that risks are managed within these levels as approved by the board
  • Approve the company's compliance policy and oversee that the policy is disseminated through the company
  • Oversee that the risk management plan is disseminated throughout the company and integrated in its day-to-day activities
  • Ensure risk assessments are performed continuously
  • Ensure compliance management assessments are continuously performed
  • Ensure frameworks and methodologies are implemented to increase the possibility of anticipating unpredictable risks
  • Ensure management considers and implements appropriate risk responses
  • Ensure continuous risk monitoring by management takes place
  • Liaise closely with the audit committee and other board committees to exchange information relevant to risk
  • Express a formal opinion to the board on the effectiveness of the system and process of risk management
  • Review reporting on risk management and compliance being included in the integrated report in terms of being timely, comprehensive and relevant.

Compliance with terms of reference

The committee reported on its activities for the review period at the board meeting on 8 November 2010. At this meeting, the board confirmed it had complied with its terms of reference.

View a more detailed review on risk of this report. View the compliance report.

Nominations committee

The members of the nominations committee were: Bheki Sibiya (chairperson), Ntombi Langa-Royds, André Lamprecht and Joe Shibambo. The committee was in place throughout the 2010 financial year. All members are independent non-executive directors as defined in the code. The committee may obtain, at the company's expense, independent professional advice on any matters covered by its terms of reference.

The committee normally asks the CEO to attend its meetings, but he has no voting rights.

The committee has its own terms of reference, approved by the board, which are reviewed annually. The chairperson reports to the main board on the activities and recommendations made by the committee and the latest minutes of committee meetings are included in board packs.

Terms of reference

The committee performs all the functions necessary to fulfil its role as stated in its terms of reference including:

  • Ensuring the establishment of a formal process for appointing directors, including:
    • identifying suitable members of the board
    • performing reference and background checks of candidates prior to nomination
    • formalising the appointment of directors through an agreement between the company and the director
  • Overseeing the development of a formal induction programme for new directors
  • Ensuring inexperienced directors are developed through a mentorship programme
  • Overseeing the development and implementation of continuing professional development programmes for directors
  • Ensuring directors receive regular briefings on changes in risks, laws and environment in which the company operates
  • Considering the performance of directors and taking steps to remove directors who do not make an appropriate contribution
  • Finding and recommending to the board a replacement for the CEO when that becomes necessary
  • Ensuring formal succession plans for the board, CEO and senior management appointments are developed and implemented
  • Providing input on senior management appointments as proposed by the CEO.

Compliance with terms of reference

The board has approved a policy for the appointment of directors, and background and reference checks are performed before appointing directors.

The committee reported on its activities for the review period at the board meeting on 8 November 2010. At this meeting, the board confirmed that the committee has complied with its terms of reference.

Remuneration committee

The members of the remuneration committee were: Ntombi Langa-Royds (chairperson), Joe Shibambo and Jerry Vilakazi. All the members are non-executive directors. PwC, appointed by the company, acted as remuneration advisors to the committee and provided detailed information on market trends and the competitive positioning of remuneration.

The committee normally asks the CEO to attend its meetings but he has no voting rights. He does not participate in discussions on his own remuneration, which is set by the committee.

Terms of reference

The committee performs all functions necessary to fulfil the role stated in its terms of reference, including:

  • Overseeing the establishment of a remuneration policy that will promote achieving strategic objectives and encourage individual performance
  • Ensuring the remuneration policy is put to a non-binding advisory vote at the general meeting of shareholders once every year
  • Reviewing the outcomes of implementing the remuneration policy against set objectives
  • Ensuring the mix of fixed and variable pay, in cash, shares and other elements, meets the company’s needs and strategic objectives
  • Satisfying itself on the accuracy of recorded performance measures that govern the vesting of incentives
  • Ensuring all benefits, including retirement benefits and other financial arrangements, are justified and correctly valued
  • Considering the results of the performance evaluation of the CEO and other executive directors, both as directors and as executives in determining remuneration
  • Selecting an appropriate comparative group when comparing remuneration levels
  • Regularly reviewing incentive and retention schemes to ensure continued contribution to shareholder value and that these are administered in terms of the rules
  • Considering the appropriateness of early vesting of share-based schemes at the end of employment
  • Advising on the remuneration of non-executive directors
  • Overseeing the preparation and recommending to the board the remuneration report, to be included in the integrated report.

Compliance with terms of reference

The committee has reviewed group remuneration policies to ensure these are aligned with the company’s strategy and linked to individual performance.

For a more detailed report on remuneration. View the remuneration policy of the company and shareholders will be requested to pass a non-binding advisory to indicate support for this policy at the annual general meeting. The fees proposed for non-executive directors for 2011, which are subject to shareholder approval.

Black economic empowerment and transformation committee*

The members of the BEE and transformation committee were: Ntombi Langa-Royds (chairperson), Joe Shibambo, André Lamprecht and Peter Malungani. All members of the committee are non-executive directors.

The committee has its own terms of reference approved by the board and reviewed annually. The chairperson reports to the board on the activities and recommendations made by the committee and the latest minutes of committee meetings are included in board packs.

The committee assists the board in adopting a holistic approach to transformation and complying with all relevant legislation or charters. The newly constituted social and ethics committee had its first meeting on 26 October 2010.

* This committee has been reconstituted and in the new financial year will be known as the social and ethics committee

Terms of reference

In line with its terms of reference, the committee’s objectives are to:

  • Ensure management embraces the principles of transformation enterprise-wide across all facets of the group’s activities
  • Develop and implement an appropriate transformation strategy
  • Ensure equity ownership of PPC conforms to the requirements of the mining charter to achieve effective 26% empowerment by 2014 to qualify for new mining rights
  • Regularly review policies, plans and processes aimed at facilitating transformation in the group
  • Review integrated annual reporting to stakeholders on aspects of transformation
  • Provide an objective forum dedicated to policy recommendation to the board and guiding significant matters on transformation within the group.

Compliance with terms of reference

For a detailed review on transformation.

Deal committee

The members of the deal committee are: Peter Malungani (chairperson), Peter Esterhuysen, Ntombi Langa-Royds, André Lamprecht, Bheki Sibiya and Paul Stuiver. As noted, Peter Malungani is not an independent director but the majority of members are non-executive directors, most of whom are independent.

The committee is an ad hoc body and its terms of reference are to:

  • Consider strategic options and recommendations presented by management on international expansion
  • Provide guidance, support and explore options that will facilitate progress in periods between board meetings.

Committee meetings are scheduled when required by progress on transactions.

Compliance report 2010

A compliance function has been established in the group’s legal services department. It is responsible for advising and assisting the board and management with awareness and assessing compliance with the regulatory environment. A comprehensive compliance report is submitted to the risk and compliance committee twice a year, which in turn reports to the board.

The compliance function’s structure and approach enable it to support management at all levels by leveraging off specialised technical skills and business knowledge. Compliance is structured into centralised and decentralised functions. The former is responsible for group-wide monitoring and forms the centre of expertise on legislation and regulatory impact on the group. The latter comprises compliance champions and unit compliance officers who are deployed into the various business units. They are responsible for business-specific monitoring, training and advice.

The two key areas of responsibility are:

  • Identifying and advising the group on existing and new legislation applicable to its business
  • Facilitating compliance with relevant legislation and assigning responsibility for areas of compliance.

Once new legislation is identified, management appoints a task team to conduct an impact assessment. After that project plans and timelines covering implementation and training are agreed and implemented.

Focus areas in review period

There have been many changes to laws and regulations in prior years, with more to be finalised or effective shortly, most notably:

  • King III
    King III came into effect on 1 March 2010. During the year a gap analysis between the group’s current practices and those recommended by King III confirmed that many King III practices and recommendations are already in place. Those areas requiring corporate governance changes have been identified and most gaps have been closed.
  • The new mining charter
    South Africa launched a new charter in September 2010 to facilitate the sustainable transformation and development of its mining industry, with emphasis on a target of 26% black ownership of the country’s mining assets by 2014. The implications of the new charter have been incorporated into the company’s transformation roadmap which has been approved by the board for implementation.
  • Environmental impact assessment regulations (NEMA)
    These regulations govern procedures and criteria as contemplated in chapter 5 of the act for the submission, processing, consideration and decision of applications for environmental authorisation of activities and related matters. The implication of the promulgation of these regulations influenced PPC’s earlier withdrawal of its EIA application in the Western Cape.
  • Training and awareness
    In addition to training on new legislation, the compliance unit implemented and concluded an intensive training programme for all grade 1-6 employees on competition legislation. All new employees joining the company at these job levels will be required to complete this training.

New legislation that will affect the group in the new financial year include:

  • Consumer Protection Act
    This act aims to promote a fair, accessible and sustainable marketplace for consumer products and services. The act will entrench national norms and standards on consumer protection and provide for improved standards of consumer information. The act prohibits certain unfair marketing and business practices and promotes responsible consumer behaviour
  • New Companies Act
    The act aims to simplify the registration of companies, encourage entrepreneurship and high standards of corporate governance, balance the rights and obligations of shareholders and directors, and promote the efficient and responsible management of a company. It also provides for increased liabilities for directors for breaches of fiduciary duty or for any direct or indirect loss, damage or costs sustained by the company as a result
  • Protection of personal information bill
    The bill was tabled before parliament in August 2009. Once enacted, it will regulate processing personal information of individuals and juristic entities and will apply to all private- and public-sector bodies as well as individuals.

Management carried out an extensive impact analysis of this legislation in 2010 and has task teams in place to ensure PPC effectively addresses compliance implications.

Key regulators

PPC is regulated by several stakeholders including the JSE, Department of Trade and Industry, Department of Water and Environmental Affairs, Department of Mineral Resources and SARS. The group seeks to maintain relationships of trust and transparency with all regulators.

The compliance function guides business units before and during submissions to and meetings with regulators. It also maintains a log of all interactions with regulators and reports to the risk and compliance committee on the outcomes of these interactions.

Prosecutions

In November 2009, PPC was granted conditional leniency from prosecution under the Competition Act by the competition commission. This was in exchange for PPC’s complete and truthful disclosure of market-sharing arrangements between PPC and its competitors in the late 1990s. This investigation is ongoing.

Risk management review

In 2008, PPC commissioned an independent high-level review of its risk management function, which covered the group risk strategy, governance, risk management process, risk management function, culture and capability. Based on the results, PPC is further enhancing its risk management system by adopting the ISO 31000 standard for managing risks and King III principles on governance of risks.

PPC’s commitment to managing risks and opportunities is supported by the recently developed comprehensive enterprise-wide risk management policy and framework. This follows a holistic approach to identifying, evaluating and treating risks and opportunities. With this tool, the organisation aims to ensure that managing risks and opportunities is an integral part of PPC’s corporate governance system.

The group risk unit, being at the focal point of this process, is responsible for coordinating the identification and documentation of risk areas throughout the group, enhancing the risk management system and regularly monitoring its effectiveness. Internal audit plays a vital role in providing assurance to the board on the effectiveness of the system. In the case of any finding, these are taken into account as part of the continuous improvement of our risk management system.

Enterprise-wide risk management framework

PPC’s risk management framework (shown below) has been aligned to the requirements of King III and incorporates best governance and risk practices. It is supported by a risk management plan that details the approach to be taken to address and improve risk management in PPC to achieve set objectives.

PPC’s enterprise-wide risk management framework

Developing the risk management framework

Interviews were conducted with a large number of stakeholders including members of the board (executive and non-executive), members of the risk and compliance committee, members of management, internal and external audit. All the information collected was considered and incorporated into the draft framework where appropriate.

The PPC group risk management policy has been developed against requirements of King III, among others, and was authorised in September 2010. The policy institutes the mandate from the group chief executive officer as delegated by the board and provides the statement of commitment for implementing risk management in the group. In terms of the policy, our goal is to ensure that risk management is embedded in our business by implementing an integrated risk management plan.

A combined assurance model has been developed in line with King III to ensure that all risks identified are subjected to the appropriate level of control and assured by internal and external providers as appropriate. Internal audit provides assurance to the board on the effectiveness of the system.

The risk management framework and processes have been developed to ensure a consistent approach to managing risk across PPC. A risk management plan details the approach to be taken to address and improve risk management in PPC to achieve set objectives.

Managing risk and setting the risk appetite is the board’s responsibility, which it discharges through its risk and compliance committee. This committee has not yet articulated the group risk appetite since the focus has been mainly on audit materiality. With the implementation of the enterprise-wide risk management process in PPC, the board has taken the initiative in investigating ways of setting these values and the process of establishing the overall risk-bearing capacity and risk appetite is under way. This will ensure our business objectives and strategies are aligned with these values and that limits are set for management to take risks and exploit opportunities within set tolerance limits.

The group values the importance of stakeholder engagement and has therefore attempted to identify its stakeholders and their reporting needs. To ensure transparency in our systems, risk information affecting these stakeholders will continue to be shared without compromising commercially privileged information.

Risk management policy

Risk is inherent in most business activities. PPC will evaluate and manage risk through a structured and integrated risk management process that considers the interests of all stakeholders.

Risk management comprises the identification and evaluation of existing and potential risk associated with the company’s operations and strategy, followed by appropriate management responses such as tolerance (acceptance), mitigation, transfer, avoidance or termination or a combination of such responses.

The board is accountable to shareholders for the governance of risk and should ensure that the company’s strategic and business plans have properly considered and evaluated the associated risks. In fulfilling this obligation, the board approves and annually evaluates the implementation of this policy and the risk management plan of the company.

The board has delegated responsibility to evaluate the risk management progress, effectiveness of risk management activities, key risks facing the company and appropriate responses to address key risks, to the risk and compliance committee of the board.

The board has delegated the responsibility to design, implement and monitor the risk management plan to management. Risk management is however a team effort and every employee will be responsible for managing risk in his/her working environment and should assist in identifying risk at all levels and in all functions of the business as required by the integrated risk management plan. Regular and formal risk analysis will provide the basis for risk identification and evaluation, and appropriate risk responses and treatment.

Management will ensure effective management of risk through continuous and regular measurement and reporting of the company’s risk management performance to the risk and compliance committee. Control assurance will focus on continuously improving the underlying quality and sustainability of the company’s business activities.

The risk management process will cover the spectrum of the company’s activities including: commercial, financial, human resources, technical, legal, regulatory, contractual, political, information, competitive, social, strategic, environmental and reputational risks.

Best-practice risk methodologies have been developed for the group, modelled on existing best practice in risk management. These are constantly reviewed and enhanced by a deployed risk management team.

Network groups are being established and their focus will be a meaningful contribution to the risk management strategic objectives. These forums will facilitate the proactive exchange of information between group risk, group compliance, group sustainability, group information technology and group finance functions. By forming these networks, PPC aims to eliminate ‘silo thinking’ across different risk types and ensure increasing integration of the traditionally separate domains of risks across the group.

Our risk management process follows a consistent methodology and set of guidelines informed by the group policy and framework. The risk assessment process is linked to group strategy and objectives. As part of the implementation process, risk profiles have been developed for the group from top to bottom with the intention of directing information to all levels of the organisation.

PPC is exposed to a wide variety of developments in the environment in which it operates and different potential risks and opportunities arise continually. Our aim is to take maximum advantage of viable opportunities and continuously evaluate other potential opportunities in all areas as an integral part of our strategy.

Risk assessment

Strategic business risk assessments have been conducted for the PPC group, as well as for the lime, aggregates, Zimbabwe and Botswana divisions. In addition, business risk assessments were facilitated by group risk at all factories and all central office functions (such as group supply chain, information technology, organisational performance, transformation, etc). The various management teams have taken ownership of their specific risk registers, developed action plans to mitigate the risks and provided feedback to the risk and compliance committee.

Business continuity management

During the year, PPC aligned the management of business continuity with the internationally recognised British Standard 25999 (BS 25999). This is also aligned with various other International Standards Organisation (ISO) measurements currently in use in PPC.

Business continuity management is a process (of plan, do, check, act) to minimise PPC’s exposure to internal and external threats. Secondly, it synthesises all customer-related processes to provide effective prevention and recovery controls while maintaining competitive advantage and integrity of the group’s value system.

The output of this process is a formal business continuity plan that will ensure the business is not unduly disrupted.

The group is currently reviewing divisional business continuity plans to create a more robust business continuity management system. This process will be completed and fully implemented by the middle of the 2011 financial year.

Aligning to corporate governance and ITIL (The Information Technology Infrastructure Library, a set of best practices for IT), IT disaster recovery is a key component of our business continuity management process, ensuring all critical IT services can be recovered in the event of a major business disruption within agreed time scales.

The current Sandton (central IT facility in PPC) documented disaster recovery plan caters for both the Windows and SAP environments. Tests take place at the disaster recovery sites three times a year to ensure continuity of critical operations in the event of a disaster. To ensure business continuity across the group, disaster recovery network links, supplied by Telkom, are also in place.

Each factory site schedules disaster recovery exercises for their local IT environment biannually at Sandton in a controlled and supervised environment.

All disaster recovery plans are documented, tested and signed to ensure ongoing commitment of critical resources and continuity of operations. Detailed work instructions for all key stakeholders in the organisation are included.

Information security management

The objective of information security is to protect information and information systems from unauthorised access, use, disclosure, disruption, modification or destruction.

The terms information security, computer security and information assurance are frequently but incorrectly used interchangeably. These fields are often interrelated and share the common goals of protecting the confidentiality, integrity and availability of information; however, there are subtle differences between them. These differences lie primarily in the approach to the subject, the methodologies used, and the areas of concentration. Information security is concerned with the confidentiality, integrity and availability of data regardless of the form the data may take: electronic, print, or other forms.

PPC is reviewing current information security controls following a recent independent audit that revealed some areas for improvement. The goal is to review current information security processes and their controls using ISO 27000:2005 as reference.

Insurance

The following risk management surveys were undertaken by PPC’s insurance brokers and underwriters:

  • Full underwriting surveys were conducted at Slurry, Colleen Bawn and Bulawayo. Calculations for the Dwaalboom survey were updated in 2010
  • Machinery breakdown surveys were conducted at Dwaalboom, Slurry, Hercules, Riebeeck West, De Hoek, Colleen Bawn, Bulawayo and Lime Acres.
    These surveys elicited positive feedback on risk management and maintenance programmes in the PPC group which has had a positive impact on the maximum probable-loss machinery breakdown calculations and the claims experienced (although PPC has had a few machinery breakdown claims, these have been relatively minor in the overall context). The current economic environment has resulted lower capacity utilisation across the group which has also contributed to lower claims. This could change when the economic situation improves.
  • A fire protection survey was conducted in Zimbabwe, focused mainly on cable tunnels and server rooms.

PPC’s insurance cover and associated premium were reviewed in May 2010.

Case study - Protecting IT in PPC

The PPC IT unit embarked on the ITIL journey to introduce service management and good governance principles across its team. The Information Technology Infrastructure Library (ITIL) is a set of best practices for IT that is now widely used, and supported by a range of materials and training courses (including exams and certification). It is generally divided into two main areas, service support and service delivery. These in turn comprise a number of ITIL disciplines.

The ITIL-aligned disciplines introduced at PPC were incident, problem, change, release and service level management. The service desk function was also reorganised to provide a single point of contact for group IT users.

This initiative has given the IT team a common focus of providing excellent customer service to customers while adhering to governance processes. It has provided visibility on all activities taking place within IT, allowing the team to make informed decisions on new projects and initiatives, determining the impact and risk of introducing changes, resource use, etc.

The unit is currently implementing service asset and configuration management, which gives it a full view of PPC IT assets and relationships, location and current status. This will enable the team to proactively manage each IT asset and related service.

ITIL has given PPC the operational framework to meet King III IT governance requirements. This will be expanded in the coming year to provide a full IT governance and control framework for PPC.

© 2011, PPC. All rights reserved