Ethical business practice is essential for the longterm performance and sustainability of IDC’s business and to protect and enhance the key achievements, challenges and continuing focus area interests of our stakeholders.

Compliance with legislation and the application of best practice principles are integral to the IDC. To ensure that effective governance and the highest standards of ethics are maintained, we strive to foster a culture within the organisation that is based on fairness, transparency and accountability. We believe that in addition to being compliance-driven, ethical behaviour should be underpinned by a culture of ethics. We are guided by and comply with the Corporation’s enabling act, the Industrial Development Corporation Act 22 of 1940 (IDC Act), the Public Finance Management Act 1 of 1999 (PFMA), the Treasury Regulations, Companies Act 71 of 2008 and the principles of good corporate governance as contained in the King Report on Corporate Governance for South Africa 2009 (King III). A table setting out IDC’s compliance with King III appears on our website in section 5 of the Integrated Report.

cgg img1KEY GOVERNANCE INITIATIVES FOR THE YEAR

In 2015, the IDC undertook a strategy prioritisation exercise, Project Evolve, designed to increase the impact of the Corporation. The exercise also sought to enhance the Corporation’s operating model and internal systems and processes. To that end, a number of corporate governance initiatives were undertaken, which are summarised in the table below.

Our programme of corporate governance assessments of investee companies has shown that the application of corporate governance practices by our investee companies in general, and by start-up and entrepreneurial businesses in particular, are below the required standard. Corporate governance of our investee companies was accordingly our main focus area from a corporate governance perspective during the year under review, and it will remain a major focus area during the coming year.

To improve our clients’ understanding of sound corporate governance practices, we developed a customised nominee directors’ training course which places a special emphasis on three elements:

  • Directors’ fiduciary duties and acting in the best interests of the company
  • An awareness of the IDC’s objectives
  • Practical implications of being a director

A total of six training sessions of two days each were held, and they were highly rated by all 132 employees who attended the sessions.

An increased focus will be placed on corporate governance assessments of investee companies during the coming year, and we will continue to provide directors’ training.

BOARD OF DIRECTORS

COMPOSITION

The IDC’s Board is constituted to ensure the wide range of skills and knowledge necessary to meet the Corporation’s strategic objectives.

The size of the Board is determined by the IDC Act, which permits a minimum of five and a maximum of 15 directors to be appointed by the shareholder. A unitary Board structure is applied, with the majority being independent non-executive directors. As at 31 March 2016, the Board comprised one executive and 10 non-executive members and a gender composition of six female and five male directors. The positions of Chairperson and Chief Executive Officer are separately held to ensure a clear separation of responsibilities. The Chairperson of the IDC Board is an independent non-executive director, in line with the recommendations of King III.

The IDC Board’s ultimate responsibility is to maintain oversight of performance, while providing strategic direction to the Corporation. The Board accounts to the shareholder and is responsible for formulating strategic objectives and key policies, major plans of action, a risk policy, annual budgets and business plans. It ensures that the shareholder’s performance objectives are achieved through performance monitoring systems and reporting.

All new directors participate in a formal induction process coordinated by the Company Secretary. The induction process includes briefings on financials, strategic, operational and risk management policies and processes, governance framework, culture and values, and key developments at the IDC and in the sectors and environments in which the IDC operates.

Directors have complete access to senior management through the Chairperson, CEO or Company Secretary at any time. In addition to regular presentations by senior management at Board meetings, directors may seek briefings from senior management on specific matters.

CHANGES TO THE BOARD

All non-executive directors of the IDC Board retired at our Annual General Meeting on 23 March 2016. The reappointment of the following directors was accepted and approved until the next Annual General Meeting: Ms Busisiwe Mabuza, Mr Brian Dames, Ms Philisiwe Mthethwa, Ms Lael Bethlehem, Mr Bobby Godsell, Dr Sizeka Magwentshu-Rensburg, Ms Nomavuso Mnxasana, Ms Noluthando Orleyn, Mr Brian Molefe and Mr Nimrod Zalk.

Two new Board members were appointed with effect from 1 April 2016, namely Ms Matshepo More, Chief Financial Officer of the Public Investment Corporation, and Mr André Kriel, General Secretary of the Southern African Clothing and Textile Worker's Union.

The Minister for Economic Development announced the reappointment of Ms Busisiwe Mabuza as the Chairperson of the IDC Board, and he thanked Mr Zwelinzima Vavi, whose term ended at the end of February 2016, for his contribution to the Corporation.

BOARD CHARTER

The Board has a charter which sets out its responsibilities, including the adoption of strategic plans, the development of a clear definition of materiality, the monitoring of operational performance and management and the determination of policy processes to ensure the integrity of the Corporation’s risk management and internal controls, communication policy, and director selection, orientation and evaluations.

The Board Charter was revised during the year under review in order to facilitate the implementation of the Project Evolve recommendations and spell out its impact on the way that Board members are expected to perform their duties. Particulars of the revisions are summarised as follows:

  • The terms of reference of the various Board Committees have been updated, and terms of reference of the newly constituted Social and Ethics Committee have been added
  • Delegation of authority by the Board to certain committees, with reference to powers to borrow or issue guarantees, indemnities or securities, or to enter into transactions that bind the Corporation to future financial commitments in terms of the PFMA, have been clarified

ETHICS AND MANAGING DIRECTORS’ CONFLICTS OF INTERESTS

The Board, subsidiary directors and executive management are required to disclose any potential conflicts of interest at regular meetings and, as and when necessary, to the Company Secretary. This is done in line with the guidance provided by section 75(4) of the Companies Act and in accordance with the IDC’s Guidelines on Conflict of Interest. Such declarations occur at each Board meeting, including meetings of the Board committees whose responsibility it is to consider transactions. Transactions that place a Board member in a potential conflict of interest are submitted to the Social and Ethics Committee for deliberation and, thereafter, to the Board for final decision.

Further particulars of the IDC’s Code of Ethics and Business Conduct, Conflict of Interests Policy, Gifts Policy, and other ethics-related matters are available on our website in section 5 of the Integrated Report.

COMPANY SECRETARY

The Company Secretary plays a pivotal role in the corporate governance of the Corporation. The Company Secretary is responsible to the Board for, inter alia, acting as a central source of information and advice to the Board on matters of ethics, adherence to good corporate governance principles, and compliance with procedures and applicable statutes and regulations.

The Company Secretary is not a director of the Corporation and acts independently from it, maintaining an arm’s length relationship with the Board. In line with good governance practice, the appointment and removal of the Company Secretary is a matter for the Board.

The current Company Secretary, Mr Bassy Makwane, discharges a dual role in that he is also the General Counsel of the Corporation.

GOVERNANCE FRAMEWORK

STRUCTURE

All members of Board Committees are non-executive directors. The various Board committees were revised at our Annual General Meeting on 23 March 2016. An indication of the current committee membership is provided as part of the information on the Board of directors on pages 12 to 15. The IDC’s Board structure including the committee membership as it applied during the reporting period is depicted in the diagram below.

cgg img2

Further particulars of the mandate of each Board Committee and of the work done by the committees during the year under review, are provided on our website in section 5 of the Integrated Report.

REMUNERATION REPORT

The Human Capital and Remunerations Committee plays an advisory role regarding the remuneration of IDC Non-executive directors. The directors are remunerated for the meetings they attend at rates approved by the shareholder. No performancebased remuneration or retainer fees are paid to directors. Senior management and other employees are paid market-related salaries as well as through the IDC short and long-term incentive schemes, based on performance and the achievement of specific set targets.

During the reporting period, IDC directors were remunerated as follows.

cgg img3

Further particulars regarding the remuneration of directors and senior managers are provided in note 33 to the Annual Financial Statements, on pages 143 to 145 in section 4 of this Integrated Report.

The IDC’s remuneration philosophy is covered in detail on page 53 of this report.

DELEGATED LEVEL OF AUTHORITY

While the Board has the authority to delegate powers to executive management and Board committees, it remains accountable to the shareholder. A delegation of authority is in place, which is updated on a regular basis, and was extensively revised during the year under review as part of a concerted effort to ensure the efficient use of senior management’s time. The major changes to the Delegation of Authority Matrix include:

  • The introduction of a Post-Investment Committee to deal with certain post-investment matters, instead of submitting them to the committees that granted the original investment approval;
  • The Divisional Executives’ burden of dealing with requests and/or memos has been reduced by ensuring that those matters which can be adequately dealt with by Departmental Heads and Managers are allocated appropriately; and
  • The number of signatories has been reduced and this will limit decision-making to those who are accountable. This will avoid delays and reduce inefficiencies.

DELEGATION OF CREDIT APPROVAL

As depicted in the diagram alongside, specific powers and authority have been delegated to those Board and executive committees responsible for credit approvals. Each of these committees has a clearly defined mandate outlined in written terms of reference. The management of day-to-day operations is delegated by the Board to the Chief Executive Officer (CEO), who is assisted by the Executive Management Committee (EXCO) and its subcommittees.

cgg img4

COMPLIANCE

Some of the important pieces of legislation that influence the IDC’s business activities include the PFMA, the IDC Act, the Financial Intelligence Centre Act and the Promotion of Access to Information Act.

The past financial year was the first that our Compliance and Regulatory Affairs Department, which was established with effect from 1 April 2015 as part of the implementation of the Project Evolve recommendations, was in operation. Prior to this, compliance operated as a function within the IDC's legal department.

In line with the King III recommendations, a risk-based approach has been adopted that will serve as the cornerstone of compliance roll-out in the organisation.

The department commenced its activities with the approval, by the IDC Board, of a Compliance Policy in addition to various other policies, procedures and operational systems. A process of compliance awareness training to IDC employees was embarked on, and the Compliance Department will continue to forge ties with internal and external stakeholders during the current year. There were no contraventions, penalties, sanctions or fines imposed on the IDC due to non-compliance with regulatory requirements.

We recognise our accountability to our clients and we are committed to protecting the confidentiality of their information as required by relevant applicable regulatory requirements.

INTERNAL AUDIT FUNCTION

THE ROLE OF INTERNAL AUDIT (IA)

The primary objective of IA is to provide independent, objective assurance to the Board that the IDC’s governance processes and its management of risk and systems of internal control are adequate and effective in mitigating the most significant risks that threaten the achievement of the Group’s objectives. Ultimately in so doing, this improves the control culture of the Corporation.

IA is responsible for developing a three-year rolling audit plan, approved by the Board and Audit Committee (BAC) using a risk-based methodology. The IDC’s internal control framework mirrors that set out by the Committee of Sponsoring Organisations of the Treadway Commission (COSO). Under the COSO ERM Framework, risks are categorised into strategic, operational, financial reporting, and legal/regulatory risk categories.

In addition to the normal audit activities, IA is also responsible for the performance of fraud, corruption and related irregular behaviour investigations as well as facilitation of the development and revision of systems and procedures throughout the Corporation.

KEY FOCUS AREAS FOR THE PAST YEAR: AUDIT AND FORENSICS

IA has performed over 83 assignments during the year under review, comprising both IA reviews and forensic investigations – a number similar to that of the previous financial year. An analysis of the results of these assignments has led IA to the conclusion that the IDC’s control environment is adequate and operating as intended, with the exception of persistent risks in relation to external fraud and, in particular, the misapplication and misappropriation of funds disbursed by the IDC to clients.

FRAUD PREVENTION

BACKGROUND

In its basic form, corporate fraud and corruption prevention entails never condoning fraud or corruption of any kind, providing fraud and corruption awareness and prevention training for employees, ensuring strong internal controls, and limiting exposure to fraud and corruption through a robust detection, investigation and prevention programme. These interventions inform the pillars upon which the IDC corporate fraud and corruption prevention strategy is built.

The IDC takes a holistic view of fraud and corruption prevention, realising that fraud and corruption penetrates to the very soul oa corporation and that an empowered employee is the key to a successful fraud and corruption prevention programme. To this end the IDC maintains:

  • A robust fraud prevention policy, plan and response plan
  • An anonymous reporting hotline through the independently managed “Tip Offs” service
  • A well-developed and properly communicated Code of Ethic and Business Conduct, which includes a conflict of interest policy and an accompanying procedure for the declaration of interest
  • Regular fraud and anti-corruption education and awareness road shows throughout the Corporation, including the regional offices, focusing on recent cases, legislative developments and red flag awareness
  • The distribution of Financial Crime Awareness pamphlets to clients and other stakeholders, with a distinct anti-corruption message
  • Fraud and anti-corruption awareness training during the onboarding training of new employees
  • Targeted additional training to specific SBUs and departmentheads with a high exposure to fraudulent activities
  • The naming and shaming of employees found guilty at disciplinary hearings for having been involved in instances of irregular behaviour or activities
  • The placing of those who have participated in acts of fraud and corruption, either internally or externally, on the IDC Delinquency Register

In accordance with the IDC Fraud and Corruption Prevention Policy, all requests for forensic investigations, from whatever reporting channel, have to be approved for investigation by the CEO, with the noting of the General Counsel. The policy, however, gives the Board the final authority to sanction and approve investigation if they are of the view that the CEO or senior management might be implicated. The outcomes of forensic investigations are presented to the IDC Executive Committee and the IDC Board Audit Committee which is responsible for the approval of the recommendations contained therein.

cgg img5CHALLENGES, ACTIVITIES AND INITIATIVES DURING THE YEAR

During the year under review, the fraud awareness training sessions conducted by IA continued to be the main tool in mitigating incidents of financial crime by IDC employees. In addition to this, the IDC posted a message on its website to make the public aware that fraudsters are going to great lengths to mislead members of the public into believing that they are dealing with IDC officials.

Furthermore, the continued communication of the IDC Code of Ethics and Business Conduct is also designed to mitigate incidents of financial crime by IDC employees.

The communication on matters investigated to IDC employees during training sessions further reinforces the IDC’s zerotolerance stance towards financial crime as well as sending out the message that any incident will be detected and dealt with. IA has extended the communication to our clients by distributing a Financial Crimes Awareness Brochure to educate them on fraud-related matters as well as the implications of being a party to them.

Over the past financial year management has restructured the post-investment management environment to focus on key activities such as client visits and improvements in the funding review process. The strong internal control environment, coupled with the tone adopted at the top, is testament to management’s commitment to curtailing unsavoury practices.

Although progress has been made in dealing with fraud, we remain concerned by the extent of the fraud and corruptionrelated matters being reported. Despite our communicating a zero-tolerance approach towards fraud and related untoward behaviour, clients continue to test preventative controls in all manner of ways in the hope that a lack of integrity within the system may allow for irregular gains to accrue to them. Poor ethical decision-making by clients remains a constant trend.

cgg img6While incidents of untoward activity by clients persist, they are being identified earlier and the number of matters reported for investigation has marginally dropped from the previous financial year, as can be seen in the graph alongside. Total investigations for the year were 22 of which 16 were client-related. Efforts to engage employees and clients on fraud education and awareness training during the year appear to have contributed to this decrease.

IA also assesses key operational areas for corruption risks. This resulted in 11 out of 16 (69%) of such high risk areas being assessed during 2016. High risk areas include all operational units (12 SBU’s), Financial Management department, Procurement, Human Capital and Post-Investment Management department. During this risk identification process, the significant risks identified were fed back into IA’s fraud and corruption training activities.

The anti-corruption and anti-fraud training material was distributed in the form of a leaflet to all IDC employees and 46% of IDC’s clients. 43 sessions were held with 425 out of 957 employees (44%) receiving communication on anticorruption and anti-fraud. The 957 employees comprised of 848 permanent employees, 106 interns and three consultants. 316 out of 957 employees (33%) received face-to-face training on anti-corruption and anti-fraud. A further 178 employees attended more than one presentation during a fraud awareness week held during the year with 109 employees (11%) attending only one presentation. 100% of governing bodies (Executive members) received communication regarding anti-corruption policy and procedure, with 50% receiving training thereon. During 2016, the following significant risks were noted during the investigations:

  • Duplicate invoicing
  • Cancelling invoices after payment received
  • Falsified contract
  • Misappropriation of funds
  • Use of alternate bank account instead of joint bank account
  • Falsified invoicing
  • Related party transactions
  • Falsified IDC documentation/letters
  • Use of fictitious IDC email address
  • Receiving benefit to act or omit to act in an unlawful manner

We maintain a zero-tolerance stance with regard to all instances of fraud and corruption, and we regard this as non-negotiable. Promoting high ethical standards and combatting corruption throughout our sphere of influence is an important aspect of our drive to deliver social value through our core activities as a developmental institution.

RISK MANAGEMENT FRAMEWORK

The IDC’s ERM Framework is based on the principles embodied in the PFMA, the Public Sector Risk Management Framework published by National Treasury, the Enterprise Risk Management Framework published by COSO of the Treadway Commission, the International Guideline on Risk Management (ISO 31000) and King III.

The principles outlined in our ERM framework are incorporated into risk management-related policies and procedures that support it. The objective of this framework is to embed a uniform approach to ERM at the IDC and to ensure that all risks that could affect the achievement of our objectives with respect to people, reputation, business processes and systems, and financial and environmental performance, are identified, assessed and treated appropriately and at an acceptable level.

ANNUAL RISK ASSESSMENT

An assessment of risks faced by the IDC is undertaken annually. This process provides the identification, measurement and management of the critical risks (see page 60) that we may face so that we are able to formulate appropriate risk strategies and action plans.

THE IDC’S RISK ASSESSMENT PROCESS

The components of the IDC’s risk assessment process are illustrated in the diagram on page 60 and are explained below.

ESTABLISHING THE RISK ASSESSMENT CONTEXT

This aspect provides perspective and assists with understanding the nature of the impact of the risk on the business, including the critical strategic, financial, governance, operational and IT governance risks we face.

RISK ASSESSMENT

The risk assessment process enables management to gain an understanding not only of the probability that a risk may materialise but also its impact on the Corporation. The risk assessment methodology provides management with a portfolio view of risks (i.e. a “risk profile”). The risk assessment process is broken down into the following phases:

  • Risk identification – the process of considering the causes and sources of the risk, and its positive and negative consequences
  • Risk analysis – the process of considering the risk’s potential positive and/or negative consequences, and the probability of those consequences occuring
  • Risk evaluation – the process which compares the risks against risk evaluation criteria, resulting in a map of risk priorities

Risk treatment

The objective of risk treatment is to determine how the IDC should respond to events and associated risks. The IDC’s risk response strategies can broadly be categorised as follows:

  • Terminate: eliminate, redesign, avoid or substitute the threat
  • Transfer: where possible and advantageous move the threat to another party
  • Treat (further): mitigate or control the threat by implementing additional measures to reduce the likelihood and/or consequence before the threat materialises
  • Tolerate: retain the threat after careful consideration of its consequences for a predefined duration

Risk reporting and escalation

It is important to keep the Board, executive management, the Board Risk and Sustainability Committee and the Board Audit Committee abreast of key risks and the actions resulting from risk management activities. This component of the framework outlines the process for reporting risk management information to these governance entities on a consistent and timely basis.

cgg img7

Monitor and review

Monitoring refers to the consistent application of the ERM Framework across the Corporation, the effectiveness of the ERM policies and procedures, as well as the identification of weaknesses demanding corrective action.

Communication and consultation

Effective communication and consultation increase the awareness of the Risk Management Programme. Awareness campaigns, training and education sessions, and newsletters were widely disseminated to employees throughout the Corporation.

ERM

Our risk assessment process identified the following as the major risks that could have a material impact on us achieving our objectives.

cgg img8cgg img9

The IDC continuously scans the environment for emerging risks and the following were identified as new risks that will be added to the risk register:

  • The risk of potential credit rating downgrades on SA’s sovereign credit rating
  • The risk of water security/drought impacting IDC clients/investments
  • IT security risk – the risk of unauthorised access to information could lead to information being compromised
  • Commodity price risk
  • Monitoring of safety risks by mining clients
  • The risk of regulatory fines levied against clients in foreign jurisdictions
  • Debt and equity pricing

OPERATIONAL RISK MANAGEMENT

Given the changing risk landscape and adoption of the new Evolve strategy, Risk and Control Self-Assessments (RCSAs) of all departments were reviewed.

RCSAs are a key components of the operational Risk Management Framework and enable a dynamic and iterative process for identifying and assessing key operational risks and controls. Mitigating actions were also put in place to proactively address and control identified deficiencies.

Another key focus area for the operational risk team during the year under review was the implementation of the Loss Data Collection (LDC) policy. LDC provides an overview of the operational risk environment in terms of the risks that are actually materialising (losses incurred) and the adequacy of controls. In realising the LDC policy, operational losses and nearmiss events are identified and analysed. Action plans are then developed to address control weaknesses and prevent further losses from recurring.

BUSINESS CONTINUITY MANAGEMENT (BCM)

During the year under review, BCM plans were developed and will be ready for testing in the coming financial year. The Business Continuity Management Forum is responsible for our BCM programme, and BCM awareness sessions were conducted to further embed a culture focused on business continuity.

CREDIT RISK PROFILE

The level of impairments has increased from R10.2 billion in March 2015 to R11.8 billion as at 31 March 2016, with impairments on equity investments accounting for approximately 73% of the total impairments raised. The impairment charge to the income statement this year was R3.6 billion, compared to the prior year charge of R1.8 billion.

The ratio of impairments, as a percentage of the portfolio at cost, increased from 16.7% in March 2015 to 16.9% as at 31 March 2016. Over the period 2012 to 2016, the IDC impairment levels are aligned to our risk appetite, and our developmental role in filling the market gap and facilitating funding mechanisms to sectors and businesses that are deemed to be riskier for mainstream commercial banks. The trend also reflects our renewed focus on funding early-stage projects and start-up operations.

The increase in impairments in the current financial year was attributed to the adverse macro-economic environment and the protracted slump in commodity prices. The impact of the weakening Rand, interest rate hikes and the drought also had a negative impact on some of our exposures. In response to the higher risk of the IDC book, we have embarked on various initiatives to contain any further increases in impairments. We are confident that these interventions will be effective in curbing the growth in impairments.

The IDC has a robust credit and investment risk management process which encompasses, among other things:

  • A robust due diligence process that is performed by an interdisciplinary team of financial, technical, marketing, and legal specialists
  • A credit risk assessment process that is independent of the due diligence and business generating team
  • Executive credit approval committees that include external experts
  • Internal monitoring committee meetings to monitor remedial actions and make certain that they are timeously undertaken in order to ensure an improvement in the quality of the book
  • Our Post-Investment Management department – responsible for managing the portfolio during the life of each transaction
  • The monitoring of country risk exposure and the reporting of this to the Board by the Risk Management Department

Non-performing loans (NPLs) are defined as total capital outstanding (excluding commitments) for facilities with capital repayments in arrears of more than 90 days. Capital at Risk (CaR) is defined as the total capital outstanding (excluding commitments) for facilities with capital repayments of more than 60 days in arrears. As at 31 March 2016, approximately R5.7 billion (2015: R5.4 billion) was classified as non-performing loans and R5.9 billion was classified as CaR (2015: R5.8 billion).

The biggest contributors to both NPLs and CaR in this financial year were clients and business units that were impacted by the slump in the commodity prices. As a result of interventions to contain an increase in the non-performing book, the workout and restructuring book remained fairly static at approximately R10.5 billion (2015: R10.6 billion).

The various interventions outlined here, and our efforts to improve our collections rate, are expected to lower the loans that have been categorised as non-performing.

INTERNAL RATING AND PRICING MODELS

We have developed new rating and pricing models which are aligned to our risk profile and portfolio. The output of the rating model will be used as an input into the pricing solution and will also be used for portfolio monitoring. The pricing tool will be used to price all deals.

VALUE OF THE NEW MODELS TO THE IDC

In addition to providing transparency and the possibility of analysing the trade-off between risk costs, development impact and financial performance, the new models also allow management to have appropriate discussions concerning such trade-offs.

The new models provide a good foundation for better decisions in managing the overall portfolio in terms of our objectives, including our development goals.

Improved transparency will also provide the basis for appropriate discussions around performance measurements on both a deal and portfolio level in relation to our mandates.

We expect to introduce our new models during 2017.