TRUSTEES' REPORT AND ACCOUNTS 2022 41
RISK MITIGATION
Governance Failure to comply with key internal and
external regulation exposes the RSPCA
to financial loss, reputational damage
and an inability to deliver our strategy.
Risk owners and functions are in place to own and manage risk
and compliance.
Policies, frameworks, tools, techniques and support are available
to enable risk management and compliance in the first line.
Functions are in place to oversee and specialise in compliance
and the management of risk including data protection, health
and safety, data security, gambling and firearms. Monitoring is
performed locally by the subject matter experts.
Operational risk Safeguarding policies and procedures
fail to identify and support the needs
of vulnerable adults and children within
the organisation and with whom it
comes into contact (staff, volunteers
and the public).
A comprehensive safeguarding policy is in place.
Training is provided to all staff with further in-depth training for
safeguarding leads.
A process of reporting serious incidents is in place and ensures
appropriate controls, measures and monitoring.
Lack of consistent, quality service could
result in poor animal welfare outcomes
for animals in our care.
Major incident procedure in place supported by a Business
Continuity Group.
Strong relationships with government agencies, e.g. Defra,
are in place to provide clear communications and support.
A complaints procedure is in place and monitored as part of
internal controls.
Failure of third-party suppliers to comply
with contractual obligations could result
in financial losses, reputational damage
and disruption to service delivery.
Significant resource and governance has been applied to our
contract with Capita and a plan of engagement has been agreed.
The procurement strategy and related policies are being
reviewed and internal controls are in place to ensure compliance
and best practice are embedded within our due diligence processes.
Financial risk RSPCA lacks future financial stability
that might prevent the successful
delivery of the 2030 strategy.
Improved financial controls, reporting and analysis are in place
to enable informed decision making.
New and improved policies and procedures to support improved
performance and sustainability have been developed.
A three-year business planning approach is in place to provide
a budget-setting process and visibility of overall costs.
Environmental and
external risks
Risk of damage to our reputation and
public perception, which could result in
financial losses and a negative impact
on our ability to deliver our strategy.
An escalation process and feedback loop is in place to report
negative media and social media to service-delivery teams.
Reactive statements are prepared to deal with a variety of
potential reputational issues.
Potential negative stories are proactively sold into the media
to control negative publicity.
Law and regulatory
compliance risk
Risk of illness, injury or death of staff,
volunteers and the public through
breaches of health and safety law and/
or a lack of sufficient health and safety
practices or non-compliance.
An external health and safety review has taken place and an
action plan developed for the recommendations.
A revised health and safety policy was approved, which ensures
clear roles and responsibilities and provides clear expectations
and guidance.
Employee welfare and mental health awareness training for all
managers is in place.