King lll Reference |
Principle |
Status |
Application of the principle by the Group |
---|---|---|---|
1. Ethical leadership and corporate citizenship 5 |
|||
1.1 | The board should provide effective leadership based on an ethical foundation | Applied | Management under the direction of the board has set the tone for the organisation by establishing a Business Code of Ethics (BCoE). The board further demonstrated commitment by ensuring that member declaration of conflict of interest is a standing agenda item at each Board meeting |
1.2 | The board should ensure that the company is and is seen to be a responsible corporate citizen | Applied | The Company has in place processes and policies such as the Corporate Citizenship policy to meet its legal, ethical and economic responsibilities. The Telkom Foundation enables the execution of the Company’s social responsibility aspiration. The activities of this Foundation are monitored by the Social and Ethics Committee which reports to both the Board and Shareholders |
1.3 | The board should ensure that the company’s ethics are managed effectively | Applied | The board mandated the Social and Ethics Committee to exercise oversight on the implementation of the Code by management. Telkom has charged the Company Secretariat with the responsibility of managing the Company’s Ethics programme Details of the activities of this office are reported to the Board through the Social and Ethics Committee, to ensure that ethical leadership is effectively managed. The report relating to the ethics survey conducted in 2016 was reviewed and interrogated by the Social and Ethics Committee to ensure the formulation of an appropriate ethics strategy |
2. Boards and directors |
|||
2.1 | The board should act as the focal point for and custodian of corporate governance | Applied | The Board has been charged with custodianship of corporate governance through formal terms of reference, which sets out its mandate, authority and responsibility in this regard |
2.2 | The board should appreciate that strategy, risk, performance and sustainability are inseparable | Applied | The board recognises that strategy, risk, performance and sustainability are inseparable. This is evidenced in the manner in which its committees are structured and represented; mandated and operationalised enabling cohesive oversight of strategy, risk, performance and sustainability matters |
2.4 | The board should ensure that the company is and is seen to be a responsible corporate citizen | Applied | The steps taken in order to efficiently and effectively manage ethics reflect our intention to be a responsible corporate citizen. As an all important link in the South African economy, we believe we can make a valuable contribution, not only in financial terms, but also in social terms. Our conduct towards stakeholders is determined by the values and attitudes that are fostered within the company, ethics starts at home |
2.5 | The board should ensure that the company’s ethics are managed effectively | Applied | Ethics Management ('EM') is about establishing, integrating
and sustaining an ethical culture within Telkom, namely:
In accordance with King III, it is the responsibility of the Chairman of the board to set the ethical tone for the board and it is the responsibility of the CEO to foster a culture that promotes sustainable ethical practices. These responsibilities are achieved by various means, one of which is the appointment of an Ethics Officer, and the establishment of an Ethics Office. It is the task of this office to monitor and enhance Telkom’s internal organizational culture, and to ensure that employees are empowered and encouraged, through this culture, to act with integrity in an ethically responsible way. These initiatives are meant to bring Telkom in line with South African regulation and legislation relating to Ethics management. Essential to the achievement of the Ethics management objectives is the implementation of an ethics management structure to support the achievement of the objectives |
2.6 | The board should ensure that the company has an effective and independent audit committee | Applied | The audit committee comprises non-executive directors only who are also independent, thus ensuring an appropriate balance of power. The Audit Committee executes against an approved terms of reference and is chaired by a nonexecutive director, other than the Chairman of the Board. Its membership is reviewed annually to ensure the right mix of skills continues to be in place which contribute to the effectiveness of the committee |
2.7 | The board should be responsible for the governance of risk | Applied | The board considers and approves the Enterprise Risk Management framework annually. Through the Risk Committee the Board ensures that appropriate risk controls are in place that monitor enterprise risk management. A risk dashboard that outlines all the risks relevant to the company, their respective risk ratings and mitigation factors is reviewed at every meeting of the Risk committee. The Chairperson of the Risk provides feedback at every Board meeting to ensure the Board is always up to date with all factors around the Company’s risks |
2.8 | The board should be responsible for information technology (IT) governance | Applied | > The board has been charged with IT governance responsibility through its Terms of Reference. The Risk Committee has been delegated the responsibility to oversee this matter and report to the board in this regard. |
2.9 | The board should ensure that the company complies with applicable laws and considers adherence to non-binding rules, codes and standards | Applied | The audit committee comprises non-executive directors only who are also independent, thus ensuring an appropriate balance of power. The Audit Committee executes against an approved terms of reference and is chaired by a nonexecutive director, other than the Chairman of the Board. Its membership is reviewed annually to ensure the right mix of skills continues to be in place which contribute to the effectiveness of the committee |
2.10 | The board should ensure that there is an effective risk-based internal audit | Applied | The establishment and operation of an effective risk based internal audit function has been delegated to the audit committee by the board. The audit committee discharges this responsibility through annual assessments of the effectiveness of the internal audit function, including the approval of external independent quality assurance reviews of the internal audit function on a maximum 5 year cycle |
2.11 | The board should appreciate that stakeholders’ perceptions affect the company’s reputation | Applied | The Board fully appreciates the impact of stakeholder perceptions hence the company monitors and manages the stakeholder perceptions for its reputation and longterm sustainability. The Chairman and CEO play an active role in ensuring that the activities of the company enhance stakeholders' perceptions |
2.12 | The board should ensure the integrity of the company’s integrated annual report | Applied | A number of checks are employed in the preparation of the Integrated Report which include verification of information through various teams. External auditors review the financial performance and the non-financial part of the report is assured independently |
2.13 | The board should report on the effectiveness of the company’s system of internal controls | Applied | The board through the audit committee assesses the effectiveness of the company’s system of internal controls annually based on a written assessment from the internal audit function. Thiswhich forms the basis for the board report on the effectiveness of the system of internal controls in the integrated report |
2.14 | The board and its directors should act in the best interests of the company | Applied | The board and its directors are aware of their collective and individual fiduciary obligations and responsibilities towards the company. A process is in place for the directors to disclose any conflict of interest they may have in relation to the Company or on any transaction deliberated on at board meetings. The company has adopted a Conflict of Interest policy which forms part of the Business Code of Ethics which our directors adhere to. The Business Code of ethics is reviewed annually by the Social and Ethics Committee |
2.15 | The board should consider business rescue proceedings or other turnaround mechanisms as soon as the company is financially distressed as defined in the Act | Noted | The board notes this principle and will act accordingly should
circumstances require There have not been any circumstances requiring business rescue in the year under review |
2.16 | The board should elect a chairman of the board who is an independent non-executive director. The Chief Executive Officer (CEO) of the company should not also fulfil the role of Chairman of the board | Applied | The chairman of the board is an independent nonexecutive director. The roles of the chairman and CEO are separate |
2.17 | The board should appoint the Chief Executive Officer and establish a framework for the delegation of authority | Applied | The appointment of the CEO is a matter for the Board. A comprehensive delegation of authority framework is in place which is periodically revised and approved by the Board |
2.18 | Composition of the board The board should comprise a balance of power, with a majority of non-executive directors. The majority of non-executive directors should be independent. |
Applied | The majority of Telkom's board comprise independent non-executive directors |
2.19 | Board
appointment processes Directors should be appointed through a formal process. |
Applied | Directors are appointed through a formal process in accordance with the Company’s Memorandum of Incorporation as well as the procedures set out in the Nominations committee’s Terms of Reference. |
2.20 | Director
development The induction of and ongoing training and development of directors should be conducted through formal processes |
Applied | The Board has a formal induction process for its new directors in place. Training and development is on-going through the various committees. |
2.21 | Company
Secretary The board should be assisted by a competent, suitably qualified and experienced Company Secretary |
Applied | The company secretary has the requisite experience, and qualifications to competently fulfil the role of assistance to the board |
2.22 | Performance
assessment The evaluation of the board, its committees and the individual directors should be performed every year |
Applied | A Board evaluation was performed in June 2016 by an external service provider. The outcome of these evaluations inform the need for change in strategy directions and other gaps which require the board’s attention, development and training requirements, if any, for the directors |
2.23 | Board
Committees The board should delegate certain functions to well-structured committees but without abdicating its own responsibilities |
Applied | The Board has established six Committees with approved terms of references which clearly document functions delegated by the board to such Committees. The Chairs of the Committees provide formal reports to the board on matters delegated to them. The details of these Committees appear in the Integrated Report |
2.24 | Group
boards A governance framework should be agreed to between the group and its subsidiary boards |
Applied | the DoA served as a framework between the group and subsidiary boards, but given the revised operating model the Board identified a need for a more robust framework in the form of a governance framework which is currently underway |
2.25 | Remuneration
of directors and senior executives Companies should remunerate directors and executives fairly and responsibly |
Applied | The remuneration of directors and executives is a matter for the board, which is assisted by the Remuneration Committee. Remuneration is reviewed annually and is duly benchmarked |
2.26 | Companies should disclose the remuneration of each individual director and certain senior executives | Applied | The remuneration of directors and prescribed officers of the company is disclosed annually in the Integrated Report. |
2.27 | Shareholders should approve the company’s remuneration policy | Applied | The company’s remuneration policy is presented to shareholders for approval through a non-binding advisory vote at every Annual General Meeting |
3. Audit committees |
|||
3.1 | The board should ensure that the company has an effective and independent audit committee | Applied | The board has established an independent Audit Committee in accordance with the requirements of the Company’s Act. The Audit Committee’s composition is reviewed on an annual basis |
3.2 | Audit committee members should be suitably skilled and experienced independent non-executive directors | Applied | Members of the audit committee individually and collectively possess the qualifications and experience necessary to fulfil the mandate of the committee. All members are independent non-executive directors and are elected at every Annual General Meeting |
3.3 | The audit committee should be chaired by an independent non-executive director | Applied | The chairman of the audit committee is an independent non-executive director |
3.4 | The audit committee should oversee integrated reporting | Applied | The audit committee oversee the Group’s integrated reporting process and the content therein. It convenes a special meeting to review the Integrated Report in its entirety |
3.5 | The audit committee should ensure that a combined assurance model is applied to provide a co-ordinated approach to all assurance activities | Applied | The Audit Committee ensures that a combined assurance model involving a matrix of various business and functional areas within the group is applied. The committee interrogates the process to ensure that the necessary forums within the group are well coordinated |
3.6 | The audit committee should satisfy itself of the expertise, resources and experience of the company’s finance function | Applied | The committee annually reviews the performance of the finance function and from time to time satisfies itself of the expertise, resources and experience of the finance function |
3.7 | The audit committee should be responsible for overseeing of internal audit | Applied | The internal audit function within Telkom is overseen by and reports its activities to the audit committee. An assessment of the function is conducted on an annual basis |
3.8 | The audit committee should be an integral component of the risk management process | Applied | The audit committee is an integral component of the company’s risk management process. The committee works very closely with the risk committee in the management of enterprise risk. There is also cross-membership between the chairman of this committee and that of the risk committee |
3.9 | External assurance
providers The audit committee is responsible for recommending the appointment of the external auditor and overseeing the external audit process |
Applied | The appointment of the external auditor is recommended by the audit committee annually. The external audit process is overseen by the audit committee, from approval of the annual audit plan, receiving reports against such plan, monitoring actions to address audit findings, oversight of audit processes relevant to the preparation of the annual financial statements etc. |
3.10 | Reporting The audit committee should report to the board and shareholders on how it has discharged its duties |
Applied | The committee reports to the board at least once a quarter and submits a report on how it has discharged its duties to the shareholders in the Integrated Report |
4. The governance of risk |
|||
4.1 | The board should be responsible for the governance of risk | Applied | The Board through its Risk committee is responsible for the governance of risk. The Company’s Enterprise Risk Management section oversees the implementation of the risk strategies. Key risks are identified and prioritised on an ongoing basis in line with external environment and as the Company’s strategy evolves |
4.2 | The board should determine the levels of risk tolerance | Applied | The board has approved the risk appetite framework and the associated risk appetite and risk bearing capacity of the group. Through the risk committee, the board assesses the group’s risks against strategy, performance and other criteria and determines an acceptable level of risk tolerance for the group |
4.3 | The risk committee or audit committee should assist the board in carrying out its risk responsibilities | Applied | The Risk committee has the primary mandate of assisting the Board in carrying out its risk management responsibilities. The Risk committee works hand-in-hand with other committees, including the Audit committee, the Social and Ethics committee and the Investment and Transactions committee, to ensure that risks are properly managed from all relevant dimensions |
4.4 | Management's
responsibility for risk
management The board should delegate to management the responsibility to design, implement and monitor the risk management plan |
Applied | The group has enterprise risk management function. On an annual basis management prepares a risk management plan, which in turn is approved by the risk committee. Management provides the risk committee with regular updates on the progress related to the implementation of the plan. Management has also established business unit assurance forums which ensure the implementation of the enterprise risk management framework, timely identification of risk and appropriate risk responses |
4.5 | Risk
assessment The board should ensure that risk assessments are performed on a continual basis |
Applied | The enterprise risk management framework prescribes the process of continuous risk assessment. The risk portfolio is presented to the risk committee on a quarterly basis covering both the internal and external environment. The risk portfolio is all bench marked against the global telecommunications industry |
4.6 | The board should ensure that frameworks and methodologies are implemented to increase the probability of anticipating unpredictable risks | Applied | The group has a board approved enterprise risk management framework which incorporates best in class risk management methodologies. The framework aids the board through the identification, assessment, mitigation and reporting of risks, both current and unpredictable |
4.7 | Risk
response The board should ensure that management considers and implements appropriate risk responses |
Applied | Management regularly reports to the board on the risk responses adopted in mitigating the reported risk exposures |
4.8 | Risk
monitoring The board should ensure continual risk monitoring by management |
Applied | The company's risk management framework sets out a comprehensive risk monitoring and reporting system inclusive of the identification and measurement of key risk indicators. Management is responsible for monitoring the risk portfolio and has established the relevant levels of lines of defence and allocated responsibilities accordingly. The board, through its relevant committees, receives regular reports on all aspects of risk management |
4.9 | Risk
assurance The board should receive assurance regarding the effectiveness of the risk management process |
Applied | An assessment on the effectiveness of risk management is an annual review that is performed by internal audit and reported accordingly |
4.10 | Risk
disclosure The board should ensure that there are processes in place enabling complete, timely, relevant, accurate and accessible risk disclosure to stakeholders |
Applied | The Board has established a separate risk committee that approves the risk plan on an annual basis. The chairman of the risk committee reports to the board on a quarterly basis. The group provides full risk disclosure in the integrated report |
5. The governance of IT |
|||
5.1 | The board should be responsible for IT governance | Applied | The Board understands the importance, relevance and inherent risks in IT. Through the Risk Committee, the Board oversees the efefctiveness of IT governance |
5.2 | IT should be aligned
with the performance
and sustainability
objectives of the
company The board should delegate to management the responsibility for the implementation of an IT governance framework |
Applied | The IT strategy is informed by and aligned to the company performance and sustainability objectives through the business planning process |
5.3 | The board should delegate to management the responsibility for the implementation of an IT governance framework | Applied | The implementation of an IT strategy was delegated to and is run by management |
5.4 | The board should monitor and evaluate significant IT investments and expenditure | Applied | Significant investments and expenditure in IT are evaluated by the Board. The Delegation of Authority framework of the company ensures that all significant investments and expenditure be considered by the Board through its Investments and Transactions committee. Where appropriate, the Audit and Risk committees consider aspects of such investments or expenditure |
5.5 | IT should form an integral part of the company’s risk management | Applied | IT forms an integral part of the company’s risk management. |
5.6 | The board should ensure that IT assets are managed effectively | Applied | IT assets are the engine through which the company is run. As such, effective management thereof is deemed vital on how the business as a whole is managed. |
5.7 | A risk committee and audit committee should assist the board in carrying out its IT responsibilities | Applied | Responsibility for overseeing IT governance is carried out by the Audit and Risk committees. While the Risk committee receives reports from Management on a regular basis, The audit committee through the Chairs attendance of the risk committee oversees matters pertaining to IT |
6. Compliance with laws, rules, codes and standards |
|||
6.1 | The board should ensure that the company complies with applicable laws and considers adherence to non-binding rules, codes and standards | Applied | The group has a compliance division which is charged
with the responsibility for ensuring compliance with laws
applicable to it The compliance framework is approved the board on an annual basis. The group has a defined regulatory universe with compliance risk management plans to address the applicable legislation, codes and standards |
6.2 | The board and each individual director should have a working understanding of the effect of the applicable laws, rules, codes and standards on the company and its business | Ongoing | As part of the induction and ongoing training programme, the board is exposed to materials and interventions aimed at enhancing their understanding of the effect of laws, rules, regulations, codes and standards applicable to the company and its business |
6.3 | Compliance risk should form an integral part of the company's risk management process | Applied | The compliance risk management framework is integrated with the board approved enterprise risk management framework. Management reports to the risk committee on a quarterly basis regarding compliance with legislation, codes and standards |
6.4 | The board should delegate to management the implementation of an effective compliance framework and processes | Applied | The compliance risk management framework is prepared by management and approved by the board on an annual basis. Additionally management prepares a compliance plan, which in turn is approved by the risk committee. Management provides the risk committee with regular updates on the progress related to the implementation of the plan. Management has also established business unit assurance forums which ensure the implementation of the compliance framework, timely identification of compliance risks and appropriate risk responses Management has also implemented a control self-assessment process in order to obtain assurance regarding compliance with legislation, codes and standards |
7. Internal audit |
|||
7.1 | The board should ensure that there is an effective risk-based internal audit | Applied | Telkom has established an internal audit function which is mandated through a charter to provide risk-based assurance to the Audit Committee, as delegated by the board |
7.2 | Internal audit should follow a risk-based approach to its plan | Applied | The internal audit plan has adopted a risk-based annual planning approach, which is primarily informed by the risk register of the company and other sources of risk |
7.3 | Internal audit should provide a written assessment of the effectiveness of the company’s system of internal control and risk management | Applied | A written assessment of the effectiveness of the company’s system of internal controls and risk management is provided to the board through the audit committee on an annual basis |
7.4 | The audit committee should be responsible for overseeing internal audit | Applied | The audit committee oversees the activities of the internal audit function, from approving its annual plan to assessing its effectiveness at the end of each annual cycle |
7.5 | Internal audit should be strategically positioned to achieve its objectives | Applied | Internal audit reports functionally to the Chair of the Audit Committee and administratively to the Chief Financial Officer. The internal audit executive is a permanent invitee at both the Risk and Audit committee meetings |
8. Governing stakeholder relationships |
|||
8.1 | The board should appreciate that stakeholders' perceptions affect a company’s reputation | Applied | The Board fully appreciates the impact of stakeholder perceptions on the company’s reputation and how this can in turn affect the company’s performance and long-term sustainability. The board therefore places emphasis on ensuring ethical leadership and that company policies are understood and applied across the group |
8.2 | The board should delegate to management to proactively deal with stakeholder relationships | Applied | The CEO is charged with the management of stakeholder relationships |
8.3 | The board should strive to achieve the appropriate balance between its various stakeholder groupings, in the best interests of the company | Applied | In all its dealings, the board acts in the best interests of the company. As such, balancing the needs and expectations of the various stakeholders, such as clients, employees, regulators and shareholders, is a critical component of the board’s decision-making processes |
8.4 | Companies should ensure the equitable treatment of shareholders | Applied | Shareholders are treated equitably, in accordance with the JSE Listings Requirements |
8.5 | Transparent and effective communication with stakeholders is essential for building and maintaining their trust and confidence | Applied | The company has a comprehensive communications strategy and framework which informs its engagements with stakeholders. Transparency is a core element of this strategy and the board effectively communicates with the company’s stakeholders through the integrated report |
8.6 | Dispute
resolution The board should ensure that disputes are resolved as effectively, efficiently and expeditiously as possible |
Applied | Internal processes are in place to ensure that dispute resolutions are addressed effectively |
9. Integrated reporting and disclosure |
|||
9.1 | The board should ensure the integrity of the company's integrated annual report | Applied | The integrity of the company’s integrated report is ensured through a number of checks and balances employed in its preparation. Independent external auditors and other service providers provide the necessary assurance to the board regarding the integrity of the information in the integrated report. The Board ensures the integrity of the company’s integrated annual report through the Audit Committee which is mandated by the Board to ensure all the comments of the Board are incorporated into the integrated report. The Board signs off on it |
9.2 | Sustainability reporting and disclosure should be integrated with the company’s financial reporting | Applied | Sustainability reporting and financial disclosure are integrated into the company’s financial reporting |