CSL Ltd Annual Report 2019

Risk management CSL has adopted and follows a detailed and structured Risk Framework to ensure that risks in the CSL Group are identified, evaluated, monitored and managed. This Risk Framework sets out the risk management processes and internal compliance and control systems, the roles and responsibilities for different levels of management, the matrix of risk impact and likelihood for assessing risk, and risk management reporting requirements. The risk management processes and internal compliance and control systems are made up of various CSL policies, processes, practices and procedures, which have been established by management and/or the Board to provide reasonable assurance that: –– established corporate and business strategies are implemented, and objectives are achieved; –– any material exposure to risk is identified and adequately monitored and managed; –– significant financial, managerial and operating information is accurate, relevant, timely and reliable; and –– there is an adequate level of compliance with policies, standards, procedures and applicable laws and regulations. Further details of CSL’s risk management framework are contained in CSL’s Corporate Governance Statement. A description of CSL’s key risks and key risk management activities for each risk can be found in the Directors’ Report on page 52 (and on CSL.com ). Ethical conduct CSL operates in a diverse and complex marketplace where bribery and corruption are risks that could expose the organisation and employees to possible prosecution, fines and imprisonment. CSL has a number of commercial arrangements with governments and related agencies across various geographies, presenting both challenges and opportunities. Market practices are governed by company-specific policies and procedures. Internal compliance mechanisms and control systems are overseen by CSL’s Audit and Risk Management Committee of the Board and the Global Compliance Committee (GCC), including the Global Business Integrity team. Based on these controls, we consider our overall risk relating to corruption to be low and are committed to ensuring full compliance in how we conduct our operations across all regions in which we operate and are seeking to enter. CSL’s Code of Responsible Business Practice (CRBP) underpins our commitment to operating with the highest integrity in the marketplace. In 2018/19, all employees, including contingent workers, undertook training on CSL’s CRBP, achieving a 93% completion rate (the movement of contractors impedes achievement of a higher completion rate). From 1 July 2018 to 30 June 2019, 135 reports were identified for the attention of management through our global hotline. For substantiated allegations, corrective actions were taken to the extent warranted. For matters closed during the reporting period, no allegations resulted in any regulatory action or action by law enforcement authorities indicating any increased risk profile. In addition, over 2018/19, our operations conducted a biannual assessment of bribery and corruption risk within their businesses. This is achieved by means of a standardised questionnaire that is completed and the responses are then reviewed with the GCC. During the reporting period, these assessments did not identify any significant corruption risks. More on CSL.com (Our Company) 135 hotline reports received with no violations of law or increased risk to our organisation. CSL Limited Annual Report 2019 31