Get Adobe Flash player

Corporate Governance

The group fully supports the application of the King III Report’s Code of Corporate Practices and Conduct and the board of directors is committed to the principles of transparency, integrity and accountability. The board subscribes to the values of and accepts the inclusive approach to good corporate governance espoused in the King III Report. The board and individual directors accept their responsibility to ensure that the principles set out in the Code of Corporate Practices and Conduct as defined in the King III Report are observed. The board established a sub-committee to look at the requirements of King III and present the board with recommendations on areas of weakness with reference to the requirements of King III. The board and group audit committee have agreed not to produce an integrated report for the 2011 year end as discussion papers are still being issued by the International Integrated Reporting Committee (“IIRC”). An integrated report will be completed for the 2012 year end. The board is of the view that, except as stated below, the group complies, insofar as is applicable, with the provisions contained in the Code and the board of directors specifically wishes to report on the following in this report.

The board of directors

The board of directors of SecureData is chaired by Rudolf Pretorius, a non-executive director. The board recognises that the chairman is not independent as per the requirements of King III. The board appointed Peter Sneddon as lead independent non-executive director as part of the strategic review process. The board comprises three independent nonexecutive directors, three non-executive directors and one executive director. In line with King III the board reviewed the independence of Peter Sneddon as a long serving non-executive director and is satisfied that he is independent. The roles of the chairman and chief executive officer are separated. This allows the non-executive directors to provide independent judgement on issues of strategy, performance, resources, transformation, diversity and employment equity, evaluation of performance and standards of conduct. The above board composition reflects a good balance between non-executive and executive directors.

While executive directors have service contracts and restraint of trade agreements, they are also shareholders of SecureData. Certain of the non-executive directors represent organisations that hold substantial investments in the group. The board meets at least once every quarter and retains full and effective control over the group. Specifically, it directs and controls the management of the group, is responsible for the group’s strategic and fiscal policy, and is involved in all material decisions affecting the group. Full details of the board of directors are set out on pages 12 and 13 of this report.

The board is responsible for providing strategic direction to the group, appointing the chief executive officer and ensuring that appropriate succession planning is in place. The non-executive directors take responsibility for ensuring that the chairman encourages proper deliberation of all matters requiring the board’s attention. The board ensures that there is an appropriate balance of power and authority so that no one individual or block of individuals can dominate the board’s decision-making process.

The board has a formal schedule of matters reserved to it. The board ensures that the group has a comprehensive system of control ensuring that risks are mitigated and the group’s objectives are attained. This control environment sets the tone of the group and covers ethical values, management’s philosophy and the competence of employees.

The board ensures that the group complies with all relevant laws, regulations and codes of business practice and that it communicates with its shareholders and relevant internal and external stakeholders openly, promptly and with substance prevailing over form. The board and its committees are supplied with full and timely information which enables them to discharge their responsibilities and have unrestricted access to all company information, records, documents and property. Non-executive directors have access to management and may even meet separately with management, without the attendance of executive directors. All directors have access to the advice and services of the company secretary and there is an agreed procedure by which directors may obtain independent professional advice, at the group’s expense, should they consider this necessary.

The group has a formal policy, established by the board and implemented by the company secretary, prohibiting dealing in securities by directors, officers and other selected employees for a designated period preceding the announcement of its financial results or in any other period considered sensitive.

The board defines levels of materiality, reserving specific power to it and delegating other matters with the necessary written authority to management. These matters are monitored and evaluated on a regular basis.

The board identifies the key risk areas and key performance indicators for the group. These are regularly updated and particular attention is given to technology and systems.

Directors, both executive and non-executive, are appointed for their skill and experience. The procedure for the nomination and appointment of directors is a matter for the board as a whole and the board will consider whether a potential director is a fit and proper person to be appointed as a director. The appointment of new directors requires the unanimous approval of the board.

The attendance at the board meetings held during the period under review is set out below:

Attendance

Board committees

Specific responsibilities have been formally delegated to board committees with defined terms of reference, life span and function, clearly agreed upon reporting procedures and written scope of authority. There is transparency and full disclosure from the board committees to the board. Board committees are free to take independent outside professional advice as and when necessary and are subject to regular evaluation by the board to ascertain their performance and effectiveness.

Nomination and remuneration committee The nomination and remuneration committee is responsible for the assessment and approval of the board’s remuneration strategy for the group, the determination of short- and long-term incentive pay structures for group executives, the positioning of senior executive pay levels relative to local and international industry benchmarks, and the assessment and authorisation of specific reward proposals for the group’s executive directors and those executives reporting directly to the non-executive chairman. The nomination and remuneration committee consists of Peter Sneddon (lead independent non-executive director and acting chairman since 21 July 2010) and Njabulo Mthembu (non-executive director).

Directors who are members of the nomination and remuneration committee are excluded from discussions relating to the review of their own remuneration.

The nomination and remuneration committee’s overall strategy is to ensure that employees are rewarded for their contribution to the group’s operating and financial performance at levels which take account of industry, market and country benchmarks, as well as the requirements of collective bargaining. In order to promote an identity of interest with shareholders, share incentives are considered to be critical elements of executive incentive pay.

The attendance at the nomination and remuneration committee meetings held during the period under review is set out below:

Attendance

Audit and risk committee

The charter of the audit committee has been expanded to include the elements of risk identified by King III. The audit and risk committee, comprising Peter Sneddon (lead independent non-executive director and chairman of the audit committee), Thabiso Moerane (independent non-executive director) until her resignation as director on 13 June 2011, Andrew Aitken (non-executive director) until 9 January 2012, N Mthembu from 11 October 2011 to 9 January 2012, Tsediso Gcabashe and Jake Archer since 9 January 2012, was established with terms of reference from the board. The audit and risk committee meets regularly to discuss issues of accounting, auditing, internal controls and financial reporting. The external auditors have unrestricted access to the chairman of the audit and risk committee.

The audit and risk committee is responsible for reviewing the functioning of the internal control system, risk areas of the group’s operations, the reliability and accuracy of the financial information provided to management and other users of financial information, whether the group should continue to use the services of the current external auditors, any accounting or auditing concerns identified as a result of the external audit, and the group’s compliance with legal and regulatory provisions, its Memorandum of Incorporation, code of conduct, by-laws and the rules established by the board.

The duties of the audit and risk committee include reviewing the scope and results of the external audit and its cost effectiveness, as well as the independence and objectivity of the external auditors. Where the auditors supply non-audit services to the group, the audit and risk committee reviews the nature and extent of such services, seeking to balance the maintenance of objectivity and value for money.

The duties of the audit and risk committee include reviewing the scope and results of the internal audit and its cost effectiveness, as well as the independence and objectivity of the internal auditors.

The audit and risk committee considers whether or not the interim report should be subject to an independent review by the auditors. It also reviews the annual financial statements and the appropriateness of the accounting policies adopted by the group.

The audit and risk committee has written terms of reference that deal with the membership, authority and duties of the audit and risk committee.

The audit and risk committee has met with the executive financial director and has satisfied itself as to the appropriateness and expertise of the financial director.

The attendance at the audit and risk committee meetings held during the period under review is set out below:

Attendance

Social and ethics committee

The new Companies Act requires companies to establish a social and ethics committee within 12 months from 1 May 2011. The board recognises the requirement and will establish the committee within the required time frames.

Accountability and audit

Going concern

The combination of lower profits and problems with debtor collections in SecureData Africa caused the group to breach one of the financial covenants implemented by the long-term financier at 31 July 2011. The group paid all its instalments on the loan when they became due. Through correspondence with the financier they indicated it is unlikely that they will recall the total loan while the group is up to date with instalments, however, it is possible that they may charge a penalty interest of up to 2% above the normal interest rate payable on the loan, for the period during which the loan covenant is in breach. The financier confirmed they will change the 2% penalty interest from 1 November 2011. The directors are confident the group will continue to meet all payments when they become due over the remainder of the term of the loan. The directors have no reason to believe that the company and the group will not be a going concern in the year ahead. Accordingly, the annual financial statements are prepared on the going concern basis.

The board minuted the facts and assumptions used in the assessment of the going concern status of the group and company at the financial year-end.

Auditing and accounting

The audit and risk committee is of the opinion that the auditors observe the highest level of business and professional ethics and that their independence is not in any way impaired.

Internal control

The directors are responsible for ensuring internal control systems exist that provide reasonable assurance regarding the safeguarding of assets and the prevention of their unauthorised use or disposition, the maintenance of proper accounting records, the reliability of financial and operational information used in business and compliance with applicable laws and mandates.

Actions are taken to correct any deficiencies as soon as they are identified.

Nothing has come to the attention of the directors to indicate that any breakdown in the functioning of the internal financial controls has occurred during the period under review. The controls are monitored throughout the group and all employees are required to maintain the highest ethical standards in ensuring that the group’s business practices are conducted in a manner above reproach.

The audit and risk committee appointed an external assurance firm to perform an internal audit during the year under review. The internal audit did not expose any significant areas of weak internal controls and the recommendations provided by the assurance firm will be implemented during the next financial year to further improve the quality of internal controls.

Risk management

The board is responsible for the total process of risk management, as well as forming its own opinion on the effectiveness of the process, and sets the risk strategy, which is based on the need to identify, assess, manage and monitor all known forms of risk across the group, in liaison with the executive directors and senior management. These policies are clearly communicated to all employees to ensure that the risk strategy is incorporated into the language and culture of the group.

The board decides the group’s appetite or tolerance for risk and has the responsibility to ensure that the group has implemented an effective ongoing process to identify risk, to measure its impact against a broad set of assumptions and then to activate what is necessary to proactively manage these risks.

Risk management and internal control are practised throughout the group and are embedded in day-to-day activities.

Risk is not viewed only from a negative perspective. The review process also identifies areas of opportunity, such as where effective risk management can be turned to a competitive advantage. Risks are assessed on an ongoing basis and control activities are designed to respond to risks throughout the group. This has been in place for the year under review and up to the date of approval of the annual report and financial statements.

Relationship with shareholders

It is the policy of the group to pursue dialogue with institutional investors based on constructive engagement and the mutual understanding of objectives taking due regard of statutory, regulatory and other directives regulating the dissemination of information by companies and their directors. The board accepts its duty to present a balanced and understandable assessment of the group’s position in reporting to stakeholders, taking into account the circumstances of the communities in which it operates and the greater demands for transparency and accountability regarding non-financial matters. Reporting addresses material matters of significant interest and concern to all stakeholders and presents a comprehensive and objective assessment of the group so that all shareholders and relevant stakeholders with a legitimate interest in the group’s affairs can obtain a full, fair and honest account of its performance.

IT governance and IT risk management

The group keeps the management of IT risk in high regard especially in the areas of providing services to customers. Each operating division within the group has an appointed IT manager who is responsible for managing all areas of IT risk. This includes areas of redundancy on power supplies and disaster recovery plans to ensure the operating divisions have the appropriate IT security systems and policies in place. Disaster recovery plans are tested on a regular basis.

Code of ethics

The board is continuously updating a code of ethics in order to:

  • make clear what is acceptable and unacceptable practice;
  • guide company policy by providing a set of corporate ethical standards;
  • encourage ethical behaviour of the board, managers and employees at all levels;
  • guide difficult decision-making;
  • make ethical infringements easy to identify;
  • promote awareness of, and sensitivity to, ethical issues;
  • help resolve conflicts;
  • specify the enterprise’s social responsibility;
  • cover relations between stakeholders; and
  • enhance the ethical reputation of the organisation.

Safety, health and environment (“SHE”)

The board is responsible for dealing with SHE issues and provides the necessary guidance in developing and approving the policy, strategy and structure to manage SHE issues.

Safety

The board is committed to preventing workplace accidents and fatalities and ensures the group’s compliance with the Occupational Health and Safety Act, 1993 (Act 85 of 1993).

Health

The HIV/Aids pandemic is a growing threat in South Africa and the group pays particular attention to this disease, without disregarding other diseases that could pose a significant risk.

The environment

The group’s activities do not pose a significant threat to the environment.

Social and transformation issues

Employment equity

The board is committed to the principles of employment equity and ensures the group’s compliance with the Employment Equity Act, 1998 (Act 55 of 1998) as amended. The empowerment and advancement of previously disadvantaged individuals is based on the premise that they are equal partners in the corporate sphere and their contribution is valuable.

The group strives for adequate representation of historically disadvantaged individuals at top management and board levels. The board recognises the importance of diversity management and is developing mechanisms to positively reinforce the richness of diversity.

Employment responsibility

The group is committed to providing equal opportunities for all its employees regardless of their race or gender. The group recognises the need for its staff complement to reflect the society in which it operates and is also committed to the development of all its employees. In order to achieve these ideals, the group has adopted policies that will ensure that:

  • all employees are treated as individuals regardless of religion, race, gender or creed;
  • special efforts are made to assist in the development of employees who, through lack of past opportunity, do not possess the necessary skills; and
  • all employees are eligible to participate in the SecureData Holdings Share Incentive Scheme.

Broad-based black economic empowerment (“BBBEE”)

Over and above the measures to facilitate empowerment through employment practices, the group strives to make a significant contribution to black economic empowerment through its procurement and investment policies as well as its social investment prioritisation and spending.

The group employed the services of a BEE agent to assist in designing a strategy to achieve the objectives of BEE. The group achieved a level 4 rating for SecureData Africa and level 4 rating for SensePost. The objective to achieve better ratings continues.

Home | Financials | About Us | Operating Divisions | Contact Us

© SecureData Holdings 2011