22. The SWF should have a framework that identifies, assesses, and manages the risks of its operations.
22.1. The risk management framework should include reliable information and timely reporting systems, which should enable the adequate monitoring and management of relevant risks within acceptable parameters and levels, control and incentive mechanisms, codes of conduct, business continuity planning, and an independent audit function.
22.2. The general approach to the SWF’s risk management framework should be publicly disclosed.
The NSIA Act, Investment Policy Statements, and Investment Mandates describe the general framework for identifying, assessing and maintaining the risk of the funds. NSIA’s risk management framework is designed based on the “three lines of defence” model. The first line of defence in made up of the Investment team and support services such as Finance, Legal, IT and Administration. The second line of defence includes Risk Management and Compliance. To facilitate compliance with legislation, regulation, and internal policies and procedures, there is a dedicated Compliance function in place which leverages on a variety of compliance databases and third party corporate investigators and risk consulting firms. The third line of defence is made up of an independent Internal Audit function.
At a more operational level, NSIA’s Risk Framework has been developed in line with the Board and Management’s commitment towards establishing and sustaining leading practices in risk management. It sets out a formalised structure for the consistent management of risk at the Authority. Other ancillary risk framework and policy documents include Market Risk Framework, Operational Risk Framework, Market Risk management Policy, and Operational Risk Management Policy.
A Board Risk Committee is in place as a standing committee of the Board of Directors to assist the Board in fulfilling its oversight responsibilities for the identification and management of risks arising from the investment strategies pursued by the NSIA and to ensure that appropriate risk management controls are implemented, monitored and regularly assessed.
The Risk Management section of the Authority’s annual report also provides additional insights into NSIA’s approach to risk management, the risk management governance structure, its risk appetite, and risk universe.
Copies of the NSIA Act, Investment Policy Statements, Board Risk Committee Charter, and annual reports are publicly available at http://nsia.com.ng/downloads/