Orbis has four key assurance and advisory functions—Legal, Compliance, Risk, and Internal Audit—that work closely with each other and with other teams across the firm. They ensure that the firm understands and complies with the laws and regulations of all jurisdictions in which it operates, and markets in which we invest. Each of these teams is discussed in further detail below.
Working with teams throughout the organisation, the Legal team helps structure solutions that address the business and legal risks they face in pursuit of their strategic objectives.
Like other investment managers, we are registered with regulators in the various jurisdictions in which we operate. We need to ensure that our activities are consistent with each regulator’s rules and regulations. This is the responsibility of our Compliance team. The team works with the other assurance and advisory functions, as well as with our traders and client servicing teams, to ensure that transactions by our Funds and in our Funds are consistent with our internal controls and external regulatory requirements.
Orbis believes that a strong internal control environment requires layered lines of defence, with people at all organisational levels aware of and accountable for their part of the risk of doing business. While business units are always primarily responsible for the risks in their areas and ensuring that appropriate mitigating controls are in place, our Risk team acts as an independent, specialist advisor—helping people to optimise business processes and promote appropriate redundancy, consistency, security and control in all operations. As such, the Risk team is concerned with all risk events that could adversely impact the achievement of the firm’s objectives.
The head of the team, our Global Risk Manager, sits on our Global Risk Committee (GRC) which also includes the heads of other Legal, Compliance, and operational teams. The GRC meets quarterly, or more frequently if required, and provides a summary of any significant findings and recommendations to the relevant Orbis company boards.
Orbis also has a dedicated Information Security team of security experts with significant financial services experience. Its aim is to ensure the confidentiality, integrity and availability of the firm’s information and services. This includes information about our clients and our employees, as well as the firm’s business and intellectual property. Focus areas include policies, consulting, training, security infrastructure, secure software development techniques and testing with a remit ranging across all aspects of application, infrastructure and data security. The Information Security team reports to the Global Risk Manager and provides regular updates to senior management at the Global Risk Committee meetings.
The Internal Audit team provides independent assurance on the risks and controls surrounding critical business processes, highlighting control weaknesses and suggesting pragmatic control solutions. It also provides independent assurance in relation to management’s assertions to the boards surrounding the adequacy and effectiveness of governance, risk management, compliance and control. In addition, the Internal Audit team helps co-ordinate external third party annual reviews of the firm’s internal control framework.