Source - LSE Regulatory
RNS Number : 0787W
Sanne Group PLC
12 April 2019

Sanne Group plc


12 April 2019



Sanne Group plc

("SANNE" or "the Company")


Posting of Annual Report and Accounts and Notice of Annual General Meeting


SANNE, a leading global provider of alternative asset and corporate services, has posted its Annual Report and Accounts for the year ended 31 December 2018 (the "2018 Annual Report and Accounts"), together with the Notice of Annual General Meeting ("AGM") and Form of Proxy, to its shareholders. The 2018 Annual Report and Accounts and the Notice of AGM can also be downloaded from the Company's website at


Copies of the documents listed below have been submitted to the National Storage Mechanism and will be available for inspection at


·    Annual Report and Accounts for the year ended 31 December 2018

·    Notice of the Annual General Meeting

·    Form of Proxy


Information required under Disclosure Guidance and Transparency Rule 6.3.5


This announcement should be read in conjunction with the Company's preliminary results announcement issued on 22 March 2019. Together, these announcements constitute the material required by Disclosure Guidance and Transparency Rule 6.3.5 to be communicated to the media in full unedited text through a Regulatory Information Service. A description of the Principal Risks and Uncertainties and the Directors' Responsibility Statement, extracted in full unedited text from the 2018 Annual Report and Accounts, are set out below. This information should be read in conjunction with, and not as a substitute for, reading the full 2018 Annual Report and Accounts. Page numbers and notes in the following appendices refer to page numbers and notes in the Company's 2018 Annual Report and Accounts.



Appendix A: Principal Risks and Uncertainties


Risk assessment


The Group reviews and monitors risk exposures closely, considering the potential impact and any management actions required to mitigate the impact of emerging issues and potential future events. The Group Risk Register is the principal tool for monitoring risks which are classified in a strict hierarchy (see table on the next page). The highest level (Level 1) identifies five risk categories: Business Model & Strategy, Operational, People, Regulatory and Financial. The next level (Level 2) contains 27 risk categories and the final level (Level 3) carries the detailed risks themselves which are captured and maintained across the Group.


Each Level 2 and Level 3 risk is rated by assessing the likelihood of its occurrence over the next three years and the potential associated impact. A scoring is given to each risk which is then used in conjunction with an assessment of the internal control environment or other mitigations to derive a residual risk score.


Risk appetite


In determining its risk appetite, the Group has defined the levels of risk it is willing to take in the pursuit of its strategic objectives.


This has been articulated as a Risk Appetite Statement with appetite set for each of the Level 2 categories within the Group Risk Register. For each Level 2 risk category, the risk appetite is compared against the associated residual risk to identify areas of focus.


Principal Risks


The risks from the Group Risk Register are discussed, debated and challenged, firstly by senior management and Executive Directors, and then by the Risk Committee, with a view to presenting the key risks to the Board. The Board has agreed that the top risks will be presented in the Annual Report and Accounts as the Principal Risks.


Assessment of Principal Risks and Uncertainties


Using the described approach, the Board is able to confirm that they have carried out a robust assessment of the Principal Risks and Uncertainties facing the Group including those that would threaten its business model, future performance, solvency or liquidity. Included on page 71 is the viability statement, which has been prepared with the assessment of these Principal Risks and Uncertainties in mind.


Business Risk Assessments - global and jurisdictional targets


SANNE's Business Risk Assessment Framework is a key tool within the Group's risk management framework. Underpinned by SANNE's risk appetite, the framework evaluates the adequacy and effectiveness of SANNE's internal controls. Global, and a number of jurisdictional, assessments were completed in 2018 and the outcome included a consolidated view of existing risk exposures supported by agreed risk appetite statements and any remediation work required to strengthen existing control environments. SANNE's jurisdictional Business Risk Assessments will continue into 2019.


Level 1 Risk Category

Level 2 Risk Category

Principal Risk

Business Model & Strategy


Corporate Governance 

Risk Management

Acquisition Due Diligence

Acquisition Integration


Client Concentration










Business Change

Business Continuity



Outsourcing & Third Parties

Physical Security

Property Security

Cyber Security

Data Management













Staff Culture, Ethics & Behaviour

Staff Resources




Regulatory Change

Listing Rules


Financial Crime






Working Capital


Accounting & Reporting Errors







Business Model & Strategy


Direction of change: 

During the period the Group has seen steady progress with the integration of more recent acquisitions. SANNE has experienced a number of years of strong growth, both organically and inorganically, and therefore a number of projects (including strengthening the 3 Lines of Defence model and enhancing minimum internal standards) as mentioned on pages 34 and 35, have continued throughout 2018 to enhance the business model and keep on building stronger foundations for future sustainable growth.


Risk Description

Key Mitigants and Controls

Acquisition Due Diligence Risk

The risk that inadequate due diligence of future acquisitions made by the Group give rise to unidentified liabilities or unintended consequences and/or acquisitions made by the Group are poorly integrated, due to inadequate planning, lack of management oversight or lack of resources.


·    Robust due diligence process including 3rd party assessments by top accounting and law firms, prior to recommendations to the Board.

·    Governance and challenge from independent Non-executive Directors.

·    Committees set up to manage integration processes in line with SANNE's acquisition integration framework.

Competitor Risk

Risk of declining business revenue or margins by failing to invest in SANNE's infrastructure or innovate to react to external market conditions.

·    Strong pricing and bespoke business offerings driven by expert industry and client base knowledge.

·    Investment in product development capability.

·    Overarching Executive Committee and Board review of digital/ technology investment.

Strategy Risk

Risk of poor strategic business decisions, and/or poor execution, including poor communication, inadequate resources or a failure to respond to changing market conditions.

·    Regular review of business strategy.

·    Governance framework to escalate strategy and appetite issues.

·    Executive Committee and Board review and governance, including monthly financial and risk reporting.




Direction of change:

Continued acquisitions and strong growth in client numbers and staffing has meant increased inherent operational risk exposures for the Group, as anticipated in the 2017 Annual Report and Accounts. These risks have been mitigated, and a number of operational projects and business change initiatives continue to further strengthen the control environment in this respect. 


Risk Description

Key Mitigants and Controls

Business Change Risk

Risk of failure to effectively plan, design, communicate or execute internal change in a timely manner, leading to resistance, saturation and fatigue.

·    Dedicated and skilled change management resource.

·    Overarching governance of business critical change programmes by Executive Committee and Change & Investment Committee.

·    Documented change administration processes.

·    Horizon Scanning enabling early identification of upstream changes which may impact business operations. 

Cyber Security Risk

Risk that SANNE's systems, data or services are not protected from a cyber-attack leading to confidential data being obtained or services being unavailable.

·    Dedicated team responsible for Information Security. 

·    Staff Training & Awareness programme schedule, with mandatory training to all staff.

·    Policies and procedures in place.

·    Third Party Management Assessments and contract reviews.

·    InfoSec and cyber tools to support staff in managing exposure to cyber risk.

Process Risk

Risk of errors, inconsistent or untimely application of critical processes leading to customer dissatisfaction or failure to meet statutory or regulatory requirements.

·    Enhanced governance, structure and awareness through a Group framework that supports the creation and implementation of minimum standards.

·    Continued development and documenting of procedures.

·    First Line of Defence Control Testing programme.

·    Continued centralisation of critical processes, enabling standardisation and improving effectiveness. 

Data Management Risk

Risk of an inability to identify, maintain and protect data within agreed quality parameters, impacting delivery against strategic objectives and regulatory and legal obligations.

·    Dedicated team in place responsible for Data Protection, including a Global Data Protection Officer (DPO).

·    Staff Training & Awareness programme schedule, with mandatory training to all staff.

·    Policies and procedures in place.

·    Data Protection Data Flow Mapping.

·    Third Party Management Assessments and contract reviews.

·    Mapping and understanding of applicable regulatory and legal obligations.




Direction of change:

In key jurisdictions in which the Group operates, the fund and corporate administration employment market is increasingly competitive, which, along with the Group's continuing organic growth, can lead to difficulties in attracting and retaining the best resources. Initiatives to create and develop knowledge hubs across the organisation are ongoing, and will help to mitigate this risk over the medium-term. With a new senior leadership team now in place, we continue to progress towards developing more centres of excellence to support our staff.   


Risk Description

Key Mitigants and Controls

Staff Resourcing Risk

Risk of failure to attract, retain or engage staff, leading to insufficient capacity and / or capability, undermining business performance and delivery.

·    Investment in training with established industry bodies such as ACCA, ICAEW and ICSA, alongside regulatory training, coaching and mentoring.

·    Established Remuneration Committee for Executive Directors.

·    Enhanced Employee Value proposition through market monitoring, remuneration benchmarking and performance management and bonus structure.

·    Increased focus on succession planning.




Direction of change:

The Group remains exposed to the political/regulatory risks associated with Brexit and continues to monitor ongoing developments as the 2019 deadline approaches. Regulatory Compliance risk is in part correlated to business model, operational and staff risk, recognising that as the Group becomes larger and more diverse, the risk of an omission or error increases leading to possible regulatory sanction. This increasing risk is being mitigated by various projects, in particular the strengthening of the 3 Lines of Defence model and including an increase in assurance and oversight activity.


Risk Description

Key Mitigants and Controls

Regulatory Change Risk

Risk of failure to identify, assess, communicate and execute mandatory regulatory changes to our policies, processes and technology in a timely manner.


·    Brexit Committee in place to consider, assess and monitor risks and opportunities.

·    Active dialogue with regulators, governmental and industry bodies supported by a regulatory liaison policy framework.

·    Horizon scanning process enabling early identification of upstream regulatory and legislative changes which may impact SANNE. 

·    Jurisdictional oversight by Compliance and increased level of monitoring activity.

Compliance Risk

Risk of failure to identify non-compliance to mandatory regulatory requirements and/ or provide timely, accurate and complete reports and required disclosures.

·    Compliance monitoring plans established in each jurisdiction assessing compliance with local requirements.

·    Issues management policy established requiring incidents to be escalated to jurisdictional and Group governance committees on a materiality basis.

·    Regulatory liaison policy detailing the requirements of notification of material events to local regulators/ licensees.

·    Employee awareness campaigns embedding knowledge relating to timely escalation of incidents, breaches and errors.

Financial Crime Risk

Risk of inadequate policies, procedures, controls and technology to identify, assess and manage Financial Crime Risks, leading to SANNE being exposed to, and used for, criminal activity.

·    Financial Crime controls and procedures in place.

·    Manual and automated name screening for sanctions, Politically Exposed Persons (PEPs) and adverse information.

·    Financial Crime Risk governance structure with Group and jurisdictional subject matter expert support.

·    Centralised KYC Data to manage and identify risks.

·    All transactions subject to approval process and subject to sign-off.



Direction of change: 

Given the number of acquisitions made by the Group in recent years, there are significant intangible assets (including goodwill) on the balance sheet.


Risk Description

Key Mitigants and Controls

Impairment Risk

Risk of recoverable amounts being below the value of assets, including intangible assets (e.g. goodwill), due to a decline in value following acquisition.

·    Director led due diligence with 3rd party assessments by top accounting and law firms.

·    Impairment testing and attestations per accountancy rules.

·    Six monthly value assessments.

·    Ongoing monitoring against performance expectations and targets.

·    Focus on delivering strategic and financial benefits from acquired businesses.



Appendix B: Directors' Responsibility Statement


We confirm that to the best of our knowledge:


·    the financial statements, prepared in accordance with the applicable set of accounting standards, give a true and fair view of the assets, liabilities, financial position and profit of the parent Company and its undertakings included in the consolidation taken as a whole; and

·    the Strategic Report and Directors' Report include a fair view of the development and performance of the business and the position of the Company and the undertakings included in the consolidation taken as a whole, together with a description of the Principal Risks and Uncertainties that they face.



For and on behalf of Sanne Group plc





Sanne Group plc

Ian Portal, Group Company Secretary


+44 (0) 20 3911 1048        

Tulchan Communications LLP

Tom Murray


+44 (0) 20 7353 4200






SANNE is a leading global provider of alternative asset and corporate services. Established for over 30 years and listed on the Main Market of the London Stock Exchange and a member of the FTSE 250 index, SANNE employs more than 1,400 people worldwide and administers structures and funds that have in excess of £240 billion of assets.


Key clients include alternative asset managers, financial institutions, family offices, ultra-high net-worth individuals and corporates.


SANNE operates from a global network of offices located in leading financial jurisdictions, which are spread across the Americas, Europe, Africa and Asia-Pacific. 


This information is provided by RNS, the news service of the London Stock Exchange. RNS is approved by the Financial Conduct Authority to act as a Primary Information Provider in the United Kingdom. Terms and conditions relating to the use and distribution of this information may apply. For further information, please contact or visit
Find out how to deal online from £1.50 in a SIPP, ISA or Dealing account.