Principal Risks

Our robust risk management process is integral to delivering the Group’s strategic and operational objectives.

APPROACH TO RISK MANAGEMENT

The Board and senior management take very seriously their responsibility for risk management and internal controls, and for reviewing their effectiveness at least annually. An effective risk management process balances risk and reward and is dependent on the judgement of the likelihood and impact of the risk involved. The Board has overall responsibility for ensuring there is an effective risk management process in place which is designed to identify the principal risks that the business faces and to provide reasonable assurance that they are fully understood and managed.

RISK APPETITE

The Gym Group seeks to optimise a high level of return whilst achieving appropriate risk versus reward performance in line with our growth strategy. Our commitment to delivering a compelling member experience means that we have no appetite to lose our price competitiveness or our commitment to operational excellence. We are willing to accept the risk of partnering with third parties to deliver our core business activities. However, contracts and relationships with critical suppliers must be well monitored, value for money and regularly reviewed. In addition, third parties must comply with appropriate regulatory and ethical standards.

We seek to provide a great place to work and balance costs and risks to ensure our colleagues are engaged and have the capability to deliver our strategy. We have no tolerance for harm (physical or mental) to individuals and actively promote diversity and inclusion. We also have no appetite for the loss of, or otherwise unauthorised or accidental disclosure of, member or other sensitive data and no appetite to knowingly breach the spirit or letter of the laws that apply to us. In areas of uncertainty, we will have a robust justification and clear rationale for the choices we make. Where possible, high priority projects must be delivered on time, to budget, to expected quality and in a way that safeguards the wellbeing of our colleagues working on the project. However, cost overruns and delays will sometimes be tolerated to achieve the desired outcome.

RISK MANAGEMENT PROCESS

The Group’s risk management process is designed to measure, evaluate, document and monitor risks within all areas of the business.

Each functional area of the business maintains an operational risk register in which senior management identifies and documents the risks that their business area faces. A review of the functional risk registers is performed at least annually by the Senior Management Team (SMT) - made up of the Executive Committee and other senior management - and by the Audit and Risk Committee (on behalf of the Board).

In addition, the Board and SMT also consider and identify strategic risks at least annually – i.e. those risks that they believe would have a significant impact on our ability to achieve our strategic goals

The Group principal risk register is made up of those strategic risks (top down) and functional risks that are believed would have the greatest impact on our operations (bottom up).

Each risk is evaluated against three criteria with equal weighting to arrive at an overall score:

• Likelihood – the likelihood of occurrence.
• Financial impact – the financial implications.
• Control environment – the strength of controls mitigating the risk.

In assessing the risks, consideration is given to ‘what can go wrong’, i.e. what could make the risk become realised. For each risk identified, current and future mitigations are developed and documented.

KEY ROLES AND RESPONSIBILITIES

The roles and responsibilities for designing, monitoring and operating the system of risk management are set out below.