These Terms of Reference were tabled for annual review by the

Committee at its meeting held on 15 November 2023.

No amendments were made.

TERMS OF REFERENCE

JSE GROUP RISK MANAGEMENT COMMITTEE

1. Introduction

F1

    1. The Group Risk Management Committee (the "Committee") is constituted as a standing committee of the
      Board of JSE Limited ("JSE"). The duties and responsibilities of the members of the Committee as set out in this document are in addition to those duties and responsibilities that they have as members of the Board.
    2. The deliberations of the Committee do not reduce the individual and collective responsibilities of Board members in regard to their fiduciary duties and responsibilities, and they must continue to exercise due care and judgement in accordance with their legal obligations.
    3. These terms of reference are subject to the provisions of the Companies Act, the JSE Memorandum of Incorporation, and any other applicable law or regulatory provision.
  2. Purpose of the terms of reference
    1. The purpose of these terms of reference is to set out the Committee's role and responsibilities as well as the requirements for its composition and meeting procedures.
  4. Composition
    1. The Committee comprises at least three non-executive directors who are appointed by the Board on the recommendation of the JSE Group Nominations Committee, together with the CEO.
    2. The Chairman of the Committee must be an independent non-executive director of the JSE and shall be appointed by the Board on the recommendation of the JSE Group Nominations Committee.
    3. The Chairman of the JSE Group Audit Committee shall be a member of this Committee.
    4. All members of the Committee must be suitably skilled and experienced directors.
    5. The members of the Committee must collectively have sufficient qualifications and experience to fulfil their duties.
    6. The Committee members must remain current with developments in the field of risk management.

JSE Group Risk Management Committee Terms of Reference

For annual review and confirmation in November 2023

Page 1 of 4

4. Role and Responsibilities

Role

4.1 The Committee has an independent role, providing oversight of all enterprise-wide risk management policies, procedures and activities of the JSE Group, including all subsidiary companies and entities within the Group - and in this regard the Committee shall assist the JSE Board in ensuring that -

  1. The JSE has implemented an effective policy and plan for risk management that will enhance the JSE's ability to achieve its strategic objectives; and
    1. The disclosure regarding all enterprise and business risks is comprehensive, timely and relevant.
  2. The Committee will provide oversight over the governance of technology and information by setting the direction for how technology and information should be approached and addressed in the organisation, including oversight of all information security matters and cyber risks.
  3. The Committee does not assume the functions of management, which remain the responsibility of the executive directors, prescribed officers and other members of senior management.
    Responsibilities
  4. The Committee will -
  1. Oversee the development and annual review of the JSE's risk management policy, processes and structures, as well as any significant subsequent changes thereto.
  1. Monitor the implementation of the policy and plan for risk management by means of risk management systems and processes.
  1. Consider the adequacy of risk management strategies, disclosures and plans for the significant risks facing the JSE on a continual basis.
  1. Regularly review the JSE's risk register prepared by management, and present the risk register on an annual basis to the Board.
  1. Make recommendations to the Board in regard to the risk appetite and risk monitoring such that risks are managed within the risk appetite framework approved by the Board.
  1. Make recommendations to the Board in regard to the risk tolerance and risk monitoring such that risks are managed within the risk tolerance level approved by the Board.
  1. Assume responsibility for the governance of technology and information and oversee the development and annual review of the JSE's technology policy and information policy, processes and structures, as well as any significant subsequent changes thereto.

JSE Group Risk Management Committee Terms of Reference

For annual review and confirmation in November 2023

Page 2 of 4

  1. Authority
    1. The Committee acts in accordance with the delegated authority of the Board as recorded in these terms of reference. It has power to investigate any activity within the scope of its terms of reference.
    2. The Committee, in fulfilment of its duties, may call upon the chairmen of other Board committees, any of the executive directors, officers or Group Company Secretary to provide it with information.
    3. The Committee has reasonable access to the JSE's records, facilities and any other resources necessary to discharge its duties and responsibilities.
    4. The Committee may form, and delegate authority to, sub-committees and may delegate authority to one or more designated members of the Committee, and to one or more members of the executive to perform certain tasks on its behalf.
    5. The Committee has the right to obtain independent outside professional advice to assist with the execution of its duties, at the JSE's cost, subject to compliance with JSE policies.
    6. The Committee makes recommendations to the Board that it deems appropriate on any area within the ambit of its terms of reference where action or improvement is required.
    7. The Chairman of the Committee must be present at all annual general meetings.
  3. Meeting Procedures
    1. Frequency
      1. The Committee must hold sufficient scheduled meetings to discharge all its duties as set out in these terms of reference but subject to a minimum of three meetings per year.
      2. Meetings in addition to those scheduled may, with the approval of the Chairman, be held at the request of the external auditor, the Chief Executive Officer, the Chief Risk Officer, the Director: Governance & Assurance other members of senior management or at the instance of the Board.
      3. The Chairman of the Committee may meet with the Chief Executive Officer, the Chief Risk Officer, and the Director: Governance & Assurance and/or Group Company Secretary prior to the Committee meeting to discuss important issues and agree on the agenda.
    3. Attendance
      1. The Chief Financial Officer, the Chief Information Officer, the Chief Risk Officer, the Director: Governance & Assurance, other relevant executives and senior management, representatives from internal audit and external auditors, other assurance providers, and professional advisors may be in attendance at Committee meetings, but by invitation only and they may not vote.
      2. Committee members must attend all scheduled meetings of the Committee, including meetings called on an ad-hoc basis for special matters, unless prior apology, with reasons, has been submitted to the Chairman or Group Company Secretary.
      3. The Group Company Secretary is the secretary to this Committee.
      4. If the nominated Chairman of the Committee is absent from a meeting, the members present must elect one of the members present to act as Chairman for that meeting.

JSE Group Risk Management Committee Terms of Reference

For annual review and confirmation in November 2023

Page 3 of 4

  1. Agenda and Minutes
    1. The Committee must establish an annual work plan for each year to ensure that all relevant matters are covered by the agendas of the meetings planned for the year. The annual plan must ensure proper coverage of the matters laid out in these terms of reference: the more critical matters will need to be attended to each year while other matters may be dealt with on a rotation basis over a three-year period. The number, timing and length of meetings and the agenda are to be determined in accordance with the annual plan.
    2. A detailed agenda, together with supporting documentation, must be circulated, at least one week prior to each meeting to the members of the Board and other invitees.
    3. Committee members must be fully prepared for Committee meetings to be able to provide appropriate and constructive input on matters for discussion.
    4. The minutes must be completed as soon as possible after the meeting and circulated to the Chairman and members of the Committee for review thereof. The minutes must be formally approved by the Committee at its next scheduled meeting.
  3. Quorum
    1. A representative quorum for meetings is a majority of members present.
    2. Individuals in attendance at Committee meetings by invitation may participate in discussions but do not form part of the quorum for Committee meetings.
  5. Evaluation
    1. The Board must perform an evaluation of the effectiveness of the Committee every year.

7. Approval of Terms of Reference

  1. The Committee shall review these terms of reference annually for continued relevance and applicability.
  2. Record of review and approval of these terms of reference:
    • Aligned to requirements of King IV
    • Reviewed and adopted by Committee on 4 November 2016
    • Approved by JSE Board 24 November 2016
    • Reviewed and adopted by Committee on 30 November 2017
    • Reviewed and adopted by Committee on 21 November 2018
    • Reviewed and adopted by the Committee on 21 November 2019
    • Tabled for review by the Committee on 20 November 2020
    • Approved by the Committee on 17 February 2021 (for 2021 year)
    • Reviewed and adopted by the Committee on 17 November 2021 (for 2022 year)
    • Reviewed and adopted by the Committee on 18 November 2022 (for 2023 year)
    • Reviewed and adopted by the Committee on 15 November 2023 (for 2024 year)

JSE Group Risk Management Committee Terms of Reference

For annual review and confirmation in November 2023

Page 4 of 4

Attachments

Disclaimer

JSE Limited published this content on 07 May 2024 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 07 May 2024 09:51:03 UTC.