REG-Travis Perkins Travis Perkins: Travis Perkins: Publication of 2019 Annual Report
03/03/2020 15:05
============
Travis Perkins (TPK)
Travis Perkins: Travis Perkins: Publication of 2019 Annual Report
03-March-2020 / 15:00 GMT/BST
Dissemination of a Regulatory Announcement, transmitted by EQS Group.
The issuer is solely responsible for the content of this announcement.
══════════════════════════════════════════════════════════════════════════
Publication of the Annual Report 2019
Further to the release of its results announcement this morning, Travis
Perkins plc (the "Company") announces that it has today published its
Annual Report for the year ended 31 December 2019. The Company's Annual
Report 2019 can be viewed on the Company's website -
1 www.travisperkinsplc.co.uk
In accordance with rule 9.6.1 of the Listing Rules, copies of the
following documents have been submitted to the National Storage Mechanism
and will shortly be available for inspection at
2 www.morningstar.co.uk/uk/NSM
• Annual Report and Accounts 2019;
A condensed set of the Company's financial statements and information on
important events that have occurred during the year and their impact on
the financial statements were included in the Company's announcement. That
information together with the information set out below which is extracted
from the Annual Report constitute the requirements of Disclosure and
Transparency Rule ("DTR") 6.3.5 which is to be communicated via a
Regulatory Information Service in unedited full text. This announcement is
not a substitute for reading the full Annual Report. Page and note
references in the text below refer to page numbers in the Annual Report.
To view the preliminary announcement, visit the Company's website:
3 www.travisperkinsplc.co.uk
Enquiries:
Graeme Barnes
4 Graeme.barnes@travisperkins.co.uk
+44 (0) 7469 401819
Robin Miller
5 Ribin.miller@travisperkins.co.uk
+44 (0) 1604 592533
STATEMENT OF PRINCIPAL RISKS AND UNCERTAINTIES
For the year ended 31 December 2019
The Group's risk management activities continue to be developed to support
management in identifying both threats and opportunities that could
materially impact strategic delivery, performance, compliance and
reputation. The Group operates in markets and an industry which, by their
nature, are subject to a number of inherent risks. In common with most
large organisations the Group is also subject to general commercial,
political and economic risks. The Group is able to mitigate those risks by
adopting different strategies and by maintaining a strong system of
internal control which is routinely tested and assured. However,
regardless of the approach that is taken, the Group must accept a certain
level of risk in order to generate suitable returns for shareholders, and
for that reason the risk management process is closely aligned to the
Group's strategy.
Risk management framework
The Board has developed a risk reporting framework that ensures it has
visibility of the Group's key risks, the potential impacts on the Group
and how and to what extent those risks are mitigated. Further details of
the Group's risk management processes and oversight are given in the
Corporate Governance Report on page 75.
The Board undertook an enhanced exercise during 2019 to consider the
nature and level of risk it is prepared to accept to deliver the strategy.
Risk appetite is set across a suite of risk categories directly relevant
to the Group, supported by high-level risk statements which set out the
expectations for the management and control of each category of risk. The
resulting assessment of risk appetite has been set to balance
opportunities for growth and business development in areas of potentially
higher risk and return, whilst prioritising safety and maintaining the
Group's reputation, legal and regulatory compliance and the desired high
levels of customer service and satisfaction.
Principal risks
At least twice a year, the Board and Group Leadership Team formally assess
the Group's principal risks. The table on pages 40 to 51 sets out, in no
particular order, the principal risks that are currently considered by the
Board to be material to the achievement of the Group's objectives, their
potential impacts, mitigating factors and those areas of the businesses'
strategies that are potentially impacted. The inherent risk (before the
operation of mitigating controls) is stated for each risk area together
with an indication of the current trend for that risk.
The nature of risk is that its scope and potential impact will change over
time. As such the list below should not be regarded as a comprehensive
statement of all potential risks and uncertainties that may manifest in
the future. Additional risks and uncertainties that are not presently
known to the Directors, or which are currently deemed immaterial, could
also have an adverse effect on the Group's future operating results,
financial condition or prospects.
Key changes in the year
The risk environment in which the Group operates does not remain static.
As part of the ongoing risk review process, the Board and Group Leadership
Team: identify new risks for the Group, assess the inherent risk
associated with each principal risk, and determine whether the risk trend
facing the Group is increasing, decreasing or unchanged.
Whilst the risk profile for the Group remains relatively stable relative
to 2018, the following key changes were identified in 2019:
• One additional principal risk has been disclosed in relation to IT
systems and infrastructure. This risk previously formed part of the
risk associated with change management and has been separated given
the Group's plans to modernise its IT infrastructure and replace a
number of legacy systems
• The inherent risk associated with business transformation initiatives,
including the IT modernisation programme, has been reassessed as
"high" to reflect the scale of change activities ongoing or planned
within the Group
• The inherent risk associated with cyber threats and data security has
been increased to "high" to acknowledge that the continual changes in
both threat sources and the tactics employed by cyber criminals
present an ongoing challenge for all companies, including the Group
Emerging risks
The Board is required to undertake a robust assessment of the emerging
risks that may impact the Group under the 2018 UK Corporate Code, which is
effective from 1 January 2019. In response to this requirement,
consideration of emerging risk has been integrated into the Group's
current risk management practices, which continue to be developed and
refined. The Board regularly considers the latest risk research alongside
views on emerging risks collated from assessments made by the business
unit and functional leadership teams. These risks are monitored but are
not currently assessed as sufficiently material to be considered as
principal risks.
The Group is monitoring the potential impact of COVID-19 carefully. The
Group will continue to review the possible impacts on the business and
refine its contingency plans as more information about the epidemic
emerges.
Risk workshops are undertaken periodically with the most significant
business units and are structured to consider a number of risk categories,
including "disruption", being the risks that may emerge and impact the
viability of a strategy or business model. The current statement of
principal risks recognises the potential for such disruption in the
competitor and customer landscape, as well as in relation to suppliers.
Category Principal risks Risk trend Inherent risk
Changing customer and competitor
landscape
↔
Supplier risks High Medium High
External ↔ High
Brexit
↔
Market conditions
↔
Capital allocation ↓
Medium High
Strategic Change Management ↑
Medium
Portfolio management ↔
↑
IT systems and infrastructure
Technological ↑ High High
Cyber threat and data security
↔
Health and safety
↔ Medium
Operational Talent management
Medium Medium
Legal compliance
↑
Key disruptive risks are also identified and mitigated by the Group. None
of them are currently considered to be principal risks
Risk Trend: ↑ Increasing ↓ Decreasing ↔ Unchanged
CHANGING CUSTOMER AND COMPETITOR
LANDSCAPE
RISK DESCRIPTION
The Group sells and
distributes building
materials through a
number of channels.
The number of
outlets and channels
where building
materials can be
purchased continues
to grow with new
competitors entering
the market. These RISK MITIGATION
new entrants may
operate business The Board is cognisant of the risks
models which differ and opportunities presented by the
significantly from changing customer and competitor
the traditional landscape and evaluates developments
merchanting, retail both in terms of threats and
and online formats opportunities for the Group.. One
INHERENT RISK: from which the Group example of this in 2019 is the
High currently operates decision to pursue the demerger of the
and may take market Wickes business, and for the Group to
TREND: share. focus on the service of trade rather
Unchanged than retail customers.
The demerger of the
STRATEGY: Wickes business will The Group continues to build
change the risk multi-channel capabilities that
Best-in-class profile of the Group complement its existing operations and
services in the coming year, enable customers to transact with the
as exposure to the Group through channels that best suit
Focus on trade retail sector is their needs.
reduced.
Advantaged The Group is able to use its sites
businesses Customer purchasing flexibly to respond to changes.
habits also continue Alternative space utilisation models
IMPACT: to evolve with an are possible, including maintaining
increasing smaller stores and implanting
Adverse effect percentage of additional services into existing
transactions for the branches. During 2019, Toolstation
on financial Group now opened its first high street store.
results originating online.
Customers' The development of new, innovative and
Loss of market preference for competitive supply solutions is a key
share purchasing materials strength of the Group. It works
through a range of closely with customers and suppliers
supply channels and on a programme of continuous
not just through the improvement to enhance the customer
Group's traditional proposition.
competitors may
adversely impact the Pricing strategies across the Group
profitability of are regularly reviewed and refined as
branch-based necessary to ensure they remain
operations and the competitive.
Group's overall
performance.
Increasing price
transparency could
lead to a perception
that the Group is
less price
competitive leading
to downward pressure
on price and
margins.
TALENT MANAGEMENT
RISK DESCRIPTION
People are key to
the Group's success.
The ability to
recruit, develop,
retain and motivate
suitably qualified
and experienced
staff is an
important driver of
the Group's overall
performance. The
Group may also be
exposed to skills
shortages in certain
areas which can
result in salary
cost pressures. This RISK MITIGATION
may be compounded by
Brexit if The Group's employment policies and
significant numbers practices are kept under regular
of EU citizens review. Staff engagement and turnover
decide to leave the by job type is reported regularly to
UK (see also page the Group Leadership Team and the
47). In particular, Board. A Group-wide talent and
INHERENT RISK: the availability of succession exercise was undertaken in
Medium suitably qualified 2019 and reviewed by the Board.
commercial drivers Succession plans are reviewed
TREND: is an area of annually; the process was reviewed for
Unchanged ongoing focus for 2020 to ensure that plans are in place
the Group, which is for the Board, senior management
critical to the positions and other critical roles and
operation of its to promote the development of diverse
STRATEGY: fleet to meet and inclusive pipelines.
customer delivery
Best-in-class expectations. The Group's reward and recognition
services systems are actively managed to ensure
The strength of the high levels of employee engagement.
Focus on trade Group's customer Salaries and other benefits are
proposition is benchmarked regularly to ensure that
Simplifying underpinned by the the Group remains competitive and the
the Group quality of people Group operates incentive structures to
working throughout ensure that high-performing colleagues
IMPACT: the Group, are adequately rewarded and retained.
particularly in
Adverse effect branch and other A wide range of training programmes
on delivery of customer-facing are in place to encourage staff
strategy roles. Many development. Management development
colleagues have programmes are available to those
Competitive worked for Travis identified for more senior positions.
disadvantage Perkins for many The Group's "Learn and Earn"
years, during which Apprenticeship Programme ("LEAP") has
they have gained been in place for a number of years
valuable product and and has a track record of successful
customer knowledge delivery of apprenticeships in both
and expertise. branch-based and functional roles.
The Group faces
competition for the
best people from
other organisations.
Ensuring the
retention and
development of
colleagues and that
robust succession
plans exist for key
positions is
important for the
Group to ensure it
has the right skills
and experience to
deliver on its
strategic
objectives.
SUPPLIER RISKS
RISK DESCRIPTION
The Group faces a
number of supplier
risks in relation to
key dependencies and
relationships,
overseas sourcing
and
disintermediation,
all of which could
adversely impact
upon ranging and
price.
The Group is the
largest customer to
a number of its
suppliers. In some
cases, those
suppliers are large
enough to cause the
Group significant
difficulties and
disruption if they RISK MITIGATION
are unable to meet
their supply Making decent returns is one of the
obligations due to Group's cornerstones which requires it
either economic or to treat both customers and suppliers
operational factors. fairly. The commercial and financial
INHERENT RISK: Alternative sourcing teams have established strong
Medium may be available, relationships with the Group's key
but the volumes suppliers and work closely with them
TREND: required and the to agree contracts that are beneficial
Unchanged time it may take to both parties and facilitate
those suppliers to continuity of quality materials. This
STRATEGY: increase production interaction continues as the Wickes
could result in demerger is progressed and revised
Best-in-class significant contractual arrangements are put in
services stock-outs for a place.
considerable time,
Focus on trade adversely impacting Where possible, contracts exist with
customer service more than one supplier for key
Simplifying and, potentially, products, to reduce the risks of
the Group leading customers to dependency on a sole supplier.
switch to a
Financial competitor in the The Group has made a significant
strength short- or long-term. investment in its Far East
infrastructure to support its direct
The Group sources a sourcing operation. This allows the
number of products development of own brand products,
IMPACT: from overseas thereby reducing the reliance on
factories, which branded suppliers. The Group has also
Adverse effect increases the adopted a conservative hedging policy
on financial Group's exposure to to reduce its exposure to currency
result sourcing, quality, fluctuations.
trading, warranty
Adverse effect and currency issues. Independent checks are undertaken on
on reputation This again may the factories producing products for
adversely impact the Group, including the quality and
customer service and suitability of those products before
choice. they are shipped to the UK. The
results of these checks are kept under
Manufacturers of review with action taken as necessary
materials and to address any concerns
products sold by the
Group may also look
to sell directly to
end customers in the
future, diminishing
the role of
distributors..
The Group's intended
demerger of the
Wickes business, as
well as the
potential future
sale of its Plumbing
& Heating
businesses, will
reduce the size of
the Group, which may
impact on its
ability to
renegotiate future
supply contracts on
equivalent or
favourable terms.
HEALTH AND SAFETY
RISK MITIGATION
The Group continues to challenge its
thinking and approach to improving its
safety performance through its now
well established "Stay Safe" brand.
Governance of Stay Safe is well
RISK DESCRIPTION established and designed to promote a
continual focus on health and safety.
Keeping the Group's Stay Safe performance is reviewed at
INHERENT RISK: colleagues, all Board Meetings, by the Group
Medium customers, suppliers Leadership Team and by the dedicated
and the public safe Stay Safe Committee, which is chaired
TREND: is a cornerstone of by a Non-executive Director. Safety
Unchanged the business and at performance is a focus at the
the heart of how it leadership meetings for each of the
STRATEGY: operates. The Group Group's business units, with regular
expects everyone to consideration of continuous
Best-in-class go home to their improvement plans in this area. These
services families forums also monitor the achievement of
transport-related compliance
Financial safely everyday. requirements, including driver
strength licensing and professional competence.
The Group operates In addition, a number of the business
IMPACT: over two thousand units, including Travis Perkins, have
sites, many with retained FORS accreditation of their
Harm to our complex and busy vehicle fleets.
colleagues, yards. It also
customers and operates one of the During 2019 a programme of "Safety
the wider largest vehicle Deep Dive" reviews was introduced to
community fleets in the UK, assess how effectively key safety
distributing heavy risks are managed and to benchmark the
Potential and bulky materials. Group to leading practice. Safety
legal action, Poorly implemented management arrangements are
fines and safety practices on periodically assessed and accredited
penalties site, on the road by members of the Safety Schemes in
and at delivery Procurement Forum.
Adverse effect locations could
on financial result in Incidents are monitored, investigated
results significant harm to and corrective action taken to reduce
people which would the likelihood of similar incidents in
Adverse effect damage the Company's future. Stay Safe assurance reviews
on reputation reputation and could are regularly undertaken at all sites
impact trading by dedicated safety professionals with
performance. any resulting improvement actions
tracked to completion.
De-risking the Group's operations,
improving health and safety awareness
and implementing improved ways of
working are at the forefront of the
Group's activities. Further
information on progress made during
the year can be found in the Health
and Safety report on pages 52 to 67.
CAPITAL ALLOCATION
RISK MITIGATION
Return on capital is one of the
RISK DESCRIPTION Group's key performance indicators as
shown on page 21. The Group's decision
The Group manages a to refine its strategy and focus on
number of different trade customers in the most advantaged
businesses in the UK businesses has influenced the
which operate in allocation of capital during 2019,
different, but with more focused management attention
complementary and capital deployment in areas of
INHERENT RISK: channels. As the higher return. This capital allocation
Medium Group's markets policy is also a driver for the Wickes
continue to develop, demerger, enabling both Wickes and the
TREND: it is investing to remaining Group to pursue separate
Decreasing enhance its existing strategies and priorities for
businesses and also investment and growth.
STRATEGY: to develop new
propositions to Responsibility for identifying and
Focus on trade better serve its implementing opportunities to expand,
customers. improve or modify the Group's
Advantaged operations rests with each of the
businesses While the Group business unit leadership teams.
operates a Capital is deployed or re-deployed
Financial disciplined capital through a Group-led forum to
strength allocation process, strategically-aligned projects
there is a risk that expected to achieve the best return on
it may be capital. Projects are required to
over-investing in present a comprehensive business case
IMPACT: channels which may and, for the largest investments,
decline or that it Board approval is sought.
Adverse effect may not be
on financial allocating Major projects are reviewed by the
results sufficient capital Group Leadership Team, which
to new propositions introduced a monthly programme review
and advantaged during 2019. Progress against plan is
businesses resulting kept under close review.
in sub-optimal
returns on capital. Post implementation reviews are
undertaken of all major projects and
returns are monitored on an on-going
basis to ensure that the expected
returns are achieved, but also to
allow the Group to modify its capital
allocation when appropriate.
CHANGE MANAGEMENT
RISK DESCRIPTION
The Group undertakes
a variety of
projects throughout
its business in
order to generate
returns for its
shareholders. These
projects include the
modernisation of the
Group's core IT
systems and
infrastructure,
on-going development
of its supply chain
operations and
branch and store
networks, and the
simplification of
INHERENT RISK: the Group to speed RISK MITIGATION
High up decision-making
and reduce costs. As set out in relation to capital
TREND: allocation, all potentially
Increasing By their nature, significant projects are subject to
such strategic detailed investigation, assessment and
STRATEGY: projects are often approval prior to commencement.
complicated,
Best-in-class interlinked and may Dedicated teams, including financial
services require considerable resource, are allocated to each
resource to deliver. project, with additional expertise
Advantaged As a result, the being brought into the Group to
businesses expected benefits, supplement existing resource when
timescale for necessary.
Simplifying delivery and the
the Group costs of All strategic projects are supported
implementation of by an appropriate governance structure
Financial each project may and are closely monitored through the
strength deviate from those Group Leadership Team's programme
anticipated at their review with regular reporting to the
IMPACT: outset. Colleague Board.
engagement may be
Adverse effect impacted during a Regular communications are undertaken
on financial period of to keep colleagues informed.
results significant change
and cost-focus. When projects do not deliver against
Adverse effect expectations, exercises are undertaken
on shareholder Following the to capture the "lessons learned" which
value announcement in 2019 are fed into future projects.
to delay the
Merchant ERP
replacement
programme, the Group
is considering its
approach to
implementation of
the various elements
of an ERP system,
after modernisation
of the core IT
architecture. The
results and delays
to this programme
are illustrative of
the challenges
associated with
major transformation
projects in Group
with a number of
complex legacy
systems.
BREXIT
RISK DESCRIPTION
The result of the UK
vote to leave the
European Union
("Brexit") and the
subsequent process
to determine the
terms of the
withdrawal agreement
has caused
considerable market
uncertainty
throughout 2019 and
continues to do so.
It remains difficult
to predict the
economic outlook and
impact to the Group
in the short term or
long term. The Group
continued to
experience
significant
volatility in the
value of sterling
against the
principal currencies
used to pay for
imported goods
during 2019.
Future trading
relationships with
overseas markets
have yet to be RISK MITIGATION
determined and these
may result in higher It remains difficult to determine the
tariffs or duties on full impact of Brexit on the Group.
imports of The Board continues to monitor
construction developments and market conditions and
products as well as will react accordingly.
extended lead times
on imported supplies The Board has undertaken a process to
or result in the assess the risks associated with
need to source some Brexit. This includes assessment of
products elsewhere. existing risk mitigations and actions
These risks have the in progress and is updated on a
potential to impact regular basis.
the Group
significantly. Of The Group continues to invest in the
less risk to the business where those investments are
INHERENT RISK: Group, but expected to realise acceptable
High potentially returns, but it is prepared to flex
significant for its activity levels should market
TREND: customers, are the conditions so dictate.
Unchanged significant numbers
of non-UK nationals Throughout 2019, exercises were
STRATEGY: employed in the undertaken by the business unit
construction leadership teams to assess the level
Best-in-class industry and the of stock holding required in each
services distribution and business unit to minimise disruption
logistics markets. to customers as a consequence of
Financial If the UK becomes a Brexit. The Group has taken steps to
strength less attractive minimise disruption to its imports
place for them to from the EU and was granted Authorised
IMPACT: work this could Economic Operator status by HMRC in
result in labour early 2019.
Adverse effect shortages and
on financial consequent salary Regular communication continues with
results cost pressures and both customers and key suppliers. A
could change customer statement is in place and
dynamics in our key will be reassessed as agreements with
markets. Whilst the EU are clarified.
significant changes
to product standards Where the cost of goods increases due
and legislative to the exchange rate deteriorating or
requirements more additional tariffs and duties, the
generally are not Group will seek to pass those price
anticipated in the increases through to its customers,
short term, they but its ability to do so will depend
could impact the upon market conditions at the time.
Group if introduced
in the future. The processes in place around the
recruitment and retention are set out
The Group operates a in the related principal risk on page
small number of 43.
branches in Northern
Ireland and the
Republic of Ireland.
During 2019, the
Group acquired a
controlling share of
the Toolstation
Europe business.
Whilst not material
to the Group,
business operations
in these territories
may be impacted by
the final agreements
made with the EU
including those in
respect of borders,
tariffs and
information flow.
The continued
uncertainties that
surround Brexit mean
that a more precise
assessment of the
impact on the
Group's operations
is unlikely to be
possible until
further detail
becomes available in
respect of the
future trading
relationships of the
UK after the
transition period.
MARKET CONDITIONS
RISK DESCRIPTION
The Group's products
are sold to
businesses, trades
and retail customers
for a broad range of
end uses in the
built environment.
The Group's markets
are cyclical in
nature and the
performance of those
markets is affected
by general economic
conditions and a RISK MITIGATION
number of specific
drivers of The Board conducts an annual review of
construction, strategy, which includes an assessment
INHERENT RISK: Renovation, of likely competitor activity, market
High Maintenance and forecasts and possible future trends
Improvement and DIY in products, channels of distribution
TREND: activity, including and customer behaviour.
Unchanged mortgage
availability and The Group maintains a comprehensive
STRATEGY: affordability, tracking system for lead indicators
housing transactions that influence the market for the
Best-in-class and the timing and consumption of building materials in
services nature of government the UK.
activity to
Focus on trade stimulate activity, Significant events including those in
net disposable the supply chain that may affect the
Advantaged income, house price Group are monitored by the Group
businesses inflation, consumer Leadership Team and reported to the
confidence, interest Board monthly by the Group CEO.
IMPACT: rates and
unemployment. Should market conditions deteriorate
Adverse effect then the Board has a range of options
on financial A significant dependent upon the severity of the
results downturn in economic change. Historically these have
conditions or major included amending the Group's trading
uncertainty about stance, cost reduction, lowering
the future outlook capital investment and reducing the
could affect the dividend.
levels of
construction
activity in the
Group's markets and
the confidence
levels of the
Group's customers,
which could reduce
their propensity to
purchase products
and services from
the Group's
businesses.
PORTFOLIO MANAGEMENT
RISK DESCRIPTION
The Group undertakes
acquisition and
disposal activity to
optimise its
portfolio of
businesses and drive
shareholder return.
In December 2018,
the Group announced
a strategy to
simplify the Group
and concentrate on
its trade-focused
businesses. In the
last year, the Group
has:
◦ Set out its
intention to
explore the
potential
divestment of
the Plumbing &
Heating
businesses. The RISK MITIGATION
Group confirmed
INHERENT RISK: in January the All portfolio management activities
Medium sale of its are subject to a detailed appraisal
Primaflow F&P process and ultimate approval by the
TREND: wholesale Board.
Unchanged business to
Newbury A formal programme of work, with
STRATEGY: Investments (UK) dedicated resource is put in place for
Ltd. Further the larger-scale transactions
Focus on trade activity in including those in relation to
relation to the Plumbing & Heating and Wickes.
Advantaged remaining External expertise and advisers are
businesses businesses has involved as required to support the
been paused programme teams.
Simplifying ◦ Announced a
the Group proposed The Plumbing & Heating businesses were
demerger of the successfully separated both
Financial Wickes business functionally and in system terms
strength in 2020 during 2019 to the agreed timescales.
◦ Acquired a The Wickes demerger activity is
IMPACT: controlling progressing in line with plans.
shareholding in
Adverse effect Toolstation All activity of this kind is supported
on financial Europe by robust governance and monitoring.
results The largest programmes are closely
Programmes to monitored by a Steering Committee,
Adverse effect separate businesses with sponsorship and representation
on shareholder for sale or demerger from members of the Group Leadership
value can be complex given Team and, when appropriate based on
the many linkages to the significance of a transaction, the
Adverse effect Group systems and Board. Both the Group Leadership Team
on reputation processes. and the Board receive regular updates
on all portfolio management activities
Communication of the
impacts to
colleagues both in
the affected and
remaining businesses
require careful
consideration to
ensure that
colleagues remain
informed, engaged
and also that
confidentiality is
not breached.
The projected
benefits, costs and
timescale for
portfolio management
activities may
deviate from those
originally planned,
which could in turn
impact the
progression of the
process and the
value realised or
price paid.
IT SYSTEMS AND INFRASTRUCTURE
RISK DESCRIPTION
The Group is
dependent on a wide
range of IT systems
and supporting
infrastructure for
its day-to-day
operations and
technology plays a
significant role in RISK MITIGATION
the future growth
and success of the To mitigate the risk of disruption in
Group. The current the event of a system failure, an IT
IT landscape is disaster recovery plan is in place,
complex and includes together with broader business
some legacy systems continuity plans. Arrangements are in
that lack the place for alternative data sites.
functionality of Off-site back-up routines are in
modern software and place. Plans are regularly tested and
where expertise is the results assessed to drive further
diminishing. improvements. The incident management
process is designed to prioritise and
INHERENT RISK: System failures or respond to any incident quickly and
High outages could effectively, with escalation and
disrupt the communication protocols. Recovery
TREND: day-to-day targets are in place and are designed
Increasing operations of the to minimise the operational and
Group and, in turn, customer impact. Internal Audit
STRATEGY: impact customer reviewed the disaster recovery plans
service and the and incident management processes
Best-in-class Group's financial during the year.
services performance.
In relation to the modernisation of
Simplifying The Group is the Group's IT systems and
the Group developing a infrastructure, the IT strategy is
comprehensive currently being updated. A governance
modernisation plan structure is in place for change
that will include programmes from idea generation
IMPACT: the replacement of a through to deployment. This includes
number of legacy protocols, reviewed by internal audit
Adverse effect systems. This will during the year, to ensure that
on financial bring greater upgrades and improvements are
results stability, delivered to the business in a
capability and controlled manner and limit the
Adverse effect longevity to the potential for disruption.
on reputation Group's systems and
infrastructure. The Group Leadership Team receives
Adverse Effect regular progress reports and larger
on delivery of In its digital programmes are reported to the Board.
strategy offerings, the This structure has been refreshed
Group's ability to during the year and is designed to
Competitive meet customer demand ensure that programmes are
disadvantage will impact appropriately resourced and progress
longer-term growth to plan.
and delivery of the
strategy. Any system change is rigorously tested
in respect of functionality and that
There is significant it meets business requirements before
risk associated with it is implemented.
IT change programmes
including risks in Following the cancellation of the
relation to Merchant ERP replacement programme, a
prioritisation and full lessons learned exercise was
sequencing, resource undertaken, as is standard at the end
allocation, cost and of every programme, with insights
time overruns, captured and rolled into future change
testing and business programmes.
acceptance. These
risks, alone or in
combination, could
impact the financial
results and
reputation of the
Group, and
achievement of the
longer-term
strategy.
CYBER THREAT AND DATA SECURITY
RISK DESCRIPTION
Incidents of
sophisticated RISK MITIGATION
cyber-crime
represent a The Group takes its responsibilities
significant and and legal obligations in respect of
increasing threat to data security and protection seriously
all businesses and continues to make investments to
including the Group. protect data, including customer data,
The tactics of cyber and ensure that its confidentiality,
criminals evolve on integrity and availability is
a daily basis, maintained.
finding new ways to
compromise The Group takes a two-pronged approach
organisations, which to data security: through technology
presents a (protective tools and countermeasures)
continuous challenge and people (awareness and training).
for Information
Security teams in Best of breed technical solutions are
terms of cyber risk deployed across the Group's
protection and infrastructure including firewalls,
preparation for virus protection, email threat
potential incidents. protection, intrusion detection and
Threat sources vulnerability scanning. There is an
change continually ongoing review process to ensure that
such that, while the these solutions provide optimal
Group may be benefit and protection to the Group,
targeted by through appropriate tuning and
cyber-criminals, it configuration. An outsourced Security
may also be impacted Operations Centre has recently
by attacks aimed at launched to provide round the clock
impacting the UK's monitoring of the Group's
INHERENT RISK: infrastructure more infrastructure using market-leading
High generally. tools. This will deliver mature levels
of threat intelligence to support
TREND: Information Security proactive defence against cyber
Increasing incidents can be threats.
caused externally or
STRATEGY: internally, New IT projects are scrutinised and
accidentally or supported by the Information Security
Best-in-class deliberately. The team, ensuring security by design. All
services Group's business changes to technology solutions
activities are require information security review
Financial heavily dependent on and approval.
strength IT systems that are
available when An information security improvement
IMPACT: needed, based on project was initiated in 2019 with the
accurate and objective of continuously advancing
Adverse effect complete data. An the Group's information security
on financial external profile and maturity against the
results cyber-attack or recognised National Institute of
insider threat (or Standards and Technology - Cyber
Adverse effect an equivalent Security Framework. This has led to
on reputation incident at a third the introduction of a new governance
party with whom framework, including a steering group
Potential Group data is shared and "Security Champion" forum, and the
legal action, legitimately) could development of a new policy framework.
fines and result in disruption
penalties to customer-facing, The Group continues to maintain
supplier-facing and compliance with the Payment Card
financial systems Industry - Data Security Standard.
through theft and
misuse of The Group has a comprehensive set of
confidential data, data protection and information
damage to or security policies in place and all
manipulation of colleagues are required to undertake
operationally regular training regarding the
critical data or protection of information. This
interruption to IT emphasises the importance of keeping
services, any of personal information safe and secure
which may have in whatever format it is held by the
serious Group. A Data Governance Committee is
consequential in place to support the Group's data
impacts on the governance and information security
Group's reputation, framework. Its remit includes
ability to trade and reviewing and approving key
compliance with data information security policies,
protection supporting development of a positive
regulations. culture of compliance (including by
promoting awareness of key information
Whilst cyber security policies) and, where
incidents have not appropriate, reviewing the response to
significantly data security breaches.
impacted the Group
to date, these In the event of an incident, the
threats continue to response protocols and recovery plans
evolve and can, in in place are designed to mitigate the
turn, impact the impact and support a rapid and
effectiveness of efficient recovery of systems and
mitigating actions. service.
The Group continues
to be vigilant and
assess its exposure.
LEGAL COMPLIANCE
RISK MITIGATION
The Group's in-house legal team is
responsible for monitoring changes to
laws and regulations that affect the
business and is supported by external
advisers.
The Group has a comprehensive
INHERENT RISK: framework of policies in place that
Medium set out the ways colleagues and
suppliers are expected to conduct
TREND: themselves. Those expectations are
Increasing widely disseminated using a range of
methods to ensure colleagues and
STRATEGY: RISK DESCRIPTION suppliers understand their
responsibilities to comply with the
Best-in-class The Group is subject law and other regulations affecting
services to a broad range of the Group at all times.
existing and
Focus on trade evolving governance
requirements,
Advantaged environmental, In recognition of the ongoing changes
Businesses health and safety and requirements across the Group's
and other laws, regulatory compliance landscape, a
Simplifying regulations, Regulatory Risk Business Partner has
the Group standards and best recently been appointed who will
practices which support the business
Financial affect the way the
strength Group operates and in meeting new requirements and
give rise to continue to develop and improve the
IMPACT: significant existing framework.
compliance costs,
Adverse effect potential legal
of reputation liability exposure
for non-compliance The Group provides online training to
Adverse effect and potential colleagues in key areas of legal and
on financial regulatory compliance, including a
and limitations on the suite of mandatory training for those
operational development of the that join the Group.
performance Group's operations.
Potential
legal action, The Group Leadership Team and the
fines and Board regularly monitor compliance
penalties with laws and regulations.
The Group operates a whistleblowing
process that allows the anonymous
reporting, through an independent
hotline, of any suspected wrongdoing
or unethical behaviour, including
reporting instances of
non-compliance laws and regulations.
All reported cases are investigated.
══════════════════════════════════════════════════════════════════════════
ISIN: GB0007739609
Category Code: MSCH
TIDM: TPK
LEI Code: 2138001I27OUBAF22K83
OAM Categories: 1.1. Annual financial and audit reports
Sequence No.: 50088
EQS News ID: 988481
End of Announcement EQS News Service
══════════════════════════════════════════════════════════════════════════
6 fncls.ssp?fn=show_t_gif&application_id=988481&application_name=news&site_id=refinitiv
References
Visible links
1. https://eqs-cockpit.com/cgi-bin/fncls.ssp?fn=redirect&url=25c18c91a378bee31ce3e655d4fdd7cf&application_id=988481&site_id=refinitiv&application_name=news
2. https://eqs-cockpit.com/cgi-bin/fncls.ssp?fn=redirect&url=d16e1e2c58f305fa956b4e96999f613e&application_id=988481&site_id=refinitiv&application_name=news
3. https://eqs-cockpit.com/cgi-bin/fncls.ssp?fn=redirect&url=25c18c91a378bee31ce3e655d4fdd7cf&application_id=988481&site_id=refinitiv&application_name=news
4. mailto:Graeme.barnes@travisperkins.co.uk
5. mailto:Ribin.miller@travisperkins.co.uk
============Recent news on Travis Perkins
See all newsREG - Travis Perkins PLC - Director/PDMR Shareholding
AnnouncementREG - Travis Perkins PLC - Director/PDMR Shareholding
AnnouncementREG - Travis Perkins PLC - Annual Financial Report
AnnouncementREG - Travis Perkins PLC - Travis Perkins plc - 2025 Results Announcement
AnnouncementREG - Travis Perkins PLC - Director Declaration
Announcement