All of our people undergo mandatory quality training, and our client and engagement acceptance and planning processes are robust. Contracts entered into include a limit to our liability, and approval for ‘high-risk’ engagements must be provided by Risk Management, with assignment of a second partner and real-time risk management reviews. Engagement leaders review each engagement, including client sign-off and overall client feedback. Quality and service delivery form part of our annual partner and associate director appraisal process, and our Risk Management team conducts annual compliance, quality and business reviews.

Our values, culture, purpose, ethics and code of conduct programmes are communicated regularly to our people. Elected champions and helpdesk facilities are available. Third parties and contractors are required to subscribe to our Code of Conduct, unless their own has been reviewed and accepted by us. Incident trends are monitored, and appropriate social media use policies are in place. Ethics, anti-bribery and information security training is mandatory, and breaches of these policies are investigated. Any misappropriation of client data/information, malicious ‘loss’ or disclosure of sensitive client or internal data by members of staff resulting in reputational damage or adverse media attention is considered a serious offence.

The necessary information security and access measures are in place to ensure the safeguarding of our information against cyberthreats, including ongoing staff awareness programmes. All staff are required to complete an annual self-declaration of compliance with policies and procedures, and prior to client engagements, staff sign independence and code of conduct confirmations. Disciplinary action is taken in instances of non-compliance.

Regulatory developments and their impact on the firm’s strategic priorities are considered on an ongoing basis. There is ongoing risk and quality oversight of regulatory registration and reporting, as well as rotation analysis to comply with rotation requirements. Portfolio diversification, priority account focus, regulatory relationship management and channel choice decisions are all dealt with at senior levels.

Active management of the firm’s external communications, including media relations and social media platforms, is a full-time function. We regularly communicate our gift policy and maintain a gift register. Leadership communicates relevant firm, COVID-19 and market developments and there are robust client, engagement and joint business relationship acceptance processes in place. Ethics training is mandatory.

Reward specialists ensure that our remuneration remains competitive. A transformation strategy aimed at retention is in place. Change strategies are in place around our new finance and people management systems, and an Africa People Partner takes responsibility for the human capital change process. Employee wellness programmes are in place, along with proactive mobility planning to enhance skills development. Talent mapping, succession planning, and critical role identification are focus areas. The Africa Chief Digital Officer takes responsibility for larger-scale change management around business operating solutions, the South Africa Transformation Partner is responsible for the firm’s Broad-Based Black Economic Empowerment (B-BBEE) strategy, and the Learning and Development Partner takes responsibility for training compliance. The annual Global People Survey results guide our policies.

Annual independence declarations are mandatory for all of our partners and staff, to ensure that we are objective in all of our dealings with clients. ‘Know your client’/adverse data searches are conducted regularly. There is centralised relationship checking and review of partner rotation data, and the Risk and Quality team is involved in the business operations solutions project. The Independence team monitors and communicates policy changes. The independence team conducts periodic personal independence compliance testing (PICT) on all partners, directors and managers to ensure compliance with independence policies, and financial sanctions are applied where non-compliance is identified.

Our Risk and Quality function provides mandatory annual training and monitors compliance with policies and standards during internal reviews. Our client acceptance and continuance process requires our teams to ensure the risks related to non-compliance with laws and regulations (including anti-money laundering and anti-corruption legislation) are understood and appropriately considered prior to accepting the engagement. Quality improvement plans are in place for each of our lines of service and we undertake regular updates of policies and standards (e.g. sanctions, insider trading, anti-bribery and corruption etc.). We advocate a culture of doing the right thing, always underscored by our values and code of conduct. In the event of breaches, we have a robust approach to litigation.

The Africa Human Capital Partner is responsible for monitoring the implementation of key ACI talent retention plans and pipeline management by the line of service leaders. The South Africa firm’s Transformation Partner drives the implementation of the firm’s transformation strategy, including working with leaders responsible for the various elements of the scorecard (Human Capital, recruitment, procurement, enterprise and supplier development, and corporate sustainability). Scorecards are monitored throughout the year, as are regulatory developments in the B-BBEE space and competitor transformation activity, including B-BBEE scorecard ratings and ownership levels.

The firm considers political destabilisation/geopolitical disruption risks against its strategies and objectives, to ensure that changes or adjustments are factored in to reduce both the likelihood and impact of the risk. The Africa Risk Council monitors indicators and warnings of risk via the Africa Business Resilience Team and leverages network resources as required. Withstanding short-term setbacks and anticipating long-term trends are intrinsically linked to the operating environment and business strategies across the region. Certain industry sectors will be more impacted than others by political and climatic cycles, which informs geographical and industry profiling and focus. Monitoring PwC business intelligence provides insight into the posture industry leaders will take in the event of enhanced risk across the region.

Plans include identifying territories most likely to be impacted, and reassessing strategic focus; identifying and managing clients likely to be most impacted and strategically reassessing our relationship with them; proactive participation in key industry/sector forums; proactive management/monitoring of debtors; priority account identification and management; building strong client relationships, and internal understanding of market developments, opportunities, and internal resource capacity.

Business continuity is embedded through a virtual network of individuals and teams across PwC Africa. We work with key stakeholders within PwC Africa to build towards ISO 22301 (International Standard for Business Continuity) re-certification from BSI. In line with global requirements, we continue to implement ARCHER for BCM as a single repository of documentation, along with the development of information security leadership and administration. A virtual team of business continuity practitioners operates within each member firm, coordinated centrally. Incident management teams, supported by in-country business continuity staff, coordinate responses to a disruption and provide an organised and timely process and execution of activities, including escalations to incident management teams to manage the event impacting the member firm(s). We leverage our global network’s experience and expertise to reinforce capacity within PwC Africa.