Risk Management

Managing risk

For British Land, effective risk management is fundamental to how we do business. It directly informs our strategy and how we position the business to create value whilst delivering positive outcomes for all our stakeholders on a long term sustainable basis.

We maintain a comprehensive risk management process which serves to identify, assess and respond to the range of financial and non-financial risks facing our business, including those risks that could threaten solvency and liquidity, as well as to identify emerging risks. Our approach is not intended to eliminate risk entirely, but instead to manage our risk exposures across the business, whilst at the same time making the most of our opportunities. Our integrated risk management approach combines a top-down strategic view with a complementary bottom-up operational process as outlined in the diagram and detailed below.

In summary, our approach to risk management is centred on being risk-aware, clearly defining our risk appetite, responding to changes to our risk profile quickly and having a strong risk management culture among employees with clear roles and accountability. Our organisational structure ensures close involvement of senior management in all significant decisions as well as in-house management of our development, asset and property management activities.

Our key activities in the year

  • Continued to manage our response to Covid-19 with business resilience and risk management at the core of our approach
  • Proactively managed our rent collection and occupier risk
  • Realigned the principal risk categories to our strategy and evolving markets
  • Introduced formal internal testing of key controls operating effectiveness, as part of a wider roadmap of readiness activities for the UK Government’s proposed corporate governance reforms
  • Enhanced our IT infrastructure and cyber security environment and key controls
  • Completed scenario analysis of both physical and transitional climate-related risks aligned to TCFD requirements. Also, we have undertaken detailed net zero carbon audits across 29 of our major office and retail assets and have undertaken EPC modelling across our managed assets

Our priorities for 2023/23

  • Continue to regularly support the business through managing the risks arising from both the macroeconomic environment and the war in Ukraine
  • Effective risk management of our key operational risks including development, health & safety, our partnerships with third parties and our occupier risks
  • Work with the business to mitigate the risks in delivering our 2030 Sustainability Strategy
  • Continue to deliver on our roadmap of readiness activities for the UK Government’s proposed corporate reforms, including continuing to enhance our internal control framework
  • Continue to enhance our IT infrastructure and IT general control environment

The Board has overall responsibility for risk and for maintaining a robust risk management and internal control system. The Board is responsible for determining the level and type of risk that the Group is willing to take in achieving its strategic objectives. The amount of risk is assessed in the context of our strategic priorities and the external environment in which we operate – this is our risk appetite. The Audit Committee and ESG Committee support the Board by providing a key oversight and assurance role. The Audit Committee is responsible for reviewing the effectiveness of the risk management and internal control processes during the year.

The Executive Directors and Risk Committee (comprising the Executive Committee and senior management across the business, chaired by the Chief Financial Officer) have overall accountability for the management of risks across the business. Principal risks are evaluated and monitored by the Risk and Audit Committees, with appropriate mitigation measures implemented as required.

The effective day-to-day management of risk is embedded within our operational business units and forms an integral part of all activities. This bottom-up approach allows potential risks to be identified at an early stage and escalated as appropriate, with mitigations put in place to manage such risks. Each business unit has a designated risk representative and maintains a comprehensive risk register. Changes to the risk register are reviewed quarterly by the Risk Committee, and we formally report on the significant and emerging risks to the Audit Committee every six months.

Internal audit acts as an independent and objective assurance function by evaluating the effectiveness of our risk management and internal control processes, through independent review. Through this approach, the Group operates a ‘three lines of defence’ model of risk management, with operational management forming the first line, the Risk Committee and internal risk management team forming the second line, and finally Internal Audit as the third line of defence.

Our principal risks and assessment

Our principal risks and assessment

Our risk management framework is structured around the principal risks facing British Land. We use a risk scoring matrix to ensure risks are evaluated consistently; we assess the likelihood, the financial impact (to both income and capital values) and the reputational impact. From this we identify both the external and internal strategic and operational principal risks which currently have a higher likelihood and potential impact on our business. Whilst the Board recognises that it has fairly limited control over the external principal risks, it reviews their potential impact on our business, and these are taken into account in our decision making. For our internal principal risks the Board makes sure that appropriate controls and processes are in place to manage these risks.

The Board confirms that a robust assessment of the principal and emerging risks facing the Group, including those that would threaten its business model, future performance, solvency or liquidity, as well as the Group’s strategic priorities, was carried out during the year taking into account the Covid-19 risk and the evolving economic and geopolitical environment.

In the year, following a thorough review exercise involving the Risk and Audit Committees, we have refreshed our principal risks to take into account how our strategy and markets are evolving, together with combining several interrelated risks.

The key changes and assessments are summarised here, and in the principal risks table above, including the key impacts on our business, our mitigating actions and our key risk indicators.

New risk
Changing risks

Risk assessment

Our current assessment is that the general external environment in which the Group operates remains uncertain, albeit several principal risks to our business have reduced from their elevated position last year reflecting the lessened impact of Covid-19 and the reopening of the UK economy.

These include:

  • Political, legal and regulatory risks
  • Property market risk for our Campuses
  • Major events/business disruption risks
  • Customer risks

At the same time, our environmental sustainability and people and culture risks have increased slightly:

  • Environmental sustainability risk continues to increase in prominence and importance to our business, our customers and other key stakeholders
  • People and culture risk has increased in the year, reflecting the challenging operating environment caused by Covid-19 together with general rising wage expectations and a recent increase in employee mobility. See risk heat map above.
Principal risks