
London Stock Exchange Group plc
Annual Report 2022
Principal risks
and uncertainties
Managing risk is fundamental
to the successful execution
of our strategy and to the
resilience of our operations.
Risk management – introduction
The effective management of risk
is critical to the execution of the
Group’s strategy. Accordingly,
the Group maintains a robust
Enterprise-wide Risk Management
Framework (ERMF), which sets
out the Group’s approach to risk
management and its appetite
for taking risks. Our regulated
entities, including clearing houses,
manage their risks in line with
both local regulation and internal
risk and investment policies.
For each principal risk, the Group
has Executive leads with the Chief
Risk Officer and Risk function
providing a second line of
oversight. The risk trend, shown
for each principal risk, is based
on the Group’s 2022 risk profile.
As well as our principal risks, we
continue to identify and monitor
emerging risks which are either
new to the Group or are difficult
to quantify due to their remote or
evolving nature. In most cases,
the mitigation for such emerging
risks is to establish appropriate
contingency plans and monitor
the development of the risk until
it can be quantified and removed
or included as a principal risk.
Risk culture
A strong risk culture requires
everyone to understand and
embrace their role in managing
risks and this is critical to the
effective embedding of the ERMF.
Risk culture is a key enabler of the
Three Lines of Defence (3LOD)
model, used to manage risk within
LSEG, and is promoted by the
ERMF in three ways:
— It sets expectations by
articulating risk appetite
and desired behaviours
through policies.
— It ensures risk is considered
in key business decisions
through frameworks and tools.
— It ensures risk is made
transparent and included in
accountability and performance
management.
Three Lines of Defence
The 3LOD model provides
appropriate segregation of
duties and clear roles and
responsibilities across LSEG
business divisions, corporate
functions, risk, compliance and
internal audit. It clearly defines
roles and responsibilities,
with accountability for risk
management sitting within the
First Line of Defence, which is
the relevant business unit.
Risk management approach
The ERMF manages risk
throughout the full risk lifecycle.
It is in place to support the ongoing
and systemic identification,
evaluation, management,
monitoring and reporting of the
significant risks faced and the
mitigating controls in place against
them. This process is supported by
robust risk governance, designed
to give a coherent view of risk
across the full Group.
In order to maintain a risk
management system that applies
effectively and consistently across
all areas of the business, we have
in place a risk taxonomy. This is
an inventory of all types of risk
that are identified as inherent
in business strategies and
objectives, including strategic,
non-financial and financial risks.
These risks are reflected in the
Group risk appetite statements
and are managed through
principles set out in the Group’s
policies. Risk assessments
determine whether risks are within
the appetite set by the Board
and are reported to senior
management and the Board.
Risk governance
Risk governance and oversight is
enabled through an effective
governance structure comprising
Board-level committees (Board,
Audit and Risk) and executive-
level committees to promote
active discussion and resolution
of risk issues.
The risk framework defines the
risk roles, responsibilities and
governance structure. The risk
governance structure ensures the
appropriate expertise and overall
input in order to adequately
oversee and challenge the risk
positions across the Group.
74
Read more about the activities of the
Board in the Corporate Governance
Report beginning on page 148.
LSEG’s new partnership
with Microsoft
In December, LSEG and Microsoft
announced a new long-term
strategic partnership to architect
LSEG’s data infrastructure using
the Microsoft Cloud, and to jointly
develop new products and
services for data and analytics.
The partnership will inevitably
change LSEG’s current risk profile,
specifically transformation risk,
as we begin to co-develop new
products and services with
Microsoft, and non-financial risks
associated with large-scale cloud
migrations as we deliver more of
our services from Microsoft Cloud.
Our existing ERMF and risk
governance practices described
above will be used to assess,
manage and report on these risks
and the change to our risk profile.
Equally, the partnership with
Microsoft provides strategic
risk mitigation in response to
observable shifts within the
Financial Market Infrastructure
(FMI) and Technology sectors,
thereby ensuring LSEG remains
relevant, competitive and
responsive to how our customers
are adopting cloud computing.
We also expect to see risk
reduction opportunities as we
migrate our systems from legacy
technology and on-premises data
centres to more modern, resilient
technology in the Microsoft Cloud.