Arslan Ahmed

2017 Enterprise Risk Management Strategic Audit of Tesco PLC Contents Executive Summary ................................................................................................................... 2 Introduction ................................................................................................................................ 3 Overview of Tesco ..................................................................................................................... 3 Risk Audit .................................................................................................................................. 3 Situation Analysis and Risk Profiling ........................................................................................ 4 Basis and assumptions for forecast: ........................................................................................... 5 Critical Evaluation of Internal and External Risks .................................................................... 6 Risk Mitigation Strategies.......................................................................................................... 8 Shell Model ................................................................................................................................ 9 Conclusion ................................................................................................................................. 9 Recommendations .................................................................................................................... 10 Works Cited ............................................................................................................................. 11 Appendix .................................................................................................................................. 13 Executive Summary The assignment sees how Tesco uses the ERM framework to build a Group Risk Register used for Risk Audit and also looks at the key risks and uncertainties that Tesco considers important. Next, a situation analysis is done showing the key financial ratios and their implications for the company. The company is in a sound financial position and it is forecasted that it will maintain this position in the future too, given the merger happens at 2017 year end and goes well. Later an assessment of internal and external risks is done, through a single example of an internal and an external risk; internal risk that of technological failure such as an IT system collapse and external risk that of the competitive reactions in general and the ones in specific relating to the proposed merger with Booker. Finally a look is made on the enterprise risk mitigating factors and conclusion and recommendations close the document. Introduction This assignment looks at Tesco PLC Group‟s Enterprise Risk management system. ERM system is defined by COSO (the Committee of Sponsoring Organizations of the Treadway Commission) as: Enterprise risk management is a process, effected by an entity‟s board of directors, management and other personnel, applied in strategy setting across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives. (POOLE COLLEGE OF MANAGEMENT AND ENTERPRISE RISK MANAGEMENT INITIATIVE) COSO is a world recognized organization that provided in 2004 a widely accepted Enterprise Risk Management Framework. This assignment will see how the ERM framework at Tesco helps it to conduct a risk audit to identify and rate the level of risks and uncertainties and also to manage those risks and uncertainties. There will be a discussion of one internal risk the company faces and one external risk the company faces at present. Overview of Tesco Tesco is UK‟s largest food and grocery retailer with international presence in more than ten countries having 6902 shops in the world and with more than 476,000 colleagues at 2016 financial year end. Collectively, the Tesco retail business, Tesco Bank and Tesco dunnhumby, the customer insight and analytics business make up the Tesco PLC Group. Tesco‟s core purpose is: 'Serving Britain's shoppers a little better every day. Tesco‟s competitors are ASDA, Sainsbury‟s and Morrisons and recently Lidl and Aldi have also become strong competitors, bringing down Tesco‟s market share to 28.4 percent in 2016 from 28.7 a year ago. (DENTON, Jane, 2016) Risk Audit “A Risk Audit is a process by which an attempt is made to identify, verify, record, measure, analyze and report the range of risks that may be present in a given situation.” (Planning a Risk Audit) At Tesco, the risk management process makes use of the Group Risk Register that records the „principal‟ or in other words the primary risks facing the company. Each business unit of Tesco also develops risk registers. The identification of risks is done through workshops and interviews with the leaders of the business units and the external company business areas. Group Audit and Advisory (GAA) is an independent board that regulates the workings of the Audit committee, the Tesco PLC Board, the Tesco Group CEO and the Executive Committee and the Group Compliance Committee as they go about the risk identification, measurement and management process. The Board is responsible for the risk mitigation and risk appetite determination. The Audit Committee helps the board and sees that the risk framework is reliable. The Tesco Group CEO is held accountable for the overall control and management of risk, while the Executive committee‟s members that report to the CEO are held responsible for specific risks. Lastly, the Executive committee gives the responsibility to the Group Compliance Committee to see that the risks regarding compliance and regulation are minimized. (TESCO PLC) The generic internal and external risks facing the Group and their respective mitigating strategies are shown in Table 3 in appendix. Situation Analysis and Risk Profiling Situation Analysis is explained as: “A systematic collection and evaluation of past and present economical, political, social, and technological data, aimed at (1) identification of internal and external forces that may influence the organization's performance and choice of strategies, and (2) assessment of the organization's current and future strengths, weaknesses, opportunities, and threats. [SWOT]” (BUSINESS DICTIONARY) Both PEST and SWOT analysis are useful tools for situation analysis. Tesco‟s PEST or PESTLE analysis will reveal it has to look at a lot of political, economic, social, technological and legal factors in order to function. Meanwhile its SWOT analysis will reveal its strengths that of its customer centered retail practices and well trained colleagues, weaknesses those evident in the lost brand image in 2015 commercial scandal and the loss incurred in the year 2015. (RESEARCH METHODOLOGY) The opportunities for Tesco PLC can be the unexplored markets of the world while threats are all the risks if not handled properly that can hamper the company. Refer to table 1 in appendix for a situation analysis using SWOT. Risk profiling is the use of financial tools to assess the current propensity of risk taking the company possesses. Look at Table 2 in Appendix to have a look at the key financial ratios as well the projections for the future years. Basis and assumptions for forecast:  The revenue figure for 2017 is increased by two percent assuming the positive trend of past year will continue. The increase for 2018 revenue is kept at ten percent owing to the possibility of the merger with Booker (TESCO PLC) which will give added sales in new categories of products.  The net profit figure is boosted by 26% for 2017 as there is expectation that 2017 year end will give a net profit figure of GBP 175 million (CITY A.M.). For 2018, the net profit figure is increased by 10 percent assuming that the increase in sales will see a simultaneous same percent rise in net profit. However, there is the possibility to incur 175 million in costs in the three years ahead of the year of merger. Hence the net profit figure is reduced by deducting a third of 175 million in both the years 2018 and 2019, resulting in 30% decrease in profit and 50% decrease in profit respectively.  The forecast for total borrowing assumes that the merger will be partially funded by debt and hence the debt figure will rise by 31% in the year 2017.  For gross profit margin, the assumption is that the profit will rise by the same factor by which it rose previous to the 2015 misfortune.  The operating profit for 2017 is assumed to rise by the same factor as it rose in 2014. However, due to the increase in costs following the merger it will go down to 1.45% and 1% for the following two years.  Asset turnover will improve as the increase in assets by 1171 million (GURUFOCUS) following the acquisition of Booker will result in more assets and more sales too.  The ROCE will keep itself in a favorable position as more net profits are expected to keep on coming.  The net profit margins will drop in the years 2018 and 2019 due to costs of the merger however net losses will not happen as the revenue will go up while the costs of goods sold will go down following the merger.  The liquidity ratios are assumed as constant as there will be no significant change in the liquidity pattern as the company also expects the overall liquidity risks to become lesser in the year 2016. (TESCO PLC, 2016) However, the debt to equity ratio will increase as the company will have to take more loans to finance the merger. Overall, the company is in a sound position in terms of its ratios and can take the downside and upside of risks in future. The only alarming ratio is the rising Debt to Equity ratio as the company shows itself to be highly leveraged. Critical Evaluation of Internal and External Risks One internal risk which Tesco faces that has an increasing factor is the risk of technological failure. (TESCO PLC, 2016) This risk links to all of its priorities of regaining competitiveness, protecting the balance sheet and rebuilding trust and transparency. This risk could result in a loss of financial and operational information leading to an inability to function on a day to day basis. It could also mean fines or penalties levied for having such a systems failure. The inventory and the accounting system are based on an IT infrastructure. The suppliers and the customers are both linked through the inventory system and the online store. If any bug or virus could deactivate this system it will result in major monetary losses. The impact of this risk is going to be very high however the probability of that happening is less as in the past such an incident has not happened. Also, insurance can cover the any losses that occur due to a systems failure or any other technological problem. One external risk which Tesco faces is the risk of competition which has already derailed it in the past. Impact External Risk: Competitive forces High Likelihood Internal risk: Technological failure Low High Low Tesco saw failures in both the Japanese and the US markets as it had miscalculated and underestimated the impact of the risk from competition as well as the risks of going into new markets. (WOLFESTONE, 2012) Similarly, in the year 2015 Tesco saw its biggest losses ever seen due to the price wars started from the high level of competition created by the discounters. This history could now repeat as Tesco claims to partner with Booker with some commentators wary that the Booker deal could slip from Tesco‟s fingers if competitive bids were to start happening. (ANDERSON, Richard, 2015) Also, the threat of the new competition could also start responsive strategies to partner and merge in order to give Tesco a hard time. The impact of the risks from increasing competition and their strategies can result in significant monetary losses with colleagues being enticed to join the competitive businesses through a better set of benefits. In Tesco‟s case, the newer retail landscape sees a rise of discount retailing with convenience shopping through online purchase and home delivery systems as the support. Both the internal and external situations described above have upsides and downsides of the risk. An upside could happen in the case of technology, let‟s say, by the systems failure of a competitor. Or it could even be that a company could earn a large amount of insurance money in case a technological failure happens. But most likely the downside present with the technological failure is much higher and the impact can be quite bad. As can be seen in case of Starbucks when in April 2015 a register malfunction made the coffee business unable to process transactions as a result of which it had to close 60 percent of its US and Canadian stores and some of the stores even had to give the coffee away for free. (JEE, Charlotte, 2016) If we were to look at the risks from competition the upside to them is that any risk from competition is an opportunity to learn the competitive strategies best suited to counter. Also, the upside is to create a different strategy to cater to the market as can be seen in case of Target‟s response to Walmart. Target has succeeded in creating a business valued for its differentiated product variety and for its different unique selling points; the result has been to Target‟s favor as it is one of those discounters who have not been overrun by Walmart and has even succeeded to earn more than what Walmart earned in certain years or quarters. (SLYWOTZKY, Adrian, 2007) At present the biggest risk that Tesco faces is the competitive reaction the proposed merger can bring as well as the risk of merger itself going wrong. Risk Mitigation Strategies For technological failure risks, the company has the following mitigating measures (TESCO PLC, 2016):  The use of a technology strategy which contains information about the best use of technology using rules and methods favorable to the organization.  The presence of a technology leadership team that provides the organization guidance regarding any new projects and systems changes or updates.  The creation of a plan to increase the organization‟s investment in IT in customer support and back office systems.  The continuous scrutiny of the technology within the organization to spot the areas that need further work and improvement. For the risk of competition, the company has the following mitigating measures and controls (TESCO PLC, 2016):  The executive overlooks and develops the business pans which provide the direction and guidance needed to run the organization and take it further.  The Board has days when it can debate on and reform the current strategic plans which include information on the method the company should adopt in response to the competition.  The use of market scanning and ongoing competitor analysis provides insight, an ability to anticipate market movements and develop an effective proposition.  The organization makes the effort to keep itself updated and in conjunction with the workings of local trade associations, governments and other policy makers which influence markets.  The workings of individual European business are consolidated under the supervision of a Central European team which helps create a unified strategic policy for responding to competition. Shell Model Shell Model is one of the risk assessment models initially used in the Aircraft industry to assess the involvement of the humans in increasing or diminishing the risk of air crashes and accidents. The model has four components: Software, Hardware, Environment and Live Ware. These four interact with each other to minimize the risk involved in an organization. The underlying component is the Live Ware, meaning the people who are responsible for the operations, supervision and maintenance as well as the people who are outside the organization who are affected by the decisions of the organization. Live ware has to have a successful symbiotic relationship with hardware (all the tangible components in an organization like its assets), software (the intangible components), and environment (the internal and the external environment affecting the organization) and live ware (all the humans inside and outside the organization) in order to successfully assess and control risks. (FEDERAL AVIATION ADMINISTRATION) Conclusion To conclude it can be said that Tesco has a favorable position with regards to its risk profile and its forecasted standing in the future. However, it needs to be very sure that the merger will be a positive experience and not lead to failure through an increase in maintenance and supervisory costs. Also, it should keep an eye on the competition and devise strategies for mitigating the effects of the competitive forces. Meanwhile, it needs to increase investments in ensuring technological safety. Recommendations The company should be pre-emptive and not follow the competition. It should also try differentiated strategies for competition that others find hard to duplicate. It should also try and increase investment by insuring the negative impacts of its technological risks and constantly revising its software for eliminating glitches that can cause systems failure. It can have a collaborative technology safety policy along with its suppliers as they have a huge stake in maintaining the technology systems that link their inventories. It should also make sure that the merger works out well by building up a „what if‟ plan that can outline the strategies to take in case the merger leads to failure. For eliminating the responsive competitive bidding that could happen in case of the merger with Booker, the merger should be finalized quickly. (2640 words) Works Cited ANDERSON, Richard. 2015. Tesco turns stale as competitors freshen up ideas. [online]. [Accessed 1 Apr 2017]. Available from World Wide Web: BUSINESS DICTIONARY. Situation Analysis. [online]. Available from World Wide Web: CITY A.M. Why Tesco would be better off leaving Booker on the shelf. [online]. [Accessed 2 Apr 17]. Available from World Wide Web: DENTON, Jane. 2016. Major supermarkets see sales rise by a sliver but Tesco, Asda and Morrisons still lose market share while Aldi and Lidl draw in even more shoppers. [online]. Available from World Wide Web: FEDERAL AVIATION ADMINISTRATION. Programs and Initiatives. [online]. [Accessed 18 Apr 2017]. Available from World Wide Web: GURUFOCUS. Booker Group PLC. [online]. [Accessed 1 Apr 2017]. JEE, Charlotte. 2016. Top software failures: Amazon, RBS, Starbucks-the worst software glitches in recent history. [online]. [Accessed 17 Apr 2017]. Available from World Wide Web: Planning a Risk Audit. [online]. Available from World Wide Web: POOLE COLLEGE OF MANAGEMENT AND ENTERPRISE RISK INITIATIVE. COSO's Enterprise Risk Management-Integrated Framework. [online]. [Accessed 1 Apr 2017]. Available framework> from World Wide Web: RESEARCH METHODOLOGY. Tesco Situation Analysis. [online]. RESEARCH METHODOLOGY. Tesco Swot Analysis. [online]. Available from World Wide Web: SLYWOTZKY, Adrian. 2007. The Upside. Harvard Business Review. SLYWOTZKY, Adrian. The Upside. Harvard Business Review. TESCO PLC. 2016. Annual Report and Financial Statements 2016. TESCO PLC. Investors. [online]. Available from World Wide Web: /www.tescoplc.com/investors/tesco-booker-proposed-merger/> TESCO PLC. Tesco Annual statments and report 2016. [online]. [Accessed 1 Apr 2017]. WOLFESTONE. 2012. Tesco: International Marketing Gone Wrong. [online]. [Accessed 1 Apr 2017]. Available from World Wide Web: Appendix Table 1 Strengths Weaknesses 1. Leadership position in the UK 1. Weak financial performance 2. Effective online operations 2. Serious damage to the brand image due 3. Club card as an effective consumer to commercial income scandal in 2015 information tool 3. Reliance on the UK market 4. 4. Diminished employee morale Strong property portfolio Opportunities 1. Pursuing international market expansion 1. strategy 2. Threats Inability of the new leadership to turn over the business Increasing presence in financial services 2. Inability to sustain cost leadership industry competitive advantage 3. 3. 4. Increasing non-food retail range Enhancing the effectiveness of the 4. marketing strategy Currency fluctuations Emergence of new ethics-related problems Tesco SWOT analysis Source: Research Methodology, http://research-methodology.net/tesco-swot-analysis/ Table 2 Performance Indicators Historical Trends 2013(f %a 2014( %a 2015( %a 2016( %a 2017( %a 2018( %a 2019( igures ge figure ge figure ge figure ge figure ge figure ge figure in cha s cha s cha s cha s cha s cha s millio ng millio ng millio ng millio ng millio ng millio ng millio ns) e ns) e ns) e ns) e ns) e ns) e ns) £ - £ 64,55 13 56,92 7 % 5 £ Revenue 63,406 Net Profit Forecast 2% in £ 91 £ 10 24 % 270 5% Total £ Borrowing 10,834 £ 3% 11,21 3 11 % in 5% -£ 45 5,766. 70 00 % £ 12,65 in £ 54,43 6% 9 £ 2% 3 55,52 2 £ 26 £ 129 % 175 £ 13,53 7 in 31 % 10 % 21 % £ 19,49 in £ 61,07 4 £ 144 10 % 44 % £ 6% 0 20,65 in £ 67,18 1 £ 100 £ 6% 9 21,89 9 Profitability Ratios Gross profit Margin Operating Profit Margin Asset Turnover Return on Capital Employed Net Profit Margins Liquidity Ratios 6.55% 3.76% 4% 8% 6.31% 4.08% 1.26 8% 1.37 14.50 - 13.60 % 7% % 0.04% 91 % 0.42% 26 - 17 3% 3.87% 4% 14 0% 6% 10.17 % 1.29 24 4.00% 0% 10 4% 68 7% 4% 31 % - 43 10.13 74 % % 5.24% 17 % 6.31% 0% 6.31% 1.73% 9% 1.90% 31 3% 1.28 5.80% 3% 6.00% 0.24% 25 % 10 % 14 % 1.45% 21 % 45 1.00% % 1.42 7.00% 0.32% 6.31% - % 1.24 0% 10 % 13 % 1.57 8.00% 0.26% 44 % 0.18% - Inventory 22.06 Days 2% 22.43 21 18.51 19.06 0% 19.06 0% 19.06 0% 19.06 0.75 0% 0.75 0% 0.75 0% 0.75 0.59 0% 0.59 0% 0.59 0% 0.59 1.57 0% 1.57 0% 1.57 0% 1.57 1.14 9% 1.25 9% 1.38 124% 0% 124% 0% 124% 963 9% 1059 9% 1165 % - Current Ratio 0.69 5% 0.73 22 0.60 % Acid 3% test Ratio Gearing Ratio Interest Cover Debt/Equity 0.44 0.65 4.80 87% 2% 15 % 17 % 9% 9% 0.43 0.76 5.76 95% 2631 2% 57 % 16 1% 61 % 14 0.42 20 % 29 % - 1.79 14 % -9.51 52 5% 2.24 % 245% 36 181% % 71 46 % EBIT 2382 Interest £ £ £ £ £ £ £ Expense 496 457 609 422 844 844 844 Short-Term £ £ £ £ £ £ £ Debts 766 1,910 2,008 2,826 2,826 2,826 2,826 Long-Term £ £ £ £ £ £ £ Debts 10,068 9,303 10,65 10,71 16,66 18,14 19,76 1 1 4 9 4 Shareholder's £ £ £ £ £ £ Equity 16,661 7,071 8,616 15,71 16,91 18,21 8 5 8 £ 14,72 2 5% -5792 96 4% 944 2% Table 3-Tesco Group‟s Principal Risks and Uncertainties, Source: Adapted from the Annual Report, Tesco plc 2016 Primary Risks Mitigating Factors Customer proposition-Failure to listen to Investment in understanding and building customer profiles and training colleagues to customers and their changing needs. respond to customers‟ needs. The economic model- the model does not There are significant transformation programs respond to changes in external economic being undertaken across the Group. environment and does not soon enough increase operating profit margin resulting in low cash inflow in future. Liquidity-situation of cash to cover operations There is a funding plan to oversee the liquidity risk lowering requirements such as forecasting is worsens. done to predict future cash flows. Competition-There is no effective response to Marketing scanning and competitor analysis provide knowledge about the possible risks from competitors. competition. Brand equity loss-The brand loses its name, There system failure or company-wide clear rules for upholding the right practices for the brand. recognition and trust with customers. Technology-IT are other There is a technology strategy and technology technological failure. leadership team to oversee the policies regarding technology. Data privacy and security-The risk of losing IT security is monitored through access controls customer’s or company’s data or losing face testing and a review of security policies. by inadvertently using customer’s personal information without telling them. Regulatory and compliance-failure to fulfill A code of business conduct exists which is compliance and regulations resulting in fines refreshed with clauses protecting against risks and reputational damage. such as acts that may harm the UK Bribery Act. Safety-workplace safety guidelines are not met Group safety policies and procedures exist and resulting in death, illness or injury. there is mechanism to report directly to the CEO in case any untoward incidents or breaches happen. People-colleagues (employees) are not trained There are standardized recruitment and selection well enough and retention does not happen, procedures and retention is a major priority of the leading to loss of meeting business objectives. HR function. Tesco Bank-Tesco Bank has to see restricted There is a Bank Board that reports to the Audit liquidity and cash owing to responses in Committee frequently shifting regulations. regarding regulatory framework changes. The bank also has a measurement system to gauge the risk appetite it can handle.