Please enable JS

An organisation of repute

Enterprise risk management

Enterprise Risk Management

This year has been with added experience to many business globally due to the impact of Covid 19 outbreak. Business Continuity risk has widely been encountered in most of the industries so that there were different dimensions of the enterprise risks identified as many economies including developed countries have resulted in contraction. Therefore, enterprise risks have been reviewed to meet various challenges and responding to such business uncertainties as result of limitations of people movements during the outbreak and international trades. Companies those who have not been able to change the business models and address necessary changes its value chain could not be able to sustain, and those have been continually impacted to various other business. Process and technology had played a vital role in many enterprises to manage the risks during the pandemic period.

Business continuity and risk management are items that go in hand in hand. Companies make contingency plans to ensure business continuity in crisis situations, but current prolonged socio-economic situation shall carefully been assessed with various strategies and remedies while being taking advantages of the new situation as an opportunity. While a few industries such as supply chain, telecom, IT, healthcare are critically essential during this period have been undergoing various other risks in ensuing the network relevance its capacities for supplying in a safe environment of its employees.

SLT was to respond such challenges to continue business with the stakeholders. We have been discussing risks at functional level, accessing risk for project management and escalating risks to top management through different management meetings dedicated for Enterprise Risk Management. Enterprise risks are managed with maturity at different levels with underlying actions for risk mitigations and escalating risks to higher management based on its severity levels.

Given below is a summary risks with a brief description of each risk, their risk level and the actions taken to mitigate them.

Context Risk Level Mitigation Actions and Opportunities arising
Financial risks Financial markets continue to be volatile and operating cost increases with uncertainties evolving with the waves of Covid-19 pandemic around the globe. Collection, devaluation of exchange rates, bulk discounts and concessions to customers have affected cash flows and financial performances. Very High
  • New payment channels are introduced to customer and online bill payment facilities are continually promoted.
  • Strict controls on inventory management
  • Foreign currency hedging
  • Vendor financing or deferred payment options
Technology risk Telcos have experienced significantly higher demand for network resilience as experienced during pandemic due to increased demand for online education, Work From Home and various transactions over the net.

Technology and design criteria are been reviewed to ensuing required capacities and quality of services, while serving with tailor made products to suit for the pandemic behaviors.

To enable a digital ecosystem in country, the organisation itself has to drive the digital transformation within itself.
  • Fiber networks have inherently provided the services with least deterioration of services while 4G LTE wireless networks provided quick services provisioning together with mobile services.
  • Successfully completed 5G trials
  • Our systems and network are upgraded with latest technologies to provide IoT, cloud services to Sri Lankans. Further, we exploit the new normalcy opportunities in digital economy through our superior connectivity solutions both locally and globally.
People risk Talent attraction, developing talents and retaining the best talent is a key focus in the industry.

Workforce diversity and digital talent has become important than ever as digital transformation has been the focus for business continuity

Further, ensuring the health and safety of our employees during this period became a necessity.
  • Restructuring and re-alignment of our workforce to drive the digital transformation.
  • Continuously train and develop skills of our employees on new technologies, tools and global practices.
  • Performance culture is embraced and continuously promoted.
  • Introduced WFH arrangements with the COVID-19 outbreak and it continues.
Operational risk The global COVID-19 pandemic and subsequent restricted movement impact various aspects of our operations and business activities. Telecommunication operators had to step up their support to government to drive the economy, social well-being despite the situation. Engagement with industry verticals especially the public, understanding and responding to their expectations became necessary.

In addition to pandemic, the developing global political conflict and trade wars impact telecom industry as it is dominated by a few of vendors. Loss of supply due to a key vendor suffering business failure or trade ban may significantly affect our core business and operations.
  • Business continuity plan (BCP) programme activated and responded the pandemic confidently.
  • Adhered to health and safety guidelines.
  • Facilitated with extra precautions for continuing operations with least interruptions.
  • Work From Home (WFH) setup established
  • Encouraged customers to continue working and learning using technology
Data privacy
and cyber security risk
Ensuring data privacy and protection of our consumers and businesses amidst rising concerns of data breach, theft, loss and misappropriation of information is crucial in competitive environment. Failure to adequately prevent or respond to such incidences could adversely impact customer confidence; result in significant fines, business disruption and lead to reputational damage. High
  • Increased vigilance and monitoring of security vulnerabilities
  • Review and revisiting tools, processes and capabilities of security operations
  • ISO security certification and regular audits
Business risk Disruptive business models are evolved all the time and competition is increased all the time while industry also been converged with IT. OTT services and global trends challenges conventional business models while investments requirements are critically matters for transformations. High
  • Moving into new growth areas in ICT to create additional revenue streams through products and solutions such as OTT applications, managed services, cloud services, infrastructure services, cyber security, IOT services, data analytics and digital services.
  • Helaviru, Smart Home, SLT Lynked, eSiphala are few from our digital product portfolio that have identified and addressed new normalcy ICT needs of citizens.
Regulatory risk Our operations, aligned with Government’s vision are subjected to regulatory conditions, various other laws and regulations such as those relating to customer data privacy and protection, anti-bribery and corruption, and workplace safety and health. Failures to meet those requirements are liable to fines or other sanctions including litigation. Medium
  • Closely monitoring new developments in regulatory framework; regularly participate in discussions and consultations with the respective regulatory authorities and the industry to propose changes; and provide feedback on regulatory reforms and developments in the telecommunication industry