Bravura : Audit Risk Management Committee Charter

Audit & Risk Management Committee Charter

Date: 17 August 2023

Document Status: Published

Classification: External

Classification: External

Audit & Risk Management Committee Charter (the Charter)

Bravura Solutions Limited and its subsidiaries (the Company)

1. Introduction

1.1 Purpose of Charter

This is the Charter of the Audit & Risk Management Committee (the Committee) established by the board of directors of the Company (the Board). The Charter governs the operations of the Audit & Risk Management Committee. It sets out the Committee's role and responsibilities, composition, structure and membership requirements.

1.2 Purpose of Committee

The Committee has been established to assist the Board of the Company in fulfilling its corporate governance and oversight responsibilities in relation to the Company's financial reports and financial reporting process and internal control structure, risk management systems (financial and non financial) and the external audit process. Accordingly, the Committee will meet on a regular basis to:

1. review, update and approve external audit plans;
2. review and approve financial report;
3. review reports arising from any risk assurance activities;
4. oversee, review, assess and report on risks including operational, financial, governance as well as environmental and social sustainability risks; and
5. review the effectiveness of the Company's compliance and risk management functions.

1.3 Environmental and Social Sustainability Risks

The Company is committed to its environmental and social sustainability and governance (ESG) matters. Given the importance of comprehensive engagement with key stakeholders to ensure consideration across customers, suppliers, employees, investors and regulators, the Company views that an essential part of its operating approach is the integrated manner in which ESG risks are mitigated across the operations and territories in which it conducts business. These areas include information security, social and employee, community engagement and environmental impact (though the Company produces low environmental impact other than through travel, energy and consumables).

2.Memberships

2.1 Composition of committee

The Committee will:

1. comprise only of members of the Board of directors (Directors) and members will be appointed and removed by the Board;
2. be of sufficient size, independence and technical expertise to discharge its mandate effectively;
3. consist of:
4. 1. at least three members;
   2. a majority of non executive directors;

2

Classification: External

1. 1. a majority of independent1 directors (Independent Directors); and
   2. an independent2 Chair, who will be nominated by the Board from time to time, but who will not be the Chair of the Board;
2. comprise members who are financially literate (as in, members who are able to read and understand financial statements);
3. include at least one member who has accounting and/or related financial management expertise (as in, a member who is a qualified accountant or other financial professional with experience of financial and accounting matters) and some members who have an understanding of the industries in which the Company operates.

2.2 Secretary

1. The Committee will have a secretary, which is to be the Company Secretary or such other person as nominated by the Board (Committee Secretary).

1. The Committee Secretary will attend all Committee meetings.
2. The Committee Secretary, in conjunction with the Chair of the Committee, must prepare an agenda to be circulated to each Committee member at least 7 days prior to each meeting of the Committee.
3. The Committee Secretary will distribute the papers for the meeting at least 3 days prior to each meeting of the Committee.
4. The Committee Secretary will distribute a meeting timetable for each forthcoming calendar year and a calendar of agenda items to be covered at each meeting.

3.Meetings & authority of committee

1. Meetings

1. The Committee will meet often enough to undertake its role effectively, being at least four times each calendar year.
2. The Committee will meet in private session at least annually to assess management's effectiveness.
3. The quorum for any meeting will be 2 members.
4. Special meetings may be convened as required. The Chair will call a meeting of the Committee if requested to do so by any member of the Committee, by the external auditors or by the Chair of the Board.
5. The Committee may invite such other persons (for example, staff, Managing Director/CEO, CFO, external parties) to its meetings, as it deems necessary, whether on a permanent or ad hoc basis. Attendees may include Chief Executive Officer, Chief Financial Officer, Group Controller and General Counsel.
6. The proceedings of all meetings will be minuted and these will be included in the papers for the next Board meeting after each Committee meeting.

1. Authority

The Board authorises the Committee, within the scope of its responsibilities, to:

1. Independent, as defined by the ASX Corporate Governance Council. See schedule to this Charter.
2. See Schedule 1 to this Charter.

3

Classification: External

1. investigate any matter brought to its attention with full access to all books, records and facilities;
2. seek any information it requires from an employee (and all employees are directed to co operate with any request made by the Committee) or external parties;
3. obtain outside accounting, tax, legal, insurance, compliance, risk management or other professional advice as it determines necessary to carry out its duties; and
4. ensure the attendance of Company officers at meetings as it thinks appropriate.

4.Duties and responsibilities

4.1 Understanding the Company's Business

The Committee will ensure it understands the Company's structure, business and controls to ensure that it can adequately assess the significant risks faced by the Company.

4.2 Financial Reporting

The Committee's primary financial reporting responsibility is to oversee the Company's financial reporting process on behalf of the Board and to report the results of its activities to the Board. The Committee will:

1. review the Company's financial statements to determine whether they reflect the understanding of the committee of, and otherwise provide a true and fair view of, the financial position and performance of the Company and other group entities and make any necessary recommendations to the Board;
2. review significant accounting policies adopted by the Company to ensure compliance with AIFRS and generally accepted accounting principles;
3. ensure that before the Board approves the Company's financial statements for a financial period, that the Board and the Committee first receive from the CEO and the CFO a declaration that, in their opinion, the financial records of the Company and its controlled entities have been properly maintained and that the financial statements comply with the applicable accounting standards and give a true and fair view of the financial position and performance of the Company and its controlled entities and that the opinion has been formed on the basis of a sound system of risk management and internal control which is operating effectively;
4. consider financial matters relevant to half yearly reporting in a timely manner; and
5. review other financial information distributed externally as required.

1. Oversight of risk management framework

1. The Committee's primary risk management responsibility is to review the Company's risk management framework annually to assess whether it is sound and is operating in accordance with the nature and extent of the acceptable levels of risk determined by the Board and report to the Board on the results of those assessments.
2. The Committee will review and make recommendations to the Board regarding:
3. 1. the adequacy of the Company's processes for managing risk;
   2. any incident involving fraud or other failure of the Company's internal controls; and
   3. the Company's insurance program, having regard to the business of the Company and its controlled entities and the insurable risks associated with the business.

1. Reporting to the Board

1. The Committee will regularly report to the Board on all matters relevant to the Committee's role and responsibilities.
2. The Chair will report and as appropriate make recommendations to the Board after each meeting of the Committee on matters dealt with by the Committee.

4

Classification: External

1. As and when appropriate, the Committee will seek direction and guidance from the Board on audit, risk management and compliance matters.
2. The Committee will ensure that the Board is made aware of audit, financial reporting, internal control, risk management and compliance matters which may significantly impact upon the Company in a timely manner.

4.5 Assessment of accounting, tax, financial and internal controls

Periodically, the Committee will meet separately with management and the external auditors to discuss:

1. the adequacy and effectiveness of the accounting, tax and financial controls including but not limited to the Company's policies and procedures to assess, monitor, and manage business risk and legal and ethical compliance programs;
2. the appropriateness of the accounting judgements and choices exercised by management in preparing the Company's financial statements; and
3. issues and concerns warranting Committee attention, including but not limited to their assessments of the effectiveness of internal controls and the process for improvement.

The Committee will provide sufficient opportunity for the external auditors to meet privately with the members of the Committee. The Committee will review any audit problems or difficulties regarding management's response with the external auditor.

The Committee will receive regular reports from the external auditor on the critical policies and practices of the Company, and all alternative treatments of financial information within generally accepted accounting principles that have been discussed with management.

4.6 Appointment of external auditors and scope of external audit

The Committee will:

1. make recommendations to the Board on the appointment, reappointment or replacement, remuneration, monitoring of the effectiveness and independence of the external auditors and resolution of disagreements between management and the auditor regarding financial reporting3;
2. consider the rotation of the audit engagement partner of the external auditors;
3. consider the scope and adequacy of the external audit;
4. discuss with the external auditors the overall scope of the external audit, including identified risk areas and any additional agreed upon procedures; and
5. ensure that the terms of appointment of the external auditors includes a requirement to attend the annual general meeting (AGM) of the shareholders of the Company and that they are available at the AGM to answer any questions from shareholders relevant to the audit.

4.7 Pre-approval of audit and non-audit services provided by external auditors

1. The Committee will pre approve all audit and non audit services provided by the external auditors and will not engage the external auditors to perform any non audit/assurance services that may impair or appear to impair the external auditor's judgement or independence in respect of the Company.

3 When recommending the appointment of an auditor or assessing potential and continuing auditors, directors and members of the Audit & Risk Management Committee will have regard to best practices, including guidance outlined in ASIC's October 2021 paper on Audit quality: The role of directors and audit committees (ASIC Information Sheet 196).

5