Risk Committee

RISK COMMITTEE CHARTER

I. COMMITTEE MEMBERS

The Board of Directors appoints a Risk Committee (the “Committee”) of at least two members, all of whom shall be “independent” directors of the Board, and designates one member as chairperson.

II. PURPOSES AND RESPONSIBILITIES

The Company’s management is responsible for risk assessment and risk management. The Board is ultimately responsible for overseeing the Company’s management of enterprise risks. The Committee assists the Board of Directors in overseeing management’s identification and evaluation of enterprise risks, including the Company’s risk management framework and the policies, procedures and practices employed to manage risks. Management shall provide appropriate reporting and information that facilitates the Committee’s oversight role. Oversight responsibility for certain other risk areas belongs to the Board’s other committees as outlined in their respective charters:

  • The Audit Committee oversees the Company’s evaluation of major financial risks.
  • The Nominating and Corporate Governance Committee oversees governance matters, including the Company’s succession planning at the Chief Executive Officer and other senior officer levels, board leadership, composition, and structure.
  • The Compensation Committee oversees the evaluation of risks associated with the Company’s total compensation strategy and compensation programs.

Specifically, the Committee will:

  1. Oversee and review with management the Company’s risk governance framework, including but not limited to, the adequacy and effectiveness of the Company’s enterprise risk management program.
  2. Oversee the Company’s risk identification, risk assessment and management practices for strategic enterprise risks facing the Company, such as (a) the quality, adequacy and effectiveness of the Company’s data security, privacy, technology and information security policies, procedures, and internal controls, (b) cybersecurity and cyber incident response, and (c) business continuity and disaster recovery planning and capabilities.
  3. Review approaches to risk assessments and mitigation strategies in coordination with the Board and other Board Committees.
  4. Make reports and recommendations to the Board of Directors within the scope of its functions.
  5. Possess sole authority to retain or terminate, as it deems necessary or appropriate, consultants or outside advisors to assist with the foregoing functions. The Company will provide appropriate funding, as determined by the Committee, to compensate any such consultants or other advisors.
  6. Delegate any of its responsibilities to subcommittees of one or more directors as the Committee may deem appropriate.
  7. Conduct an annual performance evaluation of the Committee.
  8. Review the adequacy of this Charter on a periodic basis and recommend any proposed changes to the Board for approval.
  9. Perform such activities consistent with this Charter, the Company’s Bylaws and applicable law as the Board of Directors or the Committee deems necessary or appropriate.

III. COMMITTEE MEETINGS

The Committee will meet as often as it deems necessary or appropriate, in its judgment, either in person or telephonically, and at such times and places as the Committee determines. The Committee may from time to time invite to its meetings any director, management of the Company or such other persons as it deems appropriate. A majority of the members of the Committee constitute a quorum.