Risk Management

Reliable Repairs by 2027

Risk

Risk Response

Risk Owner

Provide housing environments that lack structural integrity or fire resilience which may endanger occupants and breach regulatory obligations

We manage building and fire safety through established governance arrangements, supported by Board approved building and fire safety policies and dedicated oversight through the Building Safety Programme Board. A structured programme of assessment and remediation is in place, including ongoing PAS 9980 assessments, supported by defined responsibilities, regular reporting and monitoring.

The risk is influenced by evolving regulatory requirements, the scale and complexity of remediation activity, data quality and systems maturity, delivery capacity and cost recovery considerations. To address this, we continue to strengthen data, reporting and document management arrangements (including Golden Thread requirements), progress remediation programmes, and pursue funding and cost recovery opportunities where available, to ensure compliance and protect residents in line with Board approved risk appetite.

Karin Stockerl – Executive Director of Asset Management & Sustainability

Failure to plan and deliver EPC C requirements

We manage this risk through a structured asset and sustainability framework, supported by governance oversight and long term financial planning. A prioritised retrofit programme is in place to improve energy efficiency across existing homes, informed by EPC data and asset condition information, with active pursuit of external funding opportunities to support delivery. Energy efficiency and wider sustainability requirements are also considered within new build activity. The approach and risk appetite remain subject to further review as environmental and sustainability requirements continue to evolve and greater regulatory clarity emerges, which may affect delivery priorities and investment phasing.

Karin Stockerl – Executive Director of Asset Management & Sustainability

Fail to effectively manage repairs service

This risk is managed through established governance, performance monitoring and resident engagement arrangements for the repairs service. Repairs performance is overseen through defined service metrics, Tenant Satisfaction Measures and regular reporting through management and governance forums. Complaints handling arrangements operate in line with the Housing Ombudsman Service Complaint Handling Code, with a focus on timely resolution, learning and service improvement.

The risk is influenced by increased regulatory and Ombudsman scrutiny, inflationary pressures, supply chain capacity constraints and rising resident expectations across the sector. Resident scrutiny and engagement are embedded through established governance structures, supporting transparency and continuous improvement. These arrangements support regulatory compliance and the delivery of a safe, responsive repairs service in line with the Board approved risk appetite. 

Karin Stockerl – Executive Director of Asset Management & Sustainability

Professional Services by 2028

Poor Data and Information Management

We have a structured approach to data and information management, underpinned by an embedded Data & Information Governance Framework. These arrangements provide assurance over the ownership and quality of key data and information, supported by automated data quality checks and regular exception reporting through established governance forums.

Further improvements are being delivered through our Southern Data Core programme to build out data lake and move to “hub and spoke” model for data integrations between systems.  

Tom Paul – Chief Financial Officer

Failure to implement effective cyber security and/or business resilience to sufficiently protect Southern

Failure or disruption of IT systems would have a significant impact on service delivery to residents. We maintain a cyber security and business resilience framework supported by Board level oversight, a cyber security strategy, continuous monitoring through a 24/7 Security Operations Centre, regular assurance activities (including penetration testing and Cyber Essentials Plus accreditation), mandatory staff training, and supplier due diligence arrangements. Disaster recovery and business continuity plans are tested regularly, with supporting policies approved through established governance.

The risk is influenced by an increasingly complex threat landscape, including rising cyber incidents across the UK and social housing sector and rapid advances in AI enabled vulnerability discovery and exploitation, which are narrowing patching and response timeframes. We continue to review and strengthen our cyber posture and resilience arrangements to ensure we stay within our (“averse”) risk appetite even as the landscape changes around us. 

Tom Paul – Chief Financial Officer

Efficient Business by 2029

Development activity fails to deliver against the financial plan

The risk is influenced by external factors including conditions in the contractor market, changes to building safety and high rise regulatory requirements, the cost of debt environment, and the level of investment required to maintain existing assets. Contractor financial resilience is assessed through a Development and Assets Committee approved financial assessment process.

The potential financial impact of these factors is considered through the long term financial plan, which is subject to regular review and stress testing. The Group continues to pursue grant funding and low interest loan opportunities to support investment. These arrangements support the management of the risk within the Board approved risk appetite, recognising constraints on new development activity in the near to medium term. 

Richard White – Executive Director of Development

Business negatively impacted by changes to Government policy

The business actively engages with Government and relevant stakeholders to understand, influence and respond to changes in public policy.  Senior management involvement in sector forums and boards supports early identification of potential policy developments.

Where changes to Government policy are identified as having the potential to impact the business, these are incorporated into the long term financial plan and subject to stress testing to ensure the plan remains robust and resilient. Southern regularly assesses its internal position against forthcoming legislative and regulatory requirements and takes appropriate action where gaps are identified.

The Group maintains a well established network of external relationships with MPs, local authorities, senior civil servants and sector bodies, and works closely with representative organisations including G15, CASE and the National Housing Federation to support insight, collaboration and policy engagement. These arrangements support informed decision making and ongoing oversight of risks arising from changes in Government policy. 

Paul Hackett – Chief Executive Officer

Financial health is not fully protected in line with risk appetite.

We operate tight financial control through a well governed budget setting, in year forecasting and performance reporting framework, with regular oversight by the Executive Team, Board and Treasury Committee. Liquidity is maintained in line with the Board approved Treasury Management Policy, with financial and non-financial covenants are routinely monitored and reported. We manage our debt portfolio in line with our Treasury Strategy, which is informed by our Long-Term Financial Plan, balancing interest costs, interest rate volatility and refinancing risk. This is  supported by lender engagement and external assurance, including our two credit ratings and audit activity.

The level of risk is influenced by macro economic factors including sustained inflationary pressures, the prevailing interest rate and cost of debt environment, and wider market conditions. Micro level factors include the delivery of efficiency targets, the strength of financial controls and governance, exposure to fraud risk, and financial pressures arising from operating cost increases or income not rising as expected.  These and other factors are assessed through long term financial planning and regular stress testing, with delivery of the financial recovery plan and planned efficiencies monitored through established governance arrangements to maintain financial resilience in line with the Board’s risk appetite.

Tom Paul – Chief Financial Officer

Failure to attract, recruit and retain colleagues with key skills and experience to deliver strategic objectives, statutory requirements, cultural expectations and effectively manage capacity, colleague satisfaction and performance

The Group manages people risk through delivery of the People Strategy and core controls covering pay, recruitment, onboarding, culture and capability. This includes a structured approach to pay and grading informed by benchmarking and governance oversight, and recruitment/onboarding arrangements designed to support attraction and effective resourcing. Colleague engagement, culture and performance are supported through established channels and processes, including communication and colleague voice mechanisms, inclusion activity and mandatory learning, and a framework for performance review and development planning.

This risk is influenced by external labour market conditions and the operational impacts of ongoing change. The Group strengthens workforce resilience through improved workforce planning and people analytics, with progress and emerging trends monitored through regular reporting and oversight. Key metrics are tracked and reported through governance arrangements, and capability requirements (including Conduct and Competence readiness) are being progressed through role mapping and development pathways to support sustained capacity and performance. 

Lynn Bates – Corporate Director of People 

Ineffective governance and regulatory compliance and/or poorly controlled business

We update our financial plan and stress test annually. Our financial risks remain within Board approved risk appetite and organisation capacity. Financial parameter within plan set clear limit on risk, including the scale and tenure mix of the development programme, and inform decisions on the timing and nature of new development commitments. Insights from stress testing directly influence these decisions.

Strong financial controls and frequent reporting provide oversight of treasury matters, including covenant compliance, mark to market exposure and liquidity. Our Governance Framework, internal control framework and Risk & Assurance Framework establish clear and structured governance across the business. Following the post merger review of our corporate structure, actions continue to simplify the structure through the consolidation and dissolution of a number of subsidiary entities, strengthening governance clarity and regulatory oversight.

Puneet Rajput – Corporate Director of Governance & Regulation

Failure to deliver efficiency targets

Efficiency targets of £10m for the current year (2026/27) are reflected in the approved budget, delivery of which is subject to significant scrutiny and control. Over the medium term further savings of £20m are expected through delivery of projects both within particular teams and cross-business. Progress is monitored through regular financial and performance reporting to Board, with oversight to identify variances and take corrective action where required. 

The risk is influenced by macro economic factors including sustained inflationary pressures and rising costs from new and renewed contracts, and further legislative and/or regulatory change. Our focus is on delivering sustainable transformation led efficiencies, ensuring financial performance remains aligned with the Board approved risk appetite while delivering improving services to residents. 

Tom Paul – Chief Financial Officer

Transformation programme fails to deliver strategic objectives

Transformation is a critical enabler of our strategic objectives and is managed through established governance and delivery arrangements, with clear accountability and regular oversight. Oversight arrangements enable timely scrutiny of delivery risks, including impacts on cost, timetable, service performance and benefits realisation.

Tom Paul – Chief Financial Officer

Failure to minimise service charge disputes and optimise service charge recovery.

We have established governance, controls, and processes to support effective management of service charges, including clear policies, defined responsibilities and regular oversight through management and governance forums. Service charge estimates and reconciliation processes are in place to support accurate service charge accounting, supported by improved performance monitoring to identify variances, emerging disputes and recovery risks.

The risk is influenced by factors including inflationary pressures, rising service delivery and contractor costs, changes to government policies and regulation, and the complexity of legacy systems and lease arrangements. We continue to strengthen its approach through targeted improvements including delivery through our transformation programme.  Together with enhanced data quality and assurance, colleague training, and clearer communication with residents. These measures are intended to reduce disputes, improve transparency and support effective recovery, while ensuring compliance with legal and regulatory requirements and maintaining alignment with the Board approved risk appetite.

Troy Frances – Executive Director of Operations