Managing Risk

How we manage risk

Protecting long-term value creation

In common with all businesses, Persimmon is exposed to various risks and uncertainties in the course of delivering its strategy. In particular, the UK housing market is sensitive to both changes in economic conditions and the political, regulatory and legislative environment.

To manage these challenges, the Group has a well-established and robust framework in place for the management of risk, designed to ensure the effective and timely identification and evaluation of risks and their ongoing mitigation. This risk management framework is critical to the Group’s ability to create value over the long-term.

Risk Management Framework



Board ownership and oversight

The Board determines Group strategy and has overall responsibility for the identification and management of risks that could disrupt the delivery of the strategy, including the Group’s five key priorities. To do so, the Board:

  • Conducts reviews of principal and emerging risks
  • Monitors indicators of risk performance in order to inform strategic decision making 
  • Periodically reviews the Group’s risk registers in their entirety
  • Ensures an effective system of internal controls is in place to manage risks to acceptable levels 
  • Obtains assurance on the performance of internal controls and risk management processes


⮝             ⮝             ⮝                ⮝
Risk identification, mitigation and monitoring
Audit & Risk Committee   Management oversight   Group Internal
Audit department
Group Functions   Operational management
  First line of defence   Second line of defence   Third line of defence
  • Monitors the integrity of the Group’s corporate reporting processes.
  • Approves the Group Internal Audit Manager’s risk-based annual audit plan and monitors the effectiveness of internal audit. 
  • Monitors the external audit and reviews its effectiveness. 
  • Receives reporting from management and external providers of assurance on the effectiveness of risk management and internal control.
  • Responsible for managing operational performance and identifying changes in key risks affecting the business. 
  • Ensures the implementation of internal controls set by the Board and Group functions within the business. 
  • Routinely interacts with management at regional and Group levels and the Board.
  • Contributes to the formulation of Group policies, procedures and control mechanisms. 
  • Monitors the implementation of Group risk management and internal control processes. 
  • Has ownership of individual operational-level risk registers for each function. 
  • Support steering groups on key risk areas including General Data Protection Regulation (GDPR), Information Security, and Internal Controls over Financial Reporting. 
  • Provides monitoring and assurance on the implementation of controls at operational level.
  • Delivers a risk-based annual internal audit plan. 
  • Performs testing on key areas of compliance and assurance. 
  • Produces lead indicator reporting on the Group’s principal risks. 
  • Maintains the Group’s risk registers and oversees the annual review process with risk owners. 
  • Facilitates the annual principal and emerging risk survey of the Board and senior management. 
  • Provides an annual summary report on the effectiveness of risk management and internal control.

Principal and emerging risks overview

In line with the UK Corporate Governance Code 2018, the Group defines its principal risks as those considered to have a potentially material impact on its strategy and business model, including its future performance, solvency, liquidity and reputation. The Group has defined emerging risks as risks that are evolving in ways that are not yet clear, and where the impact and potential timing of risk realisation remain uncertain.

Principal risks

The Group has identified 11 risk areas that meet its criteria for consideration as principal risks. These risks are detailed further in our Annual Results 2022.

The 2022 assessment has identified a new principal risk concerning legacy buildings. This reflects the potential for further legacy properties to be brought into the scope of cladding and life-critical fire safety remediation works, for costs to be greater than anticipated, or other regulatory changes to occur in this area.

The assessment has also noted movements in our rating of the risks in respect of UK economic conditions, mortgage availability and cyber and data risk. These movements are illustrated on the heat map.

The Group no longer considers the previously reported pandemic and strategy risks as meeting the criteria of principal risks. This reflects the Group’s comprehensive suite of controls deployed during the Covid-19 pandemic, which could be swiftly adapted and redeployed as necessary, and that the likely effects of a future pandemic are included within the Group’s other principal risks, such as those concerning UK economic conditions and Government policy.

Emerging risk areas

Following the Board’s review of the comprehensive risk survey exercise, planning uncertainty has been recognised as an emerging risk area. This reflects uncertainty as to how various aspects of planning legislation and regulation may develop over the medium-term, and how this could affect land purchase decisions and the ability of the Group to bring sites through to development. The Board considers that this uncertainty could evolve over time to meet the criteria of a principal risk.

Material Issues



The Board continues to recognise the value of stakeholder engagement in ensuring the Group’s ability to create and protect value over the long-term. A materiality assessment has previously been performed to identify the most important issues for our stakeholders. The results of this assessment are closely linked to the Group’s principal risks, as detailed within the principal risks heat map and table.

Our purpose, strategy and business model
is protected by a 
risk management framework

which is enhanced by 

which delivers

sustainable value for all stakeholders

Overall assessment



The Board has completed its assessment of the Group’s principal
and emerging risks. This assessment, along with a range of
sensitivity analyses against various risk scenarios materialising
together, and the likely responses of the Board, have contributed
to the broader assessment of the resilience of the Group’s business

Principal risks – heat map



heat map