FIDELITY NATIONAL INFORMATION SERVICES, INC.
The purpose of the Risk Committee (the “Committee”) of the Board of Directors (the “Board”) of Fidelity National Information Services, Inc. (the “Company”) is to assist the Board in its oversight of executive management’s responsibilities for the management of the Company’s operational, information security, compliance, financial, regulatory, strategic, reputational and other risks (“Enterprise Risks”).
While the Committee has the responsibilities and duties set forth in this Charter, the Company’s management is responsible for designing, implementing and maintaining an effective risk management framework.
The Committee shall consist of three or more directors as determined and appointed by the Board from time to time. Each member of the Committee shall be independent in accordance with the listing standards of the New York Stock Exchange. The members and the chairperson of the Committee shall be appointed and removed by the Board, acting on the recommendation of the Corporate Governance and Nominating Committee.
III. Meetings, Structure and Operations.
The Committee shall meet at least four times each year at a time and place determined by the Committee chairperson, with further meetings to occur, or actions to be taken by unanimous written consent, as determined by the Committee. A majority of the members of the Committee present at a meeting shall constitute a quorum.
The chairperson shall preside at all meetings of the Committee and shall set the agenda. In the absence of the chairperson at a duly convened meeting, the Committee shall select a member of the Committee to serve as chairperson of the meeting. The Committee shall keep minutes of its meetings. The minutes shall be circulated in draft form to all Committee members and shall be considered for approval by the Committee at a subsequent meeting. The chairperson shall report the Committee’s actions, recommendations and findings to the Board at the next regularly scheduled Board meeting following a Committee meeting.
All determinations of the Committee shall be made by a majority of its members present at a duly convened meeting. In lieu of a meeting, the Committee may act by unanimous written consent.
The Committee may invite such members of management and other persons to its meetings as it may deem desirable or appropriate.
The Committee chairperson shall liaise with the chairperson of the Audit Committee to assist the Audit Committee in its review of the Company’s financial and operational risks, as set forth in the Audit Committee charter. The Committee chairperson also shall liaise with the chairperson of the Compensation Committee to assist the Compensation Committee in its consideration of the Company’s financial and operational risks as they relate to the Company’s compensation policies and practices.
The Committee will meet separately with certain members of management, when and as it deems appropriate.
IV. Responsibilities & Duties.
The specific responsibilities and duties of the Committee include:
- Oversee executive management’s deployment of an enterprise risk framework and its risk measurement methodologies.
- Review with executive management the Company’s policies, procedures and standards for identifying and managing Enterprise Risks.
- Review reports from executive management (including the Chief Risk Officer and the Chief Information Security Officer) regarding the Company’s compliance with applicable Enterprise Risk-related policies, procedures and standards and the Company’s performance relative to such policies, procedures and standards.
- Review and discuss with executive management significant regulatory reports of the Company related to the Enterprise Risks and remediation plans related to such Enterprise Risks.
- Review, discuss with management, and oversee the Company’s data security risk strategy and data security risk policies and controls.
- Review and discuss with management the Company’s compliance risk strategy and compliance risk policies and controls.
- Receive, as and when appropriate, reports from internal auditors and members of management on the results of risk management reviews and assessments.
- Conduct at least one joint meeting annually with the Audit Committee of the Board on topics of common interest.
- Conduct periodic assessments of the state of the Company’s management culture.
- Conduct an annual evaluation of the Committee’s own performance and report to the Board the results of its self-evaluation. As part of its self-evaluation process, the Committee shall assess the adequacy of this Charter. The Committee may recommend amendments to this Charter at any time and submit amendments for approval to the Board.
- Discharge any other responsibilities or duties delegated to the Committee by the Board from time to time.
In fulfilling its responsibilities and duties, the Committee shall consider, among other things, the potential effect of any matter on the Company’s reputation.
The Committee may, in its discretion, form and delegate all or a portion of its authority to subcommittees.
In performing its responsibilities and duties, the Committee is authorized to obtain advice and assistance from internal or external legal, accounting or other advisors at the Company’s expense without prior permission of the Board or management.
Last reviewed: January 30, 2019
- Financial Expert
- Independent Director