Risk Oversight Committee
The Board of Directors (the "Board") of Global Payments Inc. (the "Company") has established the Governance and Risk Oversight Committee Charter (the "Committee") of the Board to carry out the duties and responsibilities assigned to the Committee by the Board. This charter replaces and supersedes in its entirety any previous charter for the Committee adopted by the Board.
The members of the Committee shall be appointed from time to time, but at least annually, by the Board. Any vacancy on the Committee shall be filled, and any member of the Committee may be removed at any time with or without cause, by an affirmative vote of a majority of the Board. The chairperson of the Committee shall be appointed by the Board. If a chairperson is not designated or present, the members of the Committee may designate a chairperson by majority vote of the Committee membership.
The Committee shall consist of at least a majority of directors who, in the judgment of the Board, are “independent” in accordance with the rules and regulations of the Securities and Exchange Commission and the New York Stock Exchange.
The responsibilities of a member of the Committee are in addition to his or her responsibilities as a member of the Board. Compensation as a director and a member of any committees of the Board shall be the sole remuneration paid by the Company to the Committee members.
The Committee shall meet at least two times each year and additionally as circumstances dictate. The chairperson, after consultation with the management of the Company, shall establish the schedule of the Committee's regular meetings. The Committee may invite any officer or employee of the Company, counsel or others to attend meetings and provide pertinent information. The Committee may meet in executive session outside the presence of any member of management of the Company. Appropriate minutes of the meetings and actions taken by the Committee shall be kept, with the advice of counsel.
Meetings of the Committee may be held in person or telephonically at such times and places as the Committee determines. The chairperson of the Committee, in consultation with management, should prepare, or have prepared and approve, an agenda in advance of each meeting. Provided that notice of the meeting is given or waived by all members of the Committee in accordance with the Company's Bylaws, the presence of a majority of Committee members shall constitute a quorum for a meeting. The Committee may act by affirmative vote of the majority of members present at a meeting of the Committee at which a quorum exists or by a writing or writings signed by all of its members without a meeting. The Committee may otherwise establish its own rules of procedure.
The Committee shall have the responsibilities set forth below, in addition to any responsibilities assigned to it by the Board. The Committee is authorized by the Board to make all decisions and determinations and grant all approvals necessary or desirable to carry out these responsibilities and other actions reasonably related to the Committee's purposes or assigned by the Board from time to time.
In discharging its role, the Committee is empowered to make decisions and determinations, to grant approvals, and to inquire into any matter that it considers appropriate to carry out its responsibilities, with access to all books, records, facilities and personnel of the Company. The Company shall provide adequate resources, as determined by the Committee, to support the Committee. The Committee shall have the authority, to the extent it deems necessary or appropriate, to ask the Company to provide the Committee with the support of one or more Company employees to assist it in carrying out its duties. The Committee shall also have the sole power and authority to retain, compensate, direct, oversee and dismiss any consultants, search firm, counsel and other advisers to assist the Committee in carrying out its activities, who shall be accountable ultimately to the Committee.
The Committee shall report regularly to the Board on Committee decisions, determinations, approvals and findings but is empowered to take such actions without further authorization from the Board. The Committee may form and delegate authority, including the authority to take action in relation to any of the Committee's responsibilities, to a subcommittee when the Committee deems it appropriate.
- The Committee's risk oversight functions are set forth below:
- The Committee is responsible for overseeing the identification, assessment and management of the key risks facing the Company, receiving recommendations from management with respect to such risks, and determining the Company's tolerance for these risks. These risks include, but are not limited to, the risks associated with: (i) the Company's process for determining strategic direction and disintermediation; (ii) information security and data privacy; (iii) business continuity and disaster recovery; (iv) geopolitical uncertainties; (v) liquidity; (vi) ability of the Company's systems and processes to support the operations of a growing organization; (vii) financial reporting and disclosure; and (viii) regulatory and industry standard compliance. To enable the Committee to fulfill this responsibility, the Committee shall periodically direct the Management Risk Committee, the Senior Vice President – Risk Management or any other individual or individuals designated by the Committee to provide updates, progress reports and recommendations concerning the assessment, management and prioritization of, and tolerance for, the key risks as well as any emerging risks.
- The Committee shall consider for approval and oversee the adequacy and effectiveness of the Company's enterprise risk management program to ensure appropriate risk identification, measurement and reporting. The Committee shall monitor the Company's performance to ensure alignment with the risk assessments and tolerance levels prescribed in the enterprise risk management program.
- The Committee shall be solely and directly responsible to the Board for the appointment, replacement, reassignment or dismissal of the Company's Senior Vice President – Risk Management and shall take steps that are, in the sole judgment of the Committee, reasonable or necessary to ensure that the compensation and benefits allocated to the Senior Vice President – Risk Management are not subject to modification or termination without the consent of the Committee.
- The Committee shall periodically receive reports from the Company's Senior Vice President—Enterprise Risk Management concerning the status of the Company's enterprise risk management program.
- The Committee shall annually receive a report regarding the Company's business continuity, disaster recovery and pandemic plans, as well as summary of the testing program and the testing results of the Company's business continuity plans and back-up systems.
- The Committee shall annually receive a report from management regarding the Company's insurance program.
- The Committee shall annually receive a report from management regarding vendor management.
- The Committee shall review examination reports by regulatory agencies or summaries thereof, and any observations or communications by regulatory agencies.
- The Committee shall report to the full Board regarding the risk management activities of the Committee. A report to the full Board shall constitute a report to the Audit Committee, provided that a quorum of the members of the Audit Committee is present at the Board meeting.
- The Committee’s governance functions are set forth below:
- The Committee shall review and reassess periodically the adequacy of this charter as needed and recommend any changes to the Board.
- The Committee shall keep or cause to be kept appropriate minutes of its meetings and actions taken by it, with the advice of counsel.
- The Committee shall conduct an annual performance assessment of its own performance.
- The Committee shall report regularly to the Board on the Committee’s activities.
- Financial Expert
- Independent Director