b'Mercia asset Management PLc53Annual Report and Accounts 2021risk Possible consequences Mitigationthe risk of the coVid-19Staff welfare issues, due to direct illness,Mercias existing investment in IT systems and connectivity allowed pandemic affecting staff,family illness and/or bereavement. Potentialstaff to move seamlessly to remote working and for operational operational services tomental health impacts due to isolation, lackactivities to continue.portfolio companies andof available support from friends and family,The COVID-19 working group has continued to meet regularly and business development.impacts on family life and education. monitor the gradual unlocking and return to the office environment. Market falls and risks toResultant impact on the operationalStaff welfare is kept high on the agenda of the Executive Team withStrategic reportportfolio companies affectefficiency of the Group. morale being maintained using Zoom and Slack for meetings, social valuations and net assetRisk to the valuation of funds and Ventureinteraction and to support information sharing. Staff have been values, which impacts assetCapital Trust (VCT) portfolios managed byprovided with opportunities for antibody and virus testing prior to price related fundMercia regulated entities, as well as generalmore widespread testing being in place and have been offered free management revenues. market pressures impacting on directcounselling for any mental health issues arising during lockdown. Potential impact on portfolioinvestment fair values. Mercia has recognised the impact of staff juggling work and childcareGovernance Financial statementscompanies individually,Increased risk of portfolio valuationincluding home schooling and has supported staff with a culture of leading to failures and loss ofreductions and/or failures, and thetrust and flexibility, to which our staff have responded by continuing to revenues and shareholderconsequent reduction in revenues from deliver our priorities and objectives.value as a consequence. fund management contracts and Portfolio valuations have remained under regular review and fair values portfolio companies. amended where required. We have organised briefings and webinars to Opportunity loss where remote workingassist portfolio companies and have made use of existing forums such reduces the ability to source and assess newas a Mercia Slack channel, exclusively for portfolio company chief opportunities for investment. executive officers (CEOs). We have assisted firms through our non-executive director network to strengthen boards and increase resilience to difficult trading conditions. In general, investee company valuations are now recovering and asset price linked revenues have increased as a direct result. We have drawn on our networks and worked across funds, using technology to facilitate meetings to maintain deal flow.Breaches of the groups digitalCyber security or infrastructure failures mayThe Group reviews its infrastructure and cyber security processes with security, through cyberresult in the loss of data, misuse of sensitiveits outsourced IT provider on a regular basis and continues to invest in attacks or a failure of theinformation, reputational damage and legalresources to enhance its cyber defences and improve network groups digital infrastructure,or regulatory breaches. monitoring to minimise the impact of any security breach. The Group could result in the loss ofAttacks on portfolio companies could, inhas implemented Office 365 which, combined with the use of commercially sensitive dataaddition, result in the loss of valuableSharePoint, has enhanced its ability to securely store and share data.and/or create substantialintellectual property or be disruptive toBusiness continuity plans and disaster recovery contingencies are business disruption. business activities. tested and have proved to be effective to support remote working the incidence of cybercrimeduring the COVID-19 related lockdown.attempts and reports fromThe Group continues to work with its cyber security consultants to portfolio companies hasperiodically test its cyber defences.increased in the wakeof coVid-19. Regular testing is conducted through using fake phishing/spamemails to test staff awareness of identifying suspicious emails and promptly escalating.Our IT providers have enhanced their utilisation of software patches when issued so that upgrades are made immediately, which increases resilience. Darktrace technology is installed to monitor spam filters and also to monitor network activity by internal users, such as downloading data, thereby alerting senior management to any suspicious activity.'