risk reporting; providing advisory services to Global Technology and the segments around current and emerging technology risks and their impact to the Company’s information risk profile; and reducing vendor information risk exposures by incorporating sound information risk management practices into sourcing, outsourcing and offshoring initiatives and programs. The enterprise-wide information security program, which is overseen by the Chief Information Risk Officer, seeks to mitigate information security risks. This program establishes the information and cyber security framework for the Company, including governance, policies and standards, and appropriate controls to protect information and computer systems. We also have ongoing security awareness training sessions for all employees. Many jurisdictions in which we operate are implementing more stringent privacy legislation. Our global privacy program, overseen by our Chief Privacy Officer, seeks to manage the risk associated with the handling of personal information, including the risk of privacy breaches. It includes policies and standards, ongoing monitoring of emerging privacy legislation, and a network of privacy officers. Processes have been established to provide guidance on handling personal information and for reporting privacy incidents and issues to appropriate management for response and resolution. As a global company, Manulife is subject to a wide variety of laws and regulations throughout its operations, including those related to privacy and information security. In many jurisdictions, privacy and information security requirements are becoming more onerous, including stringent incident reporting requirements, and may increase our compliance costs as well as the risks associated with any compliance failure. In addition, the Chief Information Risk Officer, the Chief Privacy Officer, and their teams work closely on information security and privacy matters. HumanResourceRiskManagementStrategy We have a number of human resource policies, practices and programs in place that seek to manage the risks associated with attracting and retaining top talent. These include recruiting programs at every level of the organization, training and development programs for our individual contributors and people leaders, initiatives to help increase diversity, equity and inclusion, employee engagement surveys, and competitive compensation programs that are designed to attract, motivate and retain high-performing and high-potential employees. ModelRiskManagementStrategy We have designated model risk management teams working closely with model owners and users that seek to manage model risk. Our model risk oversight program includes processes intended to ensure that our critical business models are conceptually sound and used as intended, and to assess the appropriateness of the calculations and outputs. Third-PartyRiskManagementStrategy Our governance framework to address third-party risk includes appropriate policies (such as our Global Outsourcing, GRM and Vendor Management policies), standards and procedures, and monitoring of ongoing results and contractual compliance of third-party arrangements. InitiativesRiskManagementStrategy To seek to ensure that key initiatives are successfully implemented and monitored by management, we have a global Transformation and Delivery Team, which is responsible for establishing policies and standards for initiative management. Our policies, standards and practices are benchmarked against leading practices. OperationalRiskFactors If we are not able to attract, motivate and retain agency leaders and individual agents, our competitive position, growth and profitability will suffer. • We must attract and retain sales representatives to sell our products. Strong competition exists among financial services companies for efficient and effective sales representatives. We compete with other financial services companies for sales representatives primarily on the basis of our financial position, brand, support services, and compensation and product features. Any of these factors could change either because we change the Company or our products, or because our competitors change theirs and we are unable or unwilling to adapt. If we are unable to attract and retain sufficient sales representatives to sell our products, our ability to compete would suffer, which could have a material adverse effect on our business, results of operations and financial condition. Competition for the best people is intense and an inability to recruit qualified individuals may negatively impact our ability to execute on business strategies or to conduct our operations. • We compete with other insurance companies, financial institutions, and wealth management organizations for industry-specific talent and against a broader range of companies in functional areas such as Finance, IT, HR, Legal and Operations, for qualified executives, employees and agents. We must attract and retain top talent to maintain our competitive advantage. The risk of other organizations outside of our geographic footprint targeting our employees is heightened with many companies now adopting flexible remote working arrangements. Additionally, we are in an environment where pay levels have been increasing more quickly than in recent years due to the competitive talent market, inflation and other factors. Therefore, we need to ensure we are paying competitively to both reduce key talent turnover risk, and successfully attract new talent to the company. We also need to ensure that we adapt our recruiting practices to draw on broader talent pools through the use of labour market intelligence and sourcing tools. 79