Audit & Risk Management Committee Charter 1 General Scope and Authority 1.1 Introduction This charter governs the operations of the Audit and Risk Management Committee of Redflex Holdings Limited (“RHL”). The committee shall review this charter at least annually and make recommendations regarding changes to the Board of Directors (‘the Board”). 1.2 Purpose The Committee’s purpose is to assist the Board in the effective discharge of its responsibilities for managing business risk, and in its review of: • RHL’s financial reporting policies, controls and procedures; • the integrity of financial statements and the independent audit thereof, and RHL’s compliance with legal and regulatory requirements in relation thereto; • any due diligence and prudential supervision procedures required by regulatory bodies. 1.3 Authority The Committee is required to make recommendations to the board of directors and does not have any executive powers to commit the Board or management to the implementation of these recommendations, other than: • where the Board has delegated authority to the Committee; and • for matters relating to the appointment, compensation, oversight and replacement of the external auditor. In discharging its oversight role, the Committee is empowered to investigate any matter brought to its attention with full access to all books, records, facilities, and personnel of RHL and has the authority to engage independent counsel and other advisers as it determines necessary to carry out its duties. 2 Membership The Committee shall comprise only non executive directors, a majority of independent directors and an independent chairperson who is not chairperson of the Board. All members are to be financially literate and t least one member shall have accounting and/or related financial expertise. In the event that a member of the Committee retires for any reason from the Board then he/she shall cease to be a member of this Committee. The independent auditor may attend meetings. The Committee may invite any member of management or other individual to attend meetings. 3 Meetings The Committee shall meet as frequently as required but not less than quarterly with an agenda and briefing papers circulated in a timely fashion prior to the meeting. A quorum of two members shall be present prior to commencing a meeting. Minutes shall be taken at Committee meetings. RHL-010 V1 Audit and Risk Management Committee Charter.doc 1 4 Duties and Responsibilities The duties of the Audit and Risk Management Committee are: a) With respect to audits: • conduct an annual assessment of the effectiveness of internal controls and financial reporting procedures. • select and evaluate the external auditor; • review the annual audit engagement letter, audit plan and approve the fees charged for audit and review services; • determine categories of non-audit services that may be provided by the external auditor, and ensure disclosure to shareholders of the Committee’s approval of them; • review reports issued by the external auditor; • ensure external auditor provides an annual statement on their independence; and • annually review the effectiveness of the external auditor. • receive from management and external auditors a timely analysis of significant financial reporting issues and practices and review same; • discuss with management and external auditors, the audited (half year: reviewed) financial statements and other financial information being made public, any significant matters arising from the audit, management judgements and accounting estimates, and significant changes to RHL’s auditing and accounting principles, policies, controls, procedures and practices; • review the certification provided by the Chief Executive Officer and the Chief Financial Officer on annual and half yearly financial reports; • ensure the financial statements include disclosure covering governance issues. b) With respect to financial reporting: c) With respect to risk management: • review RHL’s risk management policies, strategies, processes and controls, including the discretions of executive management; • receive reports from management concerning all relevant business risks in order to oversee these risks; • receive reports from management concerning the implications of new and emerging risks in order to monitor them; • oversee RHL’s compliance with applicable laws relating to the operation of its businesses; and • review RHL’s insurance strategy. and (d) With respect to reports to the Board, reports should include: • assessment of external reporting and its adequacy for shareholder needs; • assessment of management processes supporting external reporting; • procedures for the selection and appointment of the external auditor and rotation of audit engagement partners; • assessment of the performance and independence of the external auditor; • assessment of the performance and objectivity of the internal audit function; • the results of its review of risk management and internal compliance and control systems. RHL-010 V1 Audit and Risk Management Committee Charter.doc 2 5 Committee performance The Committee shall perform an evaluation of its performance at least annually to determine whether it is functioning effectively by reference to current best practice. RHL-010 V1 Audit and Risk Management Committee Charter.doc 3