The purpose of risk management is to secure the profit development of the Company and the continuation of the business by implementing risk management systematically throughout the different businesses. Risk management is part of the Company’s strategic and operative planning, daily decision-making process and internal control system. In risk management business objectives, risks and risk management operations are combined as one total chain of events.
The Company adheres to the risk management policy approved by the Board of Directors. Risk management contains all actions, which are connected to setting up targets, identification of risks, measurement, review, handling, reporting, follow-up, monitoring and reacting to risks.
In connection with the strategy process and annual planning, the CEO of the Company and the Group subsidiaries review business risks which could prevent or endanger the achievement of the Group’s strategic or profit targets. The subsidiaries produce risk assessments for each business to support the strategy process. Strategic and operative risks are monitored through reporting by the businesses and considered by service area steering groups. The subsidiaries must produce assessments of risks in their own units and provide action plans to manage risks as well as to report on measures taken including the stage and effectiveness of such measures.
The Company’s CEO reports the identified risks concerning the Group as well as all planned and implemented measures to control such risks to the Company’s Board of Directors.
The aim of risk management is to
- systematically and thoroughly identify and assess all major risks, which threaten the achievement of objectives, including risks related to business operations, property, agreements, competence, currencies, financing and strategy;
- optimise business opportunities and secure continuation of business;
- recognise and identify uncertainties and subsequently develop the prediction of risks and measures needed to manage risks;
- take only calculated and assessed risks with respect to e.g. expanding the business, increasing market share and creating new businesses;
- avoid or minimise liability risks;
- ensure the safety of products, solutions and services;
- establish a safe working environment for the employees;
- minimise possibilities for unhealthy occurrences, crimes or misconduct by operating procedures, control and supervision;
- inform interest groups of risks and risk management; and
- be cost-effective in risk management.