Doing business inherently involves taking risks, and by taking measured risks we strive to be a sustainable company. Risk management is a key strategic process and an essential element of our corporate governance.
We foster a high awareness of business risks and internal control, geared to safeguarding our risk appetite and providing transparency in our operations. The Board of Management is responsible for managing the risks associated with our activities and, hence, for the establishment and adequate functioning of appropriate risk management and control systems (see in the Strategy section).
AkzoNobel risk management framework
Through our risk management framework, we want to provide reasonable assurance that our business objectives can be achieved and our obligations to customers, shareholders, employees and society can be met. Our risk management framework is in line with the Enterprise Risk Management – Integrated Framework of COSO and the Dutch Corporate Governance Code. The Executive Committee reviews our risk management and control systems and our major business risks, which are also discussed by the Supervisory Board.
Clarity on risk appetite and boundaries that determine the freedom of action or choice in terms of risk taking and risk acceptance is provided to all managers. Risk boundaries are set by our strategy, our Company Statement, Business Principles, Code of Conduct, company values, authority schedules, policies and corporate directives. Our risk appetite differs by objective area and type of risk:
Risk management in 2011
The Enterprise Risk Management process provides top-down coverage of the organization and ensures that we focus on what we consider to be the areas of major risk exposure. Therefore, scoping of our 2011 risk management activities was performed by the Executive Committee, business unit Managing Directors and Corporate Directors, in association with the risk management function. Besides the focus on coverage of our organization, emphasis is put on organizational changes, key strategic projects and high growth regions. In 2011, a new process was introduced to identify emerging risks (high impact–low likelihood scenarios) and their risk mitigation actions.
During 2011, we held more than 120 facilitated Enterprise Risk Management workshops. More than 5,000 risk scenarios were identified and prioritized by management teams and functional experts. In addition, in selected areas with low risk tolerance, dedicated risk assessments were performed to safeguard our risk appetite. All major risks were responded to by the unit that identified them. The outcome of all risk assessments was reported to the next higher management level as part of our Business Planning & Review cycle. Risk profiles and trends were shared by managers across the company. In the bottom-up consolidation process, the risks were taken to the next management level, where they were re-assessed, either because of the materiality of the risk exposure and/or because of the accumulated effect.
The major risk factors for our company, identified through risk consolidation and the subsequent risk assessment by the Executive Committee, are presented in the following paragraph. One of the challenges we faced in 2011 was the weakening economic conditions. Raw material prices continued to rise and margin management efforts are ongoing. Principle uncertainties for our company are a further weakening of economic conditions and the threat of a European sovereign crisis, potentially affecting our growth ambitions. To adapt to these uncertain conditions, we are currently executing a comprehensive three-year plan to improve our performance, particularly in the areas of margin management, supply chain and sourcing.