Risk management

Doing business inherently involves taking risks. By seeking to take balanced risks, we strive to be a successful and respected company. Risk management is an essential element of our corporate governance and strategy development. We continuously strive to foster a high awareness of business risks and internal control to provide transparency in our processes and operations.

The Board of Management and Executive Committee are responsible for managing the risks associated with our activities and the establishment and adequate functioning of appropriate risk management and control systems (see Statement of the Board of Management).

Risk management framework (graphic)

Risk management framework

Our risk management framework is based on the Enterprise Risk Management – Integrated Framework of COSO and the Dutch Corporate Governance Code. It provides reasonable assurance that our business objectives can be achieved and our obligations to customers, shareholders, employees and society can be met. For more information on our risk management framework, visit the Risk management section on our website.

Risk management in 2020

Risk management is a company-wide activity, under the responsibility of the Board of Management and Executive Committee, focused on the areas of major risk exposure.

During 2020, we held a significant number of enterprise risk workshops across the organization, including dedicated workshops on fraud risks in response to the rapidly changing environment due to COVID-19. Risk scenarios identified are prioritized by responsible management teams and functional experts, and adequate mitigating actions are defined. We consider risk assessment and mitigation to be a continuous process, carried out against the background of an evolving risk landscape, which includes short, medium and longer term challenges.

The risk of a global pandemic materialized in 2020. By acting adequately and appointing a global COVID-19 response team, working with local response teams, we implemented mitigating actions to safeguard employee health and well-being and minimize business disruption.

The symbols alongside the risk descriptions opposite represent management’s assessment of risk development, compared with 2019.

(For information related to financial risk, see Note 27 of the Consolidated financial statements).

Symbols indicate the following:
Risk assessed to increase.  
Risk assessed to remain fairly stable.  

External – Strategic

Global economy and the geopolitical context

The unpredictable world’s geo-political situation, with its impact on supply and demand and the highly competitive markets in which we operate, require ongoing attention to protect our financial performance.

Mitigating actions

  • Continued focus on operational cost and complexity reduction
  • Deployment of commercial and procurement excellence programs
  • Geo-political assessment as part of investment decisions and medium term operational planning

Strategic moves in our value chain  

An accumulation of strategic moves (horizontally and/or vertically) could impact our competitive position and/or increase the vulnerability of operations.

Mitigating actions

  • Maintain industry, market and competitive intelligence analysis of competitors, customers and suppliers, and the ability to respond rapidly
  • Identify opportunities for M&A, based on strong strategic and financial rationale
  • Secure freedom to invest through strategic alignment with shareholders and other stakeholders


The risk of a global pandemic materialized in 2020. The company acted to safeguard employee health and well-being and minimize business disruption.

Mitigating actions

  • Safety guidelines for our staff, contractors and/or third-party suppliers working on our premises, updated in real time based on local regulations/guidance
  • Well-being support to our staff
  • Agility of supply chain and distribution channels
  • Continuous monitoring of impact of pandemic, including updating of forecasts
  • Continued focus on operational cost and complexity reduction

External – Operational

Information technology and cybersecurity  

Our longer term IT strategy means we increasingly rely on fewer consolidated critical applications. With the number of digital business transactions on the increase, the non-availability of IT systems – or unauthorized access – could have a direct impact on our business processes, competitive position and reputation.

Mitigating actions

  • Continuation of system (ERP) consolidation to increase robustness of digital landscape
  • Broaden lifecycle planning for key applications
  • Embedding a cybersecurity culture (intensified training, awareness creation)

External – Compliance

Complying with laws and regulatory development  

As a global player, we are exposed to increasingly stringent laws and regulations covering a growing range of subjects (such as environmental, human rights and competition law).

Mitigating actions

  • Fostering open and transparent culture, continuous education and training
  • Continuing implementation of Integrity and Compliance governance model
  • Operate under state-of-the-art safety and compliance requirements for our manufacturing and sites

Internal – Strategic

Organic growth  

Market leadership in parts of the world where our markets are growing is a cornerstone of our strategy. A global presence, in combination with locally tailored go-to-market models, is an essential ingredient for success.

Mitigating actions

  • Renewed BU strategic mandates to underpin strategy
  • Investment in sales capability and deployment of commercial excellence programs
  • Further leverage digitally driven marketing
  • Driving demand sensing, product innovation and supply chain agility through Integrated Business Planning

Innovation, identification and successful implementation of major transforming technologies  

Our leadership positions and future success are underpinned by investment in research, the adoption of major transforming technologies and continuous development of the talents and skills of our people.

Mitigating actions

  • Improve product management lifecycle
  • Partnering with innovative startups (Paint the Future)
  • IT resources to support new technology applications

Internal – Operational

Management of change  

We recognize the risks associated with continuous change, as well as the need to invest in building an organization structure which encourages and embraces change, while balancing opportunity and managing risk.

Mitigating actions

  • Global Process Owners continue implementation of standard solutions across the company
  • Reward system sets desired behavioral changes in motion and keeps momentum
  • Launch of organizational health initiatives and periodic tracking of progress
  • Range of programs to attract and retain talent

Analytics and big data  

In order to utilize data analytics and “big data” to support even better decision-making, we recognize the need to invest in an appropriate organization structure and governance framework with common standards, methods and tools to deliver insightful information across the company.

Mitigating actions

  • Risk and mitigation ownership with an empowered community of Global Process Owners
  • Define and align master data definition, quality standards and priorities
  • Extended set of key controls

Research and development.