Integrated Annual Report 2018

Risk management

In line with the corporate social responsibility policy, risk management aims to balance the will of value creation for our stakeholders and the risks associated with business, commercial, operational, labour, financial and social initiatives.

The risk management system of the Viscofan Group is regulated by the Policy on risk management control approved in 2017, whose object is to establish basic principles and the general framework for acting for the control and risk management of any nature to which the Viscofan Group faces with the purpose of identifying, measuring, preventing and mitigating their possible impact on its activity in the case of occurrence.

Likewise, the Company's Risk Management System is based on a code of conduct that indicates the ethical principles and behaviour guidelines, supplemented by the internal operational policies, divided into: general policies, specific policies, and local policies. This risk management system and its policies come within the limits provided for in the rules and regulations applicable to the activity of the Viscofan Group.

These policies are applicable to all the companies of the Viscofan Group over which the parent company has effective control, and encompass the employees, including senior management, and the actual Company Board of Directors.

There are several bodies within the Viscofan Group in charge of the supervision and control of different risks that could arise in the course of Viscofan activities with different level of occurrence and materiality:

  • Board of directors
  • Audit committee
  • Internal audit
  • Regulatory compliance committee
  • Ethics committee
  • Global risk committee
  • Credit risk committee
  • Investments committee
  • Cyber-safety committee. Created in 218
  • Senior management
  • Employees

See section E.2 of the Annual Corporate Governance Report for a more detailed description of the bodies of the company responsible for the preparation and execution of the Risk Management System, including taxation.

The Global Risk Committee met four times in 2018 to update the methodology of the Risk Management process and the composition of the risk map.

Risk map

The Viscofan Group, through the different risk control and supervision bodies, entrusts the Global Risk Committee with the preparation of an inherent and residual map of risks that, due to their materiality, may compromise the creation of value for its stakeholders and therefore may hinder the attainment of its objectives, which is included in the MORE TO BE strategic plan and that materialise in the search for triple leadership in service, technology and costs.

The organisation's risk map has been defined in accordance with the code of ethics, internal regulation and the Strategic Plan MORE TO BE, which encompasses the period from 2016-2020, and is presented adopting the COSO reference framework, grouping the existing risks in four categories:

  1. Strategy,
  2. Transactions,
  3. Information,
  4. Compliance.

Knowing the location of each risk on the inherent and on the residual map requires an on-going dialogue between the interest groups through the channels established by the company. This system enables the Organisation to measure the effectiveness of the mitigating measures adopted and to focus on the risks that are still outside of the comfort zone, adding corrective and preventive measures that allow the impact and/or probability of the risk occurring to be lowered.

In line with the task of adapting to the environment, especially in the area of risk management, the methodology for the realisation of the risk map was revised is 2018. In this revision, the risk map has been simplified, merging or deleting risks with a very high or redundant correlation, the weighting in the risk assessment of the main party responsible for the risk has been increased in the new model, and KRIs (Key Risk Indicators) have added or refined to reach at total of 218 to be periodically assessed.

As a result of the risk assessment carried out in the last quarter of 2018, the Group's risk map has been updated. The assessment of the inherent risk (before mitigating and/or corrective measures) of the 43 identified risks is shown below:

The inherent risks identified as being most critical (having a major expected impact and greater probability of occurrence) are:

Competitive environment of the sector. Competitors: The strategies of our competitors could affect our position and, therefore, the achievement of our objectives, especially price drops and greater commercial efforts in certain markets.

Exchange rate: It is associated with fluctuations between one currency and another, whereby changes in currency value lead to changes in the valuation of total wealth. Especially due to the fluctuation of the Euro against US$, given the long exposure of the Viscofan Group to the US currency, with a higher percentage of revenue in US$ than that of costs.

Budget control: The budget process requires several assumptions that are required to set budgets and objectives. Errors or simply variations beyond the expected tolerances can affect the development of the corresponding operational and financial plans.

Cybersecurity: A cyber-attack is a malicious action that aims to damage the availability of assets, data confidentiality or the integrity of an organisation’s information. The risk of an attack is a growing issue, due to the increase in Viscofan's visibility in recent years as sector leader and example of best industry practices, due to greater mobility of our human teams and due to the opening up of our industrial environment to the Internet (remote access to entities and persons outside Viscofan). An organisation that is aware of the risk that exists both inside and out of its perimeter can minimise the likelihood of being attacked.

Environmental issues: Industrial processes involve the use of natural resources and although the Group is fully aware of its responsibility with respect to the environment, our production processes could involuntarily affect or damage its immediate environment.

Competitive environment of substitute products: The Group evolves its processes and products in line with meeting its strategic objectives, as our competitors evolve theirs. As a result of this evolution, our competitors could obtain products that could replace our current products in quality and/or price.

Customer discontent: Customer satisfaction is the basis for continuity, stability and loyalty of relationships. It is mainly linked to product quality and to customer-orientation and services provided. Shortcomings in any of these aspects can lead to customer loss.

Framework and tax compliance: Multinational presence and the large number of commercial transactions and financial operations are subject to regulation and tax laws in the different countries, which may take back or generate resources for the Group.

Scarcity of raw materials: The Viscofan Group needs to purchase certain specific raw materials in multiple locations, which means that our production process may be affected in the event of shortages and/or lack of quality in such items. The strategies of our suppliers could also affect our production process.

Group cohesion: The internationalisation and dispersion of the productive centres could affect the communication and interaction of the people who work there with the rest of the organisation. Likewise, the variety of cultures and countries in which the Group operates is a daily challenge when establishing operational and commercial practices consistent with such diversity.

Reputation: The value creation and sustainability are closely linked to the impact of our business activity, the results obtained and the adaptation to the expectations of our stakeholders and the environment in which they are developed.

The information in reference to risk management has been developed in section E) of the Annual Corporate Governance Report. In this section, the Viscofan Group describes the main risks and uncertainties, the bodies responsible for drawing up and enforcing the risk management system, the description of the main risks, level of tolerance and risks occurred in the year.

Send us your question and we will answer you

By submitting this form you accept the legal conditions

All fields are required

Your inquiry has been sent!

You will receive our response at the email address you have provided.

We use our own and third-party cookies to improve our services and show you advertising related to your preferences by analyzing your browsing habits. If you go on surfing, we will consider you accepting its use. You can get more information, or know how to change the configuration in our Cookies Policy. Accept