Risk management

Risk management is an integral part of day-to-day management and decision-making at Enersense, as well as its control and reporting procedures.  Risk management is carried out as part of all Enersense’s strategic, operational and financial processes. In addition, the impacts of any external threats are taken into account in risk management. Enersense has a risk management policy designed to determine its general risk management principles.

The purpose of risk management is to ensure the implementation of Enersense’s strategy and the achievement of its goals, as well as enabling its steady growth. To achieve this goal, the risk management steering model provides a systematic and consistent way to identify, assess, report and prepare for risks related to business operations.

General principles

Enersense applies the following general principles in its risk management:

  • Business opportunities and the related risks must be taken into account in all decision-making and business planning.
  • When making strategic decisions, such as decisions on increasing market presence, expanding business operations and creating new areas of operation, only informed and assessed risks must be taken.
  • Risks must be assessed in accordance with the impacts and probability of their materialisation. In such assessments, the impacts of the risks on employees, stakeholders, the environment and reputation must be taken into account, in addition to financial aspects.
  • Preparations must be made in case of risk materialisation by means of crisis, continuity and recovery plans, as well as through training related to the plans and sufficient insurance cover.
  • The adequacy of risk management measures and processes is monitored and developed systematically.

Risk categories

Enersense divides risks into four (4) categories as follows:

  • Strategic risks
  • Operational risks
  • Financial risks
  • External threats

Strategic risks are uncertainties related to changes in Enersense’s operating environment and its ability to prepare for and leverage such changes. Examples of strategic risks include changes in the business environment, competitive situation, market environment and legislation, as well as risks related to significant investments, mergers and acquisitions. Strategic risks and opportunities are assessed continuously. Enersense seeks to identify business opportunities that enable the company to achieve its goals by taking manageable risks, and to avoid business opportunities involving unreasonably high risks. A failure to identify or exploit an opportunity is also a risk.

Operational risks arise from inadequate or ineffective processes and systems, as well as from people and other parties involved in implementing processes. An operational risk may materialise as a result of internal or external misconduct or mistakes, inadequate management, interruption in operations, system failure or ineffective processes, for example.

Financial risks are related to the availability and price of financing, changes in foreign exchange rates, investment activities, stakeholders’ solvency and credit losses, for example.

External threats are related to natural disasters, cyberattacks, fire, theft, information leakage or property damage, for example. It is not possible to comprehensively prepare for external threats, but they can be limited by maintaining sufficient insurance cover and an adequate level of capital.

Roles and responsibilities

The Board of Directors determines Enersense’s strategic targets and confirms the risk appetite related to the achievement of strategic targets. The Board regularly assesses Enersense’s most significant risks and uncertainties. The Board also monitors the implementation of risk management and approves Enersense’s risk management policy.

The President & CEO and the Group Executive Team are responsible for the implementation of risk management and report to the Board of Directors on matters related to risk management.  The President & CEO and the Group Executive Team are also responsible for ensuring sufficient resources for the organisation of risk management. The Executive Vice President of each division and the directors of Group functions are responsible for ensuring that risk management is appropriately organised in their respective areas of responsibility.

The Risk Management Steering Group coordinates the risk management process and is responsible for risk reporting and for identifying and assessing risks and determining management measures in cooperation with the business operations and Group functions.

All employees are responsible for identifying, assessing and managing risks related to their duties as part of their day-to-day work, and for complying with Enersense’s risk management approach and reporting identified risks to their supervisor.

Risk management process

In all Enersense’s operations, risk assessment is carried out as part of daily tasks and risk management procedures and in connection with individual decisions or events. Risks are assessed in accordance with their impacts and probability. Risk-taking in relation to Enersense’s risk tolerance is assessed regularly, and particularly when discussing its strategy and making decisions on business projects or investments that are significant for the Group.

Persons in charge are designated for significant risks identified during risk assessments. They are responsible for planning, implementing and monitoring the management measures related to these risks.

The business operations and Group functions regularly report to the Risk Management Steering Group on risks and changes therein. The Risk Management Steering Group prepares and maintains a risk register and creates a risk map of the Group’s key risks based on the risk register.

The Group’s risk map is reported to the Group Executive Team. Enersense’s Board of Directors processes the most significant risks and their management measures and assesses the effectiveness and efficiency of the risk management. The Board reports on the most significant risks and uncertainties to the markets through the company’s financial statements and business reviews.