The aim of risk management is to safeguard business continuity in all conditions, to optimally utilize business opportunities in a feasible way and with conscious risk-taking, as well as to gain the pre-set total risk level. The aim is also to ensure product and personnel safety, and moreover, to comply with internal policies and guidelines. Risk management is part of the Group’s strategic and operational planning, and it also is linked to internal control activities.
Tikkurila tries to anticipate and systemically identify, analyze, assess and manage the key risks, which are classified into the following groups: strategic, operational, financial and hazard risks. The main principle is to have a systematic risk management process in place, so that the Company can define and attain an optimal total risk level in relation to its risk tolerance, while at the same time ensuring continuity of the business.
Tikkurila’s risk management is based on the Finnish listed entities’ corporate governance code, as well as on Tikkurila’s risk management policy. There are also other internal policies defining in more detail the goals, segregations of duties and risk limits of the management.
The Board of Directors of Tikkurila Oyj decides on the key risk management principles and approves the risk management policy, and the Audit Committee of the Board has an oversight role to assist the Board to control the risk management processes. Group functions are in charge of the risk management inside their own scope of activities.
Tikkurila’s risk management is based on the three lines of defence framework. Group functions – sales, offering, operations, finance and HR – implement a commonly agreed self-evaluation model in their own areas. The risk management process is coordinated by the Group risk management steering group, which is headed by the Group General Counsel. The results and outcome of the risk management process are regularly reported internally and externally, as part of Tikkurila Oyj’s statutory reporting.
To gain cost advantages and to keep the total risk level in control, part of Tikkurila’s risk management activities is centralized. For example, key investment decisions, and certain insurance and finance solutions are always decided at the Group level.
The diagram below shows the risk management layers, as well as the key bodies and persons involved in the risk management activities in Tikkurila Group.