Risk management
JSW Group has taken steps to most closely observe the rules contained in Good practices for WSE-listed companies, as well as to ensure as much transparency as possible, a proper quality of communication with investors and the safeguarding of shareholder rights. The observance of these rules is ensured through a comprehensive enterprise risk management system, which consists of JSW Group's Enterprise Risk Management Policy and Procedure.
Proper risk management consists of identifying risks and undertaking relevant activities, while the objective of risk management is to maximise lasting benefits across all areas of an organisation's operations.
This includes understanding the potential positive and negative effects of all factors that may have an impact on the organisation, as well as activities intended to increase the likelihood of success and decrease the likelihood of failure and uncertainty with regard to achieving targets.
JSW Group defines risk as the impact of uncertainty that is an integral part of operations, which may result in both opportunities and threats for business objectives. In order to achieve these objectives, a consistent and practical methodology for managing this uncertainty is necessary at Group level.
Introducing consistent risk management standards at JSW Group is aimed at:
- maintaining risk within set boundaries and rationally implementing business objectives,
- ensuring the security of operations of JSW and JSW Group companies,
- establishing a consistent approach to identifying, evaluating and analysing risks and implementing responses to material risks,
- ensuring the creation and protection of value for shareholders,
- implementing early-warning tools for threats and alerts for opportunities,
- supporting business objectives and ensuring strong support for decision-making at all organisational levels, aimed at maximising earnings within an acceptable level of risk,
- building an organisation that is aware of the risks it takes and strives for continuous improvement.
dentifying risks and implementing tools for limiting them make it possible to take effective preventive action in the face of a threat. Risk management is a continual process and is subject to continuous improvements, covering both the organisation's strategy as well as procedures for implementing this strategy. It methodically resolves issues related to threats to the organisation's operations that took place in the past, are currently present and are the most likely to occur in the future.
To strengthen the management system and increase transparency in risk management, JSW Group uses systems such as ERM, which is based on properly collecting and archiving data for further processing as well as ensuring a comprehensive approach to identifying, evaluating and managing risk. The ERM system takes the following elements into account:
- organisation's environment - basic rules, organisational structure, roles and scopes of responsibility in the risk management process,
- risk identification - identification of primary risk,
- risk evaluation - analysis and assessment of primary risk and the performance of existing control mechanisms,
- definition and deployment of action plans - definition of appropriate plans of action that take into account specific responses and strategy for managing a given risk and undertaking activities in line with an approved plan of action for that risk,
- monitoring and reporting - an element of the risk management process that is related to monitoring the risk profile and reporting on the performance of control mechanisms.
Deliberate management of threats and opportunities makes it possible to protect value and increase JSW Group's value-building capacity.
Enterprise risk management process
JSW Group's enterprise risk management process is inspired by solutions based on best practices in risk management: ISO 31000, COSO II, FERMA, as well as the specific nature of JSW Group's business.
Of particular importance in the risk management process is the organisation's context, defined as internal and external factors, activities that might influence the approach to their definition and achievement and that might have an impact on business strategy implementation.
Risk management is not a separate activity within the organisation, rather it is linked to the business processes in place at JSW.
Risk management process
Roles and responsibilities
Risk management is an integral element of our organisational culture. In this process, strategic assumptions are translated into tactical and operational targets, and the responsibilities of managers and employees are precisely defined. It also entails setting out responsibility for results, evaluating outcomes and promoting effective measures at all levels of the organisation. Effective risk management consists of both forecasting risk factors in different time frames and considering various scenarios.
In accordance with the existing internal regulations, for identified risks a risk owner is designated, who is responsible for managing that risk. Next, risk sheets are prepared, risk parameters are determined and mitigation activities and risk response plans are put in place. By taking responsibility for a risk, every risk owner manages its key risk factors within the ERM system.
To ensure proper oversight of the risk management process, a Management Board Proxy for Integrated Management and Risk Management System has been appointed, with responsibility for coordinating the entire enterprise risk management process and developing methods and tools used by managers at all JSW Group companies.
The ERM Proxy cooperates with the Supervisory Board Audit Committee, providing reports on JSW Group's risk profile and the status of enterprise risk management. The ERM Proxy also works with JSW's Management Board and the Audit and Control Office as well as with the relevant risk owners in order to consult on the results of risk analysis and evaluation and the development of methodologies used in the ERM system.
Rules for controlling and monitoring risk
Effective risk monitoring encompasses periodic reviews of Key Risk Indicators, the completeness and timeliness of reporting as well as the status of implementation for selected responses to risk.
Understanding the risks that JSW Group faces makes it possible to make optimal strategic decisions and thus make a better use of resources. A comprehensive approach to risk management is consistent with our growth strategy, continuous operational improvement and rules for sustainable and responsible business. Risk management supports JSW Group in building a resilient corporate structure. To ensure sustainable growth in value over the long term, the management makes every effort to understand where opportunities and threats are.
Evaluating risk management system performance
A planned and cyclical approach to risk management results in identified key risks that have considerable potential impact on Group companies' operations, results or financial situation and can lead to a decline in value and share price. Given the above, there is a strong need for monitoring and periodically verifying the effectiveness of existing control and risk response mechanisms. The following activities are specifically intended to ensure that the risk management system is effective:
- review of risks in terms of the system's adequacy and adaptation to the Group's structure and specific nature,
- cyclical risk reviews and evaluations,
- internal audits as part of independent risk management control,
- reporting changes in risk evaluations.
JSW's Management Board is responsible towards shareholders for the entire risk management system, oversight of the process and for ensuring effective risk responses. The Risk Committee periodically reviews current risk levels, supervising the implementation of risk response plans, evaluates JSW Group's overall resilience to risk and submits proposals to the Management Board regarding risk reduction.
Within the risk management process, JSW's Supervisory Board is tasked with monitoring the key risks as well as the ways these risks are handled. Each year, the Supervisory Board submits to the General Meeting a concise assessment of the Company's situation, including an assessment of the internal control system and risk management system. Internal audit is an important element in ensuring the effectiveness of the risk management system. The annual internal audit plan is based on a risk assessment and is aligned with business objectives. Internal audit is also responsible for performing an independent assessment of adequacy and effectiveness for risk management and issuing recommendations ensuring continuous improvements in risk management practices.