Risk management
The task of management is to identify it and take additional actions in relation to it, as well as to ensure the management of the maximum maximum permanent that we can use in connection with the activities of the organization.
Risk management
The Group has in place a comprehensive enterprise risk management system (ERM), which comprises the JSW Group Enterprise Risk Management Policy and Procedure. Risk management is a continuous and constantly evolving process based on an organized set of general principles and guidelines, which includes procedures, requirements and reports, and risk management methods to ensure maximum sustainable benefits in all areas of the Group’s operations. Corporate risk management comprises efforts on the level of the Parent Company, the Group and business processes. It applies to all employees and involves defining responsibility for results, evaluating performance, and thus fostering performance at all levels of the organization.
The purpose of risk management
The purpose of the Group's corporate risk management is to:
- identify potential events and risks which may influence the organization,
- keep risk within the specified limits,
- ensure the achievement of business objectives in a reasonable manner.
Risk management is a continuous and constantly evolving process based on an organized set of general principles and guidelines, which includes procedures, requirements and reports, and risk management methods to ensure maximum sustainable benefits in all areas of the Group’s operations. Corporate risk management comprises efforts on the level of the Parent Company, the Group and business processes.
The Group’s uniform Risk Management standards ensure that the above objectives are met thanks to:
- keeping risk within the specified limits, and ensuring the achievement of business objectives in a reasonable manner,
- ensuring safety of the operations of JSW and the Group Companies,
- establishing a consistent approach to identifying, assessing, analyzing risks and implementing responses to key risks,
- ensuring creation and protection of shareholder value,
- supporting the achievement of business goals and providing strong support for decision-making at all levels of the organization aimed at maximizing profits with an acceptable level of risk,
- building an organization that is aware of the risks it takes and strives for continuous improvement.
In accordance with applicable internal regulations, a risk owner is designated for identified risks, responsible for monitoring the level of risk and reporting risk information to the Management Board Representative for the Integrated Management System and Risk Management in the form of risk cards. The risk owner is also responsible for overseeing and coordinating measures related to devising, implementing and executing action plans to address risks. By accepting responsibility for risk, each risk owner manages the main factors of the risk assigned to him/her in the ERM system. Identification of risks and implementation of tools to mitigate them allows for taking effective preventive actions in the face of a threat. Risk management is a process, which methodically solves the issues related to threats to the operation of the organization that took place in the past, currently and are most likely to occur in the future. Informed management of existing threats and opportunities enables the Group to protect its attained value and improve its ability to add extra value. Risk management supports the Group in building a resilient corporate structure.
Roles and responsibility
Risk management is an integral part of the organizational culture, and the process must involve translating strategic assumptions into specific tactical and operational goals, as well as strictly defining the responsibilities of all managers and employees who are involved in risk management as part of their duties. In addition, the introduction of risk management involves defining accountability for results, evaluating performance, and thus promoting operational efficiency at all levels of the organization. A consistent and practical methodology for managing this uncertainty at the Group level is necessary to make them achievable. At the same time, effective risk management involves accurately forecasting risk factors over different time horizons and considering various scenarios.
Company’s Supervisory Board and Supervisory Board Audit Committee - The responsibility of the JSW Supervisory Board is to monitor key risks and the ways they are addressed. Every year, the Supervisory Board submits a concise assessment of the Company’s standing, including inter alia an assessment of the internal control system and the risk management system to the Shareholder Meeting.
Company’s Management Board - oversees the course of the entire risk management process. It accepts the ERM assumptions and principles set forth in the ERM Policy and Procedure. As part of corporate risk management, the Company’s Management Board approves proposed risk response plans and adopts the results of the Group's risk identification and assessment.
Risk Committee- supports effective risk management and monitors the key risks on an ongoing basis, periodically reviews current risk levels, oversees the implementation of risk response plans and assesses the Group's overall risk resilience, and recommends risk mitigation issues to the Management Board. JSW currently has three risk committees: Corporate Risk Committee, Financial Risk Committee, and Climate Risk Committee.
ERM Officer - is responsible for coordination of the corporate risk management process. The Officer cooperates with the JSW Management Board, the Audit Committee of the Supervisory Board, the Audit and Control Department and individual risk owners, both in order to consult the results of risk analysis and assessment and to develop methodologies applied in the ERM System.
Risk Owner - is responsible for monitoring the level of risk and reporting risk information to the Officer in the form of Risk Cards. The Risk Owner is responsible for overseeing and coordinating measures related to devising, implementing and executing action plans to address risks. The final decision on the action plan vis-à-vis the management of a given risk is made in accordance with the organization's rules for the division of duties and responsibilities. The Risk Owners include: Management Board, Directors, Managers, Officers or other designated persons responsible for processes or functional areas under their authority.
Evaluation of the effectiveness od the risk management system
A planned and regular approach to risk management results in identification of the Group’s key risks that may potentially have significant impact on the operations, performance and financial standing of Group companies. Consequently there is a strong need for monitoring and periodic verification of the effectiveness of the existing control mechanisms and response to the risks. In order to ensure effectiveness of the risk management system, the following tasks are carried out in particular:
- risk reviews to test whether they are adequate and aligned to the structure and distinct nature of the Group's operations, taking into account external and internal factors,
- conducting regular risk review and evaluation,
- conducting internal audits as part of an independent inspection of the risk management function,
- reporting results in changes occurring in the assessment of risks.
3LoD Model
As part of the risk management process, the Parent Company/Group has in place the 3LoD Model: