Processes for risk management
The responsibility for the management of business risks follows the company’s delegation scheme, from the Board of Directors to the President, and from the President to each Business Unit President. The delegation scheme involves business risks being managed primarily by Essity’s business units with clear central coordination and follow-up. Responsibility for certain specific risks, such as financial risks, insurable operational risks, information security, and ethics and human rights, is managed centrally.
Essity’s financial risk management is centralized. The Group’s internal bank handles financial risks and energy risks. The financial risks are managed in accordance with the Group’s Finance Policy, which is adopted by Essity’s Board of Directors. Together with Essity’s Energy Risk Policy, the Finance Policy constitutes a framework for financial risk management. The financial risks are compiled and continuously monitored. Responsibility for insurable operational risks is managed by the Group’s insurance department.
Identification of business risks and risk management are a key part of the annual strategy process. Identified risks are assessed according to the likelihood of these becoming a reality and the potential impact each risk could have on the Group. This process also includes specifying who is responsible for managing the respective risk, and measures for how these shall be mitigated and followed up. Development of the identified risks is monitored and assessed on an ongoing basis. Essity has an internal audit function, which ensures that the organization complies with the adopted policies.