The goal of Kreate Group Plc’s risk management policy is to continuously and systematically identify the most significant risk factors and manage them optimally so that the company achieves its strategic and financial targets. The policy is based on managing the Group’s overall risk exposure and not merely the individual risk factors. Controlled risk-taking may have a positive impact on the company’s development.
We define risk as an external or internal uncertainty factor that, should it be realised, would have a positive or negative impact on our possibilities to reach our strategic and financial targets in a sustainable and ethical way.
Identifying and assessing risk
Risk management is an integrated part of the Group’s management, monitoring and reporting systems. Risk management includes identifying and assessing risks as well as contingency plans for all main risk categories. The company divides risk factors into strategic, operative, damage risks and financial risks.
Risk management activities
Risk management activities are targeted at the most significant risks by implementing cost-efficient and appropriate actions. Responsible persons will be named for risk management activities. They will take responsibility for planning, implementing and monitoring the activities. The defined activities will be included in action plans and monitoring plans.
Responsibilities and organisation of risk management
Kreate’s Board of Directors approves the risk management policy and its goals and steers and monitors the planning and implementation of risk management. The Board of Directors handles, among other things, matters relating to the Group strategy, organisation of business operations and significant investments.
The Audit Committee assists the Board of Directors in monitoring the reporting and calculation processes of Kreate Group, including internal control, risk management, internal audit and monitoring and control of auditing. The Remuneration Committee handles questions relating to personnel bonus systems and successor planning.
The CEO carries the total responsibility for risk management. The CEO is responsible for organising and planning, developing, coordinating and monitoring the risk management strategy as well as for its implementation and communication throughout the organisation. The CEO reports to the Board of Directors. The Group Management team is responsible for the implementation of risk management, i.e. identification of risks, monitoring and assessing risks and risk-related actions.
The Group’s financial management is responsible for identifying and assessing financial risks, and reports to Group management.
The Group’s outsourced internal audit organisation supports Kreate’s management in organising and developing risk management and internal control. Internal audit reports to the Board’s Audit Committee and administratively to the CFO.