Select language
Available languages
Valitse maa tai alue

Internal control and risk management

Risk management is an important part of the management system of Fazer Group. The Board of Directors approves the risk management policy and monitors its compliance.

The purpose of internal control and risk management is to ensure that the company’s operations are effective, that financial and other information is reliable, and that the company complies with the relevant regulations and operating principles. The Board of Directors, assisted by the Audit committee, is responsible for monitoring and assessing the effectiveness of the company’s internal control and risk management systems. Internal audit assists the Board of Directors with its monitoring responsibility by ensuring that the group’s control measures have been planned and set up effectively.

Internal Audit

The role of Fazer’s internal audit is to enhance and protect organisational value by providing independent, objective assurance and to contribute to the continuous improvement of risk management and internal controls. Internal Audit reports to the Audit Committee. Internal Audit conducts audit assignments according to the annual audit plan that is approved by the Audit Committee. The results of these assignments are regularly reported to Group Management, auditors and the Audit Committee.

Risk management

Risk management is an important part of the management system of Fazer Group. The Board of Directors approves the risk management policy and monitors its compliance. Risk management is a continuous and systematic process, and its task is to support the implementation of the Group’s strategy and business targets, secure the recognition of risks affecting the company’s business, assess, monitor and anticipate threats and opportunities affecting business and secure the continuity of operations.

The management of the Business Areas, Business Units and Group functions is responsible for the identification and evaluation of the risks of their respective areas and for mitigating these risks as part of their operative activities. Financial risks are administered by Group Finance. The Group’s Chief Financial Officer (CFO) is responsible for the management and development as well as reporting of risk management to the Board and the Audit Committee. The CFO also supports the Business Areas, Business Units and Group functions in risk management.

Fazer defines risk as external or internal uncertainty that may affect the Group in the execution of its strategy, achievement of its goals or continuity of its businesses. Risks may be caused by events within Fazer, or by external conditions or events. For the identification and monitoring of risks, these are divided into four categories: strategic risks, operational risks, hazard risks and financial risks.

Adaptability, Markets and customers, Business development
Personnel, Processes and controls, Operational framework

Strategic risks are external risks that affect the whole industry (change in demand, raw material availability, change in regulation, change in competitive field, etc.) or self-inflicted risks due to strategic choices (new business development, M&A, partnerships, dependency on one market/customer, sustainability, etc.). Focus on strategic period: 3–5 years.

Operational risks are related to the implementation of the strategy and everyday business activities. These include, for example, supply chain efficiency, customer relations, raw material prices, managing projects, IT, security and personnel related risks. Focus on budgeting period: 1–2 years.

Property, Liability, Health and safety
Foreign exchange, Interest rate, Liquidity, Funding, Counterparty

Hazard risks comprise errors, malfunctions and accidents that occur within Fazer or in the business environment and that cause damage or loss.

Financial risks are related to changes in market prices, the sufficiency of financial assets and the ability of counterparties to meet their financial obligations.