The target of risk management is to collect information on and to review and manage opportunities, threats and risks arising in the company’s operations in order that the company can reach its targets and carry out its operations without disruptions.
A risk can be defined as a matter or event that may, when realised, prevent or hinder the company to meet its strategic and operational targets, or result in missing business opportunities. Risks are classified as business risks (strategic risks), operational risks, risks of losses or damages and financial risks. Also other aspects than financial impacts are considered when assessing risks.
Musti Group’s Risk Management Policy describes the targets, principles, organisation, responsibilities and practices of Musti Group’s risk management. Risk management is a part of the internal control. The execution of the Risk Management Policy is monitored by the company’s top executive management and the Board of Directors.
Under the Limited Liability Companies Act, the Board of Directors shall see to the administration of the Company and the appropriate organisation of its operations. In addition, the Board of Directors shall monitor and review the efficiency of the company’s internal control and risk management system. The Board of Directors shall confirm the company’s internal control and risk management policies and amendments to them, as well as address significant risks and uncertainties related to the company’s operations.
The Company’s CEO with the assistance of the Group’s Management is responsible for the preparation of the Risk Management Policy and the systematic and appropriate implementation of the risk management. The CEO shall ensure appropriate coverage of the Company’s risk management and assess the implementation of the risk management. The CEO reports on the risk management to the Company’s Board of Directors. The members of the Management Team are responsible for the planning, implementation and follow-up of the risk management measures in their own area.
Risk management process
The company implements risk management continuously and systematically according to a scheduled process. The risk management process shall ensure that risks related to the Group are identified, estimated and controlled in a proactive way and the management of risks is monitored. The Company’s risk management includes the following phases, among others: identification and review of risks, risk assessment, determining and implementing control measures for the identified risks, and monitoring and reporting of risks.