GENERAL RISK CONTROL AND MANAGEMENT POLICY

Similar documents
General Risk Control and 20/10/15

GENERAL RISK CONTROL AND MANAGEMENT POLICY

Key risks and mitigations

Amadeus Global Report 2016 A business, financial and sustainability overview. Corporate risk management

Bournemouth Primary MAT Risk Management Policy

How we manage risk. Risk philosophy. Risk policy. Risk framework

RISK MANAGEMENT FRAMEWORK OVERVIEW

The market and competition, including demand, capacity, and price competition.

Global Tax Strategy November 2017

Transparency and anti-corruption

TAX RISK MANAGEMENT AND CONTROL POLICY

Goodman Group. Risk Management Policy. Risk Management Policy

ENTERPRISE RISK MANAGEMENT (ERM) POLICY Republic Glass Holdings Corporation. Purpose. Goals

MAIN BOARD LISTING RULES. Chapter 13

Risks and uncertainties facing the business

ANTI-FRAUD CODE CONTENTS INTRODUCTION GOAL CORPORATE REFERENCE FRAMEWORK CONCEPTUAL FRAMEWORK ACTION FRAMEWORK GOVERNANCE STRUCTURE

ENTERPRISE RISK MANAGEMENT POLICY FRAMEWORK

MEMORANDUM. To: From: Metrolinx Board of Directors Robert Siddall Chief Financial Officer Date: September 14, 2017 ERM Policy and Framework

RISK MANAGEMENT FRAMEWORK

Tax Strategy. March 2019.

HUMAN CAPITAL FRAUD AND CORRUPTION PREVENTION

Business Auditing - Enterprise Risk Management. October, 2018

J SAINSBURY PLC (THE COMPANY ) ANNUAL REPORT AND FINANCIAL STATEMENTS 2016

Pillar 3 Disclosure ICAP Europe Limited

REGULATION. on Internal Governance Arrangements, the Management body and the Internal Capital Adequacy Assessment Process for Banks and Savings banks

Risk Management Framework

Tax Strategy. March 2018

Pillar 3 Disclosures. Sterling ISA Managers Limited Year Ending 31 st December 2017

ENTERPRISE RISK MANAGEMENT (ERM) The Conceptual Framework

Risk Management Strategy January NHS Education for Scotland RISK MANAGEMENT STRATEGY

West Coast District Municipality. Risk Management Policy

RISK APPETITE OVERVIEW

INDEPENDENT AUDITOR S REPORT TO THE MEMBERS OF THOMAS COOK GROUP PLC

RECENT CHANGES IN STANDARDS ON AUDITING

5. Ethics Ethics and Integrity: Summary, Objectives and General Principles

Risk Management Policy Adopted by:

M_o_R (2011) Foundation EN exam prep questions

Principal risks and uncertainties

RISK MANAGEMENT POLICY October 2015

Senior arrangements, Systems and Controls. Chapter 13. Operational risk: systems and controls for insurers

Risk Management Policy. Apollo Hospitals. Risk Management Policy

Risk Management. Policy No. 14. Document uncontrolled when printed DOCUMENT CONTROL. SSAA Vic

DEPOSIT INSURANCE CORPORATION OF ONTARIO BY-LAW NO. 5 STANDARDS OF SOUND BUSINESS AND FINANCIAL PRACTICES

CORPORATE SOCIAL RESPONSIBILITY POLICY

Consultation Paper No. 7 of 2015 Appendix 4. Abu Dhabi Global Market Rulebook Market Infrastructure Rulebook (MIR)

CITY OF JOHANNESBURG METROPOLITAN MUNICIPALITY GROUP RISK AND ASSURANCE SERVICES GROUP RISK MANAGEMENT POLICY

GRINDROD SOUTH AFRICA//Policy Risk and opportunity governance framework

Executive Board Annual Session Rome, May 2015 POLICY ISSUES ENTERPRISE RISK For approval MANAGEMENT POLICY WFP/EB.A/2015/5-B

FERMA European Risk Manager Survey 2018

TD BANK INTERNATIONAL S.A.

BERGRIVIER MUNICIPALITY. Risk Management Risk Appetite Framework

Ashmore Group plc Pillar 3 Disclosures as at 30 June 2018

ANTI BRIBERY AND CORRUPTION POLICY

CARIBBEAN DEVELOPMENT BANK STRATEGIC FRAMEWORK FOR INTEGRITY, COMPLIANCE AND ACCOUNTABILITY PILLARS I AND II INTEGRITY AND ETHICS POLICY

Responsible Investment Policy

Driving corporate sustainability through risk management

Risk Management Policy & Procedures. Premier Ltd.

Airbus Company Policy. Airbus Anti-Corruption Policy

An Introductory Presentation for ECU Staff

ANNUAL GOVERNANCE STATEMENT FOR THE POLICE AND CRIME COMMISSIONER FOR NORFOLK AND THE CHIEF CONSTABLE FOR NORFOLK

Strategic policy. Policy purpose The purpose of this policy is to:

JFSC Risk Overview: Our approach to risk-based supervision

SOLVENCY AND FINANCIAL CONDITION REPORT EUROLIFE LTD

Habib Bank AG Zurich. Annual disclosures according to Basel III (Year 2014)

SOLVENCY & FINANCIAL CONDITION REPORT. SureStone Insurance dac

CORPORATE COMPLIANCE PROGRAM AND ENHANCED COMPLIANCE OBLIGATIONS

Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement

GROUP ANTI-CORRUPTION GUIDELINES. - Extract -

Compliance Due Diligence Group Norm

Code of Conduct for The Sixth AP Fund

Desjardins Trust Inc. Financial Information and Information on Risk Management (unaudited)

Fraud, Bribery and Corruption Control Policy

LLOYDS BANKING GROUP PLC ANNUAL REPORT AND ACCOUNTS FOR THE YEAR ENDED 31 DECEMBER 2017

Title: Anti-Bribery Policy

Risk Evaluation, Treatment and Reporting

Risk Management Strategy Highland Council Pension Fund

Kidsafe NSW Risk Management Plan. August 2014

RISK MANAGEMENT STRATEGY Version 3

Section Defining Risk Management. 11. Principles of Risk Management

ANNUAL DISCLOSURES FOR 2010 ON AN UNCONSOLIDATED BASIS

EVRAZ Anti-Corruption Policy

Directives. of Federal Office of Private Insurance (FOPI) 15/2006 on Corporate Governance, Risk Management and the Internal Control System

SOLVENCY AND FINANCIAL CONDITION REPORT EUROLIFE LTD

The entity's risk assessment process will assist the auditor in identifying risks of materials misstatement.

Solvency & Financial Condition Report. Surestone Insurance dac March

DEPOSIT INSURANCE CORPORATION OF ONTARIO BY-LAW NO. 5 STANDARDS OF SOUND BUSINESS AND FINANCIAL PRACTICES

APPENDIX 1. Transport for the North. Risk Management Strategy

DRAFT SOUND COMMERCIAL PRACTICES GUIDELINE

Corporate Social Responsibility in Due Diligence: why current due diligence standard practice is inadequate

D7 Risk Management Policy

BELSTAR INVESMENT AND FINANCE PRIVATE LIMITED

UNITED NATIONS JOINT STAFF PENSION FUND. Enterprise-wide Risk Management Policy

Nagement. Revenue Scotland. Risk Management Framework

Members Report and Financial Statements 2018

First Super Voting Policy from INVESTMENT GOVERNANCE STATEMENT & MANUAL (20 Nov 2018) ENVIRONMENTAL, SOCIAL AND GOVERNANCE POLICY

Policy Number: 040 Risk Management August 2018

THE CO-OPERATIVE BANK PLC RISK COMMITTEE. Terms of Reference

Israeli off-shore exploration and development. How to manage the risks?

Risk Management Policy

RESPONSIBLE INVESTMENT POLICY. (Initially Adopted by Compliance Committee on February 7, 2013)

Transcription:

GENERAL RISK CONTROL AND MANAGEMENT POLICY OF SIEMENS GAMESA RENEWABLE ENERGY, S.A. (Text approved by resolution of the Board of Directors dated September 12, 2018)

GENERAL RISK CONTROL AND MANAGEMENT POLICY Pursuant to Section 529 ter of the Companies Act (Ley de Sociedades de Capital) and Articles 33 of the By-Laws and 6 and 7 of the Regulations of the Board of Directors, the Board of Directors of SiemensGamesa Renewable Energy, S.A. (hereinafter "Siemens Gamesa or the Company", and the group of companies of which Siemens Gamesa is the controlling company, the Siemens Gamesa Group") has the non-delegable responsibility to determine the general risk control and management policy of the Company, identifying the main risks of the Siemens Gamesa Group and organizing appropriate internal control and reporting systems, and to regularly follow up thereon. 1. SCOPE AND OBJECT This policy applies to all companies within the Siemens Gamesa Group in relation to the risks defined in the next section, which generally include all those risks relating to the activities, processes, projects, products and services of the business lines of the Siemens Gamesa Group in all of the geographical areas in which it does business. The object of this policy is to establish the basic principles and general framework of conduct for controlling and managing any risks faced by the Siemens Gamesa Group. 2. RISK FACTORS DEFINITIONS Generally, any threat that an event, action or omission may prevent the Siemens Gamesa Group from achieving its business goals and successfully executing its strategies is considered a risk. The Siemens Gamesa Group generally considers risk factors in accordance with the COSO: Enterprise Risk Management Business Integrated Framework (ERM) Model classified into the four following categories, which in turn include other sub-categories: a) Corporate governance, ethics and compliance risks: These risks include: Compliance with the Company s Corporate Governance Rules, inspired by the good governance recommendations generally accepted in the domestic and international markets in which the Siemens Gamesa Group does business. Compliance with the Siemens Gamesa codes of conduct and other codes of conduct in its relation with its stakeholders (e.g., Supplier Relationship Code). Compliance with applicable requirements and those that could potentially apply, as well as the control of risks associated with the commission of crimes, including fraud, bribery and corruption and antitrust, among others. Regulatory risks: risks arising from changes in applicable domestic and international legal provisions that could have a direct or indirect effect on the results of the Siemens Gamesa Group. Risks regarding export and tariff control: risks arising from tariff provisions that could have an effect on the results of the Siemens Gamesa Group. 2

b) Strategic and environmental risks: Risks that that could arise as a result of choosing a particular strategy, as well as those arising from external or internal sources that could have a significant direct or indirect impact on meeting the objectives of Siemens Gamesa and on the long-term vision of the Company. These are thus key aspects that must be handled by the Board of Directors and Top Management. They include: Market risks: referring to the exposure of the results and financial position of the Siemens Gamesa Group to the volatility of macroeconomic factors, political factors, industrial innovation, geopolitical factors, competitors behaviours and customer behaviour. Strategic planning and resource assignment risk: risks of defining the strategic positioning of the Company, lack of innovation, accomplishment thereof at an inappropriate pace or the late entry of said innovations into the market, organisational structure, alliances and joint ventures, special purpose vehicles, and lack of capacity. Quality risks, such as those derived from the definition of quality standards. Media risks: risk that the various stakeholders harm the image of the Siemens Gamesa Group through the media. Merger, acquisition or divestment risk: risks derived from the diverse factors implicated in these types of transactions, such as those inherent in the valuation or related to the development and result of due diligence processes, as well as those risks consubstantial to the implementation of these types of transactions (including, if appropriate, the integration processes). c) Operational risks or risks arising from its own activities (products and services), including: Product life cycle management. Customer relationship management. Project management. Management of suppliers and the entire value chain. Risks relating to the Company s property and fixed assets. HR risks (loss of key personnel, incentives and remuneration, succession plans, recruiting and retention, etc.). Environmental risks and Occupational Health. Information technology system risks (cyberattacks, failures in comprehensive management systems, etc.). Risks in protecting intangible assets like patents, know-how, etc. Risks relating to employee safety (travel, events, etc.). 3

d) Financial risks: Risks affecting the more significant financial figures, including: Risks of financial investments due to changes in exchange rates, interest rates, credit risk, derivatives, etc. Risks relating to accounting and financial reporting, including i.e. revenue recognition, consolidation and closing process, financial information, etc. Risks relating to management control (budgeting, analysis of financial closes and deviations therefrom, etc.). Tax risks: local requirements and direct or indirect levies that have not been properly analysed and that cause delays in the recovery of taxes or penalties, amongst other things. Risks about the financing structure of the Company. Risks relating to warranties and management of the Company s insurance. 3. GENERAL OBJECTIVES OF THIS POLICY The Siemens Gamesa Group is subject to various risks inherent to the different countries, sectors and markets in which it does business and to the activities it performs, which can prevent it from achieving its objectives and successfully implementing its business plans. Aware of the importance of this aspect, the Company s Board of Directors commits to develop all of its abilities in order for the significant risks of all activities and businesses of the Siemens Gamesa Group to be properly identified, measured, managed and controlled, and hereby establishes the basic mechanisms and principles for properly managing the risk/opportunity duality with a risk level that allows for contributing to the following general objectives: a) comply with applicable laws, regulations, rules and agreements; b) achieve the strategic objectives of the Siemens Gamesa Group with a volatility that is within reasonable limits; c) provide the maximum level of guarantees to the shareholders; d) protect the results and reputation of the Siemens Gamesa Group; e) defend the interests of shareholders, customers and other stakeholders of the Siemens Gamesa Group; and f) ensure business stability and financial strength in a sustained manner over time. To implement the aforementioned commitment, the Board of Directors works with the Audit, Compliance and Related Party Transactions Committee, that as an information-gathering and consultative body, supervises the Company s internal control system and the risk evaluation, control and management systems, and reports on the adequacy thereof. All the foregoing takes into account the Main Principals of Conduct, the Risk Control and Management Systems and the Risk Limits set out in the following sections. 4

4. MAIN PRINCIPLES OF CONDUCT Any conduct aimed at controlling and mitigating risks shall take into account the following main principles of conduct. a) Identify the significant risks and opportunities of the business throughout the organisation that might lead to potential deviations from the objectives of Siemens Gamesa over a 3-year time frame, even if the impact and probability thereof are uncertain. b) Evaluate the risks and opportunities detected based on the nature of the risk (business objectives risk, financial impact risk, media risk, risk in regulatory bodies or inefficient use of Top Management s time), as well as on the probability of occurrence and size of the impact of said risk if it materialises. c) Respond to the risk detected by assigning a manager for each risk, who in turn will be tasked with preparing a risk mitigation strategy. d) Monitor the implementation of risk mitigation strategies and show the performance thereof over time, including a regular re-evaluation showing the effects of the response to the risk. e) Report and escalate on a regular basis, updating the risk map with the information obtained from the evaluation, and providing an update on the response to the Executive Committee and the Audit, Compliance and Related Party Transactions Committee. f) Sustain and continuously improve the risk management process by reviewing the efficiency and effectiveness thereof, ensuring its compliance with legal and regulatory requirements. 5. RISK CONTROL AND MANAGEMENT SYSTEMS The Company has Risk Control and Management Systems that are based on an appropriate definition and assignment of duties and responsibilities at the operational level and on procedures, methodologies, support tools and information technology systems appropriate for the different stages and activities of the system, including: a) Contribution by all of its members to the achievement of the business objectives, to creating value for the various stakeholders, and to the sustainable and profitable performance of the operations of the Siemens Gamesa Group, playing a proactive role in the preventative culture of comprehensive and integrated risk management. b) Continuous identification of significant risks and threats, taking into account the possible effect thereof on business objectives and the financial statements (including contingent liabilities and other off-balance sheet risks). c) Analysis of said risks in each of the businesses or corporate functions as well as taking into account the overall effect on the entire Siemens Gamesa Group. d) Evaluation of the impact, probability and level of control, establishing a corporate risk map that is regularly reviewed in order for Siemens Gamesa and the companies of the Siemens Gamesa Group to be able to take actions that mitigate, transfer, share and/or avoid the risks and strengthen the achievement of opportunities. 5

e) Establishment of the corresponding mechanisms for implementing this general risk control and management policy as well as any other policies to be implemented in the area of risks within the various businesses and companies forming part of the Siemens Gamesa Group. f) Analysis of risks associated with new investments as an essential element in making key profitability/risk decisions. g) Maintenance of an appropriate process for the continuous evaluation of the risks of companies making up the Siemens Gamesa Group, as well as compliance with policies, guidelines and limits. The evaluation is performed using a general risk management method that aligns standards and ensures implementation of this general policy with other specific methodologies that may be necessary due to the requirements of law, rules or processes. h) Regular monitoring and control of the risks of the profit and loss account in order to control the volatility of the annual results of the Group. i) Critical review and alignment of the guidelines of this policy with other specific risk management processes also adopted at Siemens Gamesa for particular types of risks relating to best practices and/or Iinternational Standards. j) The information, reporting and internal control systems used to regularly and transparently evaluate and communicate the results of the risk control and management monitoring. The systems are applied through an organisation structured into four levels of protection and defence to confront and manage significant risks. The Audit, Compliance and Related Party Transactions Committee regularly reviews the systems for internal control and management of risks, including tax risks, in order to properly identify, analyse and report the main risks. The Internal Audit Directorate informs, advises and reports to the Audit, Compliance and Related Party Transactions Committee on the risks associated with the balance sheet and the functional activity areas with the existing identification, measurement and control thereof. The Risk Department: (i) participates in defining the risk strategy, the proper operation and effectiveness of the control systems and the mitigation of the risks detected, and (ii) endeavours to ensure that the executive line evaluates everything related to the risks of the Company, including operational, technological, legal, social, environmental, political and reputational risks. The Committees (Executive, Business Executive and Regional) are responsible for comprehensive risk control and management in the business and decision-making processes. 6

6. RISK POLICIES AND LIMITS This policy further develops and supplements other corporate risk policies and specific risk policies that may be established in relation to specific businesses and companies of the Siemens Gamesa Group. The Audit, Compliance and Related Party Transactions Committee endeavours to ensure that the risk control and management policies identify the risk levels that the Company and the Siemens Gamesa Group consider acceptable in accordance with the Corporate Governance Rules. The Board of Directors approves the risk levels that the Corporation considers acceptable (risk tolerance criteria), which are aimed at maximising and protecting the economic value of Siemens Gamesa within controlled variability. The Board of Directors of Siemens Gamesa shall define the specific numerical values for the risk limits stated in the specific policies and/or in the annual objectives and may decide to change these values and authorize that they be exceeded in exceptional cases, after a report of the Audit, Compliance and Related Party Transactions Committee, taking into account the proposals of the affected directorates. In accordance with these guidelines, the corresponding governance bodies of each company of the Group must approve the specific risk limits applicable to each of them and implement the necessary control mechanisms to ensure compliance with this general risk control and management Policy and the specific limits that affect them. 7. APPROVAL AND DISSEMINATION OF THE POLICY The Executive Committee and region heads shall adopt the measures required for dissemination within the Siemens Gamesa Group and compliance with this policy, assigning the necessary means (human, technological and financial, as well as risk control and management training and culture). 7

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback