Risk management

Risk management aims to balance the desire for value creation for our stakeholders with the risks associated with business, commercial, operational, labour, financial and social initiatives, as established by the sustainability policy.

Viscofan has approved a risk management control policy, whose purpose is to set the basic principles and the general action framework to identify, measure, prevent and mitigate risks of all types that may affect the attainment of the strategic objectives.

Viscofan seeks to reinforce the risk control system, promoting a solid business model enabling risks to be confronted in a controlled manner. The aim of the risk management policy is to identify and assess risks as soon as possible, based on the Code of Conduct, the internal regulations, and the strategic plan, and to take adequate measures to reduce them and, in some cases, they can present opportunities.

The risk management system is the responsibility of the Board of Directors, which delegates its supervision and correct functioning to the Audit Committee. Likewise, the Viscofan Group has different bodies charged with the supervision and control of different risks that could arise in the course of Viscofan's activities with different level of occurrence and materiality:

• Internal audit: their purpose is to promote the application of Risk Management in all activities and supervise to ensure that significant risks are suitably identified, assessed, managed and controlled. It has a broad presence on specific risk committees.

• Ethics and regulatory compliance committee: this is the body responsible for supervising the risks specific to the Group with regard to criminal liability or any other non-compliance, and for assessing, implementing and monitoring the Regulatory Compliance System. 

• Global risk committee: this is a body whose purpose is to identify and assess the main risks threatening the Viscofan Group, making a deeper analysis of their organisation and recommendations for the actions required to manage the risks within the established margins.

• Credit risk committee: it is established as a supervisory and control body for those risks related to customer payment management. The objective of this Committee is to delve into the prevention, monitoring and solution of the risks mentioned, via the creation and implementation of the instruments considered most appropriate at the time.

• Investments committee: its main purpose is to control and supervise compliance with the Investment Plan approved by the Board of Directors. To achieve this, it meets on a quarterly basis for the purposes of performing periodic follow-up checks on the correct application of approved investments and controlling the efficient use of Group resources and investments.

• Cybersecurity committee: it is in charge of defining the strategic objectives of the Group's Cybersecurity, ensuring the secure management of information and assuring the state of protection, as well as periodically monitoring compliance with regulations, risk projects and situations and incidents.

• Executive sustainability committee: this is the body responsible for coordinating and supervising the Sustainability Action Plan, the initiatives, work plans and long-term objectives for the same. 

• Senior management: it is responsible for identifying and assessing the risks faced by the Group with its activity and taking appropriate measures to prevent these risks from occurring or, if they do occur, to reduce or eliminate their impact. Therefore, it plays a fundamental role in designing and implementing control mechanisms and ensuring their fulfilment across the organisation.

The management and control activities enable the risks to be anticipated and detected and the threats to be examined and measured that may prevent the Viscofan Group from attaining its objectives, as well as the creation of value that is sustainable and shared with the stakeholders. 

Moreover, the Viscofan Group monitors the values of the risk indicators and the defined thresholds, so that when these thresholds were exceeded the required management measures are taken to redirect the risks to the defined tolerance level. The information in reference to risk management has been set forth in greater detail in section E) of the Annual Corporate Governance Report. In this section, the Viscofan Group describes the main financial and non-financial risks, the bodies responsible for drawing up and enforcing the financial and non-financial risk management system, the level of tolerance, the risks occurred in the year and the plans to respond to and supervise the main risks.

Below are the main risks faced by the company in 2023 and the response and supervision plan: