Risk management and internal control

Raute's risk management policy is approved by the Board of Directors. The Board is responsible for organizing internal control and risk management, and for monitoring their efficiency.

Preventive risk management ensures continuity

The aim of risk management is to further the achievement of strategic and other objectives by foreseeing and limiting substantial risks and the negative effects of occurred risks on business. Preventive risk management ensures the continuity of operations.

Risk management also includes recognizing, assessing and preparing for the risks related to business opportunities. The primary goal of crisis management is the safety of the personnel.

The Group’s identified key risk areas relate to the nature of the business, the business environment, financing, damage or loss and information security. The fluctuations in demand resulting from economic cycles and delivery and technology risks have been identified as the Group’s most significant business risks.

Risks in the near term continue to be driven by the uncertainty relating to the global economic situation and the development of the financial markets, as well as by international political instability especially related to the Russian markets. In addition to the political risk, the most significant risks for Raute in the near term are related to the price development and, to some extent, availability of raw materials, components and freight.

Restrictions resulting from the pandemic caused by the coronavirus will have a negative impact on Raute’s outlook also in the future, but the extent and duration of the impact are still impossible to assess.

The Group has no ongoing legal proceedings or other disputes in progress that might materially affect the continuity of business operations, nor is the Board of Directors aware of any other legal risks related to the Group’s operations that might have such an effect.

Organizing risk management

Raute’s risk management policy is approved by the Board of Directors. The Board is responsible for organizing internal control and risk management, and for monitoring their efficiency.

The Executive Board defines the Group’s general risk management principles and operating policies and defines the boundaries of the organization’s powers. The President and CEO and the CFO regularly report significant risks to the Board.

The Group’s President and CEO controls the implementation of the risk management principles within the entire Group, while the Presidents and CEOs of the Group companies are responsible for risk management in their respective companies. The members of the Group’s Executive Board are responsible for their own areas of responsibility across company boundaries.

Raute has no separate internal auditing organization. The Controller function oversees the annual internal control plan, develops internal control and risk management procedures together with the operative leadership, and monitors compliance with risk management principles, operational policies and powers.