Risk management and internal control

Preventive risk management ensures continuity

The aim of risk management is to further the achievement of strategic and other objectives by foreseeing and limiting substantial risks and the negative effects of occurred risks on business. Preventive risk management ensures the continuity of operations.

Risk management also includes recognizing, assessing and preparing for the risks related to business opportunities. The primary goal of crisis management is the safety of the personnel.

The Group's identified main risk areas relate to the nature of the business, the business environment, financing, and damage or loss. The fluctuation in demand resulting from economic cycles and delivery and technology risks have been identified as the Group's most significant business risks.

Organizing risk management

Raute's risk management policy is approved by the Board of Directors. The Board is responsible for organizing internal control and risk management, and for monitoring their efficiency.

The Executive Team defines the Group's general risk management principles and operating policies, and defines the boundaries of the organization's powers. The President and CEO and the CFO regularly report significant risks to the Board.

The Group's President and CEO controls the implementation of the risk management principles in the entire Group, while the Presidents of the Group companies are responsible for risk management in their respective companies. The members of the Group's Executive Board are responsible for their own areas of responsibility across company boundaries.

Raute has no separate internal auditing organization. The Controller function oversees the annual internal control plan, develops internal control and risk management procedures together with the operative leadership, and monitors compliance with risk management principles, operational policies and powers.

Raute's Corporate Governance Statement 2019 has been drawn up separately from the financial statements.