Corporate Governance

Risk Management

Risk management objectives and scope

Neste considers risk management as an integral part of daily management processes and good corporate governance. Risk is an unavoidable component of running the business and is characterized by both opportunity and threat. Systematic risk management practices are the means to ensure that Neste is successful in reaching the set strategic targets and business objectives and is able to maintain continuous operations in the changing business environment.

Neste’s risk management practices can be characterized by the following statements:

  • The company emphasizes risk aware culture and proactive management of risks.
  • Risk management is a continuous process that is designed to add value to the company.
  • Purpose of risk management is to analyze and manage all opportunities and threats that the company may encounter. By exploiting opportunities and reducing threats, Neste gains competitive advantage.
  • Risks are managed as an integrated part of planning, decision making, and operational processes with a defined structure of roles and responsibilities.
  • Sufficiency of risk treatment actions and controls is monitored in a systematic way.

Risk management framework and principles

Framework and principles for risk management have been defined in Neste Corporate risk management policy, that has been approved by the Board of Directors. The policy is supplemented by risk management principles, guidelines, and instructions for specific risk disciplines.

Neste’s Risk Management has been implemented and maintained in accordance with the International Standard for risk management ISO 31000:2009.

In Neste’s risk model, risks are classified into external, strategic, and more operational risks that are mostly preventable.

  • External risks consist of exposures that cannot be fully influenced or controlled by Neste. Main risk classes are changes in the external environment and risks in the extended enterprise.
  • Strategic risks relate to strategic choices, strategy implementation, and risks in planning and execution of major projects. Strategic risks typically contain both upside and downside risk potential.
  • Third category of risks consists of various risk classes that arise within the organization and are mostly controllable. In general, Neste does not get strategic benefits from taking these risks.