The Board and the Audit Committee approve the company's risk control and management. They review internal control systems regularly to ensure that the main risks are properly identified, managed and disclosed.
The risks are assessed in qualitative and quantitative terms and plotted on a matrix to ensure that they are evaluated and handled properly on an overall basis. The categorization of risks is based on the likelihood of occurrence, economic and financial consequences, the potential impact on reputation, impact on sustainability and the risk management approach. The company establishes a risk tolerance level. Situations that exceed the risk tolerance level are analyzed individually by the personnel in charge of the business unit, who take mitigating action in coordination with the Risk Management group.
The risks at Greenko Group across the SBUs are broadly classified as:
Economic and Financial Risks
Legal and regulatory risk
Safety and security risk
Presently, Greenko has at the group level, the Governance, Compliance and Risk Management Committee chaired by the Chief Compliance Officer, and who has overall responsibility for overseeing the implementation of risk identification and mitigation. The committee’s role includes:
Propose to the board on Risk appetite, Risk governance, Critical risk related matters and Risk controls.
Review and verify the systems in place for risk management including internal control.
Review all risks in the risk register and monitor the progression of stated action once in two months;
Review trend analysis for all risks;
Ensure the established processes to manage risk by each team is in place and provide support for action where necessary
Ensure the processes for managing risks are clearly understood, appropriately delegated and are effectively controlled.
Escalate issues to the committee of the board as appropriate, particularly the new critical risks or areas of concern of risks graded as high.
In addition, the SBU Level Risk Management Committee’s responsibilities include:
Ensure that risks are identified, addressed and reported as appropriate.
Risks graded as Significant (critical / high) are reviewed.
All Critical risks will be sent to Governance, compliance & risk management committee for review.
Respond to risks o n a day-to-day basics.
Review all risks in the risk register and monitor progression of stated action on a monthly basis;
Review the trend analysis for all risks.
Greenko, as directed by its Board, is presently in the process of adoption of Enterprise Risk Management system following COSO principles. The ERM will be
A process, ongoing and flowing through an entity
Effected by people at every level of an organization
Linked to the strategy, mission and vision of the organization
Able to provide reasonable assurance to an entity’s management and Board of directors
Managed within the risk appetite at all levels