Structure and organization of risk management
Evonik has an internal risk management structure covering the entire Group. Alongside organizational measures and internal control systems, this is supported by Corporate Audit as a process-unrelated controlling and consulting body. The Evonik Group has issued a binding policy on risk management.
In line with Evonik’s organizational structure, risk management is organized on a decentralized basis. The business units, Corporate Center and service units bear prime responsibility for the early identification of risks, estimating their implications, introducing suitable preventive and control measures and for the related internal communication. Risk coordinators within these organizational units are responsible for coordinating the relevant risk management activities. A Corporate Risk Officer coordinates and oversees the processes and systems. He is the contact for the risk coordinators in the various organizational units and is responsible for managing and coordinating the relevant risk management activities for the Group. Further responsibilities include ongoing development of the methodology used for risk management at Evonik. There is a Risk Committee comprising representatives of the Corporate Center and the business units. It is chaired by the CFO and its role is to validate the Group-wide risk situation and to verify that it is adequately reflected in financial reporting.
Risk management is a central element in Evonik’s controlling processes at all levels of the Group. That includes strategic and operational planning, preparations for investment decisions, monthly reporting and forecasts, and, from a certain level, immediate reporting of risks. The organizational units conduct an extensive risk inventory in connection with the annual midterm planning process. Special risk management software is used for this. All risks are systematically identified, documented and evaluated on the basis of a uniform risk catalogue for all units. The probability of the risks occurring and the potential damage are also analyzed. The organizational units are required to provide details of action to be taken with regard to risks identified in the risk inventory and track their timely implementation. The annual risk inventory looks at risks on the basis of deviation from planned net income over a period of one year and at least five years. It is supplemented by a quarterly review of all risks and monthly risk reports on changes in risk factors previously identified and newly identified risks for the current year.
Overall risk situation
Corporate Audit conducted an audit of risk management at Evonik in fiscal 2012 and established that the company complies with statutory and inhouse requirements. In addition, the system used to identify emerging risks was included in the annual audit in the same way as for listed companies. This showed that Evonik’s risk detection system is suitable for timely identification of risks that could pose a threat to the company’s survival.
Given the measures planned and implemented, no risks have been identified that - either individually or in conjunction with other risks - could jeopardize the continued existence of Evonik. In accordance with our risk catalogue, we monitor risks on the basis of the four categories defined by the COSO enterprise risk management model: strategic, operational, compliance/legal and financial.
Due to the fields in which it operates, the Evonik Group is exposed to constantly changing national and international political, societal, demographic, legal and economic operating conditions. To counter the resultant risks we monitor our business environment closely, anticipate market trends and consistently develop our portfolio in conformance with our corporate strategy.