Risks, risk management and opportunities
Risk management is by its nature a continual and ongoing process. The purpose of the risk management process is to provide an overview of the Group’s greatest risks, and to serve as a basis for making informed decisions. Nobia’s approach is flexible to ensure that it is relevant at all levels of the business, and dynamic in order to be responsive to changing business conditions. Risk management is a part of conducting business, consequently Nobia strives to ensure that the risks taken are deliberate. Identifying emerging risks which may arise from technological development as well as new or changing environmental risks is a vital part in Nobia’s Enterprise Risk Management process.
Business risks including sustainability and climate-related risks
Identifying, analysing, managing and monitoring risks is a priority area for the Group. Climate-related risks are integrated into this process as well. Risk management involves all of the units at the company and follows a structured process. It begins with by making an inventory of existing and new risks, through measures including workshops and interviews with representatives from different parts of the organization. Next, the management team assesses the risks in the inventory on the basis of probability and impact. Principal risks are then presented to the Audit Committee and the Board.
TCFD scenario analysis
The Task Force on Climate-related Financial Disclosures (TCFD) is a voluntary framework to increase transparency on climate-related risks and opportunities.
Climate scenarios help the Group understand what our climate might look like in the future, depending on multiple global issues such as politics, technology, the economy and social change. Both transition risks and physical risks can be identified by analysing potential effects on the business under different climate scenarios. These scenarios can be used to adjust the strategy in the future. This involves preparing for an economy, legislation and the development of society with low CO2 emissions, as well as adapting to the physical impact that the changed climate will have on the Group, as well as its customers’ and suppliers’ operations.
Several risk workshops on the issue of climate-related risks according to the TCFD’s recommendations were held in autumn 2021. They covered the entire value chain, and addressed both transition risks (legal, technical, market and brand) and physical risks (critical and chronic).
Two scenarios were investigated and illustrated:
- RCP 2.6 (<2 °C), where the world succeeds in limiting the increase in temperature to below 2°, i.e. in line with the Paris Agreement
- RCP 8.5 (>4 °C), the world continues to increase emissions.
Several risks and opportunities were identified, and their financial impact was estimated by Nobia business managers. Although some risks have a potentially significant impact, Measures in line with the company’s established strategy have already been initiated since the majority of the identified risks were known, and it was noted that current management is considered satisfactory and that the Group is well prepared regardless of scenario.
The Group will continue working on risks and opportunities according to the TCFD’s recommendations. This primarily means continuing to identify objectives and metrics, as well as more in-depth analysis of risks with the aid of the scenario analyses.
Nobia's risk management process
Strategy and appetite: The Board has overall responsibility for setting the Group’s strategy, as well as maintaining risk management activities and internal control processes. The Board has also established the Group’s appetite for risk.
Risk identification: Nobia utilises a structured risk and control identification process to identify risk. All of the business units must regularly review, identify and document material risks. The most material risks are identified and managed at Group level, and then reported to the Board.
Risk assessment: The Business Units conduct a structured risk assessment process in accordance with the minimum standards established internally. The Group’s principal risks are examined in detail by the Audit Committee.
Risk treatment: The Business Units’ management review the principal risks and identify the need for actions and controls. Management assurance is provided on both a formal and informal basis, with ongoing review by the Board. The Business Units design action plans and are responsible for these plans.
Monitoring: Business risks including sustainability and climate-related risks are monitored at the Group and operational levels. The Audit Committee performs an annual review of the risk management policy and plan.