Wärtsilä, like any other company, is exposed to various risks through the normal course of its activities. No business can be conducted without accepting a certain level of risk, and any expected gains from business activities are to be assessed against the involved risks.
The purpose of risk management is to ensure that Wärtsilä is able to effectively execute its strategies and to reach its targets, in the short term as well as over the long run. The key is to identify the risks that have the potential to restrain the company from reaching its goals, and thereafter to determine whether those risks are at an acceptable level.
Actions need to be taken to avoid, mitigate, transfer, or monitor identified risks. Wärtsilä's structured risk management process offers a set of reactive, proactive, protective, and preventive tools that are used not only to protect it against threats, but also to turn some of the risks into opportunities.
Risks can only be managed if they are identified and understood in advance, if risk treatment and mitigation plans are made to manage them, and if a process of continuous follow-up is in place for the related controls. Therefore, risk management is a central part of Wärtsilä's strategic and operational management.
Risk management principles
Risk management at Wärtsilä is a continuous process of analysing and managing all the opportunities and threats faced by the company in its efforts to achieve its goals, and to ensure the continuity of the business. The basis for risk management is the lifecycle quality of Wärtsilä’s operations and products, and the continuous, systematic, loss prevention efforts at all levels of the Group based on the principle that “everybody is responsible”. In the long-term, this is the only means for reducing the overall risk related costs.
The Board of Directors and the Board of Management decide and set the guidelines on strategic matters. Each Business is responsible for achieving its set strategic goals, and for mitigating and managing its risks. The Corporate Risk Management function is part of Group Treasury, which reports to the Chief Financial Officer. The function is responsible for the risk reporting process, and for conducting risk assessments with the Businesses and their underlying organisations. It co-ordinates all risk management activities within the Group, reviews the business risk profile, and cooperates with the Businesses in the implementation of risk mitigation work. It is also responsible for maintaining the Group risk management policy, and describing the current way of working in relation to risk reporting. The policy is Wärtsilä specific; it derives from the actual needs of the Group and the Businesses and is, to a large extent, in line with the ISO 31000 standard. The ISO 31000 vocabulary has been adopted in order to streamline risk related communication within the Group. Furthermore, the Risk Management function develops and manages global and local insurance schemes for insurable risks. The Audit Committee reviews and assesses the adequacy of risk management. The Internal Audit function is responsible for reviewing the risk management process on an annual basis.