Risk management, internal control and internal audit

 

Risk management

At Exel Composites risk management is a continuous process, which is integrated with the daily decision making and continuous monitoring of operations as well as with the preparation of half year financial reports, business reviews and annual financial statements.

The Board of Directors governs the risk management of the company through a risk management policy. In addition, the Board of Directors makes a risk assessment as part of the review and approval process of each set of half year financial reports, business reviews and annual financial statements. Risk factors are also considered in connection with any future guidance disclosed by the company.

The operative risk management, including risk monitoring, is part of the key duties of the operative management. Risks are considered and evaluated in conjunction with each business decision. Additionally, they are also monitored by the President and CEO and other group management on a monthly basis when the team reviews the business development and any near and long-terms risks upon presentation of the business unit heads and controllers.

Risks and uncertainties related to Exel Composites can be categorized as strategic, operational, financial as well as hazard and environmental risks.

Strategic risks

With respect to strategic risks, a significant portion of Exel Composites’ revenues is generated from certain key clients and market segments. Whereas production capacity and cost structure of the company is planned for growing business volume, negative development of such key clients or market segments could lead to deterioration of Exel Composites’ profitability. This risk is mitigated by a close cooperation with key clients. The development of key markets and consequently business volumes are actively followed and forecasted in order to be able to adjust our business and cost structures to the forecasts. New products and applications are also continuously developed in order to limit the dependency of any individual clients or market segments.

Strategic risks also include risks related to acquisitions where the realized level of benefits and synergies may differ from the planned.

Operational risks

The most significant operational risks relate to product development and sales as well as production. Exel Composites’ product range is very broad and often customer customized, which adds complexity to the product development and production. Designing, producing and selling a product that does not meet the requirements agreed with a client could potentially lead to substantial losses and damages as well as negative impact on the company reputation. In addition, availability of skilled employees and knowledge retention, protection of self-developed proprietary technology, fraud, possible human rights or other Code of Conduct violations in the company or within its supply chain, availability and pricing of key raw materials and health problems due to long-term exposure to chemicals or accidents belong to the most significant operational risks. The availability of skilled employees and knowledge retention, protection of self-developed proprietary technology, fraud prevention and detection, and the availability and pricing of key raw materials are critical for the profitability of the business, while possible human rights or other Code of Conduct violations or the realization of significant health and safety risks causing damage to people or the environment could potentially lead to reputational loss, sanctions or even influence its operational permits. Pre-emptive management of operational risks through careful contracting as well as appropriate business processes and working instructions are in key roles to prevent possible damages.

Financial risks

Financial risks consist of currency, interest rate, liquidity and funding risks, as well as credit and other counter party risks. Currency and interest rate risks are managed primarily by natural hedging or by using derivative instruments. Credit insurance is in place to cover risks related to trade receivables.

Hazard and environmental risks

Hazard risks include damages caused to property because of fire, floods or chemical spill. If realized, these have an impact first and foremost on the surrounding environment, but also in the company’s own business and losses due to related business interruptions, either in the company’s own operations or in its supply chain. The realization of environmental hazard risks could potentially lead to sanctions, reputational loss or influence its operational permits. Exel Composites’ primary aim is to actively prevent any such accidents and its environmental program is based on the identified risks, legislative requirements and certifications such as the ISO 9001, OHSAS 18001 and ISO 14001. Environmental monitoring and measuring are carried out at all sites. If realized, despite all pre-emptive measures, damages from hazard risks are mainly covered by insurance policies. This type of risks are also regularly audited by third parties that provide recommendations for improvement to reduce risk probability.

Of the before mentioned risks, the probability of individual strategic or operational risks can be deemed relatively high. The consequences, however, of any such risk, if realized, are typically not substantial. With the company’s current operating model, the probability of financial risks is deemed medium or low. The probability of hazard and environmental risks is also low.

 

Internal control

Exel Composites' internal control framework is based on the COSO framework. Exel Composites has defined internal control as a process influenced by the Board of Directors, the President and CEO, Group Management and personnel on all levels in the Group, designed to provide reasonable assurance regarding the achievement of objectives.

The aim of Exel Composites' internal control framework is to ensure that Exel Composites' operations are effective, efficient and aligned with strategy, to focus on the most business-relevant risks and issues, to promote ethical values, good corporate governance and risk management, to ensure compliance with laws, regulations and internal policies, as well as to ensure reliable, complete and timely financial reporting.

Exel Composites' internal control framework consists of the internal control, risk management and corporate governance policies and principles set by the Board of Directors, with management overseeing the implementation and application of the policies and principles. The group controller function monitors the efficiency and effectiveness of the operations and reliability of the financial and management reporting. In the risk management process, risks threatening the realization of Exel Composites' objectives are identified, assessed and mitigated. Compliance procedures are designed to ensure that all applicable laws, regulations, internal policies and ethical values are adhered to. Effective control environment at all organizational levels includes control activities tailored for each of the key business processes. Shared ethical values and strong internal control culture among all employees form the foundation for Exel's internal control.

The ultimate responsibility for the appropriate arrangement of the control of the company accounts and finances falls on the Board of Directors. The President and CEO is responsible that the accounts are in compliance with the law and that the financial affairs have been arranged in a reliable manner.

Exel Composites' internal control framework and roles and responsibilities for internal control have been defined in Internal Control Policy approved by the Board of Directors.

Further information on internal control and risk management related to financial reporting can be found in the Corporate Governance Statement.

 

Internal audit

Based on the effective operation of the group financial control, including the established controller function, the Company does not have a separate internal audit function. The Board of Directors or the President and CEO can assign Exel Composites' controller function or an external service provider to perform internal audit assignments as needed.

Exel Composites Oyj, Vantaa head office, Mäkituvantie 5, FI-01510 Vantaa, Finland