Home
    Investors
    Governance
    Risk management

    Risk management

    Wärtsilä, like any other company, encounters various risks in the normal course of its operations. Conducting business necessitates accepting a certain degree of risk. By fostering a culture of risk awareness and practicing proactive risk management, Wärtsilä seeks to effectively implement its strategy, carry out its operations, achieve its objectives, meet its financial targets, and be prepared for potential external threats.

    Risk represents an element of uncertainty regarding objectives, which, if realised, can lead to deviations from anticipated outcomes, posing either threats or opportunities. Thus, risk management activities are primarily focused on identifying significant risks that could hinder the company from achieving its objectives and determining their acceptability. If such risks are deemed unacceptable, corrective actions are undertaken to avoid, mitigate, transfer, or monitor them. Conversely, where feasible, risks may be converted into opportunities.

    At Wärtsilä, the following statements apply:

    • Wärtsilä considers that risk management is an integral part of its strategic and operational management, connected to the management systems and part of the company’s culture.
    • The risk management process is a systematic, continuous loop of repetitive steps of context establishment, risk identification, risk assessment, risk treatment, communication and consultation, and finally monitoring and review.
    • All Wärtsilä businesses are accountable for achieving their strategic objectives and financial targets. Therefore, proactive risk management and the execution of effective risk mitigation plans are the responsibility of the business management teams and individual managers. However, risk awareness is a matter for everyone at Wärtsilä.
    • Risk management is subject to continuous improvements that reflect changes in the internal organisation and the external environment Wärtsilä operates in.
    • The maturity and effectiveness of risk management practises is verified regularly.

    Risk management principles

    Risk management framework and governance

    Wärtsilä’s over-arching risk management framework, and the associated practices, adheres to the ISO 31000:2018 standard, and is focused on continuous improvement and verification. The risk framework and guidelines are documented in the Group’s Enterprise Risk Management policy.

    Wärtsilä’s Board of Directors defines the Group’s risk appetite and tolerance levels, and oversees the risk profile with regular reviews.

    The President & CEO, along with the Board of Management, is responsible for establishing a culture of risk awareness at Wärtsilä, ensuring that risk management is deeply embedded in all key processes with the appropriate tools and resources. The Board of Management regularly reviews the Group’s risk profile, which includes the most significant risks and their mitigation plans. They provide guidance and set priorities as necessary to ensure the adequacy of risk management actions and controls.

    Wärtsilä's businesses are tasked with adhering to their strategies and achieving their operational and financial targets. Additionally, the businesses and their management teams are responsible for implementing ongoing risk management actions to identify, manage, and address all significant risks. This responsibility extends to the business unit level and beyond within the business organisation. Each business regularly presents its risk profile to the President & CEO, the Chief Financial Officer, and the rest of the Board of Management.

    The Corporate Risk Management function within Corporate Treasury oversees the risk reporting process, and supports the businesses and their underlying organisations in risk management. This function also leads the internal risk management peer group with business representatives to ensure proper alignment, knowledge sharing, and the continuous improvement of risk management practices at Wärtsilä.

    Risk reporting

    Risk categorisation

    Within Wärtsilä’s comprehensive risk management framework, risks are classified into strategic, operational, hazard, and financial categories. Generally, the potential impact of strategic and operational risks is the greatest, while hazard and financial risks pose a lower potential impact. These impacts can be both positive and negative, except in the case of hazard risks, which exclusively have negative consequences.


    © 2025 Wärtsilä