Wärtsilä, like any other company, is exposed to various risks through the normal course of its activities. No business can be conducted without accepting a certain level of risk. By maintaining a risk aware culture and practising the proactive management of risks, Wärtsilä aims to ensure that it can effectively execute its strategies, perform its operations, meet its objectives, reach its financial targets, and be prepared for potential external hazards.
Risk is an element of uncertainty on objectives resulting in, if materialised, a deviation from the expected, representing either a threat or an opportunity. Therefore, the focus in risk management activities is to identify such material risks that have the potential to restrain the company from reaching its goals, and to determine whether such risks are at an acceptable level. If not, corrective actions are taken to avoid, mitigate, transfer, or monitor the risks. Alternatively, if possible and feasible, risks may be converted into opportunities.
At Wärtsilä, the following statements apply:
Risk management framework and governance
Wärtsilä’s over-arching risk management framework and practices defined therein, follow the ISO 31000:2018 standard, with an emphasis on continuous improvement and verification. The risk management framework and guidelines are documented in the Group’s Enterprise Risk Management policy that is applicable Group-wide.
Wärtsilä’s Board of Directors bears the ultimate accountability for defining the Group’s overall risk appetite and tolerance level, and they have the responsibility for oversight of the Group’s risk profile with regular reviews.
The President & CEO, together with the Board of Management, is responsible for setting the premise for a risk awareness culture at Wärtsilä, and for ensuring that risk management is deeply embedded in all operations and processes with the appropriate tools and resources. The Board of Management reviews the Group’s risk profile, i.e. the most important risks and their mitigation plans, on a regular basis, giving guidance and setting priorities as needed to ensure the sufficiency of risk management actions and controls.
The businesses at Wärtsilä are responsible for performing their strategies and achieving their set operational and financial targets. Equally, the businesses and their management teams are responsible for the deployment of continuous risk management actions to identify, manage, and treat all material risks. This work is cascaded further down in the organization to the business unit level and beyond. Each business presents its risk profile to the President & CEO, the Chief Financial Officer, and the rest of the Board of Management on a regular basis.
The Corporate Risk Management function is part of Group Treasury that in turn reports to the Chief Financial Officer. The function is responsible for the risk reporting process, maintenance of the risk management system, and for supporting the businesses and their underlying organisations in risk management. The function also leads the internal risk management peer group that, together with business representatives, ensures proper alignment, knowledge sharing, and the continuous improvement of risk management at Wärtsilä.
Wärtsilä’s over-arching risk management framework and practices categorise risks into strategic, operational, hazard, and financial risks. The potential impact is typically highest with strategic and operational risks and lowest with hazard and financial risks. Impacts can have upsides and downsides, except for hazard risks where only a negative effect is possible.