Our approach to risk management
Every business decision that we make follows an analysis of the risks involved. The nature of the fuel industry demands that we take a strategic approach to mitigating risks affecting our organisation and its social environment. With applicable internal regulations and processes in place, we investigate and effectively mitigate potential threats on a daily basis.
At the LOTOS Group we take responsibility for our actions, therefore we have adopted pro-active management of risks and opportunities as a strategic goal for 2017−2022, which we intend to pursue through the following initiatives:
- First: we aim to build a strong culture of open dialogue and early response to risk symptoms,
- Second: we want our risk management framework to support processes that allow for stakeholder value creation.
Given our strong impact on the external environment, we take particular care to investigate and identify risks in all areas of our activity, including our flagship EFRA and B8 field development projects. Risk information is used in operational planning, budgeting and long-term forecasting. The LOTOS Group effectively mitigates risks inherent in its current operations by developing and refining policies and regulations governing its business processes, investment projects, and new product commercialisations.
Risk Management Model in LOTOS Capital Croup assures risk governance through 3 lines of defence.
The first line of defence (1st) is based on operational functions that manage its own risks through process specific solutions, which are scaled adequately to risk dynamics and impact. Another, 2nd line consists of corporate functions that oversee and or specialize in risk management e.g.: Risk Management, Compliance and Finance. This level defines general rules, principles and criteria for risk management within LOTOS Capital Group as well as monitor an forecasting overall company risk exposure and risk profile. Eventually, adequacy and effectiveness of risk management system is verified periodically by Audit function (3rd Line of defence).
The comprehensive Enterprise Risk Management (ERM) system, in place at the LOTOS Group since 2011, was implemented to support safe operation of the organisation and achievement of its objectives.
Key responsibilities and general risk management guidelines are defined in the Enterprise Risk Management Policy developed by the LOTOS Group. Also, an Enterprise Risk Management Committee has been established at the Parent, which advises the Board on risk management.
Risk management process
The key ERM tool is a risk management procedure, which describes the process and sets out the rules for risk identification, assessment, monitoring and reporting as well as methods designed to evaluate the effectiveness of mitigating actions taken.
In practice, risk management at the LOTOS Group is a multi-stage process comprising:
Roles in the risk management process
Supervisory Board − monitors the effectiveness of the risk management system.
The Board − takes key decisions about the ERM system and identifies risk owners.
Segment heads − are responsible for overall monitoring and supervision of risk management in their segments.
Enterprise Risk Management Committee − provides opinions, recommends ERM-related actions and monitors their progress. The Committee consists of representatives of each segment.
Risk Management Office − coordinates and supports actions taken by risk owners.
Risk owners – manage individual risks, defining the course of action with respect to each risk and monitoring its levels.
LOTOS Group employees − implement risk mitigation activities and identify new risks.
Internal Audit and Process Management Offices − review and evaluate the effectiveness of implemented controls during internal audits, and identify and assess risks associated with the LOTOS Group’s operations. The Internal Audit Office annually evaluates the effectiveness of the risk management framework as part of the assessment of organisational maturity and individual risk management methods.
All of our risk management efforts are supported by an IT tool, the ERM Portal. The ERM Portal is used to record risks and risk assessment results and prepare risk maps, to monitor current risk indicators and the progress of planned actions, as well as for reporting purposes. Audit results are}}also recorded in the ERM Portal where the audit involves a review of the risk management procedures.
In 2016, we internally reviewed the operation of our risk management framework and developed future development directions in line with best market practices. The LOTOS Group operates a mature risk management system and has built a strong risk awareness culture.