risk management

Risk management, Piano
strategico e Organi di governo
Roma, 1ST Octobre 2014
AGENDA
 ERM OVERVIEW & VALUE FOR THE BUSINESS
 ERM IN LUXOTTICA
 ERM & STRATEGIC PLANNING
Roma – Risk Management, Piano strategico e Organi di governo
2
AGENDA
 ERM OVERVIEW & VALUE FOR THE BUSINESS
 ERM IN LUXOTTICA
 ERM & STRATEGIC PLANNING
Roma – Risk Management, Piano strategico e Organi di governo
3
WHAT’S RISK?
... any uncertain event that could THREATEN the achievement of
BUSINESS OBJECTIVES and Strategies or the company’s tangible &
intangible ASSETS...
... impacts on OPERATIONS, REPUTATION
as well as FINANCIAL METRICS…
... might arise from our actions… however,
it might ARISE FROM INACTION TOO!
Roma – Risk Management, Piano strategico e Organi di governo
4
WHY MANAGING RISKS?
To TURN potential THREATS… … into OPPORTUNITIES
mainly
…relying on a single
supplier
...focusing only on
short term results
one
...relying on a single
supplier…
…to be more cost effective, while
having a back-up set of alternative
suppliers in case of sudden supply
stoppage
... focusing only on
short term results…
…to generate cash flows aimed at
supporting long term strategies for
company sustainable growth
Roma – Risk Management, Piano strategico e Organi di governo
5
WHO IS IN CHARGE?
When we take DECISIONS…we take RISKS…
The ENTIRE ORGANIZATION
is INVOLVED in MANAGING RISKS and is expected to:



timely raise risks (doubts, too)
help in avoiding negative consequences
ensure the obtainment of its objectives!
Roma – Risk Management, Piano strategico e Organi di governo
6
KEY LEARNINGS
Managing risks could PREVENT negative IMPACTS ON BUSINESS
TARGETS
Managing risks is a LONG TERM INVESTMENT, that can enhance
ECONOMIC - FINANCIAL, STRATEGIC and COMPETITIVE opportunities
Business history is full of examples of MISTAKES, from which every Organization
should LEARN!
PREVENTION is better than cure!
Roma – Risk Management, Piano strategico e Organi di governo
7
AGENDA
 ERM OVERVIEW & VALUE FOR THE BUSINESS
 ERM IN LUXOTTICA
 ERM & STRATEGIC PLANNING
Roma – Risk Management, Piano strategico e Organi di governo
8
INTERNAL ORGANIZATION
Since 2010, Luxottica has set up the RISK MANAGEMENT DEPARTMENT with the purpose to:

IDENTIFY AND MANAGE RISKS that could impede the accomplishment of strategic and operational goals;

GUARANTEE A SUSTAINABLE GROWTH.
RISK MANAGEMENT & COMPLIANCE ORGANIZATION
COMPANY’S KEY FIGURES
 7.3 BILLION OF SALES
CEO*
 > 70.000 EMPLOYEES
 > 45 BRANDS
 > 7.000 STORES
RISK MANAGEMENT &
COMPLIANCE
 11 PRODUCTION PLANTS
RISK
MANAGEMENT
Corporate
COMPLIANCE
Corporate
RM&C
NORTH
AMERICA
ASSET
PROTECTION
*CEO Corporate functions
Roma – Risk Management, Piano strategico e Organi di governo
9
MISSION & OBJECTIVES
SUPPORT ORGANIZATION TO TAKE THE
BEST BUSINESS DECISIONS TO…
AWARENESS
on risks in everyday activities
INTEGRATION
PROTECT
VALUE
of information for a conscious decision-making
CONFIDENCE
THROUGH
THE UNDERSTANDING
OF RISKS
INCREASE
OPPORTUNITIES
BUILDING
to respond to context changes
TRANSPARENCY
on risks for all the stakeholders
CONSISTENCY
among goals and risks
EMPOWERMENT
for managing and monitoring risks
OPTIMIZE
BALANCE
RISK VS
REWARD
COMPLIANCE
with law & best practices
CONSCIOUSNESS
on risks exposure
Roma – Risk Management, Piano strategico e Organi di governo
10
PROCESS & BoD ROLE
According to international best practices and frameworks, Luxottica has implemented a 5-STEPS PROCESS:
 Risk model
1. Risk
Mapping
 Assessment methodology
 Mitigation plan follow up
 Monitoring of KRI
5. Monitoring
&
Improvement
> 100 interviews:
2. Risk
Assessment
 Risk event
 Impact & likelihood
 Actions already in place
 Risk ownership setting
 Mitigation plans
 Overall evaluation of
4. Risk
Treatment
3. Risk
Reporting
 Prioritization based on severity
 Overall risk exposure
 Reporting to directors/CEO
 Reporting to Internal Control &
risk exposure
Risk Committee
FOCUS ON RISKS WITH MIDIUM HIGH SEVERITY
Internal Control & Risk Committee / Board of Directors *
* see next slide for details
Roma – Risk Management, Piano strategico e Organi di governo
11
ICRC & RISK MANAGEMENT
Internal Control & Risk Committee (ICRC)*
COMPLIANCE
 Analysis of main
compliance
topics
 Monitoring,
implementation
and improvement
plan
 Approval policies
and related
procedures
ANNUAL RISK
ASSESSMENT
Risk management
expose the results
of main topics
arisen from all the
interviews
MITIGATION PLAN FOLLOW UP
AD HOC ANALYSIS
ON SPECIFIC RISKS
Twice a year check on activities related to the
approved actions plans
(e.g. Credit risk, FX, Supply chain)
* Non-executive independent Directors and Director responsible for internal control system
Roma – Risk Management, Piano strategico e Organi di governo
12
BENEFITS
 An EFFECTIVE SUPPORT FOR MANAGEMENT in identifying and managing
risks that, if left unaddressed, might negatively and unexpectedly affect goals achievement
 A SYSTEMIC BRAINSTORMING regarding risks, exposures and countermeasures
 A UNIQUE AND CENTRALIZED REPRESENTATION OF MAJOR RISKS as
perceived by management
 A HOMOGENEOUS VIEW OF RISKS across the Group
 Increased AWARENESS and transparency on RISK EXPOSURE
 REDUCED VULNERABILITY TO ADVERSE EVENTS, through the enhancement
of timely risk response
 ENHANCED TRACKING OF IDENTIFIED RISKS across years
Roma – Risk Management, Piano strategico e Organi di governo
13
AGENDA
 ERM OVERVIEW & VALUE FOR THE BUSINESS
 ERM IN LUXOTTICA
 ERM & STRATEGIC PLAN
Roma – Risk Management, Piano strategico e Organi di governo
14
ROLE OF THE BOARD
«CODICE DI AUTODISCIPLINA»*
•
Esamina e approva I PIANI STRATEGICI, INDUSTRIALI E FINANZIARI
DELL’EMITTENTE E DEL GRUPPO DI CUI ESSO SIA A CAPO,
ART. 1,
criterio
monitorandone periodicamente l’attuazione
applicativo
1.C.1, lettere
a) e b)
•
Definisce la natura e IL LIVELLO DI RISCHIO COMPATIBILE CON GLI
OBIETTIVI STRATEGICI dell’emittente
ART. 7,
criterio
applicativo
7.C.1, lettere
a) e b)
•
DEFINISCE LE LINEE DI INDIRIZZO del sistema (…) affinchè i
PRINCIPALI RISCHI afferenti all’emittente e alle sue controllate risultino
correttemente identificati, nonché adeguatamente misurati, gestiti e monitorati,
determinando inoltre il GRADO DI COMPATIBILITÀ di tali rischi con una
gestione dell’impresa coerente con gli obiettivi strategici individuati.
* Borsa Italiana
Roma – Risk Management, Piano strategico e Organi di governo
15
BOARD DECISION-MAKING PROCESS
COMMENTS
GOALS VS RISK BALANCEMENT
Board of directors continuously RECEIVES
(…)
EXTERNAL INPUTS (such as stakeholders
expectations, compliance requirement, etc) and
INTERNAL PROPOSALS (strategic plan &
STRATEGIC
PLAN &
INITIATIVES
STAKEHOLDERS
EXPECTATIONS
initiatives, corporate performance, etc.) …
So ANALYSIS OF STRATEGIC, EXTERNAL
AND OPERATIONAL RISKS is an essential
prerequisite to take the best decision…
…WITH THE AIM TO ALIGN THE OVERALL
ANNUAL
BUDGET
COMPLIANCE
ISSUES
FINANCIAL
STATEMENTS
& GOALS
CORPORATE
PERFORMANCE
STRATEGIC
RISKS
EXTERNAL
RISKS
OPERATIONAL
RISKS
BOARD OF DIRECTORS
RISK EXPOSURE, THE COMPANY RISK
CAPACITY AND THE STAKEHOLDER
EXPECTATIONS.
Roma – Risk Management, Piano strategico e Organi di governo
16
BOARD ENGAGEMENT
ON DIFFERENT RISK CATEGORIES
BOD
CHALLENGE & ACTIVE ROLE
evaluation of the strength of
strategic plan assumption and the
compatibility of risk level with the
strategic objectives
EVALUATION OF THE
RESILIENCE AND THE
ABILITY OF REACTION
*
STRATEGIC
RISKS
*
EXTERNAL
RISKS
EVALUATION OF THE
ADEQUACY OF INTERNAL
CONTROL AND
MANAGEMENT SYSTEMS
*
OPERATIONAL
RISKS
RISK MANAGEMENT
* Communication mainly originated by BoD; balanced; Risk Management
Source: Working Paper Protiviti – June 2014
Roma – Risk Management, Piano strategico e Organi di governo
17
RISK ASSESSMENT & STRATEGIC PLAN
HOW INCREASE RISK MANAGEMENT MATURITY
RISK MANAGEMENT MATURITY
STRATEGIC PLAN AS A «COUNTERMEASURE»
 Risk mitigation included in
strategic plan (mainly for
operational risks)
 Risk analysis based on
1. Risk
Mapping
5. Monitoring
&
Improvement
strategic plan target and
2. Risk
Assessment
operating processes / current
organization (AS IS)
 Interactive discussion with
 Resource allocation to
mitigate critical risk events.
4. Risk
Treatment
3. Risk
Reporting
top management about :
 Risks related to
 Contingency plan for
catastrophic events /
strategic planning team and
strategic objectives,
FOCUS ON RISKS WITH MIDIUM HIGH SEVERITY
alternative scenarios
 Risk appetite /
tolerance
 Review of strategic plan
Internal Control & Risk Committee / Board of Directors
 Resource
 Stress test / what if analysis
assumptions and targets
on alternative scenarios
STRATEGIC PLAN «RISK ADJUSTED»
Roma – Risk Management, Piano strategico e Organi di governo
18
CONCLUSIONS
The RISK IS ROOTED INTO BUSINESS AND STRATEGIC CHOICES.
For this reason, a PRE-EMPTIVE ANALYSIS of the risk factors and their impact on
corporate performance become, for the board, an essential precondition for a
SUSTAINABLE VALUE CREATION effort.
A continuous and open discussion with risk management could enhance the risk mitigation in
the long term and assure the ALIGNMENT BETWEEN BOARD RISK APPETITE,
COMPANY RISK CAPACITY AND STAKEHOLDER EXPECTATIONS
Roma – Risk Management, Piano strategico e Organi di governo
19
Stefano Orsini
Group Risk & Compliance
Tel. +39 02 863 34063
[email protected]
Alessia Carnevale
Group Risk Management
Tel. +39 02 863 34531
[email protected]
www.luxottica.com
Roma – Risk Management, Piano strategico e Organi di governo
20
Grazie.

Download Report