Management Risk management

Risk management

Approach to management

At Grupa LOTOS, risk management is a decision making supporting process. Moreover, it allows for a threat prevention, reducing occurring threats impact and the selection of the most suitable solutions for the Company.

The implementation and operation of the corporate risk management system is supervised by the Strategy Committee. Furthermore, an internal audit unit in charge of, without limitation, the evaluation of risk management systems and the analysis of business processes exisits. Relevant reports are submitted to the Management Board and the Audit Committee of the Supervisory Board of Grupa LOTOS.

Key rules and responsibilities relating to the system are defined in the ”Capital Group Corporate Risk Management Policy of Grupa LOTOS S.A.” Risk management is not only an element of business process management and operation, but also an integral part of the organisational culture., Risk management policies at the LOTOS Group stipulate that:

  • risk management is an inherent element of management and business processes, as well as an element of the organisational culture;
  • each Capital Group employee must report threats and risks, as well as chances and opportunities related to processes and likely to influence the achievement of goals defined;
  • at the Capital Group, all decisions are made on the basis of relevant risk analysis;
  • risks are identified, analysed and assessed in terms of their consequences;
  • based on risk assessment, the Company prepares an aggregated risk map of the LOTOS Group;
  • in the event of a risk being qualified as potentially significant for the Group, a risk management strategy and measures to be taken in case of its materialization are defined;
  • any significant risks are supervised and monitored on a current basis by a delegated employee, a risk owner, according to monitoring policies set out; monitoring of the outcome is reported in accordance with the rules;
  • disputable issues relating to risks and opportunities for the Capital Group are solved by the Strategy Committee or the Management Board of Grupa LOTOS on the basis of the Committee’s recommendations;
  • compliance with the Policy and the efficiency of the Risk Management System are verified at least once a year or in the event of changing circumstances. Results and recommendations are used for the purpose of continuous system improvement;
  • risk management and detailed related responsibility are defined in the Integrated Management System documentation.

Key instruments

In 2009, Grupa LOTOS defined ranges used to quantify risks, rules for responding to risks, and assumptions for risk monitoring and reporting. The risk was re-assessed and the risk map was updated to cover 2010 and the business strategy till 2012. Out of the identified risks that are significant for the LOTOS Group, the Company selected four, each relative to various activity areas, and analysed them in detail. Those risks were described in Risk Management Sheets, including, but not limited to, risk factors, risk management rules, monitoring measures, reduction plans, plans of procedure in case of risk materialisation, as well as related incidents.

At present, the Company is preparing Risk Management Sheets for other significant risks existing in the Capital Group. Moderate risks are monitored on a current basis. In the case of risks that are the most likely to occur, procedure plans in case of risk materialisation are developed on the basis of the risk owner’s decision.

In 2009, Grupa LOTOS regulated project risk assessment rules by ensuring a consistent and unified methodology. At present, one of the major elements of project analysis, before the project is launched, is the identification and evaluation of related threats in order to recommend actions aimed at reducing significant and moderate risks and identifying risk owners responsible for the fulfilment of duties, project risk monitoring and potential consequences.

Development plans

Grupa LOTOS is preparing for the implementation of an IT tool designed to support corporate risk management. The software supplier is being selected. The Company will also prepare a procedure defining risk management in detail. The purpose of such a document will be to ensure risk identification and assessment is carried out periodically at the Capital Group, relevant tools are optimally selected in various activity areas, and the entire process is consistent and efficient.