Risk management

Capitals:

Enterprise Risk Management

In 2022, the organisation and underlying principles of the Enterprise Risk Management System did not change relative to the previous year. Based on its Enterprise Risk Management Policy and Procedure, the ORLEN Group monitors and assesses its risk exposures on an ongoing basis and takes steps to minimise their probability and impact.

As required by these regulations, the Financial Control, Risk Management and Compliance Office was established at ORLEN S.A. to coordinate the enterprise risk management (ERM) processes across all levels of the organisation. The Management Boards of all ORLEN Group companies are responsible for risk management at their respective companies.

The Enterprise Risk Management System is a tool used to support effective delivery of the ORLEN Group’s operational and strategic objectives. It provides information on any identified risks and supports effective risk management.

Key roles in the Enterprise Risk Management System.

The ORLEN Group monitors and assesses risk on an ongoing basis and takes steps to minimize its impact on the financial situation.

Risks are assessed regularly by individual business areas of ORLEN and the ORLEN Group as part of their self-assessment and risk controls testing. The key objective is to ensure that risk estimation is up to date, and that the risk controls are validated for adequacy and effectiveness. Process and risk owners and in charge of the assessment, based on their positions and remits.

In the risk assessment, the materiality of each risk is determined under three scenarios:

  • where there are no risk-specific controls in place (gross risk assessment);

  • where the existing risk-specific controls are in place (net risk assessment). The net risk assessment requires testing relevant risk mitigating controls, in line with the guidelines adopted by the Company as part of the Enterprise Risk Management Procedure, prepared in accordance with the Enterprise Risk Management Policy adopted by the Company’s Management Board;

  • where the risk is at a desired (acceptable) level – target risk assessment.

Once the risk assessment and risk controls testing processes are completed, the Company’s Management Board and Supervisory Board receive a report highlighting risks assessed as key by the business segments.

Risks at ORLEN and other ORLEN Group companies are defined based on a common model, and further detailed at the level of individual business processes or strategic objectives.

In 2022, as part of an annual risk self-assessment process and risk controls tests

  • at ORLEN, 629 risks were assessed based on tests of 1,027 controls in 195 business processes.

  • The ORLEN Group companies assessed 222 risks and tested 723 controls across 89 processes.

In 2022, the Enterprise Risk Management system covered the following entities:

  • ORLEN,
  • Anwil S.A.,
  • ORLEN Lietuva Group,
  • ORLEN Unipetrol Group,
  • ORLEN Deutschland GmbH,
  • ORLEN Paliwa Sp. z o.o.,
  • ORLEN Centrum Usług Korporacyjnych Sp. z o.o

In the Enterprise Risk Model adopted by the ORLEN Group, all identified risks are classified into the following categories:

  • STRATEGIC RISKS – directly related to strategic objectives, specific actions and performance indicators.

  • PROJECT RISKS − events or circumstances which, if they materialise, may have an adverse effect on one or more project objectives. These risks are subject to ongoing assessment during project implementation.

  • PROCESS / OPERATIONAL RISKS – identified in the ordinary course of business; their identification facilitates effective process

In each of these categories, an enterprise risk may occur in a range of processes. Accordingly, the classification table below presents examples of risks of a given category that occur in different business processes.

Classification of risks and processes and the Enterprise Risk

Risks relating to OHS, process safety, fire safety, and handling of hazardous goods

ORLEN2030 / ORLEN Net-Zero 2050: Reduction of emissions to improve air.

Climate-related risks integration into ORLEN corporate risk management system

Energy transformation risks

Identification, assessment and management of risks and opportunities arising from climate change – physical risks

Environmental risks

Other risks - non-financial

Risks related to social and employee issues, respect for human rights, occupational health and safety, anti-corruption and bribery may be present in 3 main risk categories (strategic, design, process/operational) at the ORLEN Group.

 A description of risks, methods of their mitigation and trends in the development of risks for the above issues is presented below.

Social risks

Employee risks

Human rights risks

OHS and process safety risks

Counteracting corruption and bribery

Read also:

Short-cuts:

ORLEN Group 2022 Integrated Report

You can also download the report in PDF format

Download pdf