In weighing the opportunities and risks involved in our business, we rely on three elementary principles for guidance:
1. Opportunities must clearly outweigh risks in every business activity.
2. Purely speculative transactions are prohibited.
3. Our actions must always comply with prevailing laws as well as with ethical and moral standards.
We have an open and transparent risk culture in place at Dürr: we promote sound risk awareness on the part of our employees and encourage them to address dangers and problems at an early stage. In recent years, the risk management system has established itself as an integral and acknowledged element of our business processes. It is based on standardized methods and is applied in all Group companies. As a result, we are able to analyze and evaluate risks Group-wide in a uniform manner. In addition, we acquire a high level of risk transparency that stands us in good stead in selecting suitable control and counteractive measures. Risk management is established at all levels of the Group – from the Supervisory Board and Board of Management all the way through to the departments of individual local companies.
Risk management process
The standard risk cycle at Dürr consists of nine modules and begins afresh every six months. The central module is the risk inventory taken by the management of the operating units. In the process, the individual risks are identified, evaluated and consolidated, i. e. classified into 15 risk fields specific to Dürr (chart 2.58). The risk fields cover our management, core and support processes as well as external risk areas.
The risk managers evaluate individual risks for each risk field; in doing so, they use the Risk Management Manual and the Group’s risk structure spreadsheets for guidance. The evaluation process is divided up into three stages:
- First of all, the potential damage or loss is calculated, i. e. the maximum effect a risk can have on Group EBIT in the next 24 months. The potential loss or damage of each individual risk is assigned to one of four categories: low (up to € 5 million), medium (€ 5 to € 10 million), high (€ 10 to € 20 million), existential threat ( > € 20 million).
- In the second stage, the probability of the individual risk’s occurrence is estimated. Again, the following categories apply: low (approx. 5 %), medium (approx. 15 %), high (approx. 40 %), and very high (approx. 60 %).
- Finally, the effectiveness of possible countermeasures is examined and evaluated with a riskreducing factor.
The EBIT risk goes down the more, the less likely it is to occur and the more effective the countermeasures are. The bottom line is a net risk figure, which we also call the actual risk potential. The sum of all the individual risk potentials corresponds to the Group’s overall risk. In the process, portfolio effects are not taken into account. The overall risk may be segmented into specific risks in the business units on the one hand and aggregate risks at the Group level on the other.
Dürr's risk fields: