Sandvik Group key risks 2019
Identified key risk
Risk consequence
Risk mitigation
Changing competitive landscape with decreased demands for certain products or segments and an increased demand for a sustainable offering.
The inability to reach strategic objectives long term, leading to lower growth or lower financial performance.
The business areas are working with proactive business development and M&As. There is a strong focus on product segmentation (multi-company development/strategies, midmarket), aiming to diversify the product portfolio and reduce dependence on individual customer segments. There is also strong cost control in all our businesses.
B13. Change management/demand/readiness
Our ability to adapt to macroeconomic developments.
The inability to plan long term, leading to less agile business, higher costs or price models not being profitable, causing lower financial performance long term.
All businesses are working with strong cost control and cost flexibility. All businesses are closely monitoring relevant Key Risk Indicators (capex investment in mining, raw material prices, GDP, oil rig count, daily order rates, etc.). They all have up to date contingency plans, including different scenarios, ready to activate at a first sign of a downturn.
New and evolving technologies or technological demands leads to the need attract new talent in key competence areas (digitalization, sustainability, etc.)
The inability to reach strategic objectives long term, leading to lower growth or financial performance. A general risk of losing competitiveness and business position on the market with a special risk focus if not being able to take a strong position in the digital area fast enough.
There is a strong focus on R&D in all our businesses as well as proactive business development and M&A activities where growth is a priority. The business is closely monitoring the development of new technologies and customer segments. Partnerships have been formed with key partners and research centers to advance knowledge and capabilities in areas currently not core business. The business has also invested in additive manufacturing, powder technology, digitalization and automation. Sandvik has, across the business areas, focused on developing the Sandvik employer brand. One key area is to use new, digital channels to attract and recruit competence for the future. Succession planning has been strengthened for top management positions.
Changes in trade laws or chemical legislations. Stricter sustainability requirements.
The inability to quickly respond to new regulations leading to higher costs, fines or the inability to continue manufacturing certain products. Can have a negative reputational impact.
All parts of Sandvik work with the monitoring of different initiatives and continually evaluate their impact on our business. We are active in business associations and other organizations, such as Jernkontoret, Svenskt Näringsliv, the Cobalt Institute and the International Tungsten Industry Association to name a few, to monitor regulatory development to benefit long-term sustainable business.
Lack of focus on sustainability targets, due to conflicting short-term versus long-term priorities, leading to loss of competitiveness and customer satisfaction.
Being slower than competors with new business models built on sustainability. Negative reputational impact and not meeting customer expectations could lead to a loss of business. Negative impact on the share’s attraction as an investment as well as on the attraction and retention of future or current employees.
The Group Executive Management has the overall responsibility for Sandvik’s sustainability strategy and agenda while the business areas / divisions are responsible for the implementation and follow-up. The business areas / divisions are also responsible for the assessment and management of sustainability risks in their operations. KPIs are consolidated and reported to follow up on goals at Group and business area / division levels. Each year we evaluate our performance, set targets and focus actions for the coming year to ensure delivery on our sustainable business strategy.
Breach of anti bribary, anticorruption, competition or anti trust laws, General data Protection Regulations (GDPR) or trade compliance.
Worst-case scenarios show high financial impact due to fines in multiple markets. Can have a major negative reputational impact if risk were to materialize.
The Group has a governance framework, The Sandvik Way, including Group policies, Group procedures and other steering documentation. The scope of the governance framework, including the controls implemented, is based on legal requirements and risk exposure. Sandvik’s formal compliance programs of anti-bribery and anti-corruption, competition law, customs and export controls and data privacy are managed by the business with oversight through a Group functional council.
Major IT incident (causing downtime of one week or more) in critical operational IT systems.
Inability to deliver products or services on time to customers or timely information to other stakeholders, leading to lower financial performance or negative financial impact due to fines.
A cyber security improvement program across the Sandvik Group is ongoing. Each business area is running an IT security improvement program, including risk review of critical business applications and risk-based network segmentation.
Lack of security in digital offering lifecycle.
Risk of compromising data and automation systems with negative reputational and financial impact. Risk of exposure to Sandvik internal IT systems.
All business areas / divisions are identifying the risks associated with their digital offering and taking appropriate actions to mitigate these risks.
Leakage of confidential information and unstructured content management for internal systems as well as external platforms, for example, social media.
Can lead to business critical information being made available to unauthorized individuals or organizations.
Increased authentication to prevent unauthorized access has been implemented. All business areas have strengthened their IT security management. Review of key processes for information release and overall communication channels initiated.
Unforeseen major disturbance or failure in production or supply chain, caused by, for example, weather events, machinery break-downs or fires.
Inability to deliver products or services on time to customers or timely information to other stakeholders, leading to lower financial performance or negative financial impact due to fines.
The Group’s Crisis Management Policy is continuously updated and a Group policy for development of Business Continuity was approved by Group Executive Management in 2019. The business areas / divisions have performed risk scenario planning for some of the most critical production entities, supply chain vulnerabilities and IT system dependencies.