Unica’s basic approach to risk management is to identify opportunities and risks systematically, comprehensively and in good time and then utilise and mitigate them respectively. In implementing that strategy, the Board of Directors considers the company’s risk appetite, continually weighing up the risks against financial performance. In that assessment, it looks at the main threats and identifies the mitigating measures that could limit these risks.
Identified risks are subdivided into five categories. A specific risk appetite is assigned to each category, as shown in the table below. ‘Digital’ has been added as a fifth category to this overview in the risk management policy in 2020. The increasing digitalisation of Unica’s own ICT environment and its services poses an increasing number of digital risks. Dedicated measures have been taken to manage those risks.
Unica is willing to accept risks to achieve its ambitions. During the assessment of risks there is always a consideration between the commercial opportunities and the social and economic risks in the long term.
During the execution of its operational activities Unica limits the risks for the continuity of the business operations and quality of the work for customers. A zero-tolerance policy applies with regard to safety, by which risks are never taken that endanger the safety of employees, customers or work.
Unica fosters a stable financial foundation, with a good balance between equity and loan capital. Financial project risks are avoided with careful financial project management.
With the help of technical, organisational and policy-related measures, Unica limits digital risks associated with the digital transformation of its own organisation and the digitalisation of the external environment.
Unica applies the highest standards of integrity, complies with the legislation and regulations and ensures that these standards are observed within all companies.
The policy on risk management is determined centrally and it is a recurring topic for the Executive Committee. The policy lines are then conveyed to the decentral teams of directors, which perform their own risk assessments within these parameters. An internal power-of-attorney schedule applies, whereby all assignments with a value exceeding €2.5 million always receive a check on legal aspects. For projects that exceed the power of attorney of the director, a bid form is drawn up that needs to be signed by the responsible director, the legal department and the Board of Directors before the project is approved. Approval from the Supervisory Board is required for multi-annual projects with an annual contract value of more than €10 million.