|
|
Risk management and control system | The HEINEKEN risk management and control systems are aimed at a reasonable level of assurance, that the risks of the Company are identified and managed and that the operational and financial objectives are met, in compliance with applicable laws and regulations. A system of controls to ensure adequate financial reporting is included. HEINEKEN’s internal control system is based on the COSO Internal Control Framework.
Overall risk profile
HEINEKEN is a single-product Company, with a high level of commonality in its worldwide business operations spread over many mature and emerging markets. The worldwide activities are exposed to varying degrees of risk and uncertainty, some of which, if not identified and managed, may result in a material impact on a particular operating company, but may not materially affect the Group as a whole.
Risk management
Doing business inherently involves taking risks, and by managing these risks HEINEKEN strives to be a sustainable and performance-driven company. Structured business risk assessments are part of HEINEKEN’s business planning and control process. Operational risks are mainly managed through the embedding of Key Business Controls based on HEINEKEN common processes and systems. The risk management and control systems are considered to be in balance with HEINEKEN’s risk profile, although such systems can never provide absolute assurance. Following HEINEKEN’s continuing growth and changing risk profile, the Company’s risk management and control systems are subject to continuous review and adaptations.
Responsibilities
The Executive Board, under the supervision of the Supervisory Board, is responsible overall for HEINEKEN’s risk management and control systems. Regional and operating company management are responsible for managing performance, underlying risks and effectiveness of operations, within the rules set by the Executive Board, supported and supervised by Group departments.
Corporate role
The commonality of HEINEKEN’s operations, the development of HEINEKEN common processes, systems, and definitions and related performance benchmarking opportunities, facilitate Corporate departments on setting directives and ensuring monitoring. In addition, Corporate departments are contributing to competence development in operating companies by sharing of best practices, common system and tool developments and training programmes. With the growth of the company and evolving business needs, Corporate departments are reviewing and adapting their activities towards operating companies.
Shared services
HEINEKEN is further developing shared services, mainly driven by synergies, but also strengthening risk management and internal control. Main examples of HEINEKEN’s shared services are world-wide technical services to breweries, contracting of raw and packaging materials by Corporate Purchasing, back office activities with regard to HEINEKEN’s export businesses, and shared IT services for all common system operations. Also within various operating companies, there is a movement towards shared services, like in the widely spread wholesale businesses in Western Europe, and various supportive processes in regional operating companies, managing many mid-sized and smaller market operations.
Planning and monitoring
The main pillar of HEINEKEN’s internal governance activities is the business planning and performance monitoring process. Operating company’s strategy, business plan and quarterly performance are discussed with Regional Management. Regional performance is discussed with the Executive Board. The approved business plans include clear objectives, performance indicators and target setting, which provide the basis for monitoring performance compared to plan. In 2005, a new performance management model was implemented.
Internal control
HEINEKEN is progressing on the Group-wide development and implementation of uniform processes, common IT systems and business control frameworks based on best practices. At the end of 2005, two third of HEINEKEN’s operations (based on turnover) work in accordance with the evolving HEINEKEN common system. In developing and implementing common systems, risk assessments were included and controls established or adjusted. These internal controls ensure the integrity of the information processing in its support of the day-to-day transactions and financial and management reporting. In 2005, Key Business Control Frameworks were developed and provided to the majority of operating companies for further optimising control design and effectiveness testing.
Supervision
The Executive Board oversees the adequacy and functioning of the entire system of risk management and internal control, assisted by Group departments. Group Internal Audit provides independent assurance on the entire risk management and internal control system.
The Assurance Meetings at operating company level, oversee the adequacy and operating effectiveness of the risk management and internal control system. Regional Management and Group Internal Audit participate in these meetings to ensure effective dialogue and transparency. Following the introduction of the regional management structure in 2005, Regional Assurance meetings have been established.
The outcome and effectiveness of the risk management and internal control systems have been discussed with the Audit Committee and Supervisory Board.
Main risks and responses
Under the explicit understanding that this is not an exhaustive list, HEINEKEN’s major strategic, operational, financial and regulatory risks are described below, including the risk mitigation measures in place or planned enhancements.
Strategic risks
HEINEKEN brand perception and Company reputation
As both the Group and its most valuable brand carry the same name, reputation management is of utmost importance. HEINEKEN enjoys a positive corporate reputation and our operating companies are well respected in their region. Constant management attention is directed towards enhancing HEINEKEN’s social, environmental and financial reputation. The HEINEKEN brand is key to HEINEKEN’s growth strategy and is the most valuable asset of the Company. Anything that adversely affects consumer and stakeholder confidence in the HEINEKEN brand or Company could have a negative impact on the overall business.
The Company reputation and sales could be damaged by product integrity issues. Therefore, production and logistics are subject to rigorous quality standards and monitoring procedures, to be further strengthened in 2006. Brand perception is managed by strict marketing control procedures. A Code of Business Conduct and Whistleblowing Procedure have been implemented, which aim to prevent any unethical and irresponsible behaviour by the Company or its employees.
Pressure on alcohol
An increasingly negative perception towards alcohol from legislators could lead to a decrease in sales and damage the industry in general. If the social acceptability of alcoholic beverage were to decline significantly from current levels, sales of HEINEKEN products could materially decrease.
HEINEKEN’s Alcohol Policy is based on the principle to produce, market, and sell beer in ways that have a positive impact on society at large. With this policy, HEINEKEN promotes awareness of the advantages and disadvantages of alcohol, encouraging informed consumers to be accountable for their own actions. In 2005 the ‘Enjoy HEINEKEN Responsibly’ programme was launched in most markets (a responsibility message on back labels directing consumers to a dedicated website), others will follow in 2006. Markets are becoming more and more engaged to promote responsible consumption, in partnership with third parties. As from 2006 alcohol policy compliance monitoring will be strengthened.
Attractiveness of beer category under pressure
HEINEKEN has many operations in mature – mainly Western European – beer markets where the attractiveness of the beer category is being challenged by other beverage categories. In these markets, management focus is on product innovation, portfolio management and cost-effectiveness in order to secure market position and profitability. Since HEINEKEN is acquiring new businesses in emerging markets, the relative dependency on profitability from mature markets will decline over time.
Operational risks
Acquisitions and business integration
In the pursuit of further expansion, HEINEKEN seeks to strike a balance between organic and acquired growth within the limit of a conservative financing structure. In acquisitions, specifically in emerging markets, HEINEKEN will be faced with different cultures, business principles and political, economic and social environments. This may affect corporate values, image and quality standards. It may also impact the realisation of long-term business plans including synergy objectives, underlying the valuation of newly acquired companies.
HEINEKEN further strengthened its business development and integration activities, which includes significant involvement from relevant Group departments and regional management in carrying out effective due diligence processes and preparing take charge and integration plans.
Business continuity
Business interruptions could affect sales and market shares. These are not considered a major risk due to the relative size and spread of operations. An exception is the supply of beer products from the Netherlands to the USA, one of HEINEKEN’s most profitable markets. Contingency measures, involving multi-sourcing locations in Europe are in place, and HEINEKEN’s central purchasing department manages long-term contracts with preferred suppliers in order to secure supply of critical raw and packaging materials. Monitoring business continuity risks will be further structured in 2006.
IT security
HEINEKEN’s worldwide operations are increasingly relying on information systems.
HEINEKEN has a strict IT security policy to ensure confidentiality, integrity and availability of information. Tools are used to support compliance with that policy and compliance monitoring is applied. A more structured IT auditing approach will be implemented in 2006.
Financial risks
Currency risks
HEINEKEN operates internationally and reports in Euros. Currency fluctuations, especially relating to the US dollar, could materially affect overall Company results. HEINEKEN has a clear policy on hedging transactional exchange risks, which postpones the impact on financial results. Translation exchange risks are not hedged. The sensitivity on the financial results with regard to currency risks are explained on page 98 of the 2005 Annual Report.
Capital availability and liquidity risks
There could be insufficient capital generated in order to finance the long-term growth.
Sufficient access to capital is ensured to finance long-term growth and to keep pace with the consolidation of the global beer market. Financing strategies are under continuous evaluation. Strong cost and cash management and strong controls over investment proposals are in place to ensure effective and efficient allocation of financial resources.
Regulatory risks
Tax
HEINEKEN and its operating companies are subject to a variety of local excise and other tax regulations. If the beer excise would be averaged in the European Union, a significant increase of excise may be the result in various European markets.
In principle, HEINEKEN’s sales prices are adjusted to reflect changes in the rate of excise duty, but increased rates may have a negative impact on sales volume.
Increasing legislation
Due to increasing legislation there is an increased possibility of non-compliance. Additionally, more supervision by regulators and the growing claim culture may potentially increase the impact of non-compliance, both financially and on the reputation of the Company.
As from 2005, every half year all majority-owned companies formally report litigations to Group Legal Affairs. The information includes outstanding litigations, details about lawsuits, and the risk and extent of potential claims in order to determine the amounts to be provided.
There may be current risks that the Company has not fully assessed, and are currently identified as not having a significant impact on the business but which could – in a later stage – develop a material impact on the Company’s business. The Company’s risk management systems are focused on timely discovery of such incidents.
| | |
|
|
|
Print this document
Share
