Risk Management


Betolar has a risk management policy, that defines framework, processes, governance and responsibilities of risk management in Betolar Plc (‘Betolar’).

The primary objective of risk management in Betolar is to support the Company’s strategy execution, continuity of operations and realization of business objectives by anticipating any risks involved in the Company’s operations and managing them in a proactive manner. Enterprise risk management emphasizes the role of corporate culture and is an integrated part of operations, planning and decision-making in Betolar.

Betolar's risk management policy is approved by the company's Board of Directors and is owned by the company's CFO.



Betolar’s objectives in risk management are to:  

  • Emphasize risk and awareness and proactive management of risks within the Company.
  • Increase opportunities and reduce threats with the aim to gain competitive advantage.
  • Ensure sufficient risk treatment through the organization.
  • Manage risks as an integrated part of operations, planning and decision-making with defined roles and responsibilities.


Definition of risk

Risk is defined as an uncertain event, caused by external or internal factors, which may be either a threat or an opportunity. Risks that may affect Betolar are categorized as strategic risks, operational risks, financial risks and compliance risks. 

Risks generally affect Betolar’s ability to achieve its strategy and business objectives. Betolar Board and Management is to determine the amount of risk that the Company is prepared and able to accept. The Enterprise Risk Management Process (“ERM”) helps the Board and Management at all levels to properly address all risks and opportunities the Company is facing, and as result enhance capabilities to create, preserve and ultimately realize value.


Definition of risk management

Risk management is defined as the culture, capabilities, and practices, integrated with strategy setting and its execution, that Betolar relies on to manage risk in creating, preserving, and realizing value.

Risk management framework in Betolar consists of the following elements:

  1. Enterprise Risk Management Policy (this document) which outlines risk management principles applied in Betolar, and supplemental guidance.
  2. Enterprise risk management process which brings a systematic approach to the whole Company to identify, assess and manage risks throughout Betolar.
  3. Risk reporting framework which consists of the results of the risk management process and provides a consolidated portfolio view of key risks to Management and the Board, and supports external reporting of risks, when applicable.


Risk universe and categories

Risk universe

Betolar’s risks are divided into the following main categories: strategic risks, operational risks, financial risks and compliance risks. 

The main categories include, but are not limited to the subcategories shown below:

Strategic risks

Strategic risks are uncertainties mainly related to the operating environment and the Company’s ability to leverage changes in the operating environment or to prepare for them. These may include general economic situation, competitors, legislation, or technological development. Strategic risks may relate to both financial and non-financial objectives. Appropriate risk treatment is implemented so that the chosen strategy is within the Company’s risk tolerance.

Operational risks

Operational risks are circumstances or events, which can prevent or hinder the attainment of objectives or cause damage to people, property, business, information or any other operations of the company.

Financial risks

Financial risks are risks related to Betolar’s financial position. These include risks concerning the availability and cost of financing, changes in foreign exchange rates, and investments.

Compliance risks

Compliance risks are risks related to exposure to legal penalties, financial forfeiture and material loss an organization faces when it fails to act in accordance with industry laws and regulations or internal policies.


Risk management governance, roles and responsibilities

Betolar’s enterprise risk management governance is based on a three-lines of defense model as follows:

  1. Company personnel manage risks as a part of their day-to-day business operations and decisions.
  2. Chief Financial Officer (CFO) instructs, facilitates, supports and develops risk management processes, together with the CEO.
  3. Board reviews the results of the risk management and concludes on the effectiveness of the risk management process.

The roles and responsibilities of various organizational bodies are described in the pertinent documents of Betolar, such as charters and job descriptions. The overview of the roles and responsibilities of the most relevant bodies with regards to risk management are described in the following sub-sections.

Board of Directors

The Board of Directors monitors and is responsible for ensuring that the Company’s risk management process functions are comprehensive. The Board defines the risk appetite and tolerance, according to the current conditions. The Board of Directors is also responsible for approving enterprise risk management related company policies.

Operative Management

Operative management of the company is responsible for achieving the set objectives and controlling, managing, and mitigating risks that threaten them. Operative management is also responsible for the risk management work, and for ensuring the performance of the risk management process and the availability of sufficient resources.

Chief Financial Officer

Chief Financial Officer is responsible for establishing instructions and providing advice to the operations and functions concerning enterprise risk management, and for monitoring the practical implementation of the process. Risk management assessments are coordinated by the CFO, which supports the management, operative business functions and other supportive functions in the risk management work. CFO reports key risks to the Board of Directors on an annual basis.


Betolar’s risk management process

Betolar’s risk management process is defined as follows: 

  1. Strategy process - the process of identifying, quantifying, and mitigating any risk that affect or are inherent in the Company's business strategy, strategic objectives, and strategy execution, and defining related the risk appetite and tolerance.
  2. Business planning – the process in which annual risk assessments are made.
  3. Risk identification – Identification of risks against business objectives at Betolar level.
  4. Risk assessment – Assessment of identified risks with regards to impact and likelihood at Betolar level
  5. Risk mitigation – Management of key risks through risk mitigation plans at Betolar level.
  6. Risk reporting – Risk reporting to the Board of Directors.

Risk reporting supports also the annual process to report risks externally in the interim reports and the financial statements.

The methods and tools for these process steps are maintained by the Chief Financial Officer. The risk management process fosters an awareness of risk and control throughout the organization and supports informed decision-making.

Ongoing communication and training in risk management are necessary to promote risk awareness throughout the Company and to ensure successful integration of risk management into the strategic planning, budgeting processes, daily decision-making and operations. The Company's operating model includes various service providers which are contracted by the Company. Risk management and oversight are an integral part of the co-operation with the service providers and the Management has extended the monitoring of the risk management procedures over the co-operation with the service providers.

Subscribe to our releases