Risk management

The management of VR Group is committed to risk management and to the development of risk management. The risk management of VR Group is guided by the risk management policy approved by the Board of Directors of VR-Group Ltd. The policy sets out the principles and objectives for risk management, the responsibilities, and the operating practices to be observed in risk management.

The purpose of risk management is to provide an up-to-date, accurate and comprehensive assessment of the risks to which VR Group is exposed. At VR Group, risk management is a continuous activity for identifying, assessing, managing and monitoring the Group's major risks in a comprehensive and appropriate way.

Risk management is an essential element of all processes in VR Group. The Chief Executive Officer is responsible for arranging risk management in the Group. In business and support units, risk management is the responsibility of senior management. VR Safety is responsible for ensuring an up-to-date risk policy, for supporting its implementation, and for monitoring and developing risk management practices and for reporting on them to the Board of Management and the Board of Directors. A separately appointed risk management development team guides and supports the persons who are responsible for individual types of risk in the implementation of risk management.

The aim of risk management in VR Group is to promote the achievement of the Group's strategic and operational objectives and to ensure that the Group's business operations are on a profitable and long-term basis. In VR Group's risk management, risks are divided into four categories: strategic, economic, operational and hazard risks. These four categories are further divided into different types of risk. The table below lists by category the most important types of risk examined here.

 

Strategic risks

Economic risks

Operational risks

Hazard risks

Factors relating to the operating environment, markets and stakeholder groups that adversely affect the conditions for business operations and their development

Events arising from inadequate information or events connected with business processes that may cause financial losses

Threats to operations or achievement of objectives arising from internal processes and systems or external factors

Accidents or other losses

  • Group-level strategic risks
  • Logistics
  • Passenger services
  • Infrastructure engineering
  • Reputation and communications
  • Political developments and regulation
  • Company acquisitions
  • Contracts and responsibilities
  • Compliance risks
  • Governance risks
  • Purchases
  • Credits
  • Interest payments, collateral and liquidity
  • Financial reporting
  • Organisation and management
  • Human resources
  • Train
  • operations
  • Logistics operations
  • Passenger services operations
  • Infrastructure engineering production and maintenance
  • Rolling stock maintenance
  • Information technology
  • Management of traffic disruptions and crisis situations

  • Personnel
  • Customers and stakeholder groups
  • Environment
  • Group assets

A plan of action has been prepared to prevent major risks from occurring and a person has been appointed to be responsible for each risk. A risk management review is given to the Group's Board of Management twice a year in connection with strategy monitoring and operational planning and to the Board Directors once a year.