Risk management

GRK’s comprehensive risk management is a systematic approach aimed at developing common procedures for identifying, assessing, managing, and monitoring risks related to achieving objectives and ensuring business continuity.

The purpose of GRK’s risk management is to ensure the effective implementation of the company’s strategy in both the short and long term. Risk management aims to secure financial targets while identifying risks that could potentially hinder the achievement of objectives and assessing whether such risks remain at an acceptable level.

A risk is an external or internal uncertainty factor that, if realized, could prevent or hinder the achievement of strategic objectives or the capitalization of business opportunities.

At GRK, risk management is based on a group-wide, board-of-directors-approved risk management policy. The policy defines the fundamentals and framework of risk management, responsibilities and obligations, as well as the identification and management of risks within the group. In addition to the risk management policy, the group provides guidance on risk management and related matters through other policies and instructions. The risk management procedures, policies, and related guidance are reviewed and updated annually as necessary.

GRK’s board oversees and directs the planning and implementation of risk management across the group. The boards of directors of group subsidiaries or the management teams of business units oversee and direct risk management planning and implementation within their respective entities in accordance with the risk management policy.

The group’s executive management team ensures the full implementation of the board-of-directors-approved risk management policy. The executive management is responsible for organizing risk management within the group, planning, developing, coordinating, and monitoring the risk management strategy, as well as embedding and communicating it throughout the organization. The executive management also regularly assesses corporate risks, with the CEO reporting these to the board of directors’ audit committee. The CEOs of group subsidiaries are responsible for reporting risk-related matters to the group CEO and their respective boards of directors.

GRK’s objective is to continuously improve its risk management. The risk management director is responsible for updating processes and driving continuous improvements. This includes planning, monitoring, and evaluating risk management, as well as developing tools and practices across the organization.