Note 31 – Enterprise Risk Management
The Enterprise Risk Management (ERM) program is a critical platform for Lonza’s global organization and business as it provides a mechanism and structure for prudently addressing risk responsibility and management in each and every organization. Lonza pursues a comprehensive risk management program as an essential element of sound corporate governance and is committed to continuously embedding risk management in its daily culture.
Lonza’s ERM process is performed in four steps: Step 1: Identification (through risk workshops with Executive Committee members and their leadership teams), assessment and assignment of risks; Step 2: Consolidation, review and prioritization of risks; Step 3: Presentation of consolidated risk overview to the Executive Committee and Board of Directors; and Step 4: Follow-up on high-priority risks. Through this process, Lonza has identified and focuses on 12 high-level thematic risk categories.
Each identified risk category is assessed according to its probability of occurrence and its negative impact on the Group:
- The probability of occurrence is assessed for the period until year-end 2020, with a risk range from unlikely to highly probable.
- Any potential negative effect of a risk is assessed according to its impact on the annual Group’s EBIT, the Group’s reputation and the Group’s operations.
Risks have been identified for each segment and for the corporate functions, and they are tracked if there is a year-on-year increase or decrease. The risk scenarios identified in 2018 were presented to the Executive Committee and to the Board of Directors at their meetings in January 2019. Financial risk management is disclosed in note 29.