Risk appetite
Risk appetite is the level of residual risk we deem acceptable to achieve our objectives. The risk appetite is set per main risk topic by the Board of Management in close cooperation with the Executive Committee, based on our strategic goals, our Code of Conduct, our policies and procedures, and taking into consideration the highly regulated markets we operate in.
The risk profile is compared with PostNL's established risk appetite after each risk management workshop. Where there is a difference between the actual risk level and the risk appetite bandwidth, management is required to initiate an action plan. The risk appetite is discussed with and endorsed by the Audit Committee.
When determining the risk appetite per risk, we take into account factors such as geopolitical uncertainties, the tight labour market, and economic rationalisation. PostNL categorises risks into five main types: strategic, operational, financial, compliance and reporting risks. Each has its own appetite, management approach and oversight structure.
PostNL Risk appetite
| Low | Behaviour towards risk | High |
| ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Averse | Prudent | Balanced | Considerable | Seeking | ||||||||||||||||
Strategic risk We aim to deliver on our strategic ambitions and priorities and are willing to accept balanced and considerable risks to achieve this. | ||||||||||||||||||||
Competition and client concentration |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Geopolitical tensions and economic consequences |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Implementation of strategic change projects |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Financial sustainability of Mail in the Netherlands |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Network capacity and flexibility |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Climate change |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Data excellence and integrity |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Operational risk We face operational challenges which require an appropriate level of management attention. The overall objective is to avoid risks that could negatively impact our aim to achieve operational effectiveness and efficiencies. | ||||||||||||||||||||
Employee attraction, development and retention |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Operational excellence |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Availability of energy resources |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Information Technology and Cybersecurity |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Total cost of labour |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Liability for loss or damage |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Compliance risks We strive to be fully compliant with our Code of Conduct as well as national and international laws and regulations in relation to the markets in which we operate, and we do not accept deviations | ||||||||||||||||||||
Supply chain accountability |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Legal and regulatory developments |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Reporting risks We ensure accurate, reliable, and timely reporting of information critical to stakeholders, and do not tolerate inaccuracies or delays that could compromise decision-making or accountability | ||||||||||||||||||||
Sustainability reporting |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Financial Reporting |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
