Risk management
Vetropack’s risk management framework identifies and evaluates the material risks for the Group and develops strategic risk mitigation measures. Risks are classified as strategic, operational, financial and organisational, with sustainability risks integrated into these categories.
Identifying and assessing risks
In order to identify the risks that are relevant for the Vetropack Group, we adopt a standardised approach that has undergone multiple internal validations.
As the baseline for determining our risks, we analyse megatrends that could impact our business model. Our analysis takes account of megatrends such as: Industry 4.0 developments including digitalisation and artificial intelligence, cyber crime, geopolitical conflicts, country-specific financial challenges, the shortage of skilled staff, global climate targets, our industry's commitment to climate protection and environmental legislation.
We assign our risks to these categories:
- Strategic risks
- Operational risks
- Financial risks
- Organisational risks
For some years now, we have integrated ESG risks – and especially climate-related risks (see: E1 Climate change) – into the risk categories listed above.
Taking the Risk Manager’s preliminary work as the basis, the Management Board updates our risk matrix each year and goes on to define strategies and measures to reduce risks. We assess material risks according to their financial impact and likelihood of occurrence, and we assign them to three risk levels. We set a specific risk level as our target for each of the identified risks. Our Board of Directors then reviews and approves the risk matrix and the measures.
The risks are assessed annually to determine their materiality, and the topics are redefined as necessary. Risks deemed to have insufficient relevance are removed from the risk matrix, while new risks identified as being material for the company are added to the risk matrix.
Material risks
The material risks for Vetropack in the reporting year are listed below:
Cyber risks/cyber attacks
Cyber attacks constitute a considerable strategic risk, given the large numbers of digitalised processes in the company and the dependence of value chains on IT systems and applications. Sensitive company data could also be impacted by such attacks. To counter these risks, we regularly assess the threats to which our networks are exposed and we maintain effective protection and monitoring systems. Our employees also receive ongoing training on dealing with cyber risks.
Compliance risks
Increasing compliance requirements present a growing challenge for companies that operate internationally. Particular challenges arise here in respect of antitrust law, prevention of corruption, data privacy/protection, and export control. To minimise the resultant risks, we maintain strict compliance programmes that include constant monitoring of the relevant regulations and work processes, together with continuous training of our employees on relevant compliance topics (G1 Business conduct).
Geopolitical risks
Local and global geopolitical conflicts as well as risks related to war (Ukraine and the Republic of Moldova) threaten global supply chains and impact energy prices. One or more such conflicts may trigger increases in the prices of oil and natural gas, in particular; this could confront the glass packaging industry with higher operating costs, causing it to lose its competitive edge over other types of packaging. We are responding to these developments with various programmes to boost energy efficiency and decarbonise our plants and production processes, and also by maximising the utilisation of used glass in our production. This approach, moreover, is consistent with our Climate mitigation efforts.
Risks relating to strategic partnerships
Strategic partnerships constitute the backbone of our value chain and our sales processes. To protect these partnerships, we continuously maintain and update our supplier and customer portfolios, and we diversify them insofar as this is possible and economically viable. This approach is consistent with our activities to promote innovation and to increase customer satisfaction.
Product risks
Faulty materials or processes in the value chain can lead to quality defects in our end products. If defective products reach the market, consumers may be put at risk. In such a case, our customers could be forced to recall the products concerned. For this reason, we maintain complex and certified quality management systems, and we continuously implement comprehensive quality controls (S4 Consumers and end-users).
Climate-related risks
Climate-related transition risks and physical risks have been added to the risk matrix as new elements in 2024. Climate-related risks result from new compliance obligations, customers’ requirements, and rising raw material prices. We are addressing these risks with our transition plan and the decarbonisation roadmap so as to achieve the defined climate targets. We continuously monitor regulatory requirements, and implement them promptly where necessary. We analyse physical risks such as flooding, heat or limited water availability on an individual basis for each location. If necessary, we define short, medium and long-term measures. More about this topic can be found in our Climate reporting, which treats the transition risks and physical risks in detail.