How we manage risk
Taking risks in a responsible
way is key to being able to fulfill
our stakeholders’ expectations.
Risk management
and internal control
Overview
Business review
Governance
Financials
Investors
Ahold Delhaize Annual Report 2016
Governance, Risk Management Compliance Framework
Monitor Assurance
Identify manage risk
Policies Procedures
As of our merger date, Ahold Delhaize
has applied one shared Governance,
Risk Management and Compliance (GRC)
Framework. We rolled out a global manual
of key policies, principles and procedures
that apply to all Ahold Delhaize brands.
We continue to integrate our global policies
and procedures and will have this completed
in 2017.
We strive for a culture of openness and
transparency in which identified risks are
disclosed and addressed proactively and
unexpected events are reported as soon as
they occur. Risk management is an integral
part of responsible leadership.
Values, strategy
objectives
Leadership
risk culture
a regular part of the business planning and
performance cycle. In turn, the Executive
Committee provides complementary insights
into existing and emerging risks that are
subsequently included in the ERM process.
Ahold Delhaize’s enterprise risk management
program influences the formation of controls
and procedures, the scope of internal audit
activities and the focus of the business
planning and performance process.
Both former Ahold and former Delhaize
Group companies used a comprehensive risk
management program. The risks outlined in
these programs have been aggregated into
a new enterprise risk management report for
Ahold Delhaize. We plan to fully integrate our
risk management program in 2017.
Strategic
In pursuing our Better Together strategy,
Ahold Delhaize is prepared to take risks in a
responsible way that takes our stakeholders’
interests into account. Through our annual
strategic cycle, we follow a logical and
systematic process of analysis, dialogue and
planning to optimize our decision-making.
We use a fact-based analysis of our different
markets and brands to support our strategic
decision-making process in a way that
considers financial, economic, social and
political impacts.
Operational
The core promises of our Company: “A better
place to shop,” “A better place to work” and “A
better neighbor” guide the day-to-day running
of our businesses. Risks related to our promises
should be balanced with the related rewards.
We seek to minimize the downside impact of
operational failures.
Financial
With respect to financial risks, Ahold Delhaize
has a prudent financing strategy, including
a balanced combination of self-insurance
and commercial insurance coverage. We are
committed to maintaining an investment
grade credit rating and are averse to any
risks that could jeopardize the integrity of
our financial reporting. Our financial risk
management and risk appetite are explained
in more detail in Note 30 of the consolidated
financial statements.
Risk appetite
Risk boundaries are set through our strategy,
code of conduct ethics, bill of authority,
budgets and other policies. Our risk appetite
differs by objective category:
In order to meet our Better Together
objectives, we must be agile and
entrepreneurial so that we can respond quickly
and effectively to rapid changes in the retail
landscape, and take advantage of business
opportunities whenever and wherever they
exist. Meeting these challenges requires us
to take risks in a responsible way. Having a
proactive approach to risk management
that is embedded in our business processes
benefits our decision-making and helps us
create and preserve value. Managing risks
and unpredictable conditions in a timely
way increases the likelihood that we will
achieve our business objectives, while
ensuring compliance with internal and
external requirements.
Enterprise risk management
Ahold Delhaize’s enterprise risk management
(ERM) program is designed to provide
executive management with an understanding
of the Company’s key business risks and
associated risk management practices.
Within each business, management identifies
the principal risks to the achievement of the
business objectives and the actions needed
to mitigate these risks. Senior executives
periodically review these risks and the related
mitigation practices. The observations
are aggregated into an enterprise risk
management report that is presented to the
Executive Committee and the Supervisory
Board. Executive management is required to
review the principal risks and risk management
practices with the Executive Committee as
94