How we manage risk continued
Labor (O)
Overview
Business review
Governance
Financials
Investors
Ahold Delhaize Annual Report 2016
Key risk drivers
Mitigating actions
Potential consequences
I Risk objectives: strategic (S), operational (O), financial (F) and compliance (C) risks listed in alphabetical order.
Information security and
privacy (O, C)
A lack of security around, or
non-compliance with, privacy
requirements for customer or
associate data might negatively
impact strategic initiatives
relating to customer loyalty
Ahold Delhaize’s brands might
not be able to negotiate
extensions or replacements on
acceptable terms, or face
unfavorable expectations or
demands from trade unions
Legislative and regulatory
environment (C)
A changing legislative and
regulatory environment might
increase the cost of doing
business, tax levels and the
complexity of our operations
A better place
to shop
A better place
to work
A better place
to work
Our sustainable
business model
Our sustainable
business model
People management and
associate engagement
Expiring collective
bargaining agreements
Relationships with the relevant
trade unions
Ahold Delhaize merger
Compliance deadlines
Increased and targeted enforcement
Government budget deficits
Public opinion pressure
International and national
tax developments
Local regulatory changes
Diversity of jurisdictions
Changing political climate
Associate engagement survey
and response
Performance
management cycle
Contract negotiation process
Functions that support
relationships with trade unions
Contingency plans
Strategic and tactical
information security policy
and guidelines
Information
security governance
Control standards for
information management
and security
Payment Card Industry
(PCI) and privacy compliant
control framework
Information
security capabilities
Information security
awareness program
Incident reporting process
Cyber insurance coverage
Knowledge and awareness
of regulations
Monitoring, review and
reporting on changes
Operational procedures
and guidance
Education of regulators and
public policymakers, e.g.,
through industry associations
Tax policy
Ahold Delhaize’s business operations generate and maintain
confidential commercial and personal information concerning
customers, associates, suppliers and the Company. Data
breaches with disclosure of confidential information to
unintended third parties may negatively impact Ahold
Delhaize’s corporate reputation and competitive position or
result in litigation or regulatory action. This could have a
material adverse effect on Ahold Delhaize’s financial position
A work stoppage or other event due to the failure of one or
more of Ahold Delhaize’s brands to renegotiate a collective
bargaining agreement, or otherwise, could be disruptive to our
businesses, lead to adverse publicity and have a material
adverse effect on the Company’s results of operations and
financial position
Ahold Delhaize’s activities are subject to various laws and
regulations in each local market where it operates. The cost
of compliance with any of these laws could impact Ahold
Delhaize’s operations and reduce its profitability. See further
discussion of the consequences of the legislative and
regulatory risks below
Consumer confidence
Sensitivity of data
Changing or conflicting
privacy regulations
Use of third parties to process and
store data
Global security threats
Growth of online sales
Revoking of EU-U.S. Safe Harbor
agreement for personal data export
to U.S.
Ahold Delhaize’s principal risks and uncertainties1
Risk Strategic area
98