G MAN AGEMENT AKFEN HOLDIN G AND GR OUP C OMP ANIES CORPORA TE GO VERN AN CE FIN AN CIAL T ABLES
Corporate Risk Management Strategies of Akfen Company Group
· To ensure an effective Corporate Risk Management organization and to determine roles and responsibilities,
· To ensure that risk management is in compliance with corporate strategies, · To ensure that corporate risk management
is implemented consistently in all Group companies,
· To regularly implement the corporate risk management program, to contribute the development thereof by necessary improvements as a result of assessments.
7. Risk Appetite and Risk Tolerance of Akfen Company Group
Risk appetite is the “reflection of acceptable and unacceptable risks,”, which are proposed by Akfen’s Risk Committee and enter into force by being approved by the Board of Directors. Risk appetite reflects the “desire” of a company to “take risks” in accordance with the capacity of the company to take risks. Risk capacity is the “risk tolerance and resistance” capacity of a company. Therefore, the risk appetite of a company should not exceed the capacity and adequacy of a company to take risks. The factors to be taken into account when determining risk appetite include the risk approach, business strategies, total financial and operational risks, expectations of stakeholders and third parties that may be related such as legal authorities.
When risk appetite is determined, the companies should focus on the risk portfolio comprising their main risks. Risk appetite should be determined on an operation basis on companies within the Group, or on a product basis and on a strategic basis when possible.
In connection with their main operating areas, the companies may prefer to avoid some risks and be open for others by gathering them in different risks groups than what is explained above.
Risk appetite is determined by using the scales in the following table as basis. Table 1. Risk Appetite Scale
Risk
vulnerable Risk tolerant Indifferent to risk Avoiding risk moderately Avoiding risk approach to taking risk Taking risk is perceived as a part of company strategy. The Company displays an aggressive approach to taking risk. The Company displays a balanced approach to taking risk. The Company displays a cautious approach to taking risk.
The Company accepts as little risk as possible. risk – profit
relationship It is possible to face risk for high profit.
Profit objectives are prioritized over risk amount.
Equal importance is assigned to risk and profit targets.
Risk management targets are prioritized over profit.
High profit can be given up in order to have more protection against risk. preferred response to risk approach Risk is accepted to the extent/if permitted by law. The choice between accepting or controlling risk is made in accordance with internal criteria/ measures. There is no preference in response to the risk approach. A choice is made between avoiding risk or sharing (transfer) it with third parties. Risks, to which an effective response cannot be given, or which cannot be transferred to third parties, are avoided. decision criterion for responding to risk No decision criterion is sought for responding to risk.
Actions are taken to respond to risk only if a sound cost effectiveness analysis is performed.
Actions are taken to respond to risk as per cost effectiveness and priorities of management.
Actions are taken to respond to risk by prioritizing occurrence/ emergence cost.
Actions are taken to respond to risk even if the cost of preventing risk is more than occurrence/emergence cost.
152
8. Roles and Responsibilities of Akfen Company Group Corporate Risk Management
The bodies that would take role and responsibility in the corporate risk management program to be implemented in Akfen Company Group are as follows:
• General Managers of Companies, Related Business Units, sector and subject based experts when necessary,
• Risk Management Unit, • Risk Committee, • Board of Directors, • Internal Audit.
Table 2. Risk Management Roles and Responsibilities Position Main Role and Responsibility
Board of dIrectorS Main role and responsibility: Approval • Approval of CRM policies
• Approval of proposed risk appetite and risk tolerances • Approval of risk authorities
• Approval of Risk Committee regulation and methodology • Approval of risk limit exceptions
• Distribution of risk management resources rISk commIttee Main Role and Responsibility: Supervision
• Risk Committee also undertakes the duty of the Early Risk Detection Committee as stipulated in the New Turkish Commercial Code.
• To oversee risk management strategies and ensure their association with corporate strategic plans
• To ensure that risk management strategies fulfill operational and legal requirements • To monitor risk trends at the corporate level
• To make proposals regarding risk policies (including risk appetite) and limits • To monitor the CRM program and improvement efforts
• To report periodically to the Board of Directors
Objective of the Risk Committee: When a significant event/change happens or is likely to happen, to ensure such event/change is reported to the relevant management level (Board of Directors). compaNy rISk offIcerS (geNeral maNagerS aNd related BuSINeSS uNItS)
Main Role and Responsibility: Taking and Managing Risk • To participate at minimum in annual risk assessment • To periodically update risks pertaining to their companies • To escalate the risk events detected within the period
• To contribute to the determination of the risk indicators process and to monitor indicators
• To make decisions regarding taking risk (at the authority level allocated to them) • To realize improvement actions regarding risk reduction
• General Managers may share abovementioned duties with their teams/persons to be assigned by them, provided that they are still ultimately responsible.
rISk maNagemeNt
uNIt Main Role and Responsibility: To Monitor, To Consolidate and Analyze Data • To regulate and operate the CRM Program in accordance with the methodology approved by the Board of Directors
• To train the entire Group on risk management and to provide support to studies • To gather and analyze risk information and to draw up regular reports • To receive information regarding risks from department leaders regularly • To support Risk Committee decisions through data flow and reports
• To carry out constant improvement efforts in order to improve and promote CRM techniques
INterNal audIt
uNIt Main Role and Responsibility: ConfirmationTo independently provide reasonable assurance regarding: • Internal audits,
• Action plans related to risks, • Effectiveness of the CRM program, • Integrity and operability of risk models.
CORPORATE RISk MAnAGEMEnT GUIDE BOOk
CORPORA Te RI Sk M An AG eM en T GU IDE B OOK