Risk management

The primary goals of Apetit Group are to clearly improve the company’s profitability and competitiveness and ensure the financial position of the company. The purpose of the company’s risk management is to support the achievement of these goals. Risk management is part of corporate governance. It is a systematic tool for the Board of Directors and operative management, enabling them to monitor and assess the achievement of the goals and the threats and opportunities that affect the company’s operations.

Another aim of Apetit Group’s risk management is to assess risks in the operating environment in a predictive manner. Apetit Group classifies risks into strategic, operative and financial risks and risk events.

Risk management principles

Risks are factors that threaten the achievement of the company’s goals. Risks are measured on the basis of their effects and likelihood.

Risk management is a continuous process and a permanent part of the company’s strategic process, operative planning and operations monitoring. Risk management is also part of the internal monitoring system.

From the company’s point of view, risks can be seen as uncertainties, threats or opportunities. Traditionally, risks are defined as a threat of loss or, in other words, the likelihood of an unwanted event. However, a certain amount of risk is inherent in business, which means that justified risk-taking is the prerequisite of achieving business goals.

The aim of risk management is to recognise and assess risks systematically and manage them cost-efficiently by

  • ensuring that all known risks to personnel, customers, products, reputation, assets, human capital and operations are addressed, always according to law, based on best available knowledge and with justifications, taking into account the current financial situation,
  • meeting the expectations of stakeholders (owners, customers, personnel, suppliers and society),
  • ensuring uninterrupted, continuous operations, and
  • promoting the efficient utilisation of opportunities and profit potential.

Risk management roles and responsibilities within Apetit Group

The Board of Directors or the Audit Committee of Apetit Group monitors the Group’s risk management process and ensures that it works efficiently and is comprehensive, approves the level of the risk management policy, risk bearing and risk tolerance, and re-assesses these at least annually as part of the company’s strategy definition and goal setting.

The Group CEO is responsible for the achievement of the set goals, the monitoring of risks related to the goals and the risk management process by allocating sufficient resources to risk management and reviewing and approving the risk management principles. The Group CFO is responsible for the continuous development of the risk management process by specifying the operating principles and organising the risk management tasks. The CFO also defines the reporting needs in risk management and assesses the results of risk reporting.

Business units and Group Functions recognise and assess risks in their respective areas of responsibility. The leaders of business units and Group Functions plan and implement risk management and monitoring measures and report on risks in their areas of responsibility, following the agreed instructions and timetables.


Apetit Plc reports on its risk management, most material risks and changes in the risk situation:

  • according to the rules on stock exchange releases,
  • according to the Limited Liability Companies Act,
  • according to good governance practice,
  • in its annual reports and/or interim report, as necessary,
  • at meetings with investors and analysts, and
  • elsewhere, as needed.

Approving and reviewing the risk management policy          

The Board of Directors of Apetit Plc has confirmed the Group’s risk management policy and principles.  Risks and risk management are reported to the Board of Directors at least once a year extensively, material changes in the risks at least once per quarter and risks with large-scale impacts without delay.

The risk management policy is reviewed annually to ensure that it corresponds to the prevailing conditions and to any changes in the operating environment.