— Corporate governance — Risk management
Risk management
At medmix, risks are assessed regularly as part of the company’s integrated risk management process. The procedure to understand and manage risk is based on a landscape framed by medmix’ objectives and operating environment. Risks need to be documented, including key elements such as the risk event and the potential cause. Risk analysis establishes the potential impact of each risk and its likelihood of occurrence. The combination of these two factors determines the severity of the risk. The tolerability of each risk is based on a risk evaluation for which the results are discussed with the management and the Audit Committee. In case the severity of a risk exceeds the defined risk tolerance level, appropriate risk mitigation actions will be implemented. Monitoring and reviews are integral to medmix’ successful risk management. Roles and responsibilities are regulated in the standardized framework of the three lines of defense model.
External and markets
Market assessment
Risk: Non-appropriate approaches to market development opportunities could cause business losses.
Mitigation: Continuous observation and identification of global market circumstances to ensure adjustment to market concepts.
Geopolitical shocks
Risk: Geopolitical volatility becoming a key driver of uncertainty impacting currency risks and effectiveness of operational execution.
Mitigation: Consistent improvement in building full visibility of political risk exposures. Interrelations will be looked at holistically in the context of other risks.
Strategic
Innovation
Risk: Failure in R&D and innovation activities could negatively impact the ability to operate and to grow the business. Insufficient investments in innovation could hinder maintaining leading technologies and the development of innovative products.
Mitigation: Active enforcement of R&D planning processes and robust tools to ensure that all risks are managed carefully, and failures will be caught early, before significant resources have been expended.
Operational
Employee development
Risk: Failure to attract, retain, and develop people could lead to a lack of critical skills and knowledge, which hinders daily operations, growth potential, and long-term competitiveness.
Mitigation: Increase engagement in motivating performance for people based on a retention strategy and employee learning and development to reduce turnover and retain talent within the organization.
Health and safety
Risk: An unsafe working environment could lead to harm to people, reputational damage, fines as well as liability claims and could have a serious economic impact.
Mitigation: Implementation of global medmix environment, health and safety (EHS) directive, requiring all sites to conduct comprehensive workplace and/or activity risk assessments, establish relevant work instructions, and provide health and safety training as required. Usage of a single web-based solution for the reporting and analysis of work-related injuries and illnesses, near-miss incidents, EHS observations, and safety walks. Currently, 5 out of 13 medmix sites are certified according to ISO 45001 and we plan to have all sites certified by 2025.
Environmental
Risk: Environmental damage could lead to harm to people and nature, reputational damage, fines as well as liability claims and could have a serious economic impact.
Mitigation: Implementation of sustainability policy and road map requiring all sites to be supplied by low-carbon electricity, optimize water-usage, and divert all waste from landfill by 2025. Reduction of transportation of goods by air. Establishment of web-based reporting for environmental data and EHS incidents. Processing of due diligence of new acquisition and divestiture projects. Plan to have all manufacturing sites certified to ISO 14001 and ISO 50001 by 2025 for both standards.
Compliance
Risk: Non-conformance with laws, regulations, and compliance obligations, including business-specific regulations such as regulations applicable for medical products, could lead to fines, legal or regulatory sanctions, causing damage to business resilience or damage to reputation.
Mitigation: Implementing a corporate compliance framework that enables medmix to continuously achieve objectives, address potential uncertainty, and act with integrity. Mitigating non-compliant behavior by enforcing a Code of Business Conduct, policies, procedures, and other internal controls to steer the workforce to certain standards of behavior. The objective is to ensure that the company’s conduct remains in compliance with the law. The compliance framework includes assessments and risk mitigation actions in compliance with regulations specific to the medical business. Regulatory compliance expertise has been built up and will be maintained.
Quality of products and services
Risk: Product and services failing to comply with high-quality expectations and high operating standards and non-compliance with relevant regulation and contractual requirements could cause financial losses and reputational discredit. Our operations are subject to a broad range of regulatory requirements worldwide. Product deficiencies could result in product recalls ordered by authorities or customers.
Mitigation: Permanent development of quality controls based on agile risk assessment approaches including third-party accreditation and audits for early-signs detection. Maintaining a high standard of competence and qualification of employees to increase team productivity and product performances. The objective is to ensure that the company's conduct remains in compliance with global regulatory requirements and with the law. Product monitoring and traceability provide early indicators for product failures and reduce the response time to react to and mitigate exposures.
Business interruptions
Risk: Physical or virtual business interruptions such as storms, fires or IT outages, occurring through malicious or accidental cause or driven by internal operations or external factors such as suppliers, service providers, or pandemics, could have an impact on operations and supply chains and thus could lead to serious economic impact.
Mitigation: Continuous monitoring of risk environment and development of risk mitigation policies and strategies for global crisis, emergency, and IT management systems. Continuous enhancement of IT infrastructure to ensure IT security standards contain a disaster recovery plan and incident response team availability. Extension of flexible alternative global procurement strategies and manufacturing footprint.
financial
Financial markets
Risk: The movements in interest, foreign exchange and commodity markets could lead to fluctuations in the results of medmix.
Mitigation: Quantification of the market risks according to the exposure calculation stipulated in the risk framework and subsequent management of these exposures through hedging opportunities or financial derivatives to stay within the given limits.
Credit
Risk: Deterioration or default of financial and commercial counterparties could lead to partial or full write-offs of outstanding receivables, impacting the results of medmix.
Mitigation: Effective establishment of credit policies, procedures, and processes to ensure effectiveness of economic transition by implementing individual risk assessments for customers (KYC) and key financial indicators (KFIs), credit risk rating scores, and a strong third-party credit quality check.
Liquidity
Risk: Inability to meet payment obligations in a timely manner and lack of access to appropriate funding for medmix.
Mitigation: Continuous monitoring of group-wide account balances and cash forecasts to optimize liquidity and investments. Implementation of a funding structure in which the company’s financing tranches mature at different points in the future.