Risk management is an integral part of Toivo’s management system and risk identification and management is part of proactive management. Risk management is part of the management’s responsibility and an integral part of planning and monitoring processes, projects, operational activities and related decision-making.
The most important task of risk management is to ensure Toivo’s financial position in all situations and to take care of the company from a risk management angle and, above all, to prevent risk materialisation as far as possible, without unduly limiting business activities. In this context, undue limitation means that risk management is used to identify risks by the organisation, manage and prevent risks, but does not prevent carrying out the business as defined in the strategy.
The risks related to Toivo’s business activities are described in a brochure approved by the Financial Supervisory Authority on 28 May 2021.
The Board of Directors decides on the risk management plan and procedures and is responsible for its organisation
The CEO manages and supervises the operations of the different units and the employees.
The Chief Risk Officer manages and supervises risk management throughout the organisation and makes proposals together with the CEO. The Chief Risk Officer together with the CFO orders internal audit services from an external operator approved by the Board of Directors and the CEO reports to the Board of the Directors on the appropriateness and adequacy of internal control and risk management. The methods are used to evaluate performance and efficiency and the aim is to support the organisation at all levels in systematic implementation of risk management.
The steering group outlines the risk management together with the CEO and the Chief Risk Officer in connection with investment decisions
The management team outlines risk management together with the CEO and the Chief Risk Officer (both are members of the management team). Practical tasks can be delegated in the organisation, but responsibility lies with the management. Management supports the creation and further development of a responsible risk management culture and ensures that risk management is considered in the strategy process and performance guidance. Risk management is part of the control and management system and management team work at all levels of the organisation. The company's management team will handle risks related to the whole company and risk management measures together with the Chief Risk Officer.
Head of units and the construction management team prepare risk management plans in the units in accordance with company guidelines, coordinate the risk management and its implementation in their activity, group, and area of responsibility considering their operational activities, identify, notify and report on risks related to the operations of their organisation unit in an appropriate manner, and are responsible for risks in their own units.
The project developer or project manager are responsible for risk management as part of project and site management. The risk management of projects and the sites include in particular identification, analysis, handling and reporting of risks related to the completion of the work and achievement of objectives. In their risk management, the potential new risks included in the intended outcome must also be considered.
Employees are responsible for implementing the goals, quality, risk management and safety set in their own job, identifying and reporting risks associated with their own work and any deviation to their manager or other relevant party. An employee must consider the applicable guidelines and regulations. Management must ensure that all personnel are aware of these and have been adequately trained.