TAURON Group’s risk management strategy

The enterprise risk management system (ERM System), implemented at the TAURON Group’s level, constitutes a set of rules, standards and tools allowing for implementing the primary goal of risk management which is, broadly understood, ensuring safety (security) of the TAURON Group’s operations.

The ERM system is governed by the Enterprise Risk Management Strategy in the TAURON Group (ERM Strategy) that defines the TAURON Group’s enterprise risk management framework and rules, and its goal is to ensure the consistency of managing the individual risk categories that were detailed in separate regulations, aligned to the specifics of the individual threat groups.

As part of the ERM System, the following specific risks are identified within the TAURON Group, for which separate policies tailored to the nature and specifics of the given group of threats are defined:

  1. Trading (commercial) risk,
  2. Financial risk,
  3. Credit risk,
  4. Operational risk,
  5. Regulatory risk,
  6. Project risk.

The figure below presents the basic classification of the enterprise risk.

tauron-model-inforgrafiki-EN-16 tauron-model-inforgrafiki-EN-16

The center of the ERM System is a risk management process that includes continuous activities, i.e. risk identification, risk measurement as well as developing and implementing a response to risk. The architecture of the ERMsystem also includes elements that are to ensure the effective functioning of the process, including: organization of the ERM System, risk control and monitoring rules, risk model, risk management tools, assessment of the adequacy and functioning of the ERM system.

The figure below presents the architecture of the ERM system in place in the TAURON Group.

tauron-model-inforgrafiki_2019-EN-40 tauron-model-inforgrafiki_2019-EN-40

Risk management system architecture

The center of the ERM System is a risk management process that includes ongoing activities such as risk identification, risk measurement, and developing and implementing a response to risk. The architecture of the ERM system also includes elements that are to ensure the effective functioning of the process, including

  • Organization of the ERM System.
  • Risk control and monitoring rules.
  • Risk model.
  • Risk management tools.
  • Assessment of the adequacy and functioning of the ERM system.

Figure 38 presents the architecture of the ERM system functioning in the TAURON Group. The detailed description of its individual elements is provided in the Report of the Management Board on the Operations of the TAURON Group for 2019.

tauron-model-inforgrafiki-EN-17 tauron-model-inforgrafiki-EN-17

The rest of the section provides brief descriptions of the elements of the risk management system architecture. The extended descriptions are provided in the Report of the Management Board on the operations of TAURON Polska Energia S.A. and the operations of the TAURON Group for 2019.

Risk management process

The process of enterprise risk management ensures the comprehensive and consistent risk management rules linked with one another in terms of methodology and information. The process of enterprise risk management means taking continuous measures comprising risk identification, risk assessment, planning of risk response, implementation of the adopted risk response and communication between risk management process participants.

Risk management process in the TAURON Group

consists in determining the potential events that may affect the implementation of business goals of the TAURON Group. The main purpose of this step is to create or update a list of risks that may affect the achievement of the business goals. The identified risks are described in accordance with the adopted methodology and have a specific context providing information on the impact of their materialization on the business goals.

consists in determining the potential financial and non-financial effects of the materialization of the risk affecting the implementation of specific goals and assigning the risk class thereto, defining the materiality of the risk from the point of view of its impact on the achievement of the goals.

consists in the preparation of the dedicated response to the risk identified in order to achieve the desirable results. The planned actions constituting the prepared risk response are dependent and adapted to the current level of the Key Risk Indicators (KRI), and in particular those among them that act as Early Warning Indicators (EWI).

consists in practical implementation of the responses to the identified risk, prepared in the planning process. The defined set of actions as part of the risk response, specified in the planning process, is dependent on the current level of the EWI indicators. The implementation of the subsequent activities as part of the response to risk requires ongoing monitoring of risk indicators, which is to provide information on what set of activities should be implemented and, at the same time, indicate whether the activities carried out are effective and risk management is bringing the assumed effect of maintaining the value of the EWI indicators EWI within the acceptance range.

consists in a continuous flow of information among the participants of the process, which is to ensure full knowledge on the current risk status and the effectiveness of the activities conducted as part of the response to risk. The periodical risk reporting is also an element of this process.

Roles and responsibilities of the risk management system’s participants

The key assumption of the risk management system in the TAURON Group is a clear and precise split of tasks and responsibilities, ensuring no conflict of interest. In particular, the system guarantees independence of the risk taking function from risk control and monitoring. This is achieved through the centralization of the control function at TAURON Polska Energia S.A. level, while maintaining the organizational and functional separation of the risk taking function. The rules in place in the TAURON Group introduce the function of the Risk Owner, i.e. the person responsible for managing the given risk as well as developing and implementing an effective response to a threat. While the control function, process coordination, as well as the responsibility for the correct functioning of the risk management system was placed at TAURON Polska Energia S.A., in the Area of the Executive Director for Risk.

A special role, as part of the risk management process, is performed by the Risk Committee as an expert team that persistently and continuously initiates, analyzes, monitors, controls, supports and oversees the functioning of the TAURON Group’s risk management system. The members of the Risk Committee include persons with appropriate knowledge of the Company and its environment as well as the required qualifications and empowerments. The task of the Risk Committee is to set norms and standards for risk management in the TAURON Group and oversight of the risk management process effectiveness. Within the Risk Committee two separate teams are set up, one for the trading (commercial) risk area and the other for the financial and credit risk area. Oversight of the enterprise risk management system is performed directly by the Risk Committee.

Within the ERM System the roles and responsibilities of all the participants of the TAURON Group’s risk management system are defined in detail.

Description of the ERM System participants’ roles and responsibilities in the TAURON Group

PARTICIPANT’S ROLES AND RESPONSIBILITIES
1) Assessment of the ERM System, especially of its adequacy and effectiveness.
2) Empowerment to audit the Company’s operations with respect to enterprise risk management, in terms of compliance with the expectations of the shareholders, supervisory and regulatory authorities.
PARTICIPANT’S ROLES AND RESPONSIBILITIES
Monitoring the ERM System’s effectiveness.
PARTICIPANT’S ROLES AND RESPONSIBILITIES
1) Assessment of the ERM System’s adequacy, effectiveness and efficiency.
2) Taking formal decisions related to the key elements the TAURON Group’s enterprise risk management, including approving the list of risks with respect to which the Management Board will be performing the Risk Owner’s function.
3) Approving the TAURON Group’s risk tolerance and global limits for the key risks.
4) Managing the risks of special importance for the TAURON Group’s operations
PARTICIPANT’S ROLES AND RESPONSIBILITIES
1) Overseeing the TAURON Group’s risk management process.
2) Control of (auditing) the TAURON Group’s risk exposure.
3) Providing opinions and recommending to the Management Board the shape of the individual elements of the risk management infrastructure.
4) Defining the TAURON Group’s risk tolerance and global limits for the key risks, and also applying to the Management Board for the approval or change thereof.
5) Overseeing the preparation of the quarterly information for the Management Board on all important issues related to the TAURON Group’s risk.
PARTICIPANT’S ROLES AND RESPONSIBILITIES
1) Coordinating the risk management process on all levels and in all areas (lines of business) of the organization’s operations.
2) Responsibility for the development of the ERM System (threat identification, evaluation monitoring and checking methods, processes and procedures).
3) Support and oversight over the system’s participants in the risk management implementation and evaluation of its efficiency.
4) Preparing and providing the risk reports to authorized risk management process participants.
5) Actions aimed at developing supportive organizational culture and raising awareness with respect to the TAURON Group’s risk management.
PARTICIPANT’S ROLES AND RESPONSIBILITIES
Periodic review of the correctness of designing and implementing as well as the effects of actions taken within the ERM System.
PARTICIPANT’S ROLES AND RESPONSIBILITIES
1) Responsibility for risk management within a subsidiary.
2) Promoting risk management culture in a subsidiary.
3) Responsibility for the appropriate reactions to risk and the effectiveness thereof.
4) Appointing Risk Owners at the given subsidiary.
5) Approving, in justified cases, plans of response to risks and taking ongoing decisions related to dealing with risk in case the established risk values (escalation threshold) are exceeded.
6) Taking ongoing decisions related to dealing with risk in case the established risk values (escalation threshold) are exceeded
PARTICIPANT’S ROLES AND RESPONSIBILITIES
1) Responsibility for actions related to the implementation of the risk management process as part of the entrusted area of responsibility, in context of an impact on the ongoing operations as well as on the implementation of the strategic, operational and financial goals of the unit.
2) Responsibility for preparing a plan and for implementing a reaction to risk in case its established values are exceeded, and also for the communications and reporting within the risk management implemented.

Risk control and monitoring rules

The purpose of the adopted risk control and monitoring rules is to limit the TAURON Group’s exposure to factors that may have an adverse impact on its functioning. The basic risk control tool is the risk tolerance approved by the Management Board that defines the value of the maximum permitted risk exposure in the TAURON Group.

The process of defining the risk tolerance takes into account the specifics and scope of the TAURON Group’s operations. Its level is defined as a value, and the rules of measurement of individual risks in the organization ensure the consistency of risk measurement with the applied tolerance definition. The risk tolerance constitutes the basis for allocation of its level to the global limits dedicated to a single risk or many specific risks. Subsequently global limits are allocated to operating limits within the specific risk management. The key assumption is to guarantee independence of the risk taking function from risk control and monitoring which guarantees safety of the functioning of the organization.

A supplementary tool used for risk monitoring and control comprises the Early Warning System based on the catalogue of Key Risk Indicators – KRI and Early Warning Indicators – EWI. The system functioning based on the KRI and EWI indicators enables an appropriately early identification of threats by measuring the causes of the individual threats. At the same time this system allows for an appropriately early taking of remedy actions, before the individual threats actually materialize.

Risk management tools

Risk management tools used by the TAURON Group allow for effective implementation of the individual stages of the process. The TAURON Group uses, in particular, the following tools:

  • Risk identification / review questionnaire, i.e. a document in the form of a table, specifying the detailed information that should be collected in the risk identification or periodic review process,
  • Risk card, i.e. a document containing the detailed information on the identified risk.
  • Risk register, i.e. a document in the form of a table with a summary of the risks associated with the operations of the TAURON Group, containing, in particular, their descriptions, categories and valuations.
  • Risk response plan, i.e. a document containing a prepared action plan, the early enough launching of which will allow for reducing exposure to a given risk to an acceptable level before it occurs, as well as for limiting the effects of the risk at the time of its materialization
  • Risk assessment form, which is a tabular summary of detailed information on risk measurement, including, among others, the determination of the impact and the probability associated therewith of risk materialization and the information on the current level of risk measurement parameters (KRI / EWI).

Risk model

Risk model defines a consistent risk classification, enabling a consistent and comprehensive capturing of risk across the TAURON Group. Each risk identified is assigned to specific categories and sub-categories. The main risk categories and sub-categories, in accordance with the TAURON Group’s Risk Model in place, include:

  • within which the following risks are identified:
    • Environment – risks determining the impact of the external environment (stakeholders) on the implementation of the TAURON Group’s goals,
    • Technology, infrastructure and security – all events having an adverse effect on the security of employees, information as well as the generation, transmission, mining or IT infrastructure,
    • Employees and organizational culture – risks related to employee issues and organizational culture,
    • Compliance Risk – risks related to non-compliance, internal and external abuse as well as unethical behavior,
    • Customers and contractors (counterparties) – risks related to the volatility of the supplies / services market, failure of the customer / contractor (counterparty) to meet contractual obligations and the adverse changes or terminations of commercial contracts by customers, affecting both volume as well as margin.
  • within which the following risks are identified:
    • Finance and credit – risks related to changes in exchange rates and interest rates, as well as the risk of the TAURON Group’s contractors (counterparties) defaulting on contractual obligations.
  • within which the following risks are identified:
    • Trading – risks determining the market volatility of electricity and related products market prices to which the enterprise is exposed.
  • within which the following risks are identified:
    • Regulations – risks determining the adverse impact of changes in the legislation at the national and the European level having a direct impact on the operations of the TAURON Group

Assessment of the adequacy and the functioning of the risk management system

Risk management is a systematic process subject to continuous improvement which allows for aligning it on an ongoing basis to the TAURON Group’s specifics and organizational structure, as well as to the changing environment. It is also subject to a periodic, internal and independent assessment of adequacy and reviews:

  • ERM System is subject to continuous reviews with respect to its adequacy and alignment with the structure and specifics of the TAURON Group’s operations, as well as to the changing environment,
  • not less seldom than once a year the Executive Director for Risk prepares a report on the assessment of adequacy of the ERM System’s architecture for the members of the Risk Committee, Executive Director for Audit, as part of performing the institutional (third line of defense), periodically conducts an independent audit of risk management in the TAURON Group verifying the appropriate implementation of the rules by the process participants, as well as its adequacy and effectiveness

Search results: