Our risk and opportunity management process contains the following components:...
Our risk and opportunity management process contains the following components: –Risk and opportunity identification: The adidas Group continuously monitors the macroeconomic environment, developments in the sporting goods industry, as well as internal processes to identify risks and opportunities as early as possible. The Risk Owners have primary responsibility for the identification of risks and opportunities. The Group Risk Management department has defined a catalogue of potential risks (Risk Universe) to assist Risk Owners in identifying and categorising risks and opportunities. Our broad network of Risk Owners, which includes senior managers across all functions and markets, ensures an effective identification of risks and opportunities. While various Risk Owners – according to their area of responsibility – actively monitor changes in the overall macroeconomic, political and social landscape, others closely observe brand, distribution channel and price point developments as well as changes in other areas such as input prices, financial market conditions or technological developments.
The Risk Owners use various instruments in the risk and opportunity identification process such as primary qualitative and quantitative research including trend scouting, consumer surveys as well as feedback from our business partners and controlled space network. These efforts are supported by global market research and competitor analysis. Through this process, we seek to identify the markets, categories, consumer target groups and product styles which show most potential for future growth at a local and global level. Equally, our analysis focuses on those areas that are at risk of saturation, or exposed to increased competition or changing consumer tastes.
–Risk and opportunity evaluation: In order to manage risks and opportunities in an effective way, we evaluate identified risks and opportunities individually according to a systematic evaluation methodology, which is applied consistently and allows adequate prioritisation as well as allocation of resources. According to our risk and opportunity management methodology, a risk and opportunity score is calculated by multiplying the potential financial impact in the upcoming twelve-month period with the likelihood of occurrence. The financial impact represents the biggest possible potential effect on the relevant income statement metrics (operating profit, financial result or tax expenses). The financial impact is evaluated by utilising five categories: Marginal, Minor, Moderate, Significant and Major. Likelihood represents the possibility that a given risk or opportunity may occur. The likelihood of individual risks and opportunities is evaluated on a percentage scale divided into five categories: Unlikely, Possible, Likely, Probable and Highly Probable.
In order to assess the potential financial impact for each individual risk, the gross risk score and the net risk score have to be evaluated. While the gross risk score reflects the worst-case negative financial impact before any mitigating actions, the net risk score reflects the expected financial impact after all mitigating actions. This approach on the one hand allows for a good understanding of the impact of an individual mitigating action taken, and on the other hand provides the basis for scenario analysis and simulations. In addition, the respective Risk Owners are also required to assess each risk from a timing perspective in order to determine when the risk could materialise. Whenever a risk materialises, we measure the actual financial impact against the original assessment. In that way, we ensure continuous monitoring of the accuracy of risk evaluations across the Group.
In assessing the potential effect on the relevant income statement metric from opportunities, each opportunity is appraised with respect to viability, commerciality and potential risks. This approach is applied to longer-term strategic prospects but also to shorter-term tactical and opportunistic initiatives at both the Group and, more extensively, the market and brand level.
–Risk and opportunity handling: Risks and opportunities are treated in accordance with the Group’s risk and opportunity management principles as described in the Group Risk Management Policy. Risk Owners are in charge of developing and implementing appropriate risk-mitigating actions and exploiting opportunities within their area of responsibility. In addition, the Risk Owners need to determine a general risk handling strategy for the identified risks, which is either risk avoidance, risk reduction with the objective to minimise financial impact and/or likelihood of occurrence, risk transfer to a third party or risk acceptance. The decision on the implementation of the respective risk handling strategy also takes into account the costs in relation to the effectiveness of any planned mitigating actions if applicable. Group Risk Management works closely with the Risk Owners to monitor the continuous progress of planned mitigating actions and assess the viability of already implemented mitigating actions.
–Risk and opportunity monitoring and reporting: Our integrated risk and opportunity management system aims to increase the transparency of Group risks and opportunities. As both risks and opportunities are subject to constant change, Risk Owners not only monitor developments, but also the adequacy and effectiveness of the current risk handling strategy on an ongoing basis.
Regular risk reporting consists of a two-step reporting stream. Firstly, on a quarterly basis, Risk Owners are required to report to Group Risk Management gross risks with a possible impact on the relevant income statement metric above the threshold of € 50 million regardless of their likelihood of materialising and net risks with an expected value (i.e. potential impact on the relevant metric in euros multiplied with likelihood of materialising) of over € 1 million. Opportunities are aggregated separately with Risk Owners reporting all opportunities with an opportunity value of above € 1 million on the relevant metric.Secondly, Group Risk Management aggregates the reported risks and, also on a quarterly basis, provides the adidas AG Executive Board with a consolidated Group-wide report based on the Risk Owners’ input.
Material changes in previously reported risks and/or newly identified risks with a potential net impact on the relevant income statement metric of more than € 5 million, and any issues identified which due to their material nature require immediate reporting to the Executive Board, are also reported outside the regular quarterly reporting stream on an ad-hoc basis.
Description of the main features of the internal control and risk management system relating to the financial reporting process pursuant to § 315 section 2 no. 5 German Commercial Code (Handelsgesetzbuch – HGB)
We regard the internal control and risk management system relating to the consolidated financial reporting process of the adidas Group as a system which is embedded within the Group-wide risk management system. The internal control and risk management system with respect to the financial reporting process aims at avoiding false representation in our Group accounting and in external financial reporting. To this end, Group-wide compliance with statutory provisions and internal Group regulations must be ensured. We regard the internal control and risk management system as a process based on the principle of segregation of duties, encompassing various sub-processes in the areas of Accounting, Controlling, Taxes, Treasury, Planning, Reporting and Legal, focusing on the identification, assessment, treatment, monitoring and reporting of financial reporting risks. Clearly defined responsibilities are assigned to each distinct sub-process in the various areas. In a first step, the internal control and risk management system serves to identify and assess as well as to limit and control risks identified in the consolidated accounting process which might result in our consolidated financial statements not being in conformity with regulations.
The internal control system relating to the financial accounting process serves to provide reasonable assurance that the financial statements are prepared in compliance with regulations despite identified financial reporting risks. To ensure the effectiveness of the internal control and risk management system, the Internal Audit department regularly reviews accounting-relevant processes. Additionally, as part of the year-end audit, the external auditor examines selected internal controls of the system, including the IT systems, to assess their effectiveness. Even with appropriate and functional systems, however, absolute certainty cannot be guaranteed.
adidas AG defines uniform consolidated accounting policies and updates these on a regular basis, dependent on regulatory changes and internal developments. Clear regulations serve to limit employees’ scope of discretion with regard to inclusion and valuation of assets and liabilities, thus reducing the risk of inconsistent accounting practices within the Group. These policies are available to all employees involved in the financial accounting process through the Group-wide intranet. Material changes are communicated to the subsidiaries Group-wide on a quarterly basis. We aim to ensure compliance with the financial accounting rules through continuous adherence to the four-eyes principle in accounting-related processes. Certain reporting obligations and the extent thereof are mandatory for the Group’s subsidiaries. Adherence to reporting obligations and timelines is monitored centrally by Group Accounting.
Financial accounting at subsidiaries is conducted either locally by the respective company or by a Shared Service Centre that provides this service for several subsidiaries. Most of the IT systems used are based on SAP AFS. Some Group companies use Navision-based ERP software that was developed in-house. The individual financial statements are subsequently transferred into a central consolidation system based on SAP SEM-BCS. The regularity and reliability of the financial statements prepared by subsidiaries is reviewed at Group level by Group Accounting and Controlling. If necessary, the Group seeks the opinion of independent experts to review business transactions that occur infrequently and cannot be processed as a matter of routine. Controls within the consolidation process such as those relating to the consolidation of liabilities or of revenues and expenses are conducted both automatically (system-based) and manually. Any inadequacies are remedied and reported back to the subsidiaries.
All financial systems used are protected against malpractice by means of appropriate authorisation concepts and access restrictions. Access authorisations are reviewed on a regular basis and updated if required. The risk of data loss or outage of financial-accounting-related IT systems is minimised by Group IT through central control and monitoring of virtually all IT systems, centralised management of change processes and with support through regular data backups.