Risk management

The management of VR Group is committed to risk management and to the development of risk management. The risk management of VR Group is guided by the risk management policy approved by the Board of Directors of VR-Group Ltd. The policy sets out the principles, objectives and responsibilities of risk management and the operating practices observed in risk management.

The purpose of risk management is to provide an up-to-date, accurate and comprehensive opinion on the risks of VR Group. In VR Group, risk management is a continuous activity the purpose of which is the comprehensive and appropriate identification, assessment, management and control of the Group's major risks.

Risk management is an essential element of all processes in the VR Group. The Chief Executive Officer is responsible for arranging risk management in the Group. In business and support units, risk management is the responsibility of the senior management. VR Safety is responsible for ensuring an up-to-date risk policy, for supporting its implementation and for monitoring and developing risk management practices and for reporting on them to the Management Team and the Board of Directors. A separately appointed risk management development team guides and supports the persons responsible for individual risk types in the implementation of risk management.

The aim of risk management in VR Group is to promote the achievement of the Group's strategic and operational objectives and to ensure the profitability and continuity of the Group's business operations. In VR Group's risk management, risks are divided into four categories: strategic, economic, operational and hazard risks. These four categories are further divided into different types of risk. Below is a category-specific listing of the most important types of risk examined here.

Strategic risks Economic risks Operational risks Hazard risks
Group-level strategic risks Agreements and responsibilities Organization and management Personnel
Logistics Compliance risks Human resources Customers and stakeholders groups
Passenger services Governance risks Train operations Environment
Infrastucture engineering Purchases Logistics operations Group assets
International business operations Credits Passenger services operations
Reputation and communications Interest payments, currencies and liquidity Infrastructure engineering production and maintenance
Political developments and regulations Financial reporting Rolling stock mainenance
Company acquisitions Information technology
Traffic disruptions
Management of traffic disruptions and crisis situations

A plan of action has been prepared to prevent major risks from occurring and a person has been appointed to be responsible for each risk. A risk management situation report is delivered twice a year to the Group's Management Team in connection with strategy monitoring and operational planning, and once a year to the Board of Directors.