This site uses cookies to store information on your computer. Learn more x

Risk Management

At DSM, clear structures and transparent business practices are what risk management is about. The goal is the maximum integration of DSM’s risk management system in the normal business processes. The purpose of the risk management system is to:
  • Systematically identify / assess / mitigate the risks (strategic / financial / operational / reputational) which are related to the company’s short and longer term objectives;
  • monitor and ensure the company’s reporting is reliable;
  • monitor and ensure the company complies with its Core Value and all relevant laws and regulations.

The Managing Board is responsible for risk management in the company. With the support of the Corporate Risk Management department, the Board has designed and implemented a risk management system and organization. This system is documented in the DSM risk management policy, the DSM Code of Business Conduct and related Triple P principles as laid down in the One DSM booklet, DSM policies in functional areas and the DSM Corporate Requirements and Directives.

“Beyond Compliance” Strategy

With the support of a number of DSM Risk Managers the new DSM Risk Management “Beyond Compliance Strategy" was launched in late 2013.

The Beyond Compliance Strategy will be implemented step-by-step within DSM to move from risk management compliance to better risk assessments to risk management solutions. In this way we will move further along the risk management maturity curve and attain the next level of risk management, enabling us to deal with new trends and future challenges.

In deploying the new Beyond Compliance Strategy we would like to build on the One DSM Culture Agenda. There are four culture themes: External Orientation, Accountability for Performance, Collaboration with Speed and Inclusion & Diversity. We believe that if we combine these themes and align them with the new strategy, we can become a business partner within DSM and strengthen our risk management discipline.

The Beyond Compliance Strategy has three main pillars:

  • Compliance: we have a great foundation which efficacy can be further improved by:
    • Simplify Corporate Requirements (CR) in terms of easy access ability (new RM Website and 5 page summary of 1000 pages of CR) as well as focusing on the key requirements, while also via ‘typicals’ the way of applying the CR has been simplified
      Implement new tools like SAP GRC to (pro-actively) reduce and control the potential SoD (Segregation of Duties) conflicts.
    • Secure the implementation of the company’s Core Value via more inspiring content of the Code of Business Conduct and related Value trainings as well as by improved L&D systems.
  • Risks Assessments: as we do continuously in the area of Safety we should strengthen the quality of our risks assessments and share what we learn within the different (business) units. Such quality improvement can be obtained via a better team composition (X-Functional and/or invite a challenger from another unit and/or involve external experts) and/or apply Monte Carlo simulations.
  • Solutions: this pillar aims to raise risk management to a higher maturity level by more outside-in and the sharing of internal best practices. It also contains Risk Management training in terms of the hard content as well as the soft behavioral part to becoming a true Business Partner.
  Compliance Objectives vs. Risks Solutions
Elements Code of Business Conduct; Policies; Corporate requirements; Directives Corporate Risk Assessment; Business Risk Assessments; Process Risk Assessments; Letter of Representation External and internal best practices; Training of hard as well as soft elements to become a true Business Partner
Strategy Simplify Strengthen Develop
Examples 'One pager' access to the CR’s as well as ‘typicals’; New tools like SAP GRC to control potential SoD conflicts; New more user friendly RM website Improve quality of our Risk Assessments by better team composition including challenger and/or external experts; Share lessons from the Letter of Representation reporting Outside in from peers, academics, institutions, NGO’s; Various integration plans; Learn from incidents; Identify emerging risks
Mindset Non-discussable values, obligatory control, consequence management Awareness, training, cross-functional reward, trust and verify One DSM culture & leadership model Awareness, training, cross-functional reward, trust and verify One DSM culture & leadership model