Any failure by any of its business units to meet production safety, social, environmental and/or ethical standards could harm DSM’s reputation and thereby impact on its business and results. DSM has confirmed sustainability to be its core value and, on the basis of this, has formulated a Code of Business Conduct specifying desired behavior on the social, environmental and economic dimensions. The Code is distributed in 17 languages, (e-) learning has to be followed by all employees and compliance is being actively monitored and followed up. This should reasonably assure appropriate employee conduct. Moreover, the company mitigates its reputation risk by making substantial efforts to reduce the probability that any of its units will fail to comply with internal requirements and/or external laws and regulations. Nevertheless, incidents, accidents or mistakes by individual employees may occur that negatively impact DSM’s reputation.

The company tries to meet or exceed customer expectations at all times. Customer satisfaction is measured regularly. Appropriate process and product quality management is in place to mitigate the risk of non-compliance with specifications and customer agreements. Nevertheless, it cannot be ruled out that issues could arise in this area, leading to complaints, claims and loss of customers. The latter risk is limited by the fact that the largest customer represents less than 2% of DSM’s turnover.

DSM tries to mitigate production process risks by spreading production where possible, but concentration is necessary in order to achieve economies of scale. The design of any new facilities and/or production processes requires incorporation of state-of-the-art safety and security facilities. Plants are designed according to the highest technical and technological standards and are regularly and systematically inspected against predefined risk and maintenance standards. Nevertheless, technical and technological risks may not always be sufficiently well known or controlled so as to exclude any mishaps. These could affect the quality, costs and/or availability of products.

The influence of major physical disruptions caused by mishaps affecting the supply line or facilities in the company has been inventoried and business continuity plans have been put in place. Unexpected developments may nevertheless result in interruptions of supply to customers, causing financial and reputational damage.

As a result of DSM’s strategy, the company’s product portfolio has shifted and is still shifting. This has been accompanied by a corresponding shift in the product liability risk profile. To protect itself against these risks, DSM has put in place highly demanding process and product requirements and is putting in a great deal of effort on an ongoing basis to assure that all its units comply with internal and external regulatory requirements (e.g. FDA). Additionally, DSM has stepped up its efforts to structurally assess product liability exposures, and the company has enhanced its sales contracting policies. Nevertheless, it can never be totally excluded that product-liability issues may lead to financial and/or reputation damages.

In order to control potential ICT risks DSM employs a policy of using proven hardware and software solutions. Group-wide, DSM works with integrated and standardized ICT infrastructures, back-up, encoding and encryption systems, replicated databases, virus and access protection and a fully compatible global network and intranet. Regular local ICT-security assessments should ensure adequate local applications. External ICT-service providers have been contracted in and are required to report regularly on the measures they are taking to reasonably ensure that DSM’s IT processes are reliable and secure. IT Business Continuity plans should limit the impact of major mishaps in the IT environment. Although DSM has thus applied strict measures with regard to the security and reliability of its IT systems, incidents regarding for example back-up recovery, hot failover systems, virus attacks, hacking and international network connections may still occur, and this can have a material impact on business operations and data security.

Strategy implementation for a large part takes place through the implementation of major programs and projects in a variety of fields, such as innovation, mergers and acquisitions, organizational change, business process development, ICT, construction and human resources. DSM has extensive experience in program and project management. It seconds its best people to programs and projects that are considered critical. Specific project management training courses are in place. Moreover, independent Value Assurance Reviews and direct Managing Board oversight are in place to mitigate the risk of failure of major projects. Programs and projects may nevertheless fail to produce the (financial) results projected.

DSM employs strict practices with regard to the assessment and control of (information) security risks. In the design of the processes governing the goods and money flows, strict standards of Internal Control have been taken into account and the functioning of these controls is being monitored regularly. Nevertheless, (information) security incidents and/or misappropriation of goods or money through mistakes or fraud may still occur, possibly causing material damage to the company.

DSM invests in a good relationship with its employees and tracks employee engagement, amongst other things by conducting worldwide surveys. Nevertheless, it cannot be excluded that risks materialize in the area of industrial relations.

DSM implements strict policies with regard to the containment of safety, health and environmental risks. Nevertheless, safety, health or environmental elements may not always be sufficiently well known or controlled so as to prevent any possible mishaps. In 2011 a number of serious safety incidents occurred, including a fatal accident with a contractor employee at DSM Chemicals North America (Augusta, Georgia, USA) and an explosion at AGI Taiwan seriously injuring employees and causing a prolonged outage of the plant. Safety procedures were further enhanced through the introduction of a set of life-saving rules.

^{*) For the risk categories marked with an asterisk, the financial impact of part of the potential losses are limited by (global) insurance policies. These policies reduce the financial impact of potential losses due to damage to property, business interruption and general liability exposures, including the liability risks related to the products produced. In the year under review, all products in DSM’s portfolio were covered under the company’s corporate liability insurance programs. For losses covered by the various policies the self-insured retention at corporate level for any one incident was limited at about €30 million per occurrence with an annual aggregate maximum of €45 million. DSM has in place insurance cover for excess risks related to property damage/business interruption as well as general liability up to contracted maximum amounts that are deemed to be appropriate in view of the risk profile of the company.}

The main financial risks faced by DSM relate to liquidity risk and market risk (comprising interest rate risk, currency risk and price risk). DSM’s financial policy is aimed at minimizing the effects of fluctuations in currency-exchange and interest rates on its results in the short term and following market rates in the long term. DSM uses financial derivatives to manage financial risks relating to business operations and does not enter into speculative derivative positions. DSM's financial policy is discussed extensively in the Integrated Annual Report 2011, which also contains specific information on liquidity risks and market risks.

With defined benefit obligations in a number of countries, DSM is exposed to volatility in financial markets that can cause changes in future pension costs for the company and in the funded status of the individual pension plans. To reduce these risks, the investment strategies of the individual pension plans are aligned with the risk profile of the underlying pension obligations and DSM closely monitors the investment policies. The volatility in cash contributions to these plans is limited due to contractual arrangements. The financial situation of the funds may nevertheless be impacted by disruptions in the financial markets. The pension scheme of the Pension Fund DSM Netherlands has been converted to a defined contribution plan, reducing the pension risks for DSM substantially.

Financial risks additional to the liquidity and market risks mentioned above include commodity price risk and credit risk. Furthermore, the major credit rating agencies may change their assessments of DSM creditworthiness; thereby affecting the company’s borrowing capacity and/or the conditions under which it can borrow money and causing fluctuations in the cost of finance. The company aims to keep its Single A credit rating. With respect to income tax DSM has accrued for tax liabilities on the basis of interpretations of tax laws and regulations that may be challenged by tax authorities. In the determination of tax liabilities these uncertainties are taken into account. Furthermore, DSM has recognized deferred tax assets that require utilization of tax loss carry forwards. In certain countries these loss carry forwards are restricted in time and /or amount and DSM runs the risks that these assets may not be fully recovered.

DSM has put in place a Code of Business Conduct, Policies, Requirements and Directives in order to induce ethical behavior in the company and clearly mark the limits of risk taking to be observed in (operational) processes. The implementation of these principles, policies and requirements is monitored and reported by the units themselves and through independent full operational audits. Nevertheless, it cannot be excluded that non-compliances may occur, leading to risks and possible financial and/or reputational damage.

DSM operates in fields to which a multitude of (international) laws and regulations apply. Although a great deal of attention is given to full compliance with all these laws and regulations, breaches may still go unnoticed, possibly leading to fines, loss of permits and/or reputational damage.

DSM anticipates regulatory developments and contributes to such developments where appropriate. Changes in laws and regulations may nevertheless impact the company’s ability to implement its strategy and/or may have detrimental effects on profitability.

In the Annual Report 2011 some of the control failures are mentioned that occurred in spite of the company’s risk management efforts. They can be found in the section: 'What still went wrong'. All failures are extensively analyzed and lessons learnt are implemented.