Governance and culture
Risk management responsibilities
The Managing Board is accountable for the management of all risks associated with our company’s strategy and business objectives. To this end, an appropriate risk management system is in place.
It is the responsibility of the Business Groups, support functions, functional excellence departments and regions within DSM (the units) to set up, operate, maintain and monitor an appropriate risk management system within their area of responsibility. We apply elements of the Three Lines Model to manage risks effectively:
- First line: The responsibility for identifying, assessing and managing risks, including control execution, lies with the individual units
- Second line: Group Risk Management (GRM) designs, implements and maintains the overall risk management framework for the company. GRM also supports the first line in risk identification, assessment and management by designing and developing standards, systems and tools. Within GRM there is an independent department testing the effectiveness of the Internal Control Framework. Besides GRM, there are also other departments acting as a second line, for instance, DSM Safety, Health and Security
- Third line: Corporate Operational Audit (COA) conducts independent operational audits of all units on behalf of the Managing Board
GRM and COA report directly to the CFO, and COA has direct access to the COO as well as to the Audit Committee of the Supervisory Board.
Code of Business Conduct
The DSM Code of Business Conduct comprises our purpose, our culture, and our business principles, which form the basis for risk management. Our culture is directly related to our purpose of creating brighter lives for all. All our employees receive regular training on the Code of Business Conduct and on detailed aspects of relevant business principles.