Strategy and objective-setting
The Managing Board supported by the Executive Committee establishes the company strategy and business objectives.
The risk appetite defines the level of risk the company is prepared to take in the various risk categories, comprising strategic, operational, financial, compliance, and reputational risks. The risk appetite supports priority-setting in risk responses. The Executive Committee decides on the risk appetite, which is reviewed annually.
The Corporate Requirements are our internal rules and regulations, which are defined and maintained by the support functions and GRM. In line with the Code of Business Conduct and the risk appetite, the Corporate Requirements provide:
- Risk-based guidance for managing common business and process risks (‘common controls for common risks’)
- Standards and practices to increase the efficiency of our main business processes and functions
The Corporate Requirements are mandatory for all units, and management is responsible for implementing these as and when applicable.