Risk management

Doing business involves risk. It’s our ambition to be a successful and respected company through managing risks as an essential element of our corporate governance and strategy.

We continuously strive to foster a high awareness of business risks and internal control to provide transparency in our operations.

The Board of Management and Executive Committee are responsible for managing the risks associated with our activities and the establishment and adequate functioning of appropriate risk management and control systems (see Statement of the Board of Management in the Leadership section).

Risk management framework (graphic)

Risk management framework

Our risk management framework is in line with the Enterprise Risk Management – Integrated Framework of COSO and the Dutch Corporate Governance Code. It provides reasonable assurance that our business objectives can be achieved and our obligations to customers, shareholders, employees and society can be met.

For more information on our risk management framework, visit: www.akzonobel.com/risk-management-framework

Risk management in 2019

Risk management is a company-wide activity, under the responsibility of the Board of Management and Executive Committee, and we focus on the areas of major risk exposure.

During 2019, we held a significant number of enterprise risk workshops across the organization. Risk scenarios identified are prioritized by responsible management teams and functional experts and adequate mitigating actions are defined.

We consider risk assessment and mitigation a continuous process which is carried out against the background of an evolving risk landscape that includes short, medium and longer term challenges.

The table below summarizes the major risk factors for the company in the foreseeable future. The symbols represent management’s assessment of risk development compared with the previous year.

Risk has been assessed to increase.

Risk has been assessed to remain fairly stable.

External – Strategic

Internal – Strategic

  • Global economy and the geo-political context

  • Strategic moves in our value chain


  • Organic growth

  • Innovation, identification and successful implementation of major transforming technologies

External – Operational

Internal – Operational

  • Information technology and cybersecurity


  • Management of change

  • Analytics and big data


External – Compliance


  • Complying with laws and regulatory developments



External – Strategic

Global economy and the geo-political context

The unpredictable world’s geo-political situation and the highly competitive markets in which we operate require our ongoing attention to protect our financial performance.

Mitigating actions

  • Continued focus on operational cost and complexity reduction
  • Deployment of commercial and procurement excellence programs
  • Geo-political assessment as part of investment decisions and medium-term operational planning

Strategic moves in our value chain

An accumulation of strategic moves (horizontally and/or vertically) could impact our competitive position and/or increase the vulnerability of operations.

Mitigating actions

  • Competitive intelligence analysis of (new) competitors, customers and suppliers
  • Secure freedom to invest through strategic alignment with shareholders and other stakeholders
  • Identify opportunities for M&A, based on strategic rationale

External – Operational

Information technology and cybersecurity

Our longer-term IT strategy means we increasingly rely on fewer consolidated critical applications. With the number of digital business transactions on the increase, the non-availability of IT systems – or unauthorized access – could have a direct impact on our business processes, competitive position and reputation.

Mitigating actions

  • System (ERP) consolidation to increase robustness of digital landscape
  • New security standards for industrial control systems
  • Lifecycle planning for key applications
  • Embedding a cybersecurity culture (training, awareness creation)
  • KPI definition around vulnerability management
  • Deployment of information protection in the new generation workplace

External – Compliance

Complying with laws and regulatory development

As a global player, we are exposed to increasingly stringent laws and regulations covering a growing range of subjects (such as environmental releases, human rights, competition law).

Mitigating actions

  • Fostering an open and transparent culture, continuously educating and training
  • Implementation of a Business Partner Compliance Framework
  • Define ambitious standards in /dust emission/energy control systems
  • Operate under state-of-the-art safety requirements for our manufacturing and sites

Internal – Strategic

Organic growth

Market leadership in those parts of the world where our markets are growing is one of the cornerstones of our strategy. A global presence, in combination with locally tailored go-to-market models, is an essential ingredient to success.

Mitigating actions

  • Clear BU strategic mandates to deliver on growth opportunities
  • Deployment of commercial excellence programs
  • Digitally driven marketing
  • Investment in sales capability

Innovation, identification and successful implementation of major transforming technologies

Our leadership positions and future success are underpinned by investment in research, the adoption of major transforming technologies and continuous development of the talents and skills of our people.

Mitigating actions

  • Funding for technology road maps and innovation strategies
  • Investing in promising venture funds
  • Partnering with innovative startups (Paint the Future)
  • IT resources to support the business in new technology applications

Internal – Operational

Management of change

Our Winning together: 15 by 20 ambition is transforming the company. At the same time, we also recognize the risks associated with change, as well as the need to invest in building an organization structure which encourages and embraces change, while balancing opportunity and managing risk.

Mitigating actions

  • Set up a Transformation Office to support adoption of new organizational model
  • Global Process Owners to implement standard solutions across the company
  • Reward system to set desired behavioral changes in motion and keep momentum
  • Launch of organizational health initiatives and periodic tracking of progress
  • Range of programs to attract and retain talent
  • Updating internal authority procedures and our control framework to reflect changes in roles and responsibilities

Analytics and big data

In order to utilize data analytics and “big data” to support even better decision-making, we recognize the need to invest in an appropriate organizational structure and governance framework with common standards, methods and tools to deliver insightful information across the company.

Mitigating actions

  • Risk and mitigation ownership with an empowered community of Global Process Owners
  • Define master data quality standards and priorities
  • Extended set of key controls

Volatile organic compounds.


Research & Development.