Our enterprise risk management is designed to identify and manage uncertainties and risks effecting the Group in the global market place. We seek to identify, prioritise, and manage key risks at all levels of the business to support the Group in better decision making, proper allocation of resources and better and faster utilisation of opportunities that arise.
The responsibility for the governance of risks lies with our Board of Directors. The Audit Committee is appointed by the Board of Directors and on its behalf the Audit Committee monitors the effectiveness of our Group’s risk management and evaluates the design annually. The Executive Board manages the operational part of our risk management and our Executive Management ensures proper and complete reporting to the Audit Committee. Our annual risk assessment for 2019 has been reviewed and discussed with the Audit Committee and subsequently the Board of Directors. The main risk categories identified for 2019 are unchanged from last year and consist of regulatory changes, increasing excise taxes, total market developments and cyber risk. Closely followed by other risks like competitive development. The identified financial risks, including foreign exchange, interest rate, credit and liquidity risks can be found in note 4.2 on page 62-65 in the Annual Report 2019.
The tobacco industry environment is one of continuously increased regulation. With regulatory initiatives governments and health officials aim to affect consumer behaviour, discourage use of tobacco products and control new product development. Regulatory initiatives include significant reporting obligations, bans on tobacco product displays, standardised packaging and bans on certain flavourings.
We engage with regulators and stakeholders to ensureproper insights and knowledge about our productcategories and facilitate reasonable, transparent andbalanced regulation. We have dedicated resources tomonitoring regulatory initiatives and use significant resources preparing for and implementing new andupdated regulations.
A major component of the retail price of tobacco products is excise tax. This component can be changed by national governments and is actively used to increase tax revenue and/or in an attempt to limit tobacco consumption. An alignment of excise tax rates across tobacco product categories would increase the excise and impact the consumer price of our products and negatively impact our sales. Increases and alignments of excise taxes implemented unexpectedly would limit our ability to adjust accordingly for production and sales.
We continuously monitor potential changes to excise taxes on our product categories. We adjust prices to the extent possible to pass on the effect of the increase to consumers, if the market conditions allow. We actively participate in relevant industry associations and in collaboration with trade industry partners we engage in dialogue with regulators to limit the risk of market disruption based on excise alignment and change.
Total market development
The total tobacco market volumes are declining. Although cigar volumes have shown higher resilience than cigarettes in some of our markets, the market for machine-made cigars and pipe tobacco are declining. With presence in over 100 markets around the world, we have a high degree of geographic diversification. Still, a significant and unexpected decrease in demand for tobacco products in one or more of our core markets would negatively impact our Group’s net sales and earnings.
We continue to explore new markets to diversify even further and spread the geographical risk. We continuously monitor the market trends, collect market research data and perform forecasts to project market developments and trends. The trend analysis helps us address adverse market conditions more promptly.
We operate in an environment of cyber security threats that are growing in number and sophistication. Successful attacks might result in business disruption, production stops, loss of image and direct financial loss. Disruptions to our online retail business platforms resulting in these becoming unavailable to customers would impact our sales and profitability. Further, if our business platforms were unavailable, it would keep us from fulfilling engagements and responsibilities towards customers and employees.
Our focus is on implementation of security policies, business continuity management, recovery plans and keeping our defences updated. We monitor and test our cyber resilience and IT enhancements – and we educate our employees in cyber security awareness.