For Flughafen Zürich AG, risk management is a key factor for successful company management. Comprehensive risk management ensures that risks are approached systematically and given due consideration. It guarantees transparency with respect to all the internal and external risks associated with the company’s business activities as well as continuous monitoring and improvement of the risk situation.
RISK MANAGEMENT AND REPORTING TOOL
Zurich Airport’s risk management system is the tool used to manage corporate risk and consists of the following components:
- Risk policy objectives and principles
- Risk management organisation
- Risk management process (method for managing risk)
- Risk reporting
Auditing and review of the risk management system
The risk management organisation forms the backbone of this system and includes the following units and functions:
Board of Directors, Management Board and Chief Risk Officer
The Board of Directors and Management Board have the overall responsibility under Swiss company law for ensuring the group’s existence and profitability. The Board of Directors is responsible for overall oversight of risk management. The Chief Financial Officer also acts as the Management Board’s Chief Risk Officer.
Risk Management & Insurance department
The Risk Management & Insurance department is run by the Risk Manager, who reports to the Chief Risk Officer. This department supports the line units in all matters relating to risk management and is responsible for risk reporting as well as the operation and ongoing development of the risk management system.
Line units (divisions and departments)
As part of their function, the line units also bear responsibility for risks in their respective division or department and manage them within the framework of the risk management system (risk-owner-concept).
In consultation with the Risk Management & Insurance department, the specialist units perform specific risk-related cross-divisional functions within the group (liquidity management, occupational safety, information security, fire prevention, contingency planning, etc.).
In risk reporting, Flughafen Zürich AG describes in detail the most important business risks it has identified and assesses the probability of occurrence as well as their potential operational and economic impact. Along with defining responsibilities, a plan of action is drawn up with specified target dates and outlining how the risks can be minimised. The risk management organisation continually monitors implementation of the defined measures. The risk report is presented to the Management Board and the Board of Directors twice a year.
Flughafen Zürich AG’s compliance management system is another key component of its comprehensive risk management strategy. The aim of compliance management is to systematically identify, understand and comply with the applicable statutory requirements as well as with internal corporate guidelines and ethical principles.
A review of compliance with the relevant laws, guidelines and principles is conducted in around 30 different areas, each of which is supervised by a specialist who is the process owner. Within their areas, process owners are responsible for (1) precautionary measures such as providing information, guidelines and checklists to line managers and individual employees; (2) performing the checks required for compliance audits; and (3) systematic reporting. The ultimate responsibility for compliance with laws, guidelines and principles lies with line management. A broadly based Compliance Steering Committee headed by the Chief Risk Officer monitors consistent and uniform implementation of compliance management procedures.
On behalf of the Chief Risk Officer the risk management organisation produces a comprehensive biannual compliance report based on information provided by the process owners. This report covers all areas and is submitted to the Management Board and the Board of Directors.