Risk management
For Flughafen Zürich AG, risk management is a key factor for successful company management. Comprehensive risk management ensures that risks are approached systematically and given due consideration. As well as providing transparency over the main internal and external risks associated with the company’s business activities, it enables continuous monitoring and assessment of the risk profile.
Risk management system
Risk management and reporting tool
Zurich Airport’s risk management system is the tool used to manage corporate risk and consists of the following components:
- Risk policy objectives and principles
- Risk management organisation
- Risk management process
- Risk reporting
- Auditing and review of the risk management system
In this context, the Board of Directors and the Management Board have overall responsibility under Swiss company law for ensuring the group’s continued existence and profitability. The Board of Directors is responsible for overall oversight of risk management. The Chief Financial Officer (CFO) acts as the Management Board’s Chief Risk Officer.
The central Risk Manager reports to the CFO as Chief Risk Officer and stipulates minimum requirements for decentralised risk management at line management level. The central Risk Manager is responsible for risk reporting as well as for the operation and ongoing development of the risk management system.
The Management Board members are each responsible for the risks that could arise primarily in their respective divisions. They bear responsibility for identifying, assessing and managing the relevant risks (risk owner concept).
In consultation with the central Risk Manager, other departments perform their specific risk management procedures themselves, such as safety management, liquidity management, occupational safety, information security, fire prevention and contingency planning. The same goes for Flughafen Zürich AG’s international subsidiaries. The key risks to Flughafen Zürich AG are then incorporated from these into central risk reporting. This describes the business risks, responsibilities and measures in detail, along with an assessment of their probability of occurrence and potential impact. Implementation of the measures is continually monitored. The risk report is presented to the Management Board and the Board of Directors once a year.
Compliance management
Flughafen Zürich AG operates a compliance management system as a component of its risk management, the aim being to systematically identify, acknowledge and comply with the applicable statutory requirements as well as the internal corporate guidelines and ethical principles based on those requirements.
For this purpose, the processes at Flughafen Zürich AG are structured into cross-divisional clusters, each of which is supervised by a specialist (process owner). This specialist is responsible for training line managers within the process cluster. The process owner also performs the checks required in the context of compliance audits and reports to the central Compliance Manager. Ultimate responsibility for compliance with laws, guidelines and principles lies with line management. A broadly based Compliance Steering Committee headed by the Chief Risk Officer monitors consistent and uniform implementation of compliance management procedures.
Issues from compliance reporting that could give rise to significant risks for Flughafen Zürich AG are incorporated into risk reporting.
Once a year, the central Compliance Manager produces a comprehensive compliance report on behalf of the Chief Risk Officer which is based on information provided by the process owners. This report is submitted to the Management Board and the Board of Directors.