Sabancı Group companies adopted corporate risk management principles in order to maximize the value it provides to its stakeholders, to ensure the sustainability of the Group, to identify and measure risks early, and to monitor them continuously and effectively.
Sabancı Group companies have adopted corporate risk management principles in order to maximize the value it provides to its stakeholders, eliminate or minimize the reasons that may jeopardize the existence, development and continuity of the company that may be encountered while achieving the strategic goals determined under the supervision of the H.Ö. Sabancı Holding Board of Directors. This approach to corporate risk management also ensures the sustainability of Sabancı Group.
The Group manages risk in line with the risk appetite levels/attitudes determined through various aspects by using both quantitative and qualitative metrics. By modeling risks that are prioritized according to their importance and impact, the Group aims to keep them within numerically specified tolerance limits and confidence intervals.
In line with the strategic and financial targets set by Sabancı Group, prioritized risks are handled in accordance with the following risk management strategies: risk avoidance, risk transfer, risk reduction and risk acceptance. The risk management framework includes subtopics such as determination and monitoring of corporate risk management mitigation activities, assignment of staff responsible for activities and cost-benefit analysis for action plans. Risk operation results are evaluated periodically by the Board of Directors of Sabancı Holding, the Early Detection of Risk Committee (EDRC) and the Holding’s senior management.
At Group subsidiary Akbank, risk management is conducted in conformity with Banking Regulation and Supervision Agency legislation, under the responsibility and supervision of the Bank’s Board of Directors. The Board fulfills its oversight responsibility via various committees, such as the Audit Committee, Executive Risk Committee and Credit Committee. The Bank’s risk-taking levels are determined by the risk limits that are approved by the Board of Directors. The Bank’s executive management is responsible to the Board of Directors for carrying out daily activities related to the prescribed risk management processes and risk limits. The Audit Board, Internal Control Department and Risk Management Department, which report directly to the Board of Directors, conduct their respective activities in coordination with the execution units. Nationally and internationally accepted risk models and parameters are used to detect, measure, and monitor risks at the Bank. Internal methods and models are continuously improved and developed to ensure effective risk management. Under extraordinary circumstances, different scenario assessments are made in order to analyze potential risks the Bank might be exposed to; emergency plans are prepared accordingly. A wide range of techniques to minimize risk are used to limit and safeguard against the Bank’s risk exposure.
At the non-financial services companies of Sabancı Group, corporate risks are managed by designated risk management officers and company senior management responsible for risk management processes and activities. These efforts are under the supervision of the Board of Directors and company Risk Committees that report to the Board. Group companies determine potential risks that they may encounter. These risks are ranked according to the probability and the size of the damage that they might cause. Prioritized risks are monitored by each company’s management, the Early Detection of Risk Committee and the Board of Directors in the form of periodic reports. Risk management processes, which include measures to be taken, are determined; implementation and results are closely monitored. Financial, strategic, operational and compliance risks of subsidiaries are also overseen and supervised by Legal, Risk and Compliance Group and the relevant Group Presidents as well as Finance Group at the Holding level.
Sabancı Group categorizes monitored risks under these main headings:
This risk type includes legal penalties, reputation loss or material damage that may arise in case of not complying with or violating applicable laws, rules or regulations, code of ethics, or a company’s internal policies and directives. To support Group subsidiaries in efficiently managing compliance risks within the determined framework, instructional activities are carried out by the Holding’s Legal, Risk and Compliance Group.
This category includes risks that may arise as a result of a company’s financial position and preferences. Financial risks include those caused by FX rates, interest rates, loans, liquidity and capital access.
FX Risk: Within Sabancı Group, futures contracts are used against foreign currency exchange risk if necessary. Furthermore, to prevent any short term volatility that might be caused by FX risk in cash management, loans in foreign currency to be used for long-term investment projects and sectors where it is possible to make foreign currency revenue, or revenue indexed to foreign exchange is preferred. Moreover, our investments are divided into phases and extended over a period of time.
Interest Risk: To efficiently manage the interest risk of subsidiaries, interest rates of financial institutions are tracked.
Group companies are directed to those institutions that provide more reasonable rates. Besides bank borrowings, support is given at the Holding level to issue corporate bonds.
Loan Risk: Loan risk refers to the risk of financial losses arising from the failure of counterparties to meet their financial liabilities to Group companies in accordance with the agreed amounts and maturities. This type of risk is monitored by performing loan assessments as well as managing and monitoring the guarantees received from counterparties. Loan risk is handled centrally, with the support of Sabancı Group companies.
Sabancı Holding’s strategic business line management strategy is designed to focus on sectors where it is possible to create a competitive advantage in highly profitable and sustainable businesses.
Liquidity Risk: Liquidity risk is managed by using various funding methods and financial instruments within the Group and the Holding, regular monitoring of assets, and maintaining adequate cash reserves and cash equivalent assets.
This risk group includes structural risks that may prevent a company from reaching its short-, medium- or long-term goals. Strategic business line management risk is assessed within the scope of strategic risks such as economic and political risks, industry risk, regulation risk, governance risk, reputational risk and intellectual property risk.
At the Holding level, strategic risks are efficiently managed with a long-term dynamic business lines management approach. Sabancı Holding’s strategic business line management approach is designed to focus on sectors where it is possible to create a competitive advantage in highly profitable and sustainable businesses. Efforts are carried out at the Holding level to diversify the strategic business lines according to key criteria, such as sectors, regions, customer profiles, technology content, exports, and the like.
Operational risks are risks that may arise due to the possibility of loss as a result of company business activities and/or the possibility of losses stemming from faults and negligence caused due to failures in a company’s control systems. Operational risks also include company management and staff engaging in improper conduct in terms of time and circumstances; managerial errors; disruption of business continuity due to natural disasters such as earthquakes, fires or work accidents; faults and failures in information technology systems. The Audit Department conducts regular control-related activities of company processes and systems to determine and eliminate these risks.
Damage to information systems, cyberattacks, deterioration of data security, data leaks and failure to ensure business continuity within the Group are critical factors in operational risks. The Group continuously and effectively monitors cyber security risks. As part of cyber risk management efforts within Sabancı Group, risk is mitigated via cyber risk insurance.
Hacı Ömer Sabancı Holding A.Ş. Board of Directors established the Early Detection of Risk Committee with a resolution made on April 25, 2013, to implement the precautionary risk management in publicly traded companies approach stipulated by the Turkish Commercial Code and the Capital Markets Board. The Committee Chairman is Independent Board Member Mr. Mehmet Mete Başol; Committee Members are Board Member Ms. Suzan Sabancı Dinçer, Ms. Serra Sabancı, Ms. S. Gonca Artunkal and Holding General Secretary Mr. Gökhan Eyigün. The Committee Chairman is Independent Board Member Mr. Mehmet Mete Başol; Committee Members are Board Member Ms. Suzan Sabancı Dinçer, Ms. Serra Sabancı, Ms. S. Gonca Artunkal and Holding General Secretary Mr. Gökhan Eyigün. The purpose of the Committee is: (i) to evaluate the early identification, determination of necessary measures, and management processes regarding strategic risks, operational risks, financial risks and compliance risks can jeopardize H.Ö. Sabancı Holding A.Ş.’s existence, development and continuity; and (ii) to inform the Board of Directors about these issues in order to make decisions accordingly. In line with its purpose, the Committee identifies and evaluates the risks Hacı Ömer Sabancı Holding A.Ş. is exposed to, monitors them via a reporting system and follows up the measures taken to counteract the risks. Risks in subsidiaries’ business activities that can impact the Holding’s consolidated financial statements and strategic targets are also monitored by the Holding’s Risk Committee. The Committee convened six times in 2020 and presented its evaluations for the information of the Board of Directors.
Factors related to environmental, social and governance (ESG) pose threats in all risk categories defined in this section and may directly impact the financial performance of Sabancı Group. Efforts are made to ensure that Group companies are well prepared against ESG risks. Group companies receive guidance on taking measures in their business models against the possible impact of these risks.
- To prevent the effects of climate change within the business lines, the Group evaluates key factors such as high greenhouse gas emissions, renewable energy and energy resource management. The impact of risks that may arise from such factors on operational activities are also evaluated by the Group companies. A specific focus is placed on energy efficiency initiatives, investments are made in renewable energy and the use of alternative fuels is encouraged.
- The Group evaluates threats arising from the water crisis taking into consideration the adverse effects on the respective strategic business line and their impact at the operational level. The most critical risks are water shortages, failure to meet water supply in industrial production and operational failures due to lack of water. Sector-specific practices vary between Group companies. As a result, a variety of practices are implemented to reduce water consumption, such as monitoring efforts, repairing leakages in water lines, and collecting and recycling of surface water.
- Business and operational continuity and key personnel risk refers to the loss of experience and knowledge of employees and the failure to recruit an employee with the same level of experience and knowledge. To mitigate this risk, Group companies develop various practices targeted at retaining highly talented and high-performing employees.
- Sabancı Group categorizes the pandemic threat under occupational health and safety risk and a part of business and operational continuity and key personnel risk. Due to the spread of a contagious disease that affects most employees, business continuity may be disrupted and a loss of production may occur. To manage this risk, Group companies undertake various activities such as monitoring of international and national reports and implementing necessary precautions in the business environment.
- Environmental health and safety risk refers to penalties and compensation obligations that may arise due to Group companies’ activities that threaten environmental health and safety, and the adverse impact on the Group’s business operations and reputation. To manage this risk, Group companies dispose all hazardous and nonhazardous wastes in accordance with local legal and regulatory requirements. Air pollutants and waste water are regularly measured and analyzed. Efforts are made to ensure that these values are under legally determined thresholds.
- Occupational health and safety risk refers to potential compensation obligations, loss of reputation and other unexpected expenses that may arise due to the Group’s failure to provide a healthy and safe working environment. To manage this risk, Group companies implement measures such as ensuring ergonomics and safety in the work environment.