14. Enterprise Risk Management (ERM)

Under the Enterprise Risk Management Policy, based on the standard of »The Institute of Risk Management«, each year a tool is used to prepare risk assessments by Business Units, Service Units and Regions to assess threats that will impact the achievement of the objectives set for Clariant overall. These objectives are a result of the overall strategy of the group as set by the Board of Directors and implemented by the .

The Executive Committee is responsible for monitoring the risk assessments for relevance and consistency.

The objectives are set in the fourth quarter of the year. These objectives, threats and opportunities are subject to scrutiny by the Executive Committee during meetings with each Business Unit. Also reviewed and discussed are proposed measures to reduce or contain threats. In that context, mitigation measures are defined and responsibilities are assigned. All are required to report significant changes to existing identified risks and new threats and opportunities as they arise.

Risk Registers are maintained using financial, operational and reputational impact and probability assessments to score and rank all identified risks. The assessment also addresses the measures in place to manage the risk identified with dates for completion of the measures. Effectiveness of the measures is also assessed.

When threats have been identified and quantified, they are delegated to qualified individuals who are required to deliver effective risk management. Depending on the nature of the risk identified, specific skill sets may be required for the management of those particular risks. The assessments are shared between the stakeholders on a regular basis.

A consolidated risk assessment is submitted to the , the Audit Committee, and the Board of Directors for review. In case of new or changed risks reporting is accelerated.

Summaries of risk assessments from the Business Units, Regions, and Service Units are shared with key managers of Clariant.

To support functional responsibility, certain functions have access to risk assessments to assist them in their roles. Examples of such functions are Environmental Safety & Health Affairs (ESHA) to identify key sites for their property risk survey program, Corporate Auditing, and Group Procurement.

Examples of identified risks included in the risk register:

Regulation and Compliance: Clariant is subject to many rules and regulations as well as standards. These include chemical industry, country, government and customer requirements as well as the European Union’s (EU) Regulations on Registration, Evaluation, Authorization and Restriction of Chemicals (REACH) or similar regulations in other countries. Clariant Product Stewardship is responsible to ensure that all relevant legal requirements are met. Certain specific matters are delegated to Legal, ESHA and logistics functions.

Sites and Locations: This includes manufacturing plants and equipment important for the production of Clariant products for sale to customers. Also addressed are country and culture issues that could create threats and opportunities to business objectives. The aim is to maintain high quality production facilities. ESHA and Regional Services are responsible for the management of the associated risks.

Economic Development: The achievement of corporate targets depends on economic development which is therefore continuously monitored in all markets. Should a market not develop in line with expectations, the organization will be adjusted accordingly.

Digitalization: Long-term success may depend on the success of digital initiatives. Lack or failure of digital initiatives may result in missed opportunities and lead to long-term competitive disadvantage. Therefore Clariant invests in various digital initiatives.

Executive Committee

Management body of joint stock companies; at Clariant the Executive Committee currently comprises four members. VIEW ENTIRE GLOSSARY

Stakeholder

Stakeholders are people or groups whose interests are linked in various ways with those of a company. They include shareholders, business partners, employees, neighbors, and the community. VIEW ENTIRE GLOSSARY

Executive Committee

Management body of joint stock companies; at Clariant the Executive Committee currently comprises four members. VIEW ENTIRE GLOSSARY

Compliance

Compliance is a key element of Corporate Governance. It refers to compliance with the law and directives as well as with voluntary codes within the company. VIEW ENTIRE GLOSSARY

FURTHER READING