25
Risk Management (continued)
Execution and change
management
Reporting
Non-compliance
Report of the
Report of the
Financial
Sustainability
Other
Introduction
Executive Board
Supervisory Board
Statements
Review
Information
Heineken N.V. Annual Report 2017
Operational risks
What could happen
In the last years, HEINEKEN has engaged
in several significant business improvement
projects. The large number of operating
companies and their varying level of
integration represent a specific challenge
to these projects. These strategic
transformation programmes may not
deliver the expected benefits or may incur
significant cost ortime overruns.
Recent developments
The Group portfolio of global projects now
contains more than 40 programmes and
has supported the implementation of new
capabilities in the area of finance, supply chain,
procurement and human resources, thereby
serving HEINEKEN's efficiency targets and key
risk mitigation.
What are we doing to manage this risk
By taking a portfolio approach, applying
consistent project methodology and
governance, and placing ownership of each
of them attop management level, HEINEKEN
is able to prioritise and optimise resource
allocation across its major projects to ensure
they deliver on their objectives.
Reporting risk
What could happen
Historically HEINEKEN has grown its
footprint organically and through mergers
and acquisitions, which had led to a diverse
landscape of processes and systems and a
low level of centralisation. Deviations from
the common accounting and reporting
processes and related controls could
impairtheaccuracyofthefinancialand
non-financial data used for Group reporting
and external communication.
Recent developments
Since 2015, HEINEKEN has engaged in a
substantial process and IT simplification and
standardisation project, which will help to
achieve further efficiency gains while delivering
fast and robust reporting, continuously
strengthening its control environment.
What are we doing to manage this risk
HEINEKEN has implemented a common Risk
and Control Framework across its operating
companies which includes standardised
internal controls on financial reporting,
common accounting policies and standard
chart of accounts, periodic mandatory training,
and active monitoring of critical access and
segregation of duties conflicts. In 2017,
HEINEKEN evolved its governance around
non-financial data to further improve the
quality of the data reported under its
Brewing a Better World programme.
Explore Further:
- Reporting basis and governance of non-financial indicators,
pages 148-149
Compliance risk
What could happen
Changes in the legal and regulatory
environment tend to increase the risk
of non-compliance to local and global
laws and regulations. Failure to comply
with applicable laws and regulations
could lead to claims, enforcement and
reputational damage.
Recent developments
Across many geographies, law enforcement
has become more systematic than in the
past, in particular with regard to anti-bribery
and corruption, competition and data privacy
laws, and human rights. This leadsto an
increased risk of being subject to allegations
of violations of laws and regulations.
Over the years, HEINEKEN has constantly been
looking to enhance its internal compliance
system and resilience to the changes of the
legal environment.
What are we doing to manage this risk
HEINEKEN has embedded legal compliance
in its risk and controls system, and has
established processes and governance to drive
implementation and compliance with the
Company Rules and its HEINEKEN Code of
Business Conduct.
Explore Further:
-Values and behaviours, pages 146-147