Risk Management
39
Distribution channel transformation
Information security
Digital transformation
Increased scrutiny and expectations
of society on multinationals
Introduction
Sustainability
Review
Other
Information
Financial
Statements
Report
of the
Supervisory
Board
Report
of the
Executive
Board
What could happen?
Public and employee scrutiny of HEINEKEN, should it not
conform to society’s expectations to mitigate our potential
negative impacts on the world and maximise our positive
contribution, can lead to significant reputational damage
to the Company or to the brands.
Recent developments
Stakeholder expectations, including those of employees,
towards companies, their Environmental, Social and
Governance (ESG) strategies and performance, are on the
rise. Companies also face growing pressure to increase the
positive contribution they make, including measures to
address societal and environmental issues, and to share
consistent and transparent information that allows
stakeholders to assess their sustainability performance and
benchmark them versus peers in their industry.
Explore further: Our EverGreen strategy, page 9.
Raise the bar on sustainability and responsibility,
pages 18-22. Stakeholder engagement and
materiality, pages 134-135. Climate-related risks
assessment (TCFD analysis), pages 136-142. Brew
a Better World 2030 strategy, page 143. World
Economic Forum core metrics and disclosures,
pages 172-177. Other climate-related disclosures,
page 178-181
What could happen?
The digital disruption is creating new routes to customers
and consumers/shoppers, which is potentially a threat if we
would be disintermediated and lose connection to
transactions and consequently visibility on customer and
consumer data.
Explore further: Become the best-connected
brewer, pages 23-26
Explore further: Become the best-connected
brewer pages 23-26
What are we doing to manage this risk?
The Digital and Technology Function, with representation
on the Executive Team, has the objective to deliver business
value through digital transformation of our route-to-
consumer, while modernising and simplifying our data and
technology landscape across all operating companies.
Programme Management and portfolio management is
put in place to ensure prioritisation, de-bottlenecking and
value delivery across both the entire value chain and
Operating companies. The Digital and Technology
Function also continuously scans the external market for
upcoming opportunities and threats as well as new
technologies.
What could happen?
In recent years, HEINEKEN has engaged in several
significant digital transformation programmes. Our large
number of operating companies and fragmented data
and technology landscape represent specific challenges to
these programmes. Furthermore, the pace of change (e.g.
disruptive technologies such as (Gen)AI) is constantly
increasing. These strategic transformation programmes
may not deliver the expected benefits or may incur
significant cost or time overruns.
Recent developments
The world becomes more digital, and more
(inter)connected. Data is more and more an asset and
technological developments and its opportunities quickly
evolve. HEINEKEN will need to continue to develop its
capabilities to stay engaged with its consumers, seamlessly
serve its customers and ensure its processes are as efficient
as possible.
Explore further: Become the best-connected
brewer, pages 23-26
Heineken
N.V.
Annual
Report
2023
Recent developments
HEINEKEN’s digital footprint is expanding rapidly, in line
with the strategy to become the best-connected brewer.
Our Company is and will be more connected with our
customers, consumers, suppliers and employees than ever.
Attacks are becoming more sophisticated and potential
consequences are more punitive and destructive in nature.
A growing number of attacks, most notably increasing
cases of malware and phishing, are actively blocked by our
Cyber Defense Operations (CDO) team. Geopolitical
tensions have led to an increase of hacktivism as well as a
slow increase of cyber warfare activities. Both will increase
the likelihood of a cyber incident. We observe an increase
in cyberattacks on our customers as well as key suppliers
leading to security of supplies concerns.
On top of this, regulations continue to place stricter
security requirements on data processing by HEINEKEN
and its ecosystem of partners.
What are we doing to manage this risk?
HEINEKEN has accelerated digitalisation in both
fragmented trade and more traditional Retail eCommerce.
For fragmented trade we have shaped a clear vision,
strategy and organisational set-up which is structured
around the customer. We call that the Unified Customer
Ecosystem (UCE). The goal is to create a seamless
experience for our customers which will result in a
strengthened customer relationship and better visibility on
what happens at the moment of purchase. The
acceleration has resulted in significant scale of transactions
on our owned digital platforms giving us in many markets
an online leadership position. We are also constantly
improving our e-retail capability level through clear
playbooks and training methods. This supports our
ambition to be the number one partner of choice for our
retail partners.
What could happen?
HEINEKEN’s business increasingly relies on technology,
both in the office environment and in the industrial control
domain of its breweries. Failure of our systems as well as
cybersecurity incidents could lead to business disruption,
loss of confidential information, unauthorised access to
our data, as well as a breach of data privacy regulations. All
of this might lead to financial or reputational damage.
Recent developments
New B2B and B2C players continue to enter the market
although this has slowed down following increased
financing cost. Some key consumer packaged goods
players, including major competitors in our category, are
accelerating their investments. Major online retailers
continue to strengthen their omnichannel strategy, owning
on- and off-line retail. Electronic point of sales systems are
increasingly used to collect and leverage customer and
consumer data.
What are we doing to manage this risk?
Cybersecurity remains a top priority within HEINEKEN. All
functions collaborate closely to act promptly and aligned in
case of cyber incidents at HEINEKEN or one of our
suppliers or customers. The portfolio of cybersecurity
initiatives, which is evaluated regularly, is executed to
address cybersecurity threats in both our office systems
and Industrial Control Domain. Our Cyber Defence and
Operations teams monitor and act upon cyberattacks
24/7 globally.
Our main focus is to enhance the resilience of the current
and future technology landscape of HEINEKEN, while
continuously increasing employee security/privacy
awareness. Mandatory trainings on Information Security
are in place for all employees.
What are we doing to manage this risk?
At HEINEKEN we are raising the bar. Our Brew a Better
World 2030 strategy consists of three pillars and nine
ambition areas. Each ambition area contains one or more
concrete and measurable goals.
Brew a Better World remains our foundation and our
framework for working with others. Our strategy raises our
ambitions on climate and water action. We continue our
efforts to support the social agenda and promote
moderate consumption of alcohol.
The Green Diamond continues to guide us towards ‘what
winning looks like’: we aim to strike the right balance
between short-term delivery and long-term sustainability,
between top-line growth and overall stakeholder value
creation. ‘Sustainability and Responsibility’ is one of the
four priorities alongside growth, profitability and capital
efficiency.
We disclose our sustainability performance in a combined
Annual Report, on our website and via social media
channels. HEINEKEN monitors trends and developments in
the ESG area across the globe, to make sure we respond
adequately and in a timely manner to increasing societal
expectations.