Relevant GRI Indicators

Key risks 2021

Key risk

Description

Risk consequence

Example of risk mitigation actions

Strategic risks

 

 

 

Industry shifts and market developments

Link to strategic objective1):

             

Changing competitive landscape with decreased demands for certain products or segments and an increased demand for a sustainable offering.

  • Long-term trends away from fossil fuels, affecting the demand for current products and trending towards, e.g. electrification
  • Structural changes in the industry, leading to changing market dynamics
  • Changes in the balance in customer value chains towards more digital solutions

The inability to reach strategic objectives long term, leading to lower growth or lower financial performance.
  • Ensure alignment of M&A strategies with strategic targets and risks
  • Strong focus on business development and continued investment in R&D in identified strategic areas
  • Focus on increasing aftermarket share of business
  • Expansion in high-growth market segments such as round tools, electrification and automation

Macroeconomic developments/change management/demand readiness

Link to strategic objective1):

Our ability to adapt to macroeconomic developments and be agile in our cost base and business models.

  • A potential global economic crisis leading to demand increase or decrease
  • Changes in market conditions for key segments such as automotive and aerospace
  • Significantly increasing pricing on key commodities such as electricity or transportation

The inability to plan long term, leading to less agile business, higher costs or price models, causing lower financial performance long term.
  • Close monitoring of relevant key risk indicators
  • Contingency and trigger plans in place to react to change in demand
  • All businesses are working with strong cost control and cost flexibility
  • Specific tools for flexibility in costs, such as time banks, flexible employee/consultant ratio, satellite production

Regulatory change and Geopolitical development

Link to strategic objective1):

   

Geopolitical development, increased protectionism or changes in trade laws. Changes in the chemical legislation and/or stricter sustainability requirements.

  • Regulatory changes that result in significant differences in industry regulations
  • Political upheavals in countries where we do business
  • Localization/increased taxes requiring local presence
  • Changes in regulations around core areas such as cobalt or energy

The inability to quickly respond to new regulations leading to higher costs, fines or the inability to continue manufacturing certain products. Can have a negative reputational impact.
  • Active monitoring of changing regulatory landscapes, often through business associations such as Swedish Steel Producers’ Association, the Swedish Association of Industrial Employers, the Cobalt Institute and the International Tungsten Industry
  • Follow geopolitical development with focus on risk countries, adapt to local regulations and increase local sourcing and manufacturing

Business risks

 

 

 

IT failures and/or
Insufficient IT security

Link to strategic objective1):

   

Major IT incident causing significant downtime in critical operational IT systems or services. Incident could be caused by cyberattack resulting also in ransom demand and reputational loss.

  • Failure of IT systems supporting order for delivery or services needed to access these

Inability to deliver products or services on time to customers or timely information to other stakeholders, leading to lower financial performance or negative financial impact due to fines

Mitigating actions are identified, most of them addressed within the Group digital security improvement program

  • Risk review of critical business applications and risk-based network segmentation
  • Improved resilience of business critical systems and services
  • Security and privacy by design concept implemented
  • Continuous awareness training

Business interruptions and Supplier and sourcing management

Link to strategic objective1):

       

Unforeseen major disturbance/failure in production or supply chain.

  • Shortage of components, freight capacity and energy/electricity supply issues
  • Production site exposure to weather events, machinery breakdown, fires or pandemic resulting in inoperative distribution center or production unit
  • Lack of availability or high dependency on single suppliers

Inability to deliver products or services on time to customers or timely information to other stakeholders, leading to lower financial performance or negative financial impact due to fines.
  • Business continuity planning implemented to ensure ability to successfully respond to a disruptive event and continue business operations on an acceptable level
  • Preventing property losses is an integral part of the day-to-day business across Sandvik. Risks must be documented with established action plans for risks that are not acceptable
  • Multisourcing of key components to safeguard production and delivery to customers

Information and data protection

Link to strategic objective1):

   

Leakage of confidential information and unstructured content management for internal systems as well as external platforms.

  • Control of sensitive and critical information
  • Identity management processes
  • Control of access rights
  • Control of supplier access to systems

Can lead to business critical information being made available to unauthorized individuals or organizations.

Main mitigations are through Group digital security programs and the projects for identity and access management as well as resilience.

  • Implementation of information protection system
  • Application security monitoring of shared systems

M&A transaction or integration

Link to strategic objective:

           

Non-delivery on the business case and appropriate integration of acquired targets.

Our growth targets for the coming years are dependent on us delivering on our M&A strategy. Failure in this area could have a major impact on our growth objectives and financial performance.
  • Continuous improvements of pre- and post-acquisition procedures and tools including revised follow-up process
  • Focus is on follow up and ensuring resources available for integration and business leverage

Technological shifts and talent attraction, employee retention

Link to strategic objective1):

       

New and evolving technologies or technological demands leads to the need to attract new talent in key competence areas (digitalization, electrification, sustainability etc.).

  • Inability to keep up with the changing market technology
  • Lack of competence to grow existing business in new areas

The inability to reach strategic objectives long term, leading to lower growth or financial performance. A general risk of losing competitiveness and business position on the market with a special risk focus if not being able to take a strong position in the digital area fast enough.
  • Strong focus on R&D as well as proactive business development and M&A activities
  • Monitoring of new technologies and customer segments
  • Partnerships with key partners and research centers
  • Strategic focus on technological development, close to the customers
  • Identify key competences we need to attract for our digital offer
  • Development plans for employees to meet future needs (competence shifts)
  • Benchmark and implement modern compensation and benefit practices that are attractive to future employees

Non-compliance

Link to strategic objective1):

       

Breach of anti-bribery, anti-corruption, competition or anti-trust laws, General Data Protection Regulations (GDPR) or trade compliance.

  • Export controls
  • Sanction and embargo noncompliance
  • Environmental incidents within own operations
  • Not meeting compliance requirements related to competition law, anti-bribery and corruption
  • Many acquisitions requiring on-boarding of new entities into the Sandvik compliance system

Worst-case scenarios show high financial impact due to fines in multiple markets. Can have a major negative reputational impact if risk were to materialize.
  • Compliance House, a system that enables the business to control and understand the status of compliance in our four compliance programs: Anti-bribery and Corruption, Competition Law, Data Privacy and Trade Compliance
  • Audit including follow-up on findings
  • Work instructions for customs and export control compliance
  • Compliance coordinator network
  • Compliance incident reporting database
  • Systematic training for employees in identified risk positions, all employees have completed training in Code of conduct
  • The Sandvik Way, our governance framework, includes Group policies, Group procedures and other steering documentation

Product development, product support and insufficient IT security

Link to strategic objective1):

       

Lack of security in digital offering life cycle

  • Digital offerings to Sandvik customers mean new risks, both in the digital offerings as well as in the backend IT systems

Risk of compromising data and automation systems with negative reputational and financial impact. Risk of exposure to Sandvik internal IT systems.
  • All business areas/divisions are identifying the risks associated with their digital offering and taking appropriate actions to mitigate these risks
  • IT security in new product development process within the mining business implemented and a digital offering security strategy being set
  • Security & privacy by design concept developed at Sandvik Machining Solutions

1) Strategic objectives:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Shift to growth

Digital
shift

Sustainability shift

Customer’s first choice

Employer of choice

Agile through cycle