OTE Group has developed an Enterprise Risk Management (ERM) System that supports Management in its strategic decisions, through the identification, evaluation, communication and management of enterprise risks.
In this context, the OTE Group ERM System defines the strategy for monitoring, response and management of enterprise risks, in order to:
The OTE Group ERM System is based on the COSO ERM standard and the ISO 31000:2009 "Risk Management - Principles and Guidelines" standard, while its main objective is to safeguard the smooth operation and the future corporate success of OTE Group. The OTE Group ERM System is certified according to ISO 31000 Standard, both in Greece for OTE and COSMOTE, and in Romania for Telekom Romania & Telekom Romania Mobile.
At OTE Group, Risk Assessment is a structured process for risk identification, analysis, evaluation and management of enterprise risks, in order to ensure better decision making by the company's competent bodies and that appropriate mitigation has been developed to address these risks and monitor the implementation of relevant measures.
In this context, a common Risk Assessment methodology is being applied to all risk assessments that are being performed by business units, with specific criteria for risk evaluation and assessment, in accordance with the requirements of the Standard ISO 31000 and based on the unified ERM OTE Group methodology. The same methodology is also being used in order to determine the risk impact and severance of each material topic, concerning the evaluation and analysis of material sustainability issues (Materiality Analysis) for the Group. The results of all individual risk assessments performed by business units and Group subsidiaries are included in the OTE Group Corporate Risk Register, for the systematic analysis and monitoring of enterprise risks, facilitating and supporting the implementation of effective risk management practices.
The OTE Group Enterprise Risk Management Framework is illustrated in the following figure:
Τhe Business Unit of Executive Director Compliance, Enterprise Risk Management & Insurance OTE Group, which is responsible for the planning and adoption of the ERM System, reports directly to the Company's Board of Directors. The Business Unit is, inter alia, responsible for the maintenance and continuous monitoring of the OTE Group Corporate Risk Register, which is the central repository of all Group risks.
For the implementation of the ERM System, Risk Managers have been designated at the business units as well as at the Group subsidiary companies. The tasks of Risk Managers include the reporting and monitoring of the risks managed by their business units / subsidiary companies of the Group, in compliance with the OTE Group ERM methodology.
Moreover, the OTE Group Compliance, Enterprise Risks & Corporate Governance Committee has been established. The main purpose of the Committee is to support and monitor the implementation of the Compliance Management (CMS), Risk Management (RMS) and Corporate Governance Systems.
In this context, the Committee supports the Executive Director Compliance, Enterprise Risk Management & Insurance OTE Group on compliance, enterprise risk management, corporate governance and human rights issues, reviews the periodic Compliance and Risk reports by assessing the completeness, correctness and accuracy of the relevant reports and notifies accordingly the Company’s Audit Committee and the Board of Directors.