The success of HUGO BOSS is based on the systematic use of opportunities within the framework of the “CLAIM 5” Group strategy. HUGO BOSS is exposed to a variety of risks. Its risk management system includes all measures of a systematic and transparent approach towards risks. It aims to identify risks at the first possible opportunity, evaluate them adequately, limit or avoid them using suitable measures, monitor and document them. In this context, risks are defined as possible future developments or events, which may lead to negative deviations from the planned operating result. All types of risks are summarized into five categories: external, strategic, financial, operational and organizational risk.
Risk management system
The Managing Board of HUGO BOSS AG has overall responsibility for an effective risk management system. The central task of risk management is to coordinate the implementation and ongoing development of the risk management system. It is responsible for the centrally managed risk management process and is in close contact with the respective central departments and Group companies. There, the relevant risk owners and risk experts are responsible for identifying and evaluating risks, adequately dealing with identified risks, and implementing effective risk mitigation measures. Monitoring the effectiveness of the risk management system is the task of the Supervisory Board of HUGO BOSS. This responsibility is exercised by the Audit Committee of the Supervisory Board with involvement of the Internal Audit department. As part of the audit of the consolidated financial statements, the Group auditor assesses the suitability of the measures implemented in the Company for the early identification of risks to the Company’s ability to continue as a going concern.
Group-wide standards for systematically handling risks form the basis of an efficient risk management system. These are set by the Managing Board and documented in a risk manual that is applicable throughout the Group and available to all employees on the Company’s intranet. All employees of HUGO BOSS are obliged to be aware of the risks posed by their behavior, especially regarding those risks that may threaten the going concern of the Group. The use of modern risk management software allows for recording and evaluating all identified risks, as well as related measures in a uniform way throughout the Group. The risk management system of HUGO BOSS is designed in accordance with the international standard ISO 31000.
The risk management process at HUGO BOSS consists of the four steps of risk identification, risk evaluation, risk handling as well as risk monitoring and reporting.
To ensure risks are identified at the earliest possible stage, the Group continuously monitors the macroeconomic environment, the competitive landscape in the premium and luxury goods industry, and all internal processes. The central risk management supports the risk owners across the Group with regular identification and efficient categorization of risks using a risk catalog, as well as the risk manual that is available throughout the Group.
Risk owners delegate the regular assessment of identified risks to the defined risk experts and give their assessment after a thorough examination. Risk experts are supported by the central risk management.
Likelihood of occurrence |
|
|
|
Extent of financial impact |
||
---|---|---|---|---|---|---|
unlikely |
|
≤20% |
|
low |
|
≤2.5% of planned EBIT |
possible |
|
>20 – 40% |
|
moderate |
|
>2.5 – 5% of planned EBIT |
likely |
|
>40 – 60% |
|
significant |
|
>5 – 15% of planned EBIT |
very likely |
|
>60% |
|
high |
|
>15% of planned EBIT |
Individual risks are evaluated by assessing their likelihood of occurrence and systematically analyzing their possible impact on the planned operating result (EBIT). Interest rate risks and tax risks however are evaluated based on their possible impact on cash flow.
The two valuation criteria of likelihood of occurrence and loss amount/exposure make up the risk matrix. This is intended to create transparency regarding the Company’s current risk situation and support with prioritizing risks. Any net risk as an actual risk potential is defined as the gross risk reduced by the impact of the respective mitigation measures.
Preparing and implementing suitable risk mitigation measures is the task of the respective risk owner. In general, risks are managed in four different ways: risk avoidance, risk reduction, risk transfer to third parties and risk acceptance. One component of risk management is thus the transfer of risk to insurers, which is intended to neutralize the financial impact of insurable risks as far as possible. The costs of the respective measures in relation to their effectiveness are also taken into consideration when deciding how to implement the respective risk management strategy. By working closely together with the risk owners, the central risk management monitors the progress and effectiveness of measures which are in the planning stages as well as those which have already been implemented.
The current status of all identified risks is assessed twice a year. However, depending on their extent, some risks may be assessed at a higher frequency of up to once a month. As part of the risk monitoring, insights into the latest trends are documented, and risk evaluation as well as risk handling are revised if necessary. The continuous monitoring of early warning indicators is intended to allow possible deviations from the budget to be identified at an early stage. Reporting chains and the adoption of appropriate countermeasures defined in advance aim at ensuring a timely response in the event of a risk occurring. Group Management
As part of the regular risk reporting, the risk owners report to the central risk management the risks identified, including the respective likelihoods of occurrence, the potential financial impact as well as the risk mitigation measures. The central risk management aggregates the information reported and regularly presents a consolidated report to the Managing Board and to the Audit Committee. Material individual risks and aggregated risk categories are given particular emphasis. When critical or urgent issues arise, the regular reporting process is supplemented by an ad hoc report.
Assessment of the risk situation by the Managing Board
The individual risks are aggregated using two methods to obtain the most accurate possible overview of the total risk position of HUGO BOSS. On the one hand, the expected loss values of all assessed risks within the five risk categories are added together. On the other hand, the probability distributions of all identified risks are aggregated to form a single probability distribution for a possible total loss by means of a Monte Carlo simulation and thus determining maximum annual loss values. The result of this simulation for fiscal year 2021 shows that, as in the prior year, the Group’s equity is in excess of all simulated risk-dependent loss values, even within the tightest confidence intervals.
The risk management system implemented forms the basis of the assessment of the risk situation by the Managing Board and is regularly monitored by them. Material risks faced by the Company are discussed and evaluated by the Managing Board at regular intervals. While the assessment of individual risks in fiscal year 2021 has changed, the Managing Board was unable to identify any individual or aggregate risks that could jeopardize the continuation of the Company as a going concern at the time this report was prepared.
Illustration of material risk
The risks considered to be material for HUGO BOSS to achieve its targets in fiscal year 2022 are explained below. These are risks that have been assessed in the risk management process as having at least a moderate potential impact. In the previous year, risks with a moderate potential impact were exceptionally not explained in detail against the backdrop of the COVID 19 pandemic and the overall increased sensitivity in the course of the risk assessment. In general, it is possible that further latent risks or risks that are currently estimated as immaterial may negatively impact the Group’s development in the future to more than the stated extent. Irrespective of the measures implemented to manage the identified risks, business activity is always exposed to residual risks that cannot be entirely avoided even by a risk management system such as that implemented at HUGO BOSS.
External risks |
|
Strategic risks |
|
Financial risks |
|
Operative risks |
|
Organizational risks |
||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
Overall economy |
|
Collection |
|
Currencies |
|
Suppliers and |
|
IT |
||||
Politics and society |
|
Brand and corporate image |
|
Taxes |
|
Quality |
|
Personnel |
||||
Environment and health |
|
Investments |
|
Financing and liquidity |
|
Logistics |
|
Governance and compliance |
||||
Competition |
|
Vision and direction |
|
Changes in interest rates |
|
Sales and distribution |
|
Legal |
||||
Product piracy |
|
|
|
Counterparties |
|
|
|
Facilities |
||||
|
|
|
|
Pensions |
|
|
|
Occupational health and safety |
||||
|