RISK MANAGEMENT AND COMPLIANCE EXPLAINING THE IMPACT The assessment and management of risks associated with PENNY Romania's operations are essential and part of the focused management process at the corporate level. We identify and responsibly manage all business risks, operational risks and risks associated with regulatory compliance on various aspects of the Romanian market. We are very attentive that our operations comply with REWE Group requirements, applicable legal requirements, or specific stakeholder requirements. We identify new opportunities that we address from the perspective of added value in the community. We can only grow the business if we correctly identify the opportunities we can seize but mitigate the associated risks and prevent potential negative impacts. HOW WE CONTROL THE IMPACT By constantly applying precautionary measures in our business, supported by a well-defined risk management plan, both for new services and products currently on the market and for our current business through constant risk reassessments, we manage risks consistently and thoroughly. We allocate resources to properly identify and manage all risks and comply with corporate requirements, applicable legal regulations or specific stakeholder requirements. We manage risks by applying the following steps: z Identification – we consider political, economic, legal, social, technological and environmental factors to identify risks and opportunities z Assessment – we thoroughly analyze in a structured manner the causes and potential impacts of risks z Aggregation – we rate and sort identified risks into different categories according to type and severity of impact and relevance to our business z Addressing – we develop plans and strategies to manage both risks and opportunities z Mitigation – we manage risks through concrete actions to minimize negative impacts OUR IMPACT AND PERFORMANCE IN FIGURES We want to prevent violations of legal and internal company regulations and thus avoid damage to the company as well as personal liability of employees. We have defined standards of conduct that are mandatory for all employees. We have provided all employees with a compliance officer (DCO) for compliance issues. We implement an effective compliance management system and have established a compliance programme that includes a variety of preventive measures in 3 areas of action: z Legal compliance z Compliance z Risk Management General conditions, guidelines and risk management processes are uniform across the group. We aim to successfully counter various economic risks, such as price developments or legislative changes, and ensure sustainable opportunities. We rely on a uniform Groupwide risk management system, where we sort risks according to their potential threat to our business, financial health and earnings, cash flows, reputation and legal endeavors. We are aware of the physical and transition risks posed by global warming. Risks are managed by risk officers who identify, account for and report on the risks identified in the business. We systematically record and assess corruption risks using an IT tool. SUSTAINABILITY REPORT PENNY ROMANIA 2022 78/250 SUSTAINABILITY STRATEGY ABOUT US AND OUR VALUE CHAIN THE FUTURE IS MADE TODAY SUSTAINABILITY HIGHLIGHTS MESSAGE FROM THE GENERAL DIRECTORS CONTENTS SUSTAINABILITY STEP BY STEP
RkJQdWJsaXNoZXIy MTk3NjE0OQ==