RISK MANAGEMENT AND COMPLIANCE EXPLANATION OF THE IMPACT Proper risk management and legal compliance are basic conditions for the activity of any legal entity. By inadequately addressing this material aspect, negative impacts can be generated for the company, which can range from the loss of financial resources to paying potential fines or manage crisis situations, to damage to the company's reputation that can lead to a decrease in turnover and jeopardizing existing partnerships. On the other hand, the correct management of this material aspect allows the identification of development opportunities, which can bring added value to the company. HOW WE CONTROL THE IMPACT We implement management systems that allow us to approach both dimensions of the material aspect in a structured way: the Compliance Management System (CMS) and the Risk Management System. Both systems are supported by training programs, adapted for each category of employee, and by information systems, specific procedures, standards of conduct that are mandatory for all employees. This complex material aspect is addressed through 3 areas of action: z Legal compliance, which refers to compliance with the legislation in force in all areas applicable to our activity z Compliance, which refers to topics such as corruption, fraud, antitrust, but also to the correct implementation of the directions established at Group level z Risk Management, which involves identifying, evaluating and managing risks and opportunities, aligned with the directions established at Group level Legal compliance is managed by the Legal Department, Compliance aspects related to GDPR, money laundering/ fraud, anti-competitive practices are managed by the Compliance Department, and the Risk Management dimension is managed by those responsible for the Compliance, Strategy and Project Management and Controlling Departments, being a complex dimension applicable to all departments. OUR IMPACT AND PERFORMANCE IN FIGURES We continued the risk identification and management processes and identified 46 risks for the reporting year, of which 43 with a probability of occurrence of up to 20%. To mitigate these risks, we have defined 115 actions, 50 of which are unique actions that were applicable to several risk categories. In addition, to ensure legal compliance, compliance, and reduction of certain risks, in 2023 we organized training sessions on legal compliance and compliance topics totaling 2 552 hours, in which 1 989 PENNY employees participated. Our training programs are developed to ensure the correct management of the material aspect by all our employees. However, in 2023 we were sanctioned with fines totaling 0.06% of the turnover of REWE (România) S.R.L.. SUSTAINABILITY REPORT PENNY ROMANIA 2023 90/256 MESSAGE FROM THE GENERAL DIRECTORS SUSTAINABILITY STRATEGY AND GOVERNANCE ABOUT US AND OUR VALUE CHAIN ABOUT THE REPORT THE FUTURE IS MADE TODAY SUSTAINABILITY MILESTONES CONTENTS
RkJQdWJsaXNoZXIy MjUyMDg2Nw==