The main document regulating the area of risk identification in the Budimex Group is the Risk Control and Management Policy in the Budimex Group. It is supported by a number of instructions and procedures governing specific aspects related to the risk identification process. The risk identification system in the Budimex Group consists of the annual, semi-annual, quarterly and monthly reviews. The Budimex Group identifies risks in order to take them into account in building its development strategy. They constitute an important factor in its definition, therefore, in accordance with the currently adopted direction of the Group’s development, the aim is to diversify the order portfolio as widely as possible to be able to ensure constant growth of the Budimex Group’s profitability.
Table 4. The following significant risks were identified in the review of risks for 2022
| Risk | L.P. Risk Risk description | Risk mitigation methods | Risk trends |
|---|---|---|---|
| Downturn in the construction market in Poland | Possible postponement or reduction of funding for infrastructure and railway investments. High inflation. Increase in construction production costs. Increase in fuel and energy prices. | Expansionin to new foreign markets. Diversificationo f activitiesi n Poland,e ntry into new areaso f activities,i ncludingt he renewable energy market. |  |
| Climate changes | Risks associated with the global climate change. | The analysis of climate risks has resulted in ongoing actions by Budimex directed at minimising is negative
impact on the climate, including:
|  |
| Regulatory changes in the area of ESG and compIiance | The organisation’s need to adapt to EU directives in its areas of activity. | Structures have been established and responsibilities have been defined in the implementation of ESG activities. Budimex monitors changes regarding ESG reporting on an ongoing basis. |  |
| . Cyber threats | The risk stems from the global escalation and increasingly sophisticated forms of cyber attacks. | Implementation of actions based on ongoing risk assessment. Building employee awareness. Implementation of a security operations centre (SOC). Implementing security based on Microsoft cloud solutions. | |
| Occurrence of a serious/fatal accident | Specificity of the business. | The Budimex Group has implemented an Action Plan concerning the prevention of accidents. It determines the framework for actions aimed at appropriate dissemination of knowledge of OHS issues and implementation of best practices in this area. There is ongoing monitoring ofcompliance wrth health and safety procedures on contracts. Digitisation of control. Implementing the Risk Radar tool to identify contracts potentially at risk of accidents. | |
| Loss of goodwill | Carrying out projects that have a significant impact on the environment and hinder the daily lives of local communities. | Building a communication strategy, identifying stakeholders and key communication channels. Proactive response to reputation and image threats emerging online. The Company’s diligent compliance with its obligations to keep the market updated on significant events concerning the company which are relevant from an investor point of view. Developing various forms of stakeholder dialogue. | |
Background under the arrows: risk level taking into account the control mechanisms in place:
Year-on-year risk trend:
risk increases
stable risk
risk decreases
Polski