RS ToolBar - Versão certa

Navigation Menu

Risk management

Risk management is increasingly present on the agenda of the Executive Board, the Board of Directors, the Audit and Related Parties Committee, shareholders, and Klabin's main stakeholders.  The Company's value proposition on the matter, listed among the goals of the Klabin 2030 Agenda, is to maintain responsible performance and operations, which implies the commitment of the entire team, at all levels, to act in a responsive manner in decision-making processes. 

Klabin’s risk management is based on the following principles: 

Menu gov corp - gestao de riscos - 5 linhas/ lista bullets

  • Protect value: must be associated with sustainable growth;
  • Integrated processes: must permeate the entire Company, allowing the identification and monitoring of risks in all relevant business processes;
  • Continuous monitoring: the risks to which the Company is exposed must be managed continuously and updated periodically, according to their relevance;
  • Transparency and reliability of information: the risk management process must follow the Company's ethical principles and the information provided must be reliable and in compliance with applicable legislation;
  • Uniform culture: the Board of Directors and the Executive Board must exercise their leadership to disseminate the risk management culture at all hierarchical levels, establishing procedures in a coordinated and integrated manner.

Crisis Management

Crises can be classified as any event or negative perception that could harm the Company. In this sense, crisis management has as its main objective the return of normality as soon as possible, in order to reduce the damage through previously planned and described steps. Among the tools used as a form of crisis management, the following stand out:

Menu gov corp - gestao de riscos - 2 linhas/ lista bullets

  • Crisis Management Policy: It gathers guidelines for classifying and evaluating the types of crisis events, and the flow of internal/external communication, according to the severity level of the event.
  • Business Continuity Plan: Klabin's commitment on this front is to have a Business Continuity Plan (BCP) for each of its units, which maps out potential risks, the Company's preparedness to handle them, and the speed to recover operations facing eventual materialization of any of these risks. Contingency simulations were initiated in several units and the implementation of these BCPs is already planned for the short and medium term.

Business Continuity Plan

Another milestone in the advancement of corporate governance in 2021 was the review and approval of Klabin's Risk Management Policy, by the Board of Directors, considering the recent process of creating advisory committees to the Board and the validation of the risk prioritization process. The governing principle of the document is to align the Company’s strategic objectives and structure to best market practices. 

Highlights

Menu gov corporativa - gestao de riscos 1 / Blocos de cards modelsheet

Risk Management and Internal Controls

Klabin has a department dedicated to Risks and Internal Controls, which works in line with Internal Audit and the Information Security and Integrity areas, being responsible for risk management, the General Data Protection Law, process mapping and management of corporate policies and procedures.

Risk Commission

The Company has a Risk Commission, made up of members of the Executive Board responsible for evaluating and managing risk, jointly with Risk and Internal Controls Management.

Audit and Related Parties Committee

The Audit and Related Parties Committee advises the Board of Directors, evaluating the risk exposure control mechanisms.

Risk classification

According to internal methodology, Klabin’s risks are classified into five categories: 

Menu gov corp - GESTAO de riscos / Accordion variation

Strategic

Risks that affect the strategic objectives and can be strongly influenced by external factors, although they are also subject to internal factors. 

Financial

Events that could significantly alter the Company's cash flow, as well as its financial statements and access to capital. 

Operational

Risks related to the Company's infrastructure (processes, people and technology), which affect the operational efficiency and the use of resources. 

Compliance, regulatory and legal

Risks related to possible failures in compliance with legislation, considering laws applicable to the operating sector and legislation in general.

Social and Environmental

Risks arising from acts or events that may result in negative effects on the environment and society, with impacts on the lives of native peoples and communities and protection of human health, cultural property, and biodiversity.

Risk assessment

Risks are assessed according to their level of criticality, defined based on two aspects: impact and vulnerability. The levels of each risk are established according to objective criteria, standardized and validated internally. Ways of dealing with risk situations may be: reduce, transfer and/or share, retain, accept or exploit. 

To ensure that the risks inherent to the Company's activities are identified, evaluated, handled, monitored and communicated, both at the strategic and operational levels, risk management follows the steps described below:

More information about cyber risks in Technology and information security.

See Klabin’s Risk Management Policy for data on the company's governance and other information related to the topic.

See GRI indicators 102-11, 102-15, 102-19, 102-20, and 102-30 in the ESG Panel.