Risk Report
Risks and Opportunities
In the course of its business activities, the Beiersdorf Group is exposed to a multitude of risks and opportunities. These risks and opportunities result, among other things, from its activities that seek to develop and make use of opportunities to improve the company’s competitiveness. Risks and opportunities encompass specific events and developments with a certain probability of occurrence that may have material negative or positive financial and non-financial effects on the achievement of the Beiersdorf Group’s objectives. Beiersdorf uses an integrated risk and opportunity management system to identify and evaluate material risks at an early stage and to consistently limit them using counteractive measures. This system is coordinated at Group headquarters.
Integrated Risk and Opportunity Management System
The risk and opportunity management system at Beiersdorf is an integral part of the central and local planning, management, and control processes in the individual companies, management units, and regions, at Consumer and tesa Business Segment levels, and at Group level. Risk and opportunity management is complemented by the accounting-related internal control systems, the various internal and external monitoring bodies – supported by Internal Audit – and external auditors. Compliance management, which is also relevant in this context, is described extensively in the chapter “Non-financial Statement.”
Risk and opportunity management is closely aligned with corporate strategy and helps Beiersdorf to identify its potential and to analyze and make optimal use of this potential while always taking risks into account. Regularly performing analyses of customers and the competition, for example, enables a swift response to dynamic market developments. Specific market opportunities and risks are derived from the information obtained.
Beiersdorf actively incurs risks only if there is a corresponding opportunity for an appropriate increase in value, and only if they can be managed using established methods and measures within the relevant organization. In cases where the full avoidance of risks is not possible or reasonable, risks are mitigated using appropriate measures, or are transferred to third parties such as insurance companies.
Within the risk management process, periodic inventories are carried out to identify, evaluate, document, and subsequently communicate the material risks in a structured way along with the measures to manage these risks. The corresponding principles, reporting and feedback processes, and responsibilities are laid out in a directive that applies across the Group. This is updated regularly.
Beiersdorf distinguishes between strategic, functional, and operational risks. Strategic risks encompass fundamental frameworks, developments, and events that could have a substantial impact on the Group’s business model or its business segments. Functional risks are challenges inherent to the business model. The various specialist functions generally work at the global or regional level to counter these risks, with sustainable actions relating to the design of operational and organizational structures as well as with specific individual measures. The opportunities and risks associated with climate change are also particularly integrated into strategic and functional risk management. Operational risks and opportunities are those that may influence short-term sales and profits of our corporate affiliates.
Appropriate observation periods are assigned to these risk categories. A period of five years generally applies for strategic risks. For functional risks, the period is two years as a rule, and for short-term operational risks one year.
In the Group’s internal risk reporting, individual risks are uniformly presented by positioning them on a so-called risk radar. The various fields of the radar reflect, in summarized form, the relevant areas for the company both inside and outside the Group that may give rise to risks. The graph on the previous page (Beiersdorf risk radar) shows the structure of the risk radar for strategic risks.
For each category, the risks are also classified based on their probability and the potential financial and non-financial impact of their occurrence. The likelihood of occurrence and impact of risks are determined on a net basis, assuming risk-mitigation measures have already been implemented or at least specific plans for them exist.
The Executive Board and supervisory bodies are regularly updated on the risk situation at Consumer and tesa Business Segment levels and at Group level. Besides this, direct lines of communication ensure that suddenly occurring material risks are also reported immediately to management. Continuous information sharing with the Corporate Development function additionally encourages the consideration of risk aspects in the support provided to management. Central risk management is also in constant communication with the task forces on key issues such as the war in Ukraine or the continuing global COVID-19 pandemic.
A new body – the Corporate Risk Board – was created during the reporting period to advise the Executive Board. It consists of the heads of important, mostly globally responsible corporate departments comprising multiple areas of responsibility (Marketing, Quality Management, Internal Audit, Communication, Sustainability, Group Accounting, IT Security, Legal). The task of this body is to collate the various risks – both those already known and those newly identified by the Corporate Risk Board – using a broad-based approach and to analyze them in depth and present them in summarized form. By bringing together many different perspectives, it will provide Beiersdorf with important collective intelligence, further improving and complementing the existing analysis of material risks.
As in the previous year, in analyzing the material risks and opportunities, the Executive Board and Supervisory Board looked in depth at the comparison of the qualitatively and quantitatively aggregated risk portfolio with the also updated total financial risk-bearing capacity. The aim was again to determine whether there was any need for a change in the overall assessment of the risk situation (see below) on this basis.
To ensure maximum transparency and accountability, Beiersdorf’s financial risk-bearing capacity is calculated based on average net liquidity (see the “Net Assets” section). The available free cash flow to be used for the development of net liquidity in the multi-period perspective is adjusted solely for the previously deducted investments in securities and effects from past M&A transactions. The calculation of risk-bearing capacity is therefore based on a very conservative approach as it deliberately does not take into account potentially significant short-term increases in our liquidity, which could be used in actual crisis situations.
These increases could include, for example, new and/or increased credit lines, the release of hidden reserves, the sale of fixed assets, individual business units, or own shares from our portfolio, the temporary suspension of dividend payments, or the reduction of planned investments in the market or in maintaining/expanding our fixed assets. Lastly, for net liquidity and cash flow, we have used only the average for the last five years rather than the higher recent figures for 2022.
As a result of comparing the risk situation with risk-bearing capacity, it can be concluded that, over the relevant observation period of the next two years, the current risk portfolio, revalued during the reporting year, would still not give rise to a financial situation even remotely endangering the Beiersdorf Group’s continued existence, even given the full and simultaneous occurrence of all the individual risks.
Description of the Material Risks and Opportunities
Strategic and functional risks and opportunities
Given the newly emerging and in some cases substantially worsening global economic and political environment in 2022, we comprehensively reviewed our assessments of the strategic risks. As a result of this review, we have refined some of the risk definitions and increased our estimates of the risk levels in quantitative terms compared with the previous year. In addition, in line with our more cautious approach, we have currently completely removed opportunities beyond our medium-term planning from the quantitative net calculation of the risk portfolio. We have also removed some risk aspects, which we regard as part of the day-to-day challenges we continuously face as part of our business model, from the definition of strategic risks, since these are generally already captured by our financial planning. These include, for example, recurring disputes with retailers over pricing and diverse attacks on our brands and products by competitors, and, in particular, the defense of our trademarks and product claims.
Maintaining and increasing the value of our major consumer brands with their broad appeal remains of decisive importance to Beiersdorf’s business development. The trust of our customers and, in particular, of the consumers of our products, is essential to this and cannot be taken for granted. We have designed our risk management system to fully justify this trust and to provide enduring, successful protection to the value of our brands. We continuously review our internal processes in all areas of the company in order that we can respond appropriately, correctly, and effectively to any events that could harm or threaten our reputation. Combined with the activities described below in relation to the quality of our products and overall market image, we expect this to help prevent any potential reputational problems from escalating into critical issues. This applies equally to our brands and to our company as a whole. Among other things, our extensive operational and communication measures in relation to sustainability, diversity, and other aspects of Corporate Social Responsibility (CSR) enable us at the same time to categorize risks to the reputation of our brands and our company as only significant and improbable overall.
As part of the refined classification of strategic risks in this annual report, we have introduced clearer differentiation in relation to the changing behavior of our customers and particularly of consumers. Very different measures are needed to successfully respond on the one hand to growing expectations around digitalization, and on the other hand to the requirements, based on public expectations, that we face in relation to environmental protection, sustainability, and good corporate governance (ESG requirements).
We further expanded contact opportunities in the reporting year, especially with our end consumers. To this end, we use a growing number of e-commerce and social media platforms and address people directly through our own websites. We also use an ever more diverse range of tools, including very well received initiatives enabling direct contact and dialogue with our senior management. In addition, we support our direct retail partners in a variety of ways by continuously expanding options for digital dialogue, combined, for example, with links to each other’s websites.
Alongside other sustainability criteria, we particularly follow the debates on avoiding certain packaging and raw materials. This includes closely monitoring the European Green Deal. We are continuing our plastics cycle strategy, announced in 2021, along with our efforts to develop and use sustainable packaging and applications. We are also reinforcing the awareness among our employees and managers through extensive reporting on the varied local and company-wide activities relating to the environment, sustainability, and our clear commitment to diversity and inclusion, from local environmental protection campaigns in various international subsidiaries to a company-wide sustainability summit.
Despite the differences referred to above, we continue to regard risks from changes in consumer behavior due to advancing digitalization and constantly growing public expectations of us with regard to environmental protection, sustainability, and our conduct as a corporate citizen as critical and probable.
The management focus on the sustainable success of our market activities ensures that – in terms of brands, products, and regions – we invest in promising markets. To this end, we actively screen new business areas and selectively invest in start-ups (including so-called accelerator programs), allowing us to quickly capitalize on specialist expertise in research and development. However, our concrete planning only includes already tangible results. Here, too, we consider additional market opportunities beyond our planning to be possible; however, we have removed them from our calculation of the net risk portfolio as part of a cautious approach.
The global political situation further worsened – in some cases majorly – during the reporting period. In particular, the war in Ukraine and the constraints still associated with the effects of the pandemic, supplemented by tensions in the Chinese-European and American-European relationships, are hindering further development in some of the markets where we work. We have included in our planning our best estimates of the specific negative impacts but regard the associated residual risks as critical and very probable.
There are procurement risks relating to the use of services and to the availability and delivery reliability of raw materials, packaging materials and other inputs, natural resources, and energy as well as to their further heavily increased cost in the reporting period. These risks are countered by continuously monitoring our markets and suppliers as well as by using appropriate contract management. We also carefully manage the scope, timing, and frequency of our individual purchases. Strategic partnerships are an important element of actively managing our supplier portfolio, as are internal programs designed to ensure the agility of the supply chain as a whole and its resilience to disruption. In addition, we are intensively seeking potential cost reductions throughout the value chain as part of the continuation of our broad-based “value engineering” project. Aside from the expectations already included in our planning, we regard the additional strategic and functional risks in relation to availability and price trends on the procurement side as critical or major but improbable overall.
As part of the review of our strategic risks, we have now combined the risk from threats to our IT system and the IT systems of our direct business partners with other unavailability of or problems accessing critical infrastructure, which have similar repercussions. These include various IT-related issues such as partial or complete failure of the internet as well as, for example, restricted options for physical transport.
We again successfully defended ourselves in 2022 against direct and indirect attacks on our own IT systems by further improving our infrastructure, increasing the use of cloud services while further standardizing our application systems in all areas, and implementing a host of mechanisms for secure mobile working from home. Our IT and production sites relevant to value creation, for example, are also equipped with emergency power generators and autonomous energy generation systems, which can at least partially cushion any power cuts. We categorize risks from this area to Beiersdorf as merely significant rather than critical, but still regard them as probable.
In a further partial overhaul of our risk classification, we have now combined various external risks from constantly increasing regulatory requirements. This relates both to tighter rules on the use of certain raw materials and packaging as well as, for example, the development of constantly growing information and documentation requirements in relation to data protection and consumer contacts. We tackle the first of these challenges through research and development work, which we support in an effective and forward-looking way through specialized regulatory affairs functions, enabling us, for example, to respond promptly to a potential sudden ban on certain ingredients by using suitable alternative formulations. Nevertheless, we cannot completely rule out the risk that, despite all the above precautions, we might not be able to replace them in our formulations promptly, and, as usual, we cautiously assess this risk as probable, albeit only significant, in accordance with our classification criteria.
We are also helped by our data protection system, which has already been in successful, Europe-wide use for several years and helps us continuously ensure safe handling of our company’s sensitive data as well as that of our business partners and consumers, such as when developing and using our social media presence or creating new software solutions. These efforts are complemented by clear internal rules of conduct, transparent management structures, extensive training and monitoring activities, and, in the case of data protection, further work on global roll-out. We continue to regard these risks as merely significant and as improbable.
Partnerships and other contacts with universities enable us to build early links to qualified potential new employees, for whom we have special trainee programs to prepare them for a career at Beiersdorf. Our uniform global talent management process identifies and develops talented specialists and management personnel at all levels and supports the appointment of qualified staff in key positions throughout the company as these become vacant. Beiersdorf is well known as an attractive employer, and we reinforce this with a range of credible activities in relation to diversity, corporate citizenship, sustainability, and other topics. Risks in the context of our global recruitment activities currently do not constitute a material risk for us. Given, among other things, the demographic trend and the general threat of skilled labor shortages, we will monitor the issue very closely and are taking a range of appropriate measures to keep Beiersdorf positioned as an attractive employer.
We counter the risk of bad debts through detailed monitoring of our customer relationships and active receivables management. Our trade credit insurance, which was overhauled in the previous year, continues to mean that we can offer protection on a global basis and on very good terms while also making use of high-quality risk assessments. Currency, interest rate, and liquidity risks are subject to active treasury management based on a global directive. They are managed and hedged centrally to a very large extent, considering the specific requirements for the organizational separation of the trading, settlement, and controlling functions. In light of this, there is no significant risk potential in this respect either.
Potential default risks relating to the investment of the Group’s liquid funds are limited by only making investments with defined reliable counterparties. Counterparty risk is monitored daily based on ratings and the counterparties’ liable capital as well as continuously updated risk indicators. These parameters are used to determine maximum amounts for investments with partner banks and securities issuers (counterparty limits), which are compared with the investments actually made throughout the Group. We have invested most of our liquidity in low-risk investments (such as government/corporate bonds and Pfandbriefe). The investment strategy, which is documented in writing, is regularly agreed with our internal supervisory body and with the Supervisory Board. Given the general increase in volatility, we currently consider market risks from the investment of our free liquidity as significant but as improbable in light of our measures described above.
Our financial risk management is characterized by the clear allocation of responsibilities, central rules for limiting financial risks as a matter of principle, and the conscious alignment of the instruments deployed with the requirements of our business activities. Specific, additional information on the extent of the currency, interest rate, default, and liquidity risks described above can be found in Note 29 of the notes to the consolidated financial statements, “Additional Disclosures on Financial Instruments, Financial Risk Management, and Derivative Financial Instruments.”
Short-term operational risks and opportunities
The war in Ukraine and the global COVID-19 pandemic have brought economic disruption, volatility, and shortages in important procurement, transport, and sales markets for us. As in many other areas, this remains the main factor when analyzing and quantifying operational risks. In particular, the continued increases in material prices and their still not entirely predictable future development represent a significant challenge for our margins and profitability. However, it is our assumption that the individual Group companies, based on their market observations, have planned for the anticipated key effects in such a way that additional significant risks beyond those already considered can continue to be regarded as improbable from today’s perspective.
The general risk of a pandemic has been included in our functional risks for many years along with the corresponding measures. The assessment of potential severe consequences from last year has not changed in the reporting period, and occurrence remains improbable.
The key net operational risks currently remaining arise exclusively from legal and tax proceedings and from tax audits, as in the previous period. These risks are prudently quantified by both internal and external experts to the extent possible. Assessing the course and outcome of legal disputes is associated with considerable uncertainty. Based on the information currently available, no material charges are expected for the Group that would be considered probable.
Further information and details on the extent of the risks described here can be found in Note 30 of the notes to the consolidated financial statements, “Contingent Liabilities, Other Financial Obligations, and Legal Risks.”
Monitoring of risks and opportunities
Formal monitoring of the strategic and functional risks, including corresponding mitigating measures, takes place once a year at board division and full Executive Board level and subsequently in the Audit Committee of the Supervisory Board. Along with adherence to our risk policy principles, this naturally feeds into every business decision taken at the various levels of our company.
In addition to the above monitoring, operational risks and opportunities are continuously monitored as part of the financial planning, forecasting, and reporting process at the local, regional, and central level. This ensures that all sales and earnings effects regarded as relatively likely are directly and appropriately incorporated into our financial reporting, taking into account the measures implemented and planned (e.g., recognition of provisions). This is supplemented by a monthly review of key financial figures for the Group companies, led by the Group Controlling function together with Risk Management, Internal Audit, and other relevant controlling functions. The review is designed to enable potentially critical developments to be addressed swiftly and precisely with those involved and corrective action to be initiated where appropriate.
The latest information on risk development is thus also fed into the management and planning systems of the corporate units regularly throughout the year and becomes part of the decision-making and control processes. By directly integrating the risk inventory and planning process, the risk management system is continuously developed further, and risk awareness is embedded throughout the company.
Summary of the Risk Situation
Compared with the previous year, there has been no fundamental change in our assessment of the likelihood of occurrence of the material risks, either individually or as a whole. Although we have in some cases appreciably increased our estimates of the potential financial impact should these risks materialize, there is no overall need for qualitative repositioning specifically for strategic risks.
Even considering the updated estimations, there is currently no fundamental change to our assessment of the overall risk situation. As in the previous year, this assessment was substantiated by comparing the current quantitatively and qualitatively aggregated total risk portfolio with the very conservatively calculated risk-bearing capacity of the Beiersdorf Group. Risk-bearing capacity has slightly increased, partly due to the Group’s further improved liquidity position. This analysis has confirmed Beiersdorf’s view that, at the current time, neither the Beiersdorf Group nor individual segments of the business are exposed to any risks that could endanger their continued existence.
Accounting-related Internal Control System
The aim of the accounting-related internal control system is to implement appropriate principles, procedures, and controls to ensure the correctness and reliability of accounting and financial reporting in the financial statements and management report of the Beiersdorf Group and Beiersdorf AG in line with the legal regulations and relevant accounting standards.
The scope and orientation of the internal control system have been shaped by the Executive Board based on the Group-specific requirements. The accounting-related internal control system consists of the following components: control environment, risk assessment process, control activities, information, communication, and monitoring.
An analysis was used to identify the items and positions containing the material risks for the financial statements. The underlying processes were then assigned to these. Preventive, monitoring, and detective measures designed to ensure security and control in accounting, information processing, and the operational functions have been defined Group-wide for these processes. Among other things, the measures include the separation of functions, manual and IT-based approval processes using the dual control principle, IT checks, access restrictions and authorization concepts for the IT system, and systems-based processes for handling Group accounting data. These measures are updated regularly.
Internal and external shared service centers provide uniform handling of the core accounting processes at Beiersdorf AG and most of its affiliates. In some cases, they achieve this with the help of fully automated processes. Standardized IT systems are used to support financial reporting for the affiliates included in the consolidated financial statements and consolidation. Procedural instructions, standardized reporting formats, and IT-based reporting and consolidation processes support financial reporting.
The consolidated financial statements are based on accounting directives specified by Beiersdorf AG. These guidelines are updated on an ongoing basis through continuous analysis of the relevance and impact of changes in the regulatory environment.
The accounting process and compliance with the control requirements and accounting directives by the companies included in the consolidated financial statements are also regularly reviewed and adjusted if necessary.
It remains the case that even putting in place appropriate, effective systems does not guarantee the correct, complete, and timely recording of information in the accounts with absolute certainty. It is impossible to entirely rule out personal judgments, erroneous controls, criminal acts, or other circumstances. Should these occur, they could limit the effectiveness and reliability of the internal control system.
Adequacy and effectiveness of the internal control and risk management systems1
In addition to the accounting-related processes, risk early warning and monitoring systems, and related controls, all of which are continuously and systematically audited by internal audit, both centrally and locally, Beiersdorf also has extensive internal rules, regulations and processes in all areas (including interdepartmental processes) material to ensuring proper and legally compliant operations (e.g. in R&D, production and logistics, quality management, and marketing and sales, and especially in the innovation process, which involves practically all corporate functions). The rules and regulations are regularly communicated and updated as appropriate. Compliance with them is monitored and training continuously provided. We have also developed data collection and control mechanisms for sustainability aspects. The Executive Board deals with the monitoring and control of these systems on an ongoing basis, also in close consultation with Internal Auditing. The Executive Board is regularly advised and monitored by the Audit Committee of the Supervisory Board on issues relating to the appropriateness and effectiveness of the internal control system, the risk management system and the internal auditing system. This has not recently resulted in any significant need for adjustment or improvement with regard to these systems. Beiersdorf therefore has no reason to believe that there are inadequate or ineffective internal control and risk management systems in the relevant business areas or in relation to the relevant topics.
Independent Monitoring
The supervisory bodies and the Internal Audit department are integrated into the Beiersdorf Group’s internal control system with audit activities that are independent of the Group’s operations. Internal Audit systematically evaluates the integrity of financial accounting, the effectiveness of the accounting-related internal control system and of the risk and opportunity management system, and compliance. As a process-independent organizational unit, it uses a risk-based approach to reviewing the business processes, the systems and controls that have been put in place, and the financial accounting of transactions. The audit findings are used for ongoing enhancement of the company’s management and of preventive and detective controls. A standardized monitoring system was introduced in 2022, enabling implementation of the controls to be globally monitored, initially in the order-to-cash and purchase-to-pay core business processes. Use of the system will be further refined and expanded in 2023.
In accordance with § 317 (4) HGB and § 91 (2) AktG, the Group auditor also evaluates the effectiveness of the risk early warning and monitoring system. Internal Audit and the Group auditor regularly report the audit results to the supervisory bodies.
The Audit Committee of Beiersdorf AG monitors, in particular, the accounting process and the effectiveness of the internal control system, the risk management system, and the internal audit system. Alongside standard reports, in-depth analyses on fundamental and/or currently relevant issues are regularly used for information purposes.
1 This section of the Combined Management Report is not subject to audit requirements.