The revised version of the Risk Management Policy of the “Latvijas dzelzceļš” Group (the Group) entered into force on October 5, 2020. It sets out the basic principles of risk management and elements of the risk management process in the Group, as well as the division of responsibilities between SJSC “Latvijas dzelzceļš” (the Parent Company) and the subsidiaries of the Parent Company (Daughter Companies) in implementation of the Policy.
The purpose of the Policy is to ensure uniform risk management in the Group in order to establish uniform requirements for risk management in accordance with international standards, good corporate practices and the relevant laws and regulations of the Republic of Latvia.
Basic principles set out in the Risk Management Policy:
- Risk management in the Group is implemented taking into consideration that operations of the companies of the Group and attaining the goals of the Group is associated with risks, and systemic risk management contributes to the achievement of the goals of the companies of the Group. It reduces the likelihood and impact of risks occurring or ensures that the likelihood and impact of such risks does not increase. Effective risk management contributes to timely anticipation and prevention of potential damage to the reputation, financial condition and operations of the Group or a company of the Group. It also ensures compliance with legal requirements and good governance practices.
- The risk management process is a continuous and regular process of strategic importance in the Group.
- Risk management is planned, implemented and improved in accordance with the medium-term operational strategies of the Parent Company and the Daughter Companies.
- Risk management in the Group and the Daughter Companies is based on the principle of three lines of defence: primary risk management (first line of defence), supervision and control of the risk management process (second line of defence), and independent assurance (third line of defence).
In order to ensure effective risk management, the Group’s risks are divided into risk categories that combine similar or related risks in terms of potential consequences – security risks, operational risks, financial risks, legal risks, as well as strategic risks.