Strong Risk Management
Risk Management process
Sound risk management is one of Loomis’ most important success factors. Given Loomis’ history and the nature of the service offering, the Company has extensive experience in managing risk and takes a structured and proactive approach throughout the organization – at both the local and central levels. Well-managed risk can create opportunities and add value to the business, while risk that is not efficiently managed can cause negative incidents and losses.
Loomis’ systematic risk management is an ongoing and iterative process. The risk environment changes over time and it is therefore necessary to continuously revisit, update and identify new risks.
Loomis’ systematic risk management is an ongoing and iterative process. The risk environment changes over time and it is therefore necessary to continuously revisit, update and identify new risks.
Three line governance model
Loomis applies a three-line governance model for the division of risk management roles and responsibilities.
-
First line - Risk Ownership and Management
Operational management is responsible for implementing and maintaining effective risk management, internal controls and for executing risk and control procedures on a day-to-day basis.
The control environment forms the foundation for internal control and risk management by creating the culture and the values in which Loomis operates. The internal control structure includes Loomis’ core values and how authority and responsibility structures are communicated and documented in governing documents, such as internal policies and instructions. The Board has adopted a number of policies for areas of key importance for Loomis. They are evaluated and updated annually or when there is a need or requirement.
Group Management is responsible for identifying, assessing, and managing risk, and for implementing and maintaining risk control systems in line with the policies adopted by the Board. Each segment and country management team is responsible for ensuring that there is a process in each country aimed at promoting risk awareness. Branch managers and individuals responsible for risk management in each country are to ensure that risk management is an integral part of local operations at all levels in the country’s organizational structure. -
Second line - Supporting and Monitoring Risk
Loomis has established independent support and control functions with the task to support management and oversee the work of the first line on risk management and compliance in order to ensure that risks and controls are effectively managed.
The second line consists of the risk control function, the compliance function and the steering committees for data privacy and information security.
-
Third line – Independent Risk Assurance
Internal Audit is the Board’s tool to ensure that the Company follows the established corporate governance model and framework, and complies with external requirements.
The internal audit function assists the Board and Group Management in achieving corporate objectives and discharging their duties and responsibilities by bringing a systematic and disciplined approach, providing independent assurance that Loomis’ risk management, governance and internal control processes are operating effectively.
The internal audit function is responsible for performing audit work throughout the Group, covering a vast span of processes and projects, providing insight how Group entities are performing, areas for improvement and how to prepare for the future.