Orange Polska is exposed to a range of external and internal risks of varying types which can impact the achievement of its objectives. As a result, Orange Polska maintains the risk management framework to identify, assess and manage risks. This framework has been based on the ISO 31000:2009 standard. Leaders within the Group’s individual business areas and functions are responsible for the assessment and management of risks including the identification and escalation of new/emerging circumstances and monitoring and reporting on the risks and control effectiveness. Events are considered in the context of their potential impact on the delivery of our business objectives.
Orange Polska’s governance and reporting structure for risk management.
Event-based risks are subject to assessment based on their probability and impact in terms of financial, reputational, business continuity and human loss. Indicative heat maps are used to report and evaluate risks. Results of assessment of top risks are reported to the Supervisory Board annually.
Orange Polska’s risk management process.
The TOP risks (aggregated clusters of event-based risks), which are set out in the table on pages 86 and 87 reflect the categories of risks that define business activity or contributing factors where value can be lost or gained and could have a material impact on the business model, future performance, solvency or liquidity of the group. In each case the extent to which management can mitigate the risk is highlighted.
| Risk area |
Main business objective |
Key risks, issues
or areas�of uncertainty |
Potential impact |
Management approach
and mitigation |
Telecommunications services
The inability to provide secure�and adjusted to customer needs telecommunications services.
|
Effortless and friendly customer experience
Unmatched data connectivity for household and business |
- quality and timely delivery of our services to customers,
- dependence on external partners,
- interruption of Orange Polska IT&N infrastructure and services
|
Operational performance problems�or service or asset failures can lead�to additional operating or capital expenditure and/or increased regulatory scrutiny and regulatory penalties.�In more extreme situations the Group could also be fined for breaches of statutory obligations, be subject to enforcement action, be held liable to third parties and sustain reputational damage. |
Orange Polska continuously invests in improving its customer services. The results are measured using Net Promoter Score on a regular basis.
The risk of network and IT breakdown is mitigated by proper development planning, preventive maintenance, implementation of business continuity and crisis management plans and insurance schemes. Orange Polska has been continually investing in the development of disaster recovery solutions. Orange Polska has become the first telecom operator in Poland to obtain an ISO 22301:2012 Certificate for its Business Continuity Management System in the scope of provision of telecommunication and ICT services. |
Security
The inability to protect people, information and assets from malicious�or accidental
|
Acting in effective and responsible manner
Effortless and friendly customer experience |
- cybersecurity
- terrorism
- data protection
- fraud and revenue leakage
|
Our resources, assets and infrastructure are exposed to various threats (malicious or accidental) which could impact the provision of services and/or harm people or commercial businesses.
|
Physical and technological security measures combined with strong governance and inspection regimes aim to protect infrastructure, assets and operational capability. We maintain robust incident response, business continuity and disaster recovery procedures. We also maintain insurance cover for acts of terrorism and sabotage.
|
Health,
safety�and environmental
Potential harm to employees,
contractors, the public or the environment or accidental activity
|
Acting in effective and responsible manner
|
- exposure to electromagnetic fields
- collection of electric and electronic equipment waste
|
Exposure to electromagnetic fields (EMF) from mobile networks raises concerns about possible adverse health effects. Although the Polish EMF limit is much more restrictive than in most of other countries, concerns have been raised regarding the possible health risks linked to exposure to electromagnetic fields from telecommunications equipment (primarily mobile handsets, base stations and WiFi).
|
Management carries out ongoing supervision regarding regulatory compliance, emission levels, as well as to meet other legal requirements in the area of environmental protection. In addition, Orange Polska has implemented an Environmental Management System with respect to mobile voice services provided, which is subject to ISO 14001 certification on an annual basis.
|
Revenues and profits.
The inability to execute and monetise the strategy that would lead to loss of revenues and profits.
|
Unmatched data connectivity for households and businesses
|
- implementation of the Group's strategy
- competition pressure on services and
prices,
- fixed/mobile voice and data
substitution
- Operational Programme "Digital
Poland" and bre infrastructure
development in Poland
- implementation of eSIM technology
|
Poor customer service, and strong competition performed by other market players may prevent us from achieving the revenues and margins stipulated in our strategic plan.
Failure to deliver change programmes against relevant time, cost or quality measures could result in a failure to secure competitive advantage or operating performance ef ciency and cost bene ts.
|
One of our key strategic objectives is to be the convergence leader, providing mobile and xed line service bundles. By addressing the household telecommunication needs in a comprehensive manner and encouraging customers to buy additional services, convergence increases customer satisfaction and reduces churn.
As a customer-centric organisation, we strive to maintain and develop our on-line sales channel and cross-channel initiatives. We also optimise and modernise our sales outlets to align with the market and consumer trends, as this is directly re ected in customer satisfaction and further ef ciency gains.
|
Financial risk
The inability to appropriately finance the
business due to capital, credit, market,
funding, liquidity or tax-related risk
|
Acting in effective and responsible manner
|
- interest rates
- foreign exchange rates
- foreign exchange rates
- future level of investments
|
Orange Polska is exposed to financial risks arising mainly from financial instruments that are issued or held as part of its operating and financing activities. That exposure can be principally classified as market risk (encompassing currency risk and interest rate risk), liquidity risk and credit risk.>Failure to deliver change programmes against relevant time, cost or quality measures could result in a failure to secure competitive advantage or operating performance ef ciency and cost bene ts.
|
We manage financial risks
with the objective to limit our exposure to adverse changes in foreign exchange rates and interest rates, to stabilise cash flows and to ensure an adequate level of financial liquidity and flexibility. a customer-centric organisation, we strive to maintain and develop our on-line sales channel and cross-channel initiatives. We also optimise and modernise our sales outlets to align with the market and consumer trends, as this is directly re ected in customer satisfaction and further ef ciency gains.
|
Regulatory environment
and framework
Potential changes in the regulatory
environment and/or frameworks
|
Acting in effective and responsible manner
|
- retail roaming charges (Roam Like At Home),
allocation of the 700 MHz Band to
- telecommunications services
proceedings by UOKiK and European
- Commission related to network sharing
remuneration for the use of third parties'
- land for Orange Polska's fixed infrastructure
|
Regulatory decisions and changes in the regulatory environment may have an adverse effect on our performance, in particular increasing costs of administration, reducing income and margin. |
We engage in relevant government and regulatory consultations which may affect policy and regulation in the sectors where we operate. We also consult with customers to understand their requirements and proactively consider all the opportunities and threats associated with any potential change, exploiting opportunities and mitigating risks where appropriate.
|
Corporate governance�and
legal compliance
Failure to meet all legal and regulatory
obligations and responsibilities
|
Acting in effective and responsible manner
|
- competition and consumer protection law
- changes in tax regulations
- current material litigation
- EU General Data Protection Regulation
|
We must comply with various regulatory obligations governing the provision of services and products, also relating to obtaining and renewing licences. Certain regulatory obligations result also from the significant market power of Orange Polska on the relevant markets. If Group companies are unable to satisfy the imposed regulatory requirements or fail to meet the requirements imposed by national or community regulations, there is a risk of administrative fines imposed by Polish or EU bodies.
|
Legislative and regulatory developments are continually monitored. Risk-based training of employees is undertaken and we participate in consultations to influence legislative and regulatory developments
|
