Risk management
Understanding and managing risk
As a responsible company, ArcelorMittal cannot afford to take a casual attitude to risk. At the same time, effective and forward-thinking approaches to risk management can help turn potential issues into business opportunities, while safeguarding our people, reputation, assets and profitability for the future.
ArcelorMittal has adopted a Risk Management Policy that complies with local legal requirements and promotes a decentralised approach: it encourages the development of local initiatives and faster decision-making processes. The risk management cycle, ultimately overseen by the Board, is deployed and works in 4 steps: it covers identification of potential events that could prevent realising the objectives set, assessment, treatment and monitoring of all potential risks, which are categorised into business risk, event risk, financial risk, and operational risk.
The framework established is inspired from the recommendations of the Committee of Sponsoring Organisation of the Treadway Commission (COSO I and II), the Institute of Risk Management, based on AIRMIC1, ALARM2, IRM standard works (2002), the Australia and New Zealand standard 4360 (AS/NZ 4360 - 1999), the AMRAE3, the RIMS4 and other internationally respected advisers on risk management. Its implementation is supervised on a day-to-day basis by the Corporate Risk Management team, reporting to the Group Management Board.
Significant risks are reported by the different businesses and functions on a regular basis. Once a month we collect good and bad risk management practices. This reporting is designed to give a feedback about significant events that occurred during the month, analysed from a risk management perspective: root causes and decisions taken to avoid further replications. Every quarter the reporting units update the risk registers: assessment, future trend of the risk and the commitment to additional mitigation actions. The quarterly report is presented to the Group Management Board and the Audit Committee. A detailed review of all our risk registers takes place as part of the annual budgeting process.
1AIRMIC: Association of Insurers and Risk Managers (UK)
2ALARM: The National Forum for Risk Management in the Public Sector (UK)
3AMRAE: Association pour le Management des Risques et des Assurances de l'Entreprise (FR)
4RIMS: Risk and Insurance Management Society (US)