Group risk policy
Fortum's Board of Directors annually approves the Group Risk Policy, which sets the objective, principles and division of responsibilities for risk management activities within the Group as well as defines the overall risk management process.
The CEO approves Group Risk Policy appendices, which include instructions for managing commodity market risks, counterparty risks, operational risks, financial risks and insurances. Corporate Treasury is responsible for managing the Group's currency, interest rate, liquidity and refinancing
risks as well as for insurance management. Credit Control in Corporate Risk Management is responsible for assessing and consolidating the Group's exposure to counterparty risks, monitoring the creditworthiness of counterparties and approving counterparty credit limits. Corporate IT is responsible for managing IT information and security risks. There are also corporate units dealing with risks related to human resources, laws and regulation, and sustainability.