2018 Sustainability Report

Risk
management

Securing long-term business viability

Effective risk management is key to ensuring the continued long-term viability of the Group. It is embedded within all of our operating companies. Everyone in the Swire Pacific group has a role to play in risk management. It is essential that we all work together to address the risks to which our Group is exposed.

Sustainability issues are relevant to risk management. They include climate change, political and regulatory risks, and emerging risks such as climate resilience and biodiversity. The Board of Directors and the management of each division are responsible for identifying and analysing the risks (including those relating to sustainability) underlying the achievement of business objectives and for determining how to manage and mitigate such risks.

There are two key management committees which monitor the risks affecting the Group – the Group Risk Management Committee (GRMC) and the Finance Committee. These committees comprise members of senior management and are both chaired by the Finance Director, who reports significant matters to the Board as they arise.

About the GRMC

The GRMC, which is made up of divisional chief executives and managing directors, and is chaired by the Finance Director, reports to the Board via the Audit Committee.

The GRMC:

  • Reviews divisional risk registers, which set out current and emerging risks, including physical and reputational issues that arise from the social and environmental impact of our business decisions and the environmental and social issues which affect our business.
  • Sets group risk management policies and strategies
  • Oversees the committees and working groups which have separate functional responsibilities for risk management

Risk governance structure

Enterprise Risk Management

We use an enterprise risk management (ERM) process to identify, assess, monitor and manage risks. The implementation and execution of the ERM process follows our enterprise risk management policy. The objective of the policy is to ensure that robust and effective risk management systems are in place to enable management to identify, prioritise and mitigate the risks to which our operating companies are and will be exposed. Each division and major operating company is required to implement the ERM process.

As part of this policy, operating companies must regularly submit corporate risk registers and changes in risk profiles to Swire Pacific. To ensure consistency of approach, these registers are prepared using a standard methodology, format and standard risk ranking criteria.

Enterprise Risk Management Framework

Significant sustainability risks

For our company to continue to grow, we must anticipate the risks threatening our development and that of our clients and we must capitalise on new opportunities. We monitor key emerging risks. Early detection helps to protect our business.

Every year, Swire Pacific engages with people inside and outside of the organisation to assess the material risks that might have an impact on its business. The output from that engagement in 2018 is presented below.

Importance of sustainability factors to internal and external stakeholders

In the interactive sustainability risks map, you can filter material issues by the category of the issue or by business and stakeholder priority. The size of the issue displayed corresponds with its importance.

Select sustainability factors

Select importance to the internal and external stakeholders

LOW - Internal stakeholders
LOW - External stakeholders

LOW - Internal stakeholders
HIGH - External stakeholders

HIGH - Internal stakeholders
LOW - External stakeholders

HIGH - Internal stakeholders
HIGH - External stakeholders

Significant sustainability risks

Energy use and GHG emissions
Workplace health and safety
Cyber-security, privacy, and data protection
Environmental impact of products and services
Management of water resources
Plastic, packaging, and product-life cycle impact
Climate resilience
Waste management
Governance
Other
Local development
Labour practices
Product quality and safety
Sustainable consumption
Global regulatory compliance
Talent recruitment and retention
Social impact of products and services

In 2018, we highlighted four potential emerging risks.

Climate change and resilience

Possible impact

Climate change gives rise to significant risks to our business. The risks include the impact of extreme weather events on our physical assets, the financial costs of changing to new sources of energy and the environmental and social impact of greenhouse gas emissions.

Mitigation measures

  • Our climate change policy is in place
  • We have targets for the reduction of our carbon emissions for 2020 and 2030
  • We are using more renewable energy in our buildings, by self-generation and purchasing. In 2018, 12.87 million kWh of electricity was generated from renewable energy sources at Swire Properties, Swire Coca-Cola and HAECO Xiamen
  • We encourage the use of alternative fuels. Cathay Pacific has a minority stake in Fulcrum BioEnergy Inc., a company which converts municipal solid waste into sustainable aviation fuel
  • We assess the risk from extreme weather events to our buildings. We put in place mitigants and resiliency measures intended to ensure the viability of our operations, the safety of our employees and visitors to our facilities, and uninterrupted service for our customers
  • For further details, please refer to the Carbon and Climate resilience sections of this report

Environmental impact of products and services

Possible impact

Regulations affecting and public scrutiny of our products and services and their uses could have an adverse impact on our operations, finances and reputation.

Mitigation measures

  • Waste and water policies are being developed
  • We have carbon emissions and water targets for 2020. We are developing carbon emissions, water and waste targets for 2030
  • We want to work with others to implement circular economic principles and to use alternative materials and techniques with a view to reducing our reliance on primary natural resources
  • Swire Coca-Cola has negotiated a joint venture for Hong Kong’s first plastics recycling facility
  • For further details, please refer to the Waste and Sustainable materials sections of this report

Cyber attacks*

Possible impact

Cyber attacks have the potential to disrupt our business.

Mitigation measures

  • We have in place an information security policy and a cyber incident response plan
  • We audit compliance with our information security policy, provide information security training and conduct information security drills
  • We include data protection obligations in contracts with data processors

* In October 2018, Cathay Pacific announced that it had discovered unauthorised access to some of the passenger data of Cathay Pacific and Cathay Dragon. Immediate action was taken to contain the event and commence a thorough investigation. There is no evidence that any personal information has been misused. The information systems affected were separate from flight operations systems. There was no impact on flight safety.

Health and safety incidents

Possible impact

Health and safety incidents can lead to casualties, property damage, production and service delays, disruption to our business and damage to our reputation.

Mitigation measures

  • Health and safety policies and processes are in place and are reviewed regularly
  • Incidents are investigated, and root causes are identified with a view to determining mitigants
  • A health and safety committee monitors’ divisional health and safety performance and shares information and best practices
  • Divisions have in place emergency response and business continuity plans
  • For further details, please refer to the Health & Safety section of this report

Policy review process

We regularly review our policies relating to sustainability. Where we identify policy gaps, we try to create new policies to guide the Group’s approach. In 2019, we are introducing policies on waste, water and human rights. We are also reviewing and updating our sustainable food policy, our supplier corporate social responsibility code of conduct and our sustainable building design policy.

Policies are developed at the working group level, before review by the Swire Group Sustainability Committee (SGSC) and the GRMC and final approval by senior management including the Chairman. The management of risks and the implementation of sustainability policies are subject to scrutiny by our internal audit department as part of the standard internal audit processes, with support from specialist external consultants where necessary.

Please refer also to the Risk Management section of the Corporate Governance Report in the Swire Pacific Annual Report 2018.