Risk management

Well-managed risk-taking lies at the heart of our Performance Ambition to be one of the best performing, most trusted and respected consumer products companies in the world. Great risk management drives better commercial decisions, protects our assets and supports a growing, resilient, and sustainable business.

Our approach

We believe that effective risk management starts with the right conversations to drive better business decisions. Our primary focus is to identify and embed mitigating actions for material risks that could impact our current or future performance, and/or our reputation. Our risk management efforts aim to be holistic and integrated, bringing together risk management, internal controls and business integrity, ensuring that our activities across this agenda focus on the risks that could have the greatest impact.

We regularly review and refresh our principal risks, our risk appetite, and our approach to risk management. Our approach is also structured to ensure that we take all reasonable steps to mitigate, but not necessarily eliminate, our principal risks in this context.

Accountability for managing risk is embedded into our management structures. Each market and function undertakes an annual risk assessment, establishes mitigation plans and monitors risk on a continual basis.

Our Executive Audit & Risk Committee (ARC) regularly assesses risk, and the Audit Committee of the Board independently reviews the assessment. The ARC meets quarterly and receives regular reports on the risks faced across the business and the effectiveness of the actions taken to mitigate these risks. We use internal and external data to monitor our risks and to make proactive interventions. We also establish cross-functional working groups and use expert advice where necessary to ensure significant risks are effectively managed and, where appropriate, escalated to the ARC and Audit Committee for consideration.

For more detail on our risk management approach, download our 2023 Corporate Governance Report (PDF 3.9MB)

Our principal risks

The Board considers principal risks to be the most significant risks faced by the group, including those that are the most material to our performance and that could threaten our business model or future long-term performance, solvency or liquidity. They do not comprise all the risks associated with our business and are not set out in priority order. Additional risks not known to management, or currently deemed to be less material, may also have an adverse effect on the business.

This year’s annual review of our principal risk descriptions has resulted in a number of changes. We have combined risks as a result of aligned cause and effect, while simplifying others. All principal risks have updated descriptions, risk outlooks and mitigating actions.

Our overall risk footprint reflects significant external threats, such as geopolitical risks, climate change, digital revolution, and the resulting impact of global uncertainty in many areas. The pandemic risk was elevated from an emerging risk last year. The risk associated with Covid-19 is better understood, however the risk of a new pandemic is possible. This year, we have combined the risk of a pandemic with a business interruption risk. We have also merged Geopolitical and Macroeconomic volatility, and Product quality and counterfeit, and have incorporated Data Privacy as part of the overall Business ethics & Integrity risk. This year, we have elevated Supply chain disruption as a separate principal risk.

Climate change & sustainability

Physical and transition climate change risks, including water stress, extreme weather events, temperature rises and increased regulation, may result in increased volatility in the supply of raw materials, production costs, capacity constraints and higher costs of compliance. In addition, the failure to meet sustainability goals could result in loss of licence to operate, financial loss and reputational damage amongst customers, consumers, investors and other stakeholders.

Regulation, trade barriers and indirect tax

Public health concerns may lead regulators in major markets to ban or restrict the marketing or sale of alcohol, while increased trade tensions and/or fiscal pressures may prompt the introduction of trade barriers and/or disproportionate tax increases, all of which may result in financial loss.

Pandemic and business interruptions

A significant interruption to our business due to external events (such as a public health threat/ pandemic, war or natural hazard) could restrict access to our products, negatively affect our operations and brands, or pose a threat to the safety of our employees; any of which could have a negative impact on our commercial and financial performance.

Geopolitical and macroeconomic volatility

Failure to react quickly enough to changing economic and/ or political conditions, e.g., inflationary pressures, currency instability, global trade tensions, heightened political protectionism, changes to customs duties and tariffs, and/or eroded consumer confidence, may impact on our freedom to operate in a market and could adversely impact forecasting and/or financial performance.

International direct tax

The international tax environment, including significant changes thereto, may alter our operating position, leading to an increased cost of compliance, an increase in our effective tax rates and/or unexpected tax exposures and uncertainty, resulting in financial loss.

Supply chain disruption

Supply chain disruptions can occur for a range of reasons, including pandemics and volatility in consumer behaviour, customer and consumer demand, labour capacity and global economic conditions. We have been impacted by disruptions to our supply chain and this may continue to occur in the future. The occurrence of these events may result in shortages of essential materials, heightened logistical constraints, longer lead times and heightened third-party supplier disruption, and therefore may continue to have a negative impact our commercial and financial performance.

Cyber and IT resilience

Sophisticated cyber and IT threats (both within our network and at third parties), including those facilitated through breaches of internal policies and unauthorised access, could lead to theft, loss and misappropriation of critical assets, such as personal and consumer data, and operational/ production systems. Inadequate IT resilience arrangements and integration with legacy systems could cause disruption to core business operations, including manufacturing and supply, resulting in financial loss and reputational damage.

Business ethics and integrity

Lack of an embedded business integrity culture or any breach of our policies, relevant laws or regulations (including but not limited to anti-corruption, money laundering, global competition, human rights, data protection and economic sanctions) could result in significant penalties, financial loss and reputational damage.

Consumer disruption

Inability to respond and adapt our products or processes to disruptive market forces — including but not limited to digital technology, health and lifestyle priorities, altered consumption behaviour, new drivers of choice, and new formats and technologies — that could impact our ability to effectively service our customers and consumers with the required agility, and result in financial loss.

Product quality and counterfeit

Accidental or malicious contamination of raw materials or finished product, and/or ineffective brand protection and intervention to address counterfeiting of our products supplied to market, could cause harm to consumers, damage our corporate and brand reputation and pose potential threats to our people due to the illicit nature of organisations involved in counterfeiting activities.

View pages 88-93 of our 2023 Annual Report to learn more about our principal risks (PDF 20.1MB).