One of the main foundations for risk control is the internal culture of the company, which is characterized by a high degree of transparency regarding the timely identification, evaluation and reporting of risks and a remuneration system that is geared to avoiding potentially perverse incentives.
Given the hands-on nature of the company and the short lines of communication, there are three important factors in assessing and evaluating our internal risk management and control systems:
1. In the daily operations, the operational risk management and control is largely supported by an extensive framework of quality assurance rules, procedures and systems, in particular regarding the acquisition and execution of contracts. These include guidelines for responsibilities, powers and risk control. The adequacy of this framework is reviewed regularly, also considering the increasing diversity of the contracting and project activities the company performs in accordance with its strategy. In addition to audits by external certification agencies, Boskalis also performs regular internal audits under the auspices of the SHE-Q department. SHE-Q is discussed at the quarterly meetings between the Board of Management and the management of the business units, with the management of the SHE-Q department also being present.
2. The daily management of the organization is based on short lines of communication and command. Speed, know-how and decisiveness are of the essence, both in the tendering phase and in project execution. Daily management is hands-on.
3. The progress and development of the operating results and the financial position of individual projects and business units and the company as a whole, as well as the operational and financial risks, are monitored by means of structured periodical reporting, analysis of the financial results and performance reviews at Board of Management and senior management levels.