Risk management and control

Risk Management

The purpose of YIT’s risk management is to identify the most significant risks to the company’s operations and manage them in a balanced way. Risk management aims to ensure the continuity of YIT’s operations and the achievement of targets. YIT has a risk management policy that guides the management of the company’s overall risk position. The policy describes the main principles of risk management at YIT. The risk management policy is approved by the Board of Directors of YIT. The Board of Directors guides and supervises the planning and execution of risk management and approves the company’s risk-taking ability and risk appetite.

The Group’s President and CEO retains overall responsibility for risk management. The President and CEO is responsible for the organisation, follow-up and implementation of risk management and the development of the risk management strategy. Business and support functions are responsible for risk management practices for their own part. The gate model is utilised in the risk management of projects; each gate includes a risk review.

Risk management is included in all of the Group’s significant operating, reporting and management processes. Planning of the risk management, risk exposure assessment and operating environment analysis are part of the annual strategy process. In addition, material changes in risks and risk exposure are reported and monitored on a monthly and quarterly basis in accordance with the Group’s management and reporting practices. One key perspective in risk management is to also identify opportunities and actively take advantage of them.

Risks related to financial reporting are managed with the help of the Group’s accounting manual, financing and tax policy, investment guideline, acquisition instructions, control environment and internal audit.

Most significant business risks

YIT has categorised the risks that are significant to its operations into strategic, operational, financial and event risks.

Strategic risks relate to the markets, countries of operation, legislation, good corporate governance, reputation and climate change. Operational risks relate to projects, contracts and agreement disputes, resources and personnel, procurement, occupational safety, human rights and the environment. Financial risks relate to financing, reporting and capital efficiency, while Transaction risks include issues related to information security and pandemics. 

Detailed descriptions of the most significant short-term risks for YIT's business and the effects of these on risk management measures are described in the 2020 Annual Review

YIT Corporation’s financial reporting and supervision are based on budgets drafted and ratified annually as well as monthly performance reporting and forecasting. The Group’s financial reporting is based on financial data on the profitability of business provided by each cost centre, combined with segment-level and group-level data. YIT Corporation’s business is characterised by project-type operations, due to which financial reporting applies the percentage of completion method or recognition of revenue at a point in time. Accurate information on the degree of completion of the project and the final cost estimate are essential for the reliability of financial data in project business. In addition, for projects where revenue is recognised at a point in time, it is essential to understand the project-specific degree of sale.

The aim of the internal control

The aim of the internal control, control environment and risk management related to the financial reporting process is to ensure the harmonised and reliable reporting of the Group’s financial results in a manner compliant with applicable laws and regulations and the reporting principles confirmed in YIT Group. The responsibilities of risk management and internal control are defined in the Group’s risk management policy as well as in the operating models of the Group functions and business segments. The operating models describe the key tasks, operations and responsibilities of the various administrative bodies. The Group’s business reporting process produces information related to project monitoring together with the business controlling function that supports the business, which makes the internal control function part of segment-level operations.

The Group accounting and reporting function, which works under the supervision of the Group’s CFO, defines and communicates the principles related to financial reporting, maintains the tools required for Group accounting and reporting and prepares the interim reports and official financial statements published by the Group. The Business controlling function is responsible for ensuring that reporting within the segments is carried out according to instructions. The Group treasury function issues instructions concerning the reporting of internal and external calculations related to financial transactions and monitors the accuracy of reporting.
Based on long-term and short-term cash flow forecasts, the Group treasury function ensures adequate liquidity as well as appropriate and suitable financial instruments. Group treasury also supports the entire financial administration organisation in reporting on financing and the reconciliation of reporting. Group Controlling produces quantitative analyses for the management and prepares a monthly management report. The Taxes function produces the Group’s tax guidelines and practices and ensures that tax-related matters are in compliance with the Group’s corporate governance principles and internal tax policies. Financial development improves and
develops financial processes and information systems, which supports reporting and monitoring.

The Investments function prepares and supports decision making on projects and investments and is responsible for making preparations for the meetings of the Investment and Project Committee.

Communications

The Group’s CFO and Investor Relations are responsible for the publication and release of financial information and for the fulfilment of disclosure obligations concerning a listed company. Investor Relations are also
responsible for the planning and implementation of investor communications and for daily contact with investors and analysts.

The aim of the company’s Investor Relations is to support the appropriate valuation of YIT shares by providing all market parties with all essential information concerning YIT in a continuous and consistent manner.

Corporate Communications maintain YIT’s communications policy, published on the Group’s website, as well as the internal guidelines for external and financial communications, which define YIT’s practices in relation to the disclosure of financial information.

Follow-up

YIT’s business segments are responsible for the accuracy of the segment data presented in interim reports and financial statements. The Group’s accounting department is responsible for the accuracy and scope of the group-level numerical data as well as their compliance with rules and regulations. The Audit Committee reviews information that is to be published and submits them for the Board of Directors’ approval.

The Group’s financial management team convenes on a monthly basis. It is composed of the Business controllers responsible for the business segments, the Group controller, group accounting and reporting, group treasury, the service centre, financial development, investments, the Corporate General Counsel and the Vice President, Investor Relations. The financial management team mainly discusses financial administration development projects as well as matters related to risk management and resource allocation.

The Group’s operational financial management team meets weekly and is composed of the Business controllers responsible for the business segments, the Group controller, group accounting and reporting, group treasury, the service centre and financial development. The operational financial management team addresses all financial process and development issues concerning the business segments.

YIT Group’s internal audit organisation supports the management in the development and supervision of risk management, internal control and good corporate governance. The internal audit reports to the Audit Committee of the Board of Directors and administratively to YIT’s President and CEO.

YIT Group’s Internal Audit is organized as a fully outsourced service starting from 1.1.2022. Internal Audit supports the management in the development and supervision of risk management, internal control, and good corporate governance. Internal Audit reports functionally to the Audit Committee of the Board of Directors and administratively to YIT’s Corporate General Counsel.

The internal audit plan is developed using a risk-based methodology, including any risks or control concerns identified by senior management and the Audit Committee. Internal Audit’s work is coordinated with other Group functions and financial auditing.

YIT's Code of Conduct - the way we operate in accordance with our shared values and rules, is a concrete expression of what compliance with our values means in our work with different stakeholders.

The Code of Conduct is not meant to be a detailed guide that provides an answer to every question, but rather a general guideline for compliance with our shared values, principles and rules.

The document includes the principles that guide our operations in relation to customers, employees, shareholders, business partners, competitors, society and the environment. You will also find information related to compliance with our business principles and reporting infringements.

Read more about Code of Conduct