3

Governance

Risk management

Risk management policy

Numidia has a risk management policy in place and assesses applicable risks on an ongoing basis. Dairy commodity training poses an inherent and relatively high risk due to thin margins. In addition, our global presence makes us vulnerable to political and macro-economic conditions, weather conditions and seasonality.

We prioritize business continuity and maintain a low risk appetite. Therefore, we:

  • implement measures and controls to reduce risk as much as possible, within a reasonable cost-benefit trade-off

  • allow medium risk only to maintain our trade position and to execute our core business

  • mitigate high-risk items

  • mitigate all other risks to an acceptable level

Our risk policy addresses all applicable risk areas and their associated measures and controls, which are implemented throughout the organization.

strategic risk

Our subsidiaries serve a strategic purpose by limiting our dependence on the European market and creating a global footprint. We are able to reach and serve our customers all over the world, 24/7. In addition, we significantly reduce the risk and impact of currency fluctuations, weather conditions, seasonality, and country- or product-specific sanctions. Our business structure provides a strong foundation for business continuity and growth. We also invest significant effort in business planning. Our 2020-2025 strategic plan provides long-term direction and informs our 2022 operational goals and budget.

financial risk

Currency risk

We mitigate currency risk by using forward foreign transaction (FX) contracts. These contracts fix the currency exchange rate, protecting us against potential margin losses when trading in USD and GBP.

Working capital risk

We continuously monitor and assess working capital risk in relation to our current trade position, inventory projections and commitments, equity position, budget and strategic planning. We have a financing facility in place with Deutsche Bank and ING Bank to meet our working capital requirements. This EUR 120.0 million asset-based facility was extended for a three-year period in July 2021 and expires in August 2024.

Interest rate risk

We are exposed to interest risk on all loans with variable interest rates. The main interest risk relates to the asset-based credit facility for financing working capital. This risk is not hedged, as the (expected) interest costs are discounted into our sales price setting.

operational risk

Trade risk

We have four levels of trade limits in place to manage risks related to market fluctuations:

  1. Position limits (total and per product limits in metric tons) based on the maximum exposure Numidia is willing to take without jeopardizing business continuity.

  2. Sub-limits (total and per product limits in metric tons) for commodity futures and options contracts. These contracts apply to the CME, EEX, SGX and OTC exchanges and are used for risk mitigation by hedging physical positions and for generating profit.

  3. VAR (Value at Risk) limits for commodity futures and options contracts to manage and mitigate the risk on margin calls.

  4. Inventory limits to ensure a high level of turnover on inventory, low risk of inventory write-offs and limited capital employment.

We continuously monitor position limits using real-time information systems, and senior management conducts daily reviews.

Counterparty risk

We regularly assess counterparty risk related to customers (mainly credit risk) and suppliers (mainly food and feed safety risk) using a rating system. The system takes into account a company’s financial situation, country of residence, payment performance, contract performance, claim history and credit rating. In addition, we have a Know Your Customer (KYC) process in place to screen all customers for sanctions.

We use several different instruments to manage credit risk, including credit insurance (Credendo), letters of credit (LC), cash against documents delivery (CAD), avalized drafts, prepayment or a combination of these instruments. These instruments cover approximately 94% of our trade receivables.

Our Quality Department must approve all product suppliers, transportation providers and warehouses prior to doing business. Suppliers must meet a minimum set of requirements, such as quality certifications, service level agreements and signed supplier inquiry/identification forms. Finally, all suppliers and agents must sign our Code of Conduct.

Liability

Our insurance policies cover (among others) liability risk, recall risk, transport risk and inventory storage risk.

non-compliance risk

Employee risk

We established our Code of Conduct in 2016 to manage employee and management risk. The Code of Conduct defines our standards and rules with regard to integrity, compliance with laws and regulations, fraud and conflicts of interest.

We have been a member of the Supplier Ethical Data Exchange (Sedex) since 2018. Sedex is a not-for-profit membership organization that works with buyers and suppliers to implement responsible and ethical business practices in global supply chains.

Corruption risk

We have corruption risk measures in place, including but not limited to the following:

  • Blacklisted country list

  • KYC screening

  • No cash policy

fraud risk

Financial reporting risk

Each month, we conduct a hard close on all Numidia entities and consolidate numbers into a company result and balance sheet for review and discussion in the monthly management team and BoD meetings. Budget and year-over-year variances are analyzed and explained. We have embedded segregation of duties (SoD) is our ERP system to limit management override risk and unauthorized transactions.

Asset misappropriation

We manage the risk of asset misappropriation, mainly related to outgoing payments, by maintaining strict controls on vendor bank account mutations and SoD on outgoing bank payments.

Food fraud risk

We have all quality certifications in place to be a supplier of choice in the dairy market. Numidia is a certified BRC agent & broker and IFS broker for the food market and GMP+ for the feed market. Our food defense & food fraud mitigation plan is based on the following:

  • a vulnerability analysis and critical control point (VACCP)

  • a threat assessment and critical control point (TACCP)

The TACCP & VACCP analyses are reviewed annually and are included in the internal audit procedure. Further details are provided under Ethics and anti-corruption

cyber security risk

We continually update our cyber security policy based on the latest developments. Our policy is built on three cornerstones:

  • Prevention: access control management, data and privacy protection, continuous updates

  • Monitoring and detection: malware protection, intrusion detection, various audit tools

  • Response: cyber security insurance policy, fallback environment, backup recovery

In control statement

The BoD is responsible for the design, implementation and effectiveness of the risk management policy and internal controls. The BoD has performed an assessment of the effectiveness of our risk management system. Based on this assessment, the BoD is of the following opinion:

  • There are no material failures in the effectiveness of Numidia’s internal risk management and control systems.

  • Numidia’s internal risk management and control systems provide reasonable assurance that the Annual Report does not contain material errors.

  • Based on the current conditions, it is justified that the financial reporting is prepared on a going concern basis.

  • There are no material risks or uncertainties that could reasonably be expected to have a material adverse effect on the continuity of Numidia in the coming twelve months.

The above statement does not imply that our risk management system provides absolute assurance, nor that it can prevent all misstatements, inaccuracies, errors, fraud and non-compliances with legislation, rules and regulations.