Risk management process

Organization of BASF Group’s risk management

Organization of BASF Group’s risk management (organigram)

Risk management process

  • Integrated process for identification, assessment and reporting
  • Decentralized management of specific opportunities and risks
  • Aggregation at a Group level

The BASF Group’s risk management process is based on the international risk management standard COSO II Enterprise Risk Management – Integrated Framework (2004), and has the following key features:

Organization and responsibilities

  • Risk management is the responsibility of the Board of Executive Directors, which also determines the processes for approving investments, acquisitions and divestitures.
  • The Board of Executive Directors is supported by the units Finance, Corporate Controlling, Corporate Development and Legal, Taxes, Insurance & Intellectual Property, and the Chief Compliance Officer. These units coordinate the risk management process at a Group level and provide the structure and appropriate methodology. Opportunity and risk management is thus integrated into the strategy, planning and budgeting processes.
  • A network of risk managers in the business, functional and corporate units as well as in the regions and at the Verbund sites advances the implementation of appropriate risk management practices in daily operations.
  • The management of specific opportunities and risks is largely delegated to the business units and is steered at a regional or local level. Risks relating to exchange rates and raw materials prices are an exception. In this case, there is an initial consolidation at a Group level before derivative hedging instruments, for example, are used.
  • BASF’s Chief Compliance Officer (CCO) manages the implementation of our Compliance Management System, supported by additional compliance officers worldwide. He regularly reports to the Board of Executive Directors on the status of implementation as well as on any significant results. He also provides a status report to the Supervisory Board’s Audit Committee at least once a year, including any major developments. In the event of significant incidents, the Audit Committee is immediately informed by the Board of Executive Directors.
  • The internal auditing unit (Corporate Audit) is responsible for regularly auditing the risk management system established by the Board of Executive Directors in accordance with section 91(2) of the German Stock Corporation Act. Furthermore, as part of its monitoring of the Board of Executive Directors, the Supervisory Board considers the effectiveness of the risk management system. The suitability of the early detection system we set up for risks is evaluated by our external auditor.


  • The Risk Management Policy, applicable throughout the Group, forms the framework for risk management and is implemented by the business units according to their particular business conditions.
  • A catalog of opportunity and risk categories helps to identify all relevant opportunities and risks as comprehensively as possible.
  • We use standardized evaluation and reporting tools for the identification and assessment of risks. The aggregation of opportunities, risks and sensitivities at division and Group level using a Monte Carlo simulation helps us to identify effects and trends across the Group.
  • The nonfinancial topics relevant for BASF are addressed by the responsible functional units, which assess the risks identified as being relevant according to impact and probability of occurrence. We identify opportunities and risks that arise in connection with the topics of environment, society and governance with our sustainability management tools. We have established global monitoring systems to check adherence to laws and our voluntary commitments in these areas. These also incorporate our suppliers.
  • The BASF Group’s management is informed about operational opportunities and risks (observation period of up to one year) in the monthly management report produced by the Corporate Controlling unit. In addition, Corporate Controlling and Finance provide information twice a year on the aggregated opportunity/risk exposure of the BASF Group. Furthermore, if a new individual risk is identified which has a more than €10 million impact on earnings or bears reputational risks, it must be immediately reported.
  • As part of our strategy development, the Corporate Development unit conducts strategic opportunity/risk analyses with a 10-year assessment period. These analyses are annually reviewed as part of strategic controlling and are adapted if necessary.
  • Our Group-wide Compliance Program aims to ensure adherence to legal regulations and the company’s internal guidelines. Our global employee Code of Conduct firmly embeds these mandatory standards into everyday business. Members of the Board of Executive Directors are also expressly obligated to follow these principles.