Securitas Annual Report 2007

Risk management a Natural Part of our Operations Strategy
Managing risk is necessary for Securitas in order to be able to accomplish our strategies and achieve our objectives. The management of risk takes place through a structured process of assigning responsibility, which is the basis of the Group’s corporate governance and internal control, and stretches upwards from branch managers to Group Management and the Board of Directors who answer to the Annual General Meeting.
Background
Securitas is exposed to various types of risks in its day-to-day business. These risks fall into two main categories: operational risks and financial risks. Both can impact the Group’s financial performance and position if they are not managed in a structured way. Operational risks are risks associated with day-to-day operations and the services we provide to our customers, for example, when services do not meet the required standards and result in loss of property, damage to property or bodily injury. Financial risks arise because the Group has external financing needs and operates in a number of foreign currencies.
To allow the divisions, countries and regions to focus fully on their operations, financial risk management is centralized to the greatest extent possible to the Group Treasure Centre. For a further description of the management of financial risks, please refer to Note 6 on page 59 in the notes and comments to the consolidated financial statements. For details on the assumptions and assessments used in the preparation of the financial reports, and that may affect the Group’s financial position, please refer to Note 4 on page 57 of the notes and comments to the consolidated financial statements.
Organization
Since operational risks arise in local operations, they must be managed with a decentralized approach. Customer contract management and loss prevention measures
are essential aspects of this task. All of Securitas’ Branch Managers must assess and understand the risks associated with providing services. The Group’s divisional Presidents are responsible for all aspects of operations in their divisions, including operational risk management and risk minimization. The ultimate responsibility for claims settlement and for purchasing certain strategic insurance programs lies at Group level.
At Group level, Group Management sets risk management policies for the entire Group. The Security Services North America, Security Services Europe and Loomis divisions have their own risk committees which meet on a regular basis.
Management of operational risks
The most important objective of operational risk management is preventing losses from occurring and thereby protecting clients and employees. In order to evaluate the operational risks in new and existing business activities, Securitas uses a business risk evaluation model. This model, which focuses on a number of important aspects of the assignment and the relationship with the customer, is described in more detail on the following page. Should a loss occur and Securitas be deemed fully or partly responsible, insurance solutions are used to minimize the financial impact of any claims by customers or third parties.
Business risk evaluation model
Assignment
This is the first stage in the process. The key points are the size of the project, its duration and whether it involves a new or existing assignment. Specific training and supervision requirements are also considered in these circumstances.
Risk
The type of customer involved in an assignment is significant both in terms of the customer’s operational risk level and financial position. High-risk customers and potential large losses must be identified and the necessary insurance cover taken out for the risk in question. The creditworthiness of the customer must also be assessed.
Contract
A fair division of responsibilities and risks between Securitas and the customer is essential in every contract. Standardized contracts are the norm. Reasonable liability caps and indemnification for third-party claims are important components of customer contracts.
Profitability
This stage involves careful calculation of the profitability of the assignment. Managers must assess the investment requirement and whether the contract involves any off-balance-sheet exposure. Payment terms also have to be considered and a judgment made as to whether the assignment will generate sufficient profit in relation to the risks taken.
Risk business plan
As part of the budget process, each division presents annually a risk business plan, which is built from the bottom up. The business plan sets out the main focus and priorities in ongoing operational risk management within the divisions for the coming year. In addition, at least one business risk evaluation seminar is held each year for all divisions with participants from the divisions, country or region and from the Group.
The purpose of these meetings is to increase awareness and understanding of the risks the company is exposed to by, for example, reviewing certain contracts or processes.
Insurance
Securitas has decided to transfer certain operational risks to the insurance market through Group-wide insurance programs. The main programs are General Liability Insurance, which covers claims relating to property damage and bodily injury; Workers Compensation Insurance in the USA, which covers work-related claims; and Cash Handling Insurance, which covers losses that may occur in Loomis’ operations. By purchasing the Group’s insurance programs centrally, Securitas achieves economies of scale for pricing and better access to more specialized international insurance markets.
The transfer of risk to the insurance market is done in a three-step process. In the first step, the local operations retain a predetermined portion of all losses through a local deductible. In the next step, the Group’s own reinsurance companies (so-called captives) are used to retain a predetermined and capped risk in the Group above the level of the local deductible. The total self-retention, that is the total level of risk retained in the Group in local operations and in the reinsurance companies, depends on the estimated risk exposure and the pricing of external reinsurance. Normally it makes financial sense to retain a certain portion of the risk within the Group as there is a certain level of loss that normally occurs more frequently. To insure these losses externally would usually cost more than the value of the losses.
As a third step, the risk above the self-retention level is reinsured to appropriate limits in the external insurance markets. By using captives, Securitas gains some independence from the insurance markets and can minimize the impact of short-term fluctuations in price and capacity in these markets.
Losses and cost of risk
The cost of risk consists of external insurance premiums plus the self-retained part of the losses. The Group Insurance Centre is responsible for centrally purchasing the Group’s insurance programs and thereby securing competitive premiums and terms.
The operating units are responsible for keeping losses to a minimum in terms of number and size. As a main principle, the cost of risk and the consequences of good or poor management of risk cost are carried down to the branch level. Loss patterns and the cost of risk for each unit are reported and monitored on a monthly basis as a part of the financial reporting process.
Risk responsibilities      
Activities   Branch/area Country/division Group
Risk assessment n n n
Contract management n n  
Loss prevention n n  
Claims settlement   n n
Insurance purchasing     n
Risk management a Natural Part of our Operations Strategy
 
Managing risk is necessary for Securitas in order to be able to accomplish our strategies and achieve our objectives. The management of risk takes place through a structured process of assigning responsibility, which is the basis of the Group’s corporate governance and internal control, and stretches upwards from branch managers to Group Management and the Board of Directors who answer to the Annual General Meeting.
 
Background
Securitas is exposed to various types of risks in its day-to-day business. These risks fall into two main categories: operational risks and financial risks. Both can impact the Group’s financial performance and position if they are not managed in a structured way. Operational risks are risks associated with day-to-day operations and the services we provide to our customers, for example, when services do not meet the required standards and result in loss of property, damage to property or bodily injury. Financial risks arise because the Group has external financing needs and operates in a number of foreign currencies.
 
To allow the divisions, countries and regions to focus fully on their operations, financial risk management is centralized to the greatest extent possible to the Group Treasure Centre. For a further description of the management of financial risks, please refer to Note 6 on page 59 in the notes and comments to the consolidated financial statements. For details on the assumptions and assessments used in the preparation of the financial reports, and that may affect the Group’s financial position, please refer to Note 4 on page 57 of the notes and comments to the consolidated financial statements.
 
Organization
Since operational risks arise in local operations, they must be managed with a decentralized approach. Customer contract management and loss prevention measures
 
are essential aspects of this task. All of Securitas’ Branch Managers must assess and understand the risks associated with providing services. The Group’s divisional Presidents are responsible for all aspects of operations in their divisions, including operational risk management and risk minimization. The ultimate responsibility for claims settlement and for purchasing certain strategic insurance programs lies at Group level.
 
At Group level, Group Management sets risk management policies for the entire Group. The Security Services North America, Security Services Europe and Loomis divisions have their own risk committees which meet on a regular basis.
 
Management of operational risks
The most important objective of operational risk management is preventing losses from occurring and thereby protecting clients and employees. In order to evaluate the operational risks in new and existing business activities, Securitas uses a business risk evaluation model. This model, which focuses on a number of important aspects of the assignment and the relationship with the customer, is described in more detail on the following page. Should a loss occur and Securitas be deemed fully or partly responsible, insurance solutions are used to minimize the financial impact of any claims by customers or third parties.

Page 23

 
Business risk evaluation model
Assignment
This is the first stage in the process. The key points are the size of the project, its duration and whether it involves a new or existing assignment. Specific training and supervision requirements are also considered in these circumstances.
 
Risk
The type of customer involved in an assignment is significant both in terms of the customer’s operational risk level and financial position. High-risk customers and potential large losses must be identified and the necessary insurance cover taken out for the risk in question. The creditworthiness of the customer must also be assessed.
 
Contract
A fair division of responsibilities and risks between Securitas and the customer is essential in every contract. Standardized contracts are the norm. Reasonable liability caps and indemnification for third-party claims are important components of customer contracts.
 
Profitability
This stage involves careful calculation of the profitability of the assignment. Managers must assess the investment requirement and whether the contract involves any off-balance-sheet exposure. Payment terms also have to be considered and a judgment made as to whether the assignment will generate sufficient profit in relation to the risks taken.
 
Risk business plan
As part of the budget process, each division presents annually a risk business plan, which is built from the bottom up. The business plan sets out the main focus and priorities in ongoing operational risk management within the divisions for the coming year. In addition, at least one business risk evaluation seminar is held each year for all divisions with participants from the divisions, country or region and from the Group.
 
The purpose of these meetings is to increase awareness and understanding of the risks the company is exposed to by, for example, reviewing certain contracts or processes.
 
Insurance
Securitas has decided to transfer certain operational risks to the insurance market through Group-wide insurance programs. The main programs are General Liability Insurance, which covers claims relating to property damage and bodily injury; Workers Compensation Insurance in the USA, which covers work-related claims; and Cash Handling Insurance, which covers losses that may occur in Loomis’ operations. By purchasing the Group’s insurance programs centrally, Securitas achieves economies of scale for pricing and better access to more specialized international insurance markets.
 
The transfer of risk to the insurance market is done in a three-step process. In the first step, the local operations retain a predetermined portion of all losses through a local deductible. In the next step, the Group’s own reinsurance companies (so-called captives) are used to retain a predetermined and capped risk in the Group above the level of the local deductible. The total self-retention, that is the total level of risk retained in the Group in local operations and in the reinsurance companies, depends on the estimated risk exposure and the pricing of external reinsurance. Normally it makes financial sense to retain a certain portion of the risk within the Group as there is a certain level of loss that normally occurs more frequently. To insure these losses externally would usually cost more than the value of the losses.
 
As a third step, the risk above the self-retention level is reinsured to appropriate limits in the external insurance markets. By using captives, Securitas gains some independence from the insurance markets and can minimize the impact of short-term fluctuations in price and capacity in these markets.
 
Losses and cost of risk
The cost of risk consists of external insurance premiums plus the self-retained part of the losses. The Group Insurance Centre is responsible for centrally purchasing the Group’s insurance programs and thereby securing competitive premiums and terms.
 
The operating units are responsible for keeping losses to a minimum in terms of number and size. As a main principle, the cost of risk and the consequences of good or poor management of risk cost are carried down to the branch level. Loss patterns and the cost of risk for each unit are reported and monitored on a monthly basis as a part of the financial reporting process.
 

Risk responsibilities      
Activities   Branch/area Country/division Group
Risk assessment n n n
Contract management n n  
Loss prevention n n  
Claims settlement   n n
Insurance purchasing     n