Risk management

The goal of GPW risk management is to ensure that all material risks of GPW’s activity are properly measured, reported and controlled and do not pose a threat to the operational stability and continuity of the Company. The risk management system includes a range of processes, organisational solutions, technology tools and documented rules for risk management. The key assumptions and principles of the Company’s risk management system derive from the GPW Risk Management Strategy approved by the GPW Management Board and regularly reviewed to bring it in line with changes of the GPW risk profile and the market environment.

The key role in the risk management system is that of the Exchange Supervisory Board supported by the Audit Committee in supervising the GPW risk management system through on-going monitoring and assessment of the GPW risk management system approved by the Exchange Management Board. Risk management is a responsibility of the Exchange Management Board supported by the Risk Management Committee. The Company’s Management Board drafts, approves and implements GPW’s risk management strategy and takes the key decisions affecting the risk levels. The GPW risk management process is monitored and controlled by the Compliance and Risk Department. Business process owners and participants are responsible for on-going risk management, including identification of risks in the area of their responsibility, monitoring, controlling and taking actions to mitigate such risk. Effective operations and assessment of the risk management system as well as its adequacy for the GPW risk profile are regularly reviewed by the Internal Audit Department.

GPW builds an organisational culture which focuses on effective risk management, compliance with procedures, as well as enforcement of the rules of conduct. For this purpose, steps are taken in order to raise GPW employees’ awareness of risk management responsibilities at each level of the GPW organisation, including training, a dedicated risk management section of the corporate portal available to employees, and on-going advice.

GPW risk management process


The GPW risk management process is continuous and includes the following elements:

  • Risk identification – identification of existing and potential sources of risk which impact or may impact GPW’s financial position.
  • Risk assessment – analysis of internal and external threats to GPW’s operation in order to determine the risk profile.
  • Risk prevention or acceptance – application of any of the following strategies:
    • risk mitigation;
    • risk transfer, e.g., transfer of risks of a threat in whole or in part to a third party;
    • risk avoidance by taking no action involving the threat;
    • risk acceptance.
  • Risk review – periodic review of the effectiveness of the existing risk management system and its adequacy for the GPW risk profile.
  • Risk monitoring – monitoring the gap between risks and projections or benchmarks. Risk monitoring is an early warning system and triggers management actions when adverse change to the GPW risk profile is identified.
  • Risk reporting – regular reporting of risk measurements, actions taken or recommendations to withhold actions to the GPW authorities.

GPW’s risk management strategy covers the following risks:

1. Non-financial risks:

  • business risk, including: economic environment risk, strategic risk, competition risk, project risk,
  • operational risk, including legal risk,
  • compliance risk,
  • reputation risk.

2. Financial risks:

  • credit risk,
  • liquidity risk,
  • market risk,

The order in which individual risks are discussed below does not reflect the extent of their relative importance for the Group, the probability of their occurrence or their potential impact on the GPW Group’s operations.