MAIN PAGE

Risk Management

Main risk factors and mitigating measures

The Group is exposed to a variety of macroeconomic (foreign exchange, crude oil price, refining margins), financial (capital structure, liquidity, cash flow, credit), as well as operational risks. In line with international best practices and within the context of the local markets and regulatory framework, the Group’s overall risk management policies aim at reducing possible exposure to market volatility and / or mitigating its adverse effects on the financial position of the Group to the extent possible. The main risks faced by the Group, as well as the corresponding mitigating measures are described below:

Main risks	Indicative mitigating measures
Macroeconomic environment
Crude oil and products market: Oil Price Refining Margins	Refineries of high complexity and competitiveness with financial performance exceeding the average of European refineries and overperformance vs benchmark margins Balancing purchases with sales per period in order to reduce exposure to price changes Framework for managing commercial risks involving executive members of the Group Hedging transactions subject to market conditions Managing cash balances
Foreign exchange risk: Gross margin conversion Financial position translation	All transactions of crude oil and petroleum products, both domestically and internationally carried out in dollars, converting into local currency on the transaction date Balance sheet management to match monetary exposure (assets – liabilities) Hedging transactions subject to market conditions
Greek economy: Reduced demand Borrowing cost and exposure to Greek banking system Credit risk Economic stability	Export oriented business model, with international sales accounting for 50% of total Issue of Eurobonds and Liability Management reducing the exposure to the Greek banking system and decreasing borrowing cost Significant percentage of gross refining margin dependent on prices of both crude oil and petroleum products Continuous monitoring of domestic economic environment and corresponding adjustment of the company’s strategy
Financial risks
Capital structure	Diversification of funding mix Improvement of debt maturity profile based on market conditions Reduction of borrowing cost Reduction of indebtedness (deleverage)
Liquidity	Maximize cash from operating cash flow and available credit lines (headroom) Issuance of Letter of Guarantee (LG) or Credit (LC) for trade liabilities Maximize availability of open credit from crude suppliers
Credit	Differentiation of customers’ mix Faster collection of receivables (DSO reduction) Review of customers’ rating status and limits
Operation risks
Safety & Environment	Investments to improve levels of safety and environmental protection Application of safety audit processes and regular inspection of all production facilities and storage and trading terminals Continuous measurement of emissions from the Group’s manufacturing facilities Participation in international organizations for best practices sharing in the field in accordance with the highest standards of refining industry
Ensure refineries’ supply with raw materials	Proactive scheduling of refineries’ supply Adjusting supply chain to address issues in case of a shortage in specific types of crude oil Benefitting from the refineries’ location and configuration with ability to access and process a variety of crude oil grades Supply diversification
Reduced operation or unplanned shut-down of a refinery	Strict application of preventive maintenance programs Periodic turnarounds in accordance with equipment specifications
Compliance with the CO₂ regulatory framework	CO₂ allowance management in order to minimize cash outflow Investments to reduce CO₂ emissions
Compliance in terms of operation and product quality	Implementation of necessary measures for full compliance with the existing specifications both in production process, as well as the supply chain Investments for the adjustment of equipment configuration, in accordance with the national and European institutional framework
Property and liability risk	Insurance coverage against a number of risks, including damage of physical assets, personal injuries, business interruption, product or other liability

Overview of Internal Audit System and Risk Management

In the same context, the Group’s Internal Audit System and Risk Management include safeguards and monitoring mechanisms at various levels within the organization, as described below:

Risk Identification, Assessment, Measurement and Management

The identification and assessment of risks takes place mainly during the strategic planning and the annual preparation of the business plan. The benefits and opportunities are examined in the context of the company’s activities, but also in relation to several different stakeholders who may be affected.

Planning and Monitoring / Budget

The Company’s performance is monitored through a detailed budget per operating sector and market. The budget is adjusted systematically, and Management monitors the development of the Group’s financial performance through regularly issued reports and budget comparisons with the actual results.

Adequacy of the Internal Control System

The Internal Control System consists of the policies, procedures and tasks which have been designed and implemented by the Management Team for the purpose of the effective management of risks, the achievement of business objectives, the reliability of financial and administrative information and compliance with laws and regulations.

The Independent Internal Audit Department, by means of periodic assessments, ensures that the identification procedures and risk management applied by Management are sufficient, that the Internal Control System operates effectively, and that information provided to the BoD relating to the Internal Control System, is reliable and of good quality.

Roles and responsibilities of the BoD

The role and responsibilities of the BoD are described in the Internal Procedures Manual of the Company, which is approved by the BoD.

Prevention and Repression of financial fraud

The areas that are considered to be of high risk for financial fraud are monitored through appropriate internal controls and enhanced security measures. In addition to the internal controls applied by each department, all Company activities are subject to audits from the Internal Audit Department, the results of which are presented to the BoD.

Internal Operating Regulation

The Company has compiled relevant internal regulations approved by the BoD. The Regulations determines powers and responsibilities which promote the adequate segregation of duties within the Company.

The Group’s Code of Conduct

In the context of the fundamental obligation of good corporate governance, the Company has drafted and adopted, since 2011, the Code of Conduct, approved by the BoD of the company. The Code of Conduct summarizes the principles according to which any person, employee or third party involved in the operation of the Group, as well as any collective body, should act within the framework of their duties. For this reason, the Code constitutes a practical guide of the day-to-day tasks of all employees of the Group, but also of third parties who cooperate with it.

Safeguards in Information Technology Systems

The Group’s IT Department is responsible for developing the IT strategy and for staff training to cover any arising needs and the IT department is also responsible for the support of IT systems and applications through the drafting and updating of operation manuals, in cooperation with external consultants where this is necessary. The Company has developed an adequate framework to monitor and control its IT systems, defined by a set of internal controls, policies and procedures.

Safeguards for Financial Statements and Financial Reporting

The Group applies common policies and monitoring procedures of accounting departments of the Group’s subsidiaries, which include, amongst others, definitions, accounting principles adopted by the Company and its subsidiaries, guidelines for the preparation of financial statements and consolidation. Furthermore, it also runs automatic checks and validations between different transactional and reporting systems. In cases of non-recurring transactions special approval is required.

Chart of Authorities

The Group has in place a chart of authorities, which depicts assigned authorities to various Company executives, in order to complete certain transactions or actions (e.g. payments, receipts, contracts, etc.).