Risk management
Kojamo’s risk management is based on the Company’s risk management and treasury policy, corporate governance and Code of Conduct as well as the the risk assessments carried out in connection with the strategy and annual planning process. Risk management is part of the Company’s internal control, its purpose being to ensure that the Company achieves its business objectives.
The role of risk management is to identify, classify, analyse and manage central risks associated with the operations. The aim is to ensure the achievement of the goals related to the Company’s financial performance, customers and personnel.
Responsibility for the organisation of risk management and the risk management policy rests with the Board of Directors. Risk management is based on the risk assessments carried out during the strategy and annual planning process, which involve identifying key risks, evaluating their likelihood and potential impacts, and defining the means to manage them. Any significant changes in risks associated with the operations and the business environment are evaluated regularly and reported to the Audit Committee and the Board of Directors as part of quarterly interim reporting.
Read more about Kojamo’s near-term risks.
Kojamo’s most significant risks and their management
| Risk | Causes of the risk | Consequences |
| Strategic risks | ||
| Decreased availability of capital | • Lower availability of financing due to banking regulations and/or the domestic or international economic situation • Market disruptions | • Difficulty in financing investments • Refinancing of maturing loans becomes more difficult • Slows down investment and business growth • Deteriorates the prerequisites for repair work |
| Decrease in apartment values in growth centres | • Due to the weak economic situation or inflation and rising interest rates, the volumes of home sales and portfolio transactions will decrease and the prices of apartments will decrease, and the demand for returns will rise | • Weakened equity ratio • Slows down investment and business growth |
| Renting apartments becomes more difficult due to the increased supply of rental apartments | • Investments in new rental apartments • Measures of society and cities do not support the construction of the right types of apartments • Property rents are priced above the local rental price level | • Difficulty achieving results |
| Reform of housing and rent legislation | • Changes in general housing legislation, or in particular in rent legislation • Significant changes in the housing allowance system • Restrictions on rent and leasing | • Loss of profitability |
| Demand for rental housing declines | • Continuing trend of urbanization • Segregation within locations • Popularity of owner-occupied housing will increase • Consequences of the impact of the pandemic | • Financial performance will deteriorate • Failure to achieve strategic growth targets |
| Not getting enough investment projects off the ground | • Increase in the level of construction costs • Incorrect assessment of project risks • No quotes received; limited resources allocated to projects with better margins • Increase in yield requirements | • Failure to achieve strategic growth targets |
| Profile raising | • Kojamo’s and Lumo’s brands are not becoming stronger in line with the set goal • Brand promises not redeemed • Target group not interested in the offering • Failure to meet responsibility requirements | • Negative media coverage • Loss of customers • Loss of the intended benefits • Lumo rental apartments’ attractiveness and price-quality ratio suffers, which would have a negative impact on Lumo’s business and the listed company’s profile |
| National economy is not growing | • International economic situation deteriorates further • International financial market in difficulty • Pandemics | • Decrease in residents’ ability to pay, which has an impact on economic performance (increase in vacancy rates) • Investment financing becomes more difficult and prevents business growth |
| Suitability of services | • Failure to identify customers’ needs • Failure to define customer groups • No demand for services | • Weakened cash flow • Weakened financial performance • Weakened ability to create customer retention |
| Failure to take advantage of the opportunities presented by digitalisation | • Failure to repatriate the benefits of digitalisation • Failure to commercialise services • Failure to involve partners in the development of services • Organisation’s capabilities/operating methods do not meet the requirements of digitalisation • Current technology solutions do not support digital development | • Difficulty achieving financial results • Loss of customers • Loss of the intended benefits • Difficulties to recruit skilled staff and weakened employer reputation • Loss of pioneering position • Strategy implementation slows down |
| Operating environment risks | ||
| Amendments to legislation on energy efficiency of construction and other legislation concerning the company | • New regulations, changes in regulations concerning construction in general and energy and carbon emissions in particular, affecting the company’s operating conditions and profitability | • Active influencing of legislative changes and preparing for changes and the requirements they bring in good time • Predictive preparation for legislative changes (process auditing) • Persons in charge, processes • In order to develop and maintain our own expertise, we must actively participate in the preparation of amendments to legislation and building regulations (e.g. working groups of RAKLI and the Ministry of the Environment) • Training employees |
| Financial irregularities, external or internal | • Unidentified hazardous work combinations • Missing or inadequate controls • Too extensive access rights to systems • Insufficient and inadequate supervision in the supervision of work or in the review of invoices • Incomplete or unclear order or commission • Incomplete documentation • Invoice fraud | • Guidance, adequate internal control and monitoring • Ensuring that the controls work (e.g. system controls for approving invoices) • Audits of operating models or internal audits focused on persons’ areas of responsibility • Controller functions ensure that supervisors have sufficient monitoring tools in place to identify deviations • Ensuring full use of procurement and monitoring systems; reserve resource guidelines for responsible persons for exceptional situations |
| Financial risks | ||
| Decreased availability of capital | • Lower availability of financing due to banking regulations and/or the domestic or international economic situation or the capital debt market • Market failures, access to equity, changes in environmental conditions in the financial market • Lack of equity | • The refinancing risk is mitigated by diversifying the financing sources and instruments in the loan portfolio, spreading the maturity of loans and maintaining a strong balance sheet structure |
| Rising market interest rates | • Significant changes in market interest rates and/or interest margins and spreads • Changes can be caused by the market or the acceleration of inflation | • The interest rate risk associated with the loan portfolio is managed by dividing loans between fixed and floating rate loans, by different interest rate renewal periods and by the use of interest rate derivatives. • In accordance with Kojamo Group’s treasury policy, the target hedging ratio is 50–100% environment |
| Risks related to business operations | ||
| Not getting enough investment projects off the ground | • Increase in the level of construction costs • Incorrect project risk assessment or incorrect performance calculation parameters • No quotes received; limited resources allocated to projects with better margins • Changes in construction and other legislation • Purchase of plots | • Design management • Increasing the efficiency of plot acquisition • Ensuring the efficiency of project development (plan quality and lead-time) • Ensuring the efficiency of plans and designs • Ensuring the efficiency of project development • Cooperation with partners • Ensuring the correct yield level |
| Data security threats | • Inadequate controls and supervision • Failure to comply with data security guidelines • Deficiencies in technical or administrative data security • Phishing • Data copying and sales • Storing data in an unlocked space • Cyber attacks | • Guidelines for data security matters and monitoring that the guidelines are followed • Providing programmatic and technical protection to avoid mass data leaks • Instructing and monitoring that personal data is processed in accordance with Kojamo’s instructions • Systematic data protection audits. • Adequate controls and ensuring their functionality • Cooperation with partners • Cyber insurance |
| Physical risks caused by climate change: Extreme weather phenomena cause damage to properties, apartments and yard and parking areas | • Decrease in the value of properties in risk areas • Loss of rental income in high-risk areas • Increase in maintenance costs of properties • Increase in the repair costs of properties • Failure of temperature control in apartments and increasing turnover of residents • Missing the opportunity to achieve pioneership, competitive advantage and a market position as a responsible operator through progressive and proactive operations | • Assessing flood-prone areas as part of the due diligence process • As part of the investment decision proposal for new projects, the risk of the site being located in a flood risk area is assessed and the necessary measures to be taken are determined • Taking extreme weather phenomena into account in maintenance control • Insurance policies in case of damage caused by extreme weather phenomena • Leanheat control to adjust the indoor temperatures of apartments in accordance with changes in the outdoor temperature, which also increases resident satisfaction • Sustainability programme |
| Risks caused by climate change related to the transition to a low-carbon society (technological risks, market risks) | • Increasing investment costs in the transition to energy-efficient and low-carbon construction in both new construction and renovation due to stricter regulations • Increasing demand for low-carbon and energy-efficient apartments • The dependence on district heating companies’ low-carbon energy production is emphasised; the significance of the price development of district heating is emphasised • Emissions trading expands to the real estate and construction sectors, posing a cost risk | • EU and active monitoring of the development of national legislation (EU taxonomy, Land Use and Building Act reform) • Promoting the sustainability programme and carbon-neutral energy consumption roadmap • Consideration of stricter requirements in the design of new construction as early as possible |
| The company is unable to ensure that it operates responsibly with respect to the climate, environment, customers and personnel | • The company does not have sufficient human resources to take care of its corporate responsibility at the operative level and its implementation into practice • Insufficient definition of what is meant by a sustainability programme and no clear objectives • Lack of internal and external communication • Missing or inadequate controls | • Corporate Governance Code • Sustainability programme • VAETS energy efficiency programme • Operating principles and related employee training • Personnel and Data Security Policy • Procurement Policy and Fair Rental Practice • Lumo sponsorship and grant programme • Roadmap for carbon-neutral energy use |
| Leak of confidential information concerning the operations of the company; failure to collect and process customer data in accordance with the relevant privacy policy (GDPR, e-privacy) | • Confidential or sensitive documents are stored in the wrong place or in violation of the right of access, contrary to instructions • Customer data is processed in violation of the principles of the GDPR • Customer’s rights guaranteed by GDPR are not respected • The processing of personal data is not planned, its risks are not assessed or there is no accountability • Processing activities are not described according to the process before the signing of contracts | • Guidelines for data protection and security matters and monitoring that the guidelines are followed • Data life cycle and risk management • Organising processes/projects and keeping responsibilities up to date • Access control • Maintenance of continuity plans and regular drills • Ensure the timeliness of reporting and controller operations in identifying possible deviations |
| The operations are not efficient, doing the wrong things or doing things inconsistently | • No processes critical to the operations have been defined or described • No general understanding of operational efficiency, responsibilities and tasks • Inconsistent organisation or organisational structure | • Supervisory work, clear job descriptions and responsibilities, clear measurable goals derived from the strategy, definition of key processes and procedures • Measuring and developing one’s own way of working and collecting and analysing customer feedback • Ensure sufficient controller functionality for measuring unit performance • Setting, prioritisation and regular monitoring of personal goals |
| Safety risks | ||
| Fires, water damage and vandalism on properties | • Fires and water damage • Equipment failures caused by the property’s equipment • Outdated or defective water pipes • Water damage or fire damage caused by construction defects • Consequences of power cuts | • Systematic maintenance and repair activities • Operating guidelines and models (VUKO) • Appropriate proactive safety efforts • Property insurance – full value insurance |
| Physical/psychological violence against staff | • Customer’s aggressive behaviour • Customers with drug and substance abuse problems • Mental health problems | • Technical safety systems (cameras and emergency button) • Appropriate proactive safety efforts • Safety instructions • Regular and adequate training • Insurance |
| Personal injuries, e.g. slips, playgrounds | • Inadequate anti-slip treatment • Inadequate snow removal/protection • Defective playground equipment • Inadequate guidelines and supervision | • Clear assignment of responsibilities in maintenance contracts • Appropriate proactive safety efforts • Safety training • Regular and adequate supervision • Insurance |
Page updated 23 February 2023