Consti Plc’s risk management procedures and internal control are based on the Finnish Limited Liabilities Companies Act, Articles of Association and the Company’s internal plan. Consti´s Board of Directors has confirmed the Company´s risk management principles, the duties and responsibilities and the guidelines for the risk management and internal auditing administration.
RISK MANAGEMENT PRINCIPLES
The central principle of Consti’s risk management is continuous, systematic and pre-emptive action to identify risks, define the level of risk the Company accepts, evaluate and handle risks and, in the event of risk realisation, see to their effective management and administration so that the company will meet its strategic and financial goals. Risk management is a part of the Company’s management, monitoring and reporting systems. Risk management includes risk identification, evaluation and risk contingency planning.
Consti’s strategic and operative goals are used as a basis for identifying risks. Risk analysis and evaluations are conducted as self-assessments. The probability of a risk materialising and the impact this would have is evaluated on a scale of 1-4 as defined in the Company’s risk principles.
RISK MANAGEMENT RESPONSIBILITIES AND ORGANISING
Consti’s Board of Directors duty is to confirm the Company’s risk management principles and evaluate the adequacy and appropriateness of risk management. The CEO is responsible for the Company’s risk management and its organisation, allocating resources for the work and reviewing the risk management principles. The Group’s Management Team is responsible for the actualisation of risk management, operative risk monitoring and risk related actions.
Financial and operational risks, as well as actions taken, are regularly reported to the Management Team. Strategic and sustainability risks are handled annually together with the strategy. Risk reports are assessed by the Board, the Management Team and in the business areas’ own management teams.
Central risks and risk management actions are reported yearly in the annual report and interim reports.
CENTRAL RISKS
Consti divides risks to the Company’s business into four categories: strategic, operational, financial, and risks of injury or damage.
Strategic risks
There are risks associated with defining and implementing strategy. Consti’s strategic aim is to achieve growth in construction and building technology by responding to the demand created by the ageing building stock, urbanisation, and climate change.
There is a possibility that Consti may fail in defining or implementing its strategy, achieving the related financial targets, or managing strategic risks. Even if Consti succeeds in executing its strategy, this does not guarantee that the chosen strategy will prove successful under changing market conditions. To manage strategic risks, Consti continuously monitors developments in its operating environment and assesses changes in the political, economic, social, technological, ecological, and legislative landscape, as well as the actions these changes may require in business operations and management.
Weak economic growth and general uncertainty in the economy are tightening the overall construction market, most notably in new-build projects. The renovation sector, which is Consti’s primary focus, is less sensitive to economic cycles than other construction segments. However, in renovation, rising costs and a subdued economic climate may lead customers to postpone investments, potentially reducing demand for Consti’s services. Market risks are managed by actively monitoring market developments and adjusting operations as necessary. In addition to the tightening overall market, market risks also include increasing competition for skilled employees and suppliers.
Consti strives to ensure that its services are of the highest quality and comply with all regulatory requirements applicable to Consti and its business operations. Factors beyond Consti’s control, such as adverse publicity – whether fact-based or not – may negatively affect customer behaviour and Consti’s operations. Reputational risks may also weaken Consti’s ability to recruit and retain key personnel and other staff members if its reputation is damaged.
Consti’s strategy includes both organic growth and acquisitions. Mergers and acquisitions carry risks, such as the accuracy of the financial assumptions regarding the acquired business and the success of integration. Consti manages acquisition-related risks through thorough preparation of transactions and careful monitoring of integration. Consti has joint operating models and guidelines for matters such as tender calculation, financial reporting, environmental issues, and occupational safety, which aim to ensure successful integration.
There are risks associated with the business environment. Global factors such as geopolitical crises, economic uncertainties, social tensions, and technological threats all influence the operating climate. In addition, unexpected external shocks can lead to changes in the business environment. Such disruptions and threats may quickly transcend national borders, thereby impacting Consti’s operating landscape. Key risks affecting Consti’s domestic business environment include uncertain demand and cost pressures, such as rising labour costs and unpredictable energy price development, as well as structural constraints like labour shortages and slow productivity growth. Furthermore, the state of public finances and increased caution from banks may restrict access to financing or raise the cost of capital.
Operational risks
Operational risks are associated with customers and project activities, personnel, subcontractors and suppliers, as well as legislation and legal claims.
Consti’s business operations are predominantly project-based. Project business inherently involves risks that may directly affect the profitability and reliability of project delivery. Project risks may arise from unsuccessful project selection, which can result in undertaking projects lacking the financial or operational prerequisites for success, thereby weakening their overall profitability. In addition to project selection, there is also the risk of failure in the tendering process, which may be due to shortcomings in cost estimation or contract preparation. Such failures can, among other things, lead to unexpected contractual liabilities or erroneous pricing decisions. Consti seeks to manage the risk of unsuccessful project selection through careful preparation of cost decisions and project selection. In the tendering process, key elements include internal cost calculation, risk assessment, and decision-making authority, for which Consti has jointly agreed procedures.
Non-functioning production and business processes, or deviations from established procedures, undermine the manageability and predictability of projects. This increases the likelihood of, for example, operational risks relating to quality, scheduling, and costs. The aim is to manage the effectiveness of production processes through process development and systematic adherence.
Consti has a broad customer base, comprising housing companies, municipalities and other public sector entities, property investors, as well as businesses and industrial clients. This diversified customer portfolio reduces both project-specific and market-related risks. However, changes in customer needs or operating models may affect the demand for services and ways of working. Such changes may include shifts in implementation methods, requirements for energy efficiency, and other demands related to sustainable construction. These changes could present a risk if Consti is unable to provide services in line with the new requirements. To manage this, Consti monitors and seeks to identify these changes as early as possible, taking the necessary decisions and actions to respond accordingly.
Consti utilises subcontractors, particularly for project-based work phases requiring specialist expertise and to balance seasonal fluctuations. Should there be any deviations in quality, delivery, or schedule within the subcontracting process, this may increase the qualitative or scheduling risks associated with the main contract and result in additional costs. Risks related to subcontracting and subcontracting processes are managed through long-term partnerships, strict adherence to procurement procedures, appropriate subcontracting agreements, and by ensuring compliance with statutory obligations regarding client responsibility.
Consti’s success is largely dependent on its ability to attract, motivate and retain skilled personnel, as well as to maintain and develop the expertise of its workforce. The risks associated with staff turnover are mitigated by ensuring continuous training and supporting self-directed learning. Personnel risks also include potential human error and misconduct. These risks are addressed through diligent recruitment, induction, supervision, along with ethical codes of conduct established for supervisors.
Consti’s operating opportunities are influenced by changes in regulations concerning construction, environmental protection, labour legislation, occupational safety, taxation and financial reporting. Adapting to new regulations may give rise to cost risks should compliance require investment in new technology, specialist services or personnel training. Furthermore, regulatory changes may alter market conditions or necessitate new business models, making the assessment of regulatory impacts on business practices and models increasingly important. Consti actively monitors and evaluates changes in legislation and regulatory requirements.
Consti may become a party to, or the subject of, legal proceedings, arbitration, administrative, regulatory or other similar procedures, for example, if unresolved disputes arise between Consti and its clients or counterparties regarding project scope, responsibilities related to potential delays, or claims for compensation stemming from construction, material, or workmanship defects. Risks related to legislation and legal claims are addressed through diligent contract preparation, project planning and monitoring, high-quality workmanship, and liability insurance. Group companies currently have ongoing or pending legal proceedings associated with ordinary business activities. The outcome of these proceedings is difficult to predict; however, provisions based on the best possible estimate have been recognised in cases where deemed necessary.
Risks relating to injuries or damage
Risks pertaining to injuries or damage include environmental risks, ICT risks and accident risks. The most significant environmental risks arise from the potential release of harmful substances into the environment, for example, due to negligence in the handling or final disposal of demolition waste. During operations, noise, vibration and construction dust may affect the surrounding area. Consti prepares environmental plans for its sites, identifying and seeking to prevent project-specific environmental risks or mitigate adverse impacts.
Consti complies with all applicable laws, regulations, permit conditions and official requirements relating to construction, the use, storage, recycling and disposal of construction materials, as well as other environmental matters. The final disposal of waste is documented by collecting consignment notes and documentation for the entire supply chain.
Information technology and communications risks are assessed and managed through cooperation between the Group’s ICT function, business areas and external partners. The Group has established guidelines and procedures to reduce and control risks related to information technology and data security. The main objective is to ensure the high availability of information systems and rapid recovery in the event of a problem. Consti is partially dependent on information systems developed by third parties for some of its operations. System failures or the loss of critical data may occur for a variety of reasons. Risks have increased in relation to cybercrime, including data breaches, targeted attacks, phishing attempts and invoice fraud.
Occupational safety matters are a central part of Consti’s induction practices. Site safety management is based on project-specific risk analyses. Measures are described both in separate safety plans and as part of production and work phase plans. Where necessary, dedicated safety plans are prepared for critical work phases.
Financial risks
Consti is exposed to financial risks in its business operations. Financial risks include those related to financial reporting as well as risks associated with financing.
The recognition of net sales from long-term construction and service contracts involves the risk that the net sales and profit recognised over time in individual financial periods may not correspond to an even allocation of the final total result over the contract term. Calculating the total contract result involves estimates of both the total costs required to complete the contract and the progress of billable work. Any changes in estimates of the contract outcome are recognised in the period in which the change is first identified and can be reliably estimated.
Goodwill is assessed for impairment annually or more frequently if required. The impairment test for goodwill necessitates the determination of the recoverable cash flows of cash-generating units, which relies on management’s estimates. These estimates are based on the best possible information available as at the reporting date regarding future prospects and prevailing market conditions. Should these estimates not be realised, any write-downs of goodwill may have an adverse impact on the company’s profit or financial position.
Consti is exposed to interest rate, credit and liquidity risks in its operations. Exposure to fluctuations in market interest rates is primarily attributable to the Group’s long-term variable rate loan liabilities. Consti monitors the sensitivity of its interest-bearing debt to changes in interest rates and the effect of such changes on the Group’s financial performance.
Consti’s credit risk relates to customers with outstanding receivables or long-term agreements, as well as to counterparties for cash deposits and potential derivative contracts. Business credit risk is managed, among other means, through front-loaded payment schedules for projects and assessment of customer creditworthiness. The majority of Consti’s business is based on established, reliable customer relationships and industry-standard contractual terms.
Consti seeks to ensure the availability and flexibility of financing through adequate credit facility reserves and sufficiently long loan maturities. The Group’s capital management aims, among other things, to ensure compliance with the covenant requirements associated with interest-bearing debt, as well as other conditions that determine the requirements imposed on the capital structure.The level of financial covenants is continuously monitored and assessed in relation to both actual and forecast net debt and EBITDA.
INTERNAL CONTROL AND AUDIT
Internal control aims at protecting the Company and its business areas’ resources from wrongful use; it makes sure all business transaction are authorised in the necessary manner, supports IT system management and ensures the reliability of financial reporting. In Consti, internal control is foremost the responsibility of line management, which is supported by the Group’s support functions. A third level of internal control is made up of internal and external audit, which confirm that the first two levels of control function efficiently.
Consti does not have a separate corporate audit function, as internal control responsibilities have been divided inside the corporation between different functions and areas. Consti’s external auditor’s audit plan takes into consideration that the Company does not have a separate corporate audit function.