Internal risks

Strategic risks

In addition to acquisitions, organic growth is an important part of Pöyry's growth strategy. The key risk in achieving this strategic goal is the potential lack of required resources.

Risks with the one-brand strategy
In 2006 the Group adopted a one-brand strategy. The risks related to the Group's reputation and international recognition arising from the one-brand strategy are addressed by introducing brand management procedures, which are currently under preparation, and by adhering to scrupulous business practices, as stipulated in the Group's operating guidelines.

Operational risks

Assignments
Consulting assignments. About nineteen (19) per cent of Pöyry's business consists of management consulting, technical consulting and other similar advisory services. According to common practice in the consulting business, Pöyry aims to restrict inherent liability risks by using standard contract terms and insurances, and these assignments typically do not involve significant liability risks. Advisory services occasionally involve a risk related to receivables. Front-loaded and regular payment schedules are used to minimise such risks.

Engineering and other project services assignments. About eighty (80) per cent of Pöyry's business is derived from project services such as basic and detail engineering, procurement assistance, project and construction supervision, and project management and other site services. The projects are carried out on a fixed-price, ceiling-fee or time-charge basis. Fixed-price and ceiling-fee projects contain the risk of involving more professional work or time than estimated as a result of inaccurate time and cost estimates, performance delays, disputes about compensation for additional or changed services, inexperienced staff or other unexpected circumstances. Quality management and project review systems have been implemented throughout the Group to avoid and mitigate such risks. Regular project reviews are conducted. The work in progress, changed and additional work and receivables are assessed and recorded in the project accounting and risk management system. The project manager plays the key role in project risk management. The project manager manages and controls the project from bid preparation to final acceptance. Training is provided to project managers in the whole sphere of their activities.

EPC and O&M projects. About one (1) per cent of Pöyry's business is derived from engineering, procurement and construction (EPC) projects and operation and maintenance (O&M) service projects. EPC projects typically contain the project management, engineering, equipment procurement, construction, erection, commissioning and testing of the plant. O&M projects consist of the running of the plants for the client including maintenance work. Because of the specific risks related to EPC and O&M projects, this type of business is undertaken only by the Energy business group, where the combined value of such projects has been limited to about thirty (30) per cent of the business group's annual sales. Separate risk management policies and instructions have been issued for EPC and O&M projects with detailed instructions regarding risk evaluation and control mechanisms and regular project audits at site.

Public-sector and institutionally financed assignments. In about twenty-five (25) per cent of Pöyry's assignments the client is from the public sector or is an institutional investor. It is characteristic of these service contracts that liabilities cannot always be limited according to the Group's policies. Due to this particular risk, separate project and risk management guidelines and procedures have been defined for the business units which are engaged in this business.

Public-sector assignments are awarded according to public procurement, which involves the risk of tough price competition. In addition, public-sector decision-making involves the risk that the decision concerning the use of public funds for a specific project may be changed, delayed or cancelled, when political decision-makers are replaced.

Partners
A fair amount of projects is conducted in co-operation with subcontractors, in consortiums or with other co-operation partners. Partner risks relating to the performance or financial standing of the partner can involve risk for Pöyry. Performance related liability risks are transferred with contractual back-to-back arrangements to each respective co-operation partner to the extent possible. In addition, the Group's risk management instructions require checking of the co-operation partners' financial status and professional quality standards.

Liability
Professional services provided to clients involve liability risks. These risks may relate to a failure to deliver services in accordance with agreed professional standards, to calculation and similar errors and to performance delays. To mitigate such risks, special emphasis has been placed on the quality management and control systems in projects, and on limitation of professional liability in contracts. The business groups provide regular training for project management including proposal and contract management. In order to cover professional and general liability risks, the Group has a global liability insurance programme. The risk with liability insurances is the availability and pricing of such cover. Furthermore, certain professional risks are not covered under liability insurances, so the risk may fall on the Group.

Human resources
Pöyry's business success depends on its professional staff. The availability of qualified professionals is an important factor for the growth and profitability of the business. Pöyry's image as an employer is good and the Group aims at maintaining this image by being a pioneer in its own field of business. Group-wide HR processes are being developed and implemented, including recruitment of additional HR personnel.

Information technology
Pöyry's operations are largely dependent on the use of information and communication technology systems. Malfunctioning or limited access to the systems can negatively affect the operations of the Group. Measures have been taken to limit the effects of external influences on the systems and include a backup of data as well as the use of firewalls, virus scanners and access security.

Financial risks

The Group has exposure to the following risks:

• credit risk
• liquidity risk
• market risk

The Group's sales relates to project assignments in around 60 countries of which only three countries represent more than 5 per cent of Pöyry's annual sales (Finland 19 per cent Germany 12 per cent, Brazil 7 per cent).

The Group's client profile and the spread of its sales between numerous clients reduce the exposure to credit risks. No single client represents sales transactions exceeding 4 per cent of the Group's revenues. Credit rating procedures, internal follow-up of overdue receivables and a contract policy of balance between work performed and payments received further reduce the Group's credit risk exposure.

Overdue accounts receivable are reported and monitored by the management on a monthly basis. Overdue accounts receivable for more than 60 days are reported by client including reasons for delay and actions taken or planned.

The Group establishes an allowance for impairment that represents its estimate of incurred losses. An allowance for impairment of 50 per cent is made for amounts which are overdue more than 180 days, except for amounts related to international institutions, government or municipality controlled entities. Notwithstanding the client category, an allowance for impairment of 100 per cent is made for amounts which are overdue more than 360 days. Any deviation from the above rules and the reason for it shall be disclosed in the internal reporting.

Investments are allowed only in liquid securities and only with counterparts that have a good credit rating, and are subject to both specified limits and approval procedures.

Liquidity risk
Liquidity risk is the risk that the Group will not be able to meet its financial obligations as they fall due.

To ensure that funding is obtainable and to minimise the cost of funding, the Group shall have a minimum liquidity corresponding to an average of one month's expenses and committed overdraft facilities corresponding to a minimum of half a month's average expenses. The Group's objective is to minimise the total cash needed for operations by both in-country and cross-border cash pools with both external and internal overdraft facilities.

Current loans, if significant, must not exceed twenty (20) per cent of the total amount of the Group's loans, and the average maturity of non-current debt shall be at least three years.

Market risk
Market risk is the risk that changes in market prices, such as exchange rates, interest rates will affect the Group's result. The objective is to manage and control market risk exposures within acceptable limits.

Currency risk. Transaction risks, operational: About 10 per cent of the Group's net sales are normally exposed to a foreign currency risk. The Group hedges project transaction cash flows denominated in a foreign currency by using forward exchange contracts and states them at fair value recognised in the income statement. Speculative forward contracts without a connection to a business operation are not allowed. The hedging is made by the companies according to the Group's hedging policy.

Transaction risks, financial: According to the Group's financing policies the parent company conducts financing and subsidiaries are not allowed to take up loans from external parties. The parent company grants loans to Group companies if considered necessary, justified or otherwise to be in the best interest of the parties. As a rule, to centralize the currency risks to the parent company, loans are drawn in each company's domestic currency. The parent company has not any loans in foreign currencies, and thus the Group's financial exposure consists mainly of the Group's internal loans between the parent company and subsidiaries, which have not been externally hedged.

The Group level currency risks above arise when the companies have receivables, liabilities or other commitments in another than their home currency.

Translation risks: The profits generated by the foreign subsidiaries are in general repatriated annually and the estimated annual net profit is mainly hedged with forward contracts on a quarterly basis.

The currency exposure and hedging need related to share capital and other restricted equity in foreign subsidiaries is reviewed on an annual basis but as the main principle remains that the translation exposure of investments in foreign subsidiaries is generally not hedged. If the Group needs external funding the preferred currency is chosen so that part of the foreign equity can be hedged by raising loans in the same currency.

Interest rate risk. The Group's policy is to achieve a balance between the maturity of long-term loans and the corresponding interest rate level. In case of essential interest rate level differences, the Group enters into interest rate swaps to achieve this target. The total amount of the interest bearing loans was at the year end EUR 8.9 million of which 3.5 million were covered by interest rate swaps. A change of one (1) per cent in the interest rate effects the interest expense by EUR 0.1 million.

Other market price risk. No other significant market price risks have been identified.