Risk management and internal control

The purpose of risk management is to promote the achievement of the Group’s goals.

Financial targets and guidance
Riskienhallinta

Risk management

Risk management aims to proactively identify and manage potential problems and to identify and seize business opportunities. Risk management supports the development and implementation of Aspo Plc’s strategy.

The purpose of risk management is that:

  • Aspo Plc has an effective risk management control model, and related processes integrated into its business management.
  • Managers have access to high-quality and up-to-date information about business risks and their control measures, providing support for decision-making.
  • The probability of the materialization of risks and unexpected events and their impacts on financial performance and reputation can be reduced effectively.
  • Risk management measures and selected control measures are based on Aspo Plc’s willingness to take risks and ability to tolerate risks.
  • Cooperation in risk management is effective between Aspo Plc’s different businesses.

The managers of the Group and its businesses are responsible for risk management. They are also responsible for determining sufficient measures and their implementation, and for monitoring and ensuring that the measures are implemented as part of the daily management of operations.

Risk management is coordinated by the CFO.

The Audit Committee monitors the effectiveness of the risk management systems and deals with risk management processes, plans and reports. Each business has a separate risk management program. Business risks and their management are discussed regularly by the management teams of the
businesses. The Group’s shared functions ensure that sufficient risk assessment and reporting procedures are incorporated into the processes they are responsible for. The Group’s administration is responsible for Group-level insurance plans. 

Characteristic risks in each business area are identified in the business units, assessed in the business units’ management teams, and reported to the subsidiaries’ Boards of Directors and, if necessary, also to Aspo Plc’s Board of Directors or the Audit Committee.

Risks are continuously assessed, and their management is discussed in the business units’ management teams. Risk assessments are updated in accordance with Aspo Plc’s management policy, and the most noteworthy findings are presented in the quarterly interim reports. Financial risks, their management principles and the related organizations are presented in the notes to the financial statements.

Risks and near-term uncertainties

Board of Directors' Report 2025

Key uncertainties in Aspo’s financial results are related to demand and, to some extent, the market price development of sea transportation, as well as the volume and price development of products sold by Telko. These conditions are impacted by general economic development. In recent years, economic growth, and especially industrial production in Europe, have been very weak.

Delays in the recovery of, or a further decline in, economic activity could have a negative impact on the businesses of Aspo’s customers and thereby also on Aspo’s financial performance.

Continued geopolitical tensions, including the ongoing war in Ukraine, increased security concerns in the Baltic Sea, conflicts in the Middle East, and trade tensions between the major economies, continue to cause high uncertainty and rapidly evolving operating environments for Aspo’s businesses. This could negatively impact the volumes and margins of Aspo’s business. These factors may reduce overall economic growth, impact energy prices, disrupt vessel traffic and cause cost increases, disrupt the supply chain, and change trade flows.

The prolongation and possible expansion of geopolitical tensions could negatively impact commercial activities in Aspo’s market areas. An increase in global tensions could weaken operating conditions in all Aspo’s businesses.

Geopolitical tensions may increase fluctuations in currency rates. Currency rate changes could negatively impact Aspo’s financial performance and balance sheet. 

Aspo has derivatives in hedge accounting, which relate to the remaining USD 180 million investment in the four Green Handy vessels, the temporary effect of which impacts Aspo’s equity. The hedge result is recognized in the acquisition cost of the vessels when the investment is paid. 

In line with its strategy, Aspo aims to increase earnings by investing in sustainable vessels and through acquisitions. There are uncertainties about the future profitability of these investments. Strategy execution may reduce free cash flow, leading to a deterioration of the balance sheet and reducing solvency.

Aspo announced in November 2025 that it would continue the strategic evaluation of the company, with the main alternatives including a divestment of ESL Shipping or a possible partial demerger of the company. Related uncertainties may impact the timing and outcome of these strategic initiatives.

Changes in environmental legislation and uncertainty in the timing of the green transition may impact the competitiveness of Aspo’s businesses, and the competitiveness of key principals and customers for Aspo’s businesses. This could negatively impact the volumes and margins of Aspo’s business.

Aspo’s operations depend on the availability of IT systems and network services. The unavailability of these services can cause disruptions to business operations. Recent geopolitical tensions have increased the threat of cyber incidents.

Because the future estimates presented in this Board of Directors’ report are based on the current understanding, they involve significant risks and uncertainties, due to which actual future outcomes may differ from the estimates.

Internal control

The objective of Aspo Plc’s internal control is to ensure the profitability and efficiency of operations, reliable financial reporting, and compliance with the applicable laws and regulations and the agreed practices and operating principles. Aspo Plc’s internal control includes the control integrated into the business processes, the Group’s management system, and financial reporting covering the entire Group. Internal control is an integral part of the company’s management, risk management and administration.

The aim of internal control is to create sufficient certainty of goals and objectives being reached in terms of the following:

  • Operational profitability and efficiency and capital management
  • Reliability and integrity of financial and operational information 
  • Compliance with laws, regulations and agreements, as well as ethical principles and social responsibility
  • Safeguarding and responsible management of assets and brands

The responsibility to arrange internal control lies with the Board of Directors and the CEO both at Group level and in the different businesses. The internal audit function supports the Group and business management in their internal control responsibility, and the aim is to provide Aspo Plc’s Board of Directors with sufficient certainty of the effectiveness of internal control. The Audit Committee monitors the operations and effectiveness of the company’s internal control at its meetings and reviews the plans and reports of internal control.

Financial reporting

The control of financial reporting is based on monitoring business processes. The information for financial reporting is created as business processes progress, and the responsibility for accurate information is shared by all participants in the process. The financial reporting process is decentralized and it is monitored by the Audit Committee.

Consolidated financial statements are prepared in accordance with the IFRS standards as adopted by the EU. The financial statements of the parent company and the Finnish subsidiaries are prepared in accordance with the Finnish Accounting Standards. Each separate company complies with the legislation of the country the company is located in, but reports the information in accordance with Aspo’s internal accounting guidelines. Separate companies may have their own chart of accounts, but all information is consolidated based on a common chart of accounts to the unit level, where its reliability is assessed before the information is transferred to Group level.

Aspo Group’s financial information is verified and assessed on a monthly basis. In each phase, the unit responsible for the quality and generation of information will assess its reliability. The Group-level monitoring and reconciliation mechanisms are used on a monthly basis.

The systems required for financial reporting are decentralized and used in accordance with the principles of internal control. The achievement of the set targets is monitored on a monthly basis within the Group’s consolidation and reporting system. In addition to actual and comparison figures, the system provides up-to-date forecasts. The reports are provided for Aspo’s Board of Directors monthly. The Board of Directors assesses the Group’s position and future based on the information provided.

In addition to the Audit Committee, the reliability of reporting and processes is assessed by an independent external audit firm.

Internal audit

Internal audit assists the Board of Directors in its control responsibility by, amongst other things, assessing the level of internal control maintained to achieve Aspo Plc’s operational targets. Internal audit supports the organization by assessing and verifying the effectiveness of business processes and risk management, as well as management and administration.

The operating principles for internal audit are approved as a part of the internal control principles provided by the Board of Directors. The Group’s SVP, Legal and Sustainability, is responsible for the coordination of internal audit activities, and internal audit findings are reported to the CEO, the Audit Committee and the Board of Directors. Internal audit is organized corresponding to the size of the Group. Additional resources and special expertise are acquired if necessary.

Audits are based on risk assessment. The target of the assurance work and assessment include the profitability and effectiveness of operations, the reliability of financial and operational reporting, compliance with laws, and the safeguarding of assets. Written audit reports are prepared and distributed to the Group’s CEO, the senior management of the audited business, and the management of the audited operation or unit. Internal audit prepares a summary report on conducted audits, the most significant findings and agreed measures at least quarterly for the Audit Committee of Aspo Plc’s Board of Directors. The Audit Committee monitors the operations and effectiveness of the company’s internal audit at its meetings and reviews the plans and reports of internal audit.

With the regulatory changes in sustainability reporting, Aspo will integrate sustainability reporting as part of its risk management and internal audit processes in the next few years.

Quick links

Updated: 01.04.2026