Enterprise Risk Management

Risk and opportunity management is of paramount importance to EADS, considering the complex and volatile business environment in which EADS operates. A comprehensive ensemble of risk and opportunity management activities across EADS make up the EADS Enterprise Risk Management (“ERM”) system.

The objective of the ERM system is to create and preserve value for EADS’ stakeholders. It is designed and operated to effectively identify potential events that may affect EADS, manage risk to be within the defined risk tolerance, identify and manage opportunities, and provide reasonable assurance regarding the achievement of targets. Top risks and opportunities are reported quarterly to the Board of Directors. To achieve this, EADS seeks to have one integrated, consistent, comprehensive, efficient and transparent ERM system, using the same understanding, practice and language. It seeks to embed the risk management philosophy into the EADS culture, in order to make risk and opportunity management a regular and everyday process for employees.

The Board of Directors and EADS top management regard ERM as a key management process to steer the Company and enable management to effectively deal with risks and opportunities. It is designed to achieve the following:

• strategy: the selection of high level strategic objectives, supporting the EADS vision and consistent with risk appetite;
• operations: the effectiveness and efficiency of operations and resource allocation; the delivery of products on time and in accordance with cost and quality objectives; the capability to achieve performance and financial targets; the implementation of risk-enabled decisions and managerial processes;
• reporting: reliability of reporting and especially of financial reporting; and
• compliance: compliance with applicable laws and regulations.

An integrated, comprehensive and lean organisation and process for risk management is necessary to ensure that EADS has a view on risks and opportunities, and that important processes, programmes and projects are covered.

The objectives, principles and process for the ERM system as endorsed by the Board of Directors are set forth in the EADS ERM Policy and communicated throughout the Group. The EADS ERM Policy is supplemented by various manuals, guidelines, handbooks, etc. The ERM system is based on the Internal Control and Enterprise Risk Management Framework of the Committee of Sponsoring Organisations of the Treadway Commission (COSO II). External standards that contribute to the EADS ERM system include the Internal Control and ERM frameworks of COSO, as well as industry-specific standards as defined by the International Standards Organization (ISO).

The ERM system comprises an integrated hierarchical bottom-up and top-down process to enable better management and transparency of risks and opportunities. At the top, the Board of Directors and the Audit Committee discuss major risks and opportunities, related risk responses and opportunity capture as well as the status of the ERM system, including significant changes and planned improvements. This is based on systematic bottom-up information including management judgement. The results are then fed back into the organisation. The design of the ERM system seeks to ensure compliance with applicable laws and regulations with respect to Internal Control (“IC”) and Risk Management (“RM”). It addresses both IC and RM in parallel.

The ERM process consists of the following four elements:

The governance structure and related responsibilities for the ERM system are as follows:

• the Board of Directors and Audit Committee supervise the overall effectiveness of the ERM system;
• the EADS Chief Executive Officer is responsible for an effective ERM system, the related internal environment (i.e. values, culture) and risk philosophy. He defines the level of risk that EADS wishes to accept on a corporate level;
• the EADS Chief Financial Officer is accountable for the ERM system design and the implementation of the ERM process throughout EADS;
• the EADS ERM department guides the ERM implementation and configuration throughout the Group and is headed by the EADS Chief Risk Management Officer;
• the Divisions, Business Units and Headquarters’ departments assume responsibility for the operation and monitoring of the ERM system. They seek to ensure transparency and effectiveness of the ERM system and adherence to its objectives. They take responsibility for the implementation of appropriate response activities to reduce probability and impact of risk exposures, and conversely for the implementation of appropriate responses to increase probability and impact of opportunities. They are responsible for the communication of risks and opportunities which affect others within EADS.

EADS has established recurring ERM self-assessment mechanisms, to be applied across EADS. This seeks to allow EADS to reasonably assure the effectiveness of its ERM system. The ERM effectiveness assurance comprises the following components and related objectives:

• ERM process: Needs to be present and functioning throughout EADS without any material weaknesses and needs to fulfil the EADS ERM Policy requirements;
• risk appetite: Needs to be in accordance with the EADS risk environment;
• ERM IC system: Needs to have an effective IC system for the ERM process in place.

For the coverage of all of its activities, EADS has defined 20 high level business processes. In order to achieve ERM effectiveness, the ERM process as an overlaying process is an integral part of all other business processes and needs to be operated. ERM effectiveness is assured if the achievement of the ERM process objectives is secured by adequate ERM controls which are operating effectively throughout the organisation and are within the respective risk appetite level.

Operating effectiveness is measured inter alia by judging on major failings in the ERM system which have been discovered in the business year or any significant changes made to the system.

When the ERM system is determined to be effective, the Board of Directors and the EADS CEO and EADS CFO have reasonable assurance and are made aware, in a timely manner, of the extent to which EADS is moving toward achievement of its strategic and operational objectives, and that EADS’ reporting is reliable and applicable laws and regulations are being complied with.

The combination of the following controls is designed to achieve reasonable assurance about ERM effectiveness:

During 2010, EADS’ approach to ERM has been further developed and integrated into the business and is increasingly used as a management and decision making tool. The quality of the ERM system has improved. Major cornerstones are:

• implementation of new governance and a more structured process, as set forth in the updated EADS ERM Policy;
• establishment and progress on major Group-wide ERM improvement projects;
• increased focus on risk culture/understanding of ERM through joint efforts of top management and ERM department, including ERM training sessions;
• ERM compliance process successfully finalised for 2010, i.e. ERM confirmation letters were received and all ERM top management discussions took place;
• choice of one IT tool for ERM Group-wide and integrated roadmap.

Looking ahead, EADS seeks to:

• reduce risk criticality and encourage seizing of opportunity by use of the ERM methodology;
• further raise the quality of ERM in the organisation and further develop lean ERM effectiveness measurement;
• further implement and harmonise the Group-wide ERM IT tool;
• establish a skills model and career path for risk managers.

EADS continuously seeks to evaluate and improve the operating effectiveness of the ERM system. For example, in 2010, EADS conducted an internal audit of various business controls designed to ensure compliance with applicable laws and regulations. While progress continues to be made in this area – including through the roll-out of a revised Group Ethics Code (“Integrity & Transparency”) and implementation of a new ethics alert system (“OpenLine”) in 2010 – EADS will use the recommendations from this audit to further strengthen its business controls related to compliance in the future; decisions have already been made to modify reporting lines in the compliance organisation, and to implement a new process to be reflected in the book of EADS Corporate Management Principles and Responsibilities (“Blue Book”).

The Board of Directors believes to the best of its knowledge that the internal risk management and control system over financial reporting has worked properly in 2010 and provides reasonable assurance that the financial reporting does not contain any errors of material importance.

No matter how well designed, all ERM systems have inherent limitations, such as vulnerability to circumvention or management overrides of the controls in place. Consequently, no assurance can be given that EADS’ ERM system and procedures are or will be, despite all care and effort, entirely effective.

Based on EADS’ activities, 20 high-level business processes have been identified within EADS. They are categorised into core processes (research and development, production, sales, after-sales and programme management), support processes (corporate sourcing, Human Resources, accounting, fixed assets, treasury, information technology, mergers and acquisitions, legal and insurance) and management processes (strategy, corporate audit, controlling, compliance, enterprise risk management and management controls). These business processes, together with the corresponding ERM procedures, are designed to control process risks that have significant potential to affect the Group’s financial condition and results of operations. Below is a description of the main business processes at the respective headquarters’ level which were in place during 2010.

ACCOUNTING

At the core of EADS’ ERM system are accounting processes and controls designed to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements and other financial information used by management and disclosed to EADS’ investors and other stakeholders. The integrated approach to planning and reporting aims to improve internal communication and transparency across departments and organisational units within EADS.
The EADS financial control model defines the planning and reporting procedures that apply to all operational units of the Group, as well as the responsibilities of the Chief Financial Officer, who is charged with developing, implementing and monitoring these procedures. Among the Chief Financial Officer’s primary tasks is oversight of the preparation of the consolidated financial statements of EADS, which are prepared under the direct supervision of the Chief Accounting Officer (“CAO”). The CAO is responsible for the operation of the Group’s consolidation systems and rules and for the definition of Group-wide accounting policies which comply with IFRS, reporting rules and financial guidelines that ensure the consistency and quality of financial information reported by the Divisions and Business Units. EADS’ accounting policies are set out in a written accounting manual, which is agreed with the Company’s external auditors. Changes to the EADS accounting manual require approval by the CAO, and, where significant changes are involved, the Chief Financial Officer or the Board of Directors (based upon the advice of the Audit Committee).
Control of the financial planning and reporting processes is achieved not only through the development of Group-wide accounting systems and policies, but also through an organised process for providing information from the reporting units on a timely basis as an up-to-date decision-making tool to control the operational performance of the Group. This information includes regular cash and treasury reports, as well as other financial information used for future strategic and operative planning and control and supervision of economic risks arising from the Group’s operations.
During the course of each reporting cycle, the Business Unit chief financial officers are in regular contact with the Divisional chief financial officers, and frequently meet with the CAO and his responsible staff to discuss the financial information generated by the Divisions and Business Units.
Prior to being disclosed to the public and subsequently submitted for approval to the shareholders, the consolidated year-end financial statements are audited by EADS’ external auditors, reviewed by the Audit Committee and submitted for approval by the Board of Directors. A similar procedure is used for the semi-annual and quarterly closing. Group auditors are involved before EADS financial statements are submitted to the Board of Directors.

     Treasury

Treasury management procedures, defined by EADS’ central treasury department at Group headquarters, enhance management’s ability to identify and assess risks relating to liquidity, foreign exchange rates and interest rates. Controlled subsidiaries fall within the scope of the centralised treasury management procedures, with similar monitoring procedures existing for jointly controlled affiliates, such as MBDA.

     Cash Management

Management of liquidity to support operations is one of the primary missions of the EADS central treasury department. Regular cash planning, in conjunction with the planning/reporting department, as well as monthly cash reporting by the central treasury department, provide management with the information required to oversee the Group’s cash profile and to initiate necessary corrective action in order to ensure overall liquidity. To maintain targeted liquidity levels and to safeguard cash, EADS has implemented a cash pooling system with daily cash sweeps from the controlled subsidiaries to centrally managed accounts. Payment fraud prevention procedures have been defined and communicated throughout the Group.

     Hedge Management

Commercial operations generate material foreign exchange and interest rate exposures. A Group hedging policy is defined and updated regularly by the Board of Directors. In order to ensure that all hedging activity is undertaken in line with the Group hedging policy, the central treasury department executes all hedging transactions. The central treasury department conducts ongoing risk analysis and proposes appropriate measures to the Divisions and Business Units with respect to foreign exchange and interest rate risk. Subsidiaries are required to calculate, update and monitor their foreign exchange and interest rate exposure with the EADS central treasury department on a monthly basis, in accordance with defined treasury procedures. See “Management’s Discussion and Analysis of Financial Condition and Results of Operations — 2.1.8 Hedging Activities”.

      Sales Financing

In connection with certain commercial contracts, EADS may agree to enter into sales financing arrangements. In respect of sales financing at Airbus, an annual sales financing budget is defined as part of the EADS operative planning process. Sales financing transactions are approved on a case-by-case basis with the involvement of top management, in line with certain risk assessment guidelines and managed by a Group-wide integrated organisation.

SALES

Commercial contracts entered into by EADS’ operating subsidiaries have the potential to expose the Group to significant financial, operational and legal risks. To control these risks, Management has implemented contract proposal review procedures that seek to ensure that EADS does not enter into material commercial contracts that expose it to unacceptable risk or are not in line with the Group’s overall objectives. These procedures include (i) Board of Directors-approved thresholds and criteria for determining the risk and profitability profiles and (ii) a mandated pre-approval process for contracts defined as “high-risk”. Contracts falling within the defined threshold categories require approval by the respective Divisional chief financial officer. Contracts that are deemed “high-risk” and/or exceed certain thresholds must be submitted to a standing Commercial Committee (with the Chief Financial Officer and the Chief Strategy and Marketing Officer serving as Chairmen, and a possible escalation to the Chief Executive Officer when needed). This committee is responsible for reviewing the proposal and giving recommendations when necessary, based on which the concerned Business Unit is allowed to remit its offer. In the case of Airbus, contracts are approved in accordance with Airbus’ own corporate governance policy, based on EADS guidelines which follow the same principle. In general, where EADS shares control of a subsidiary with a third party, the Commercial Committee is responsible for developing the EADS position on proposed commercial contracts.

LEGAL

EADS is subject to myriad legal requirements in each jurisdiction in which it conducts business. The mission of the EADS Legal department, in coordination with the Division and Business Unit legal departments, is to actively promote and defend the interests of the Group on all legal issues and to ensure its legal security at all times. By carrying out this mission it is responsible for implementing and overseeing the procedures designed to ensure that EADS’ activities comply with all applicable laws, regulations and requirements. It is also responsible for overseeing all major litigation affecting the Group, including intellectual property.
The EADS Legal department, together with the Corporate Secretary, also plays an essential role in the design and administration of (i) the EADS corporate governance procedures and (ii) the legal documentation underlying the delegation of powers and responsibilities which define the EADS management and its IC environment.

CORPORATE AUDIT

The EADS Corporate Audit department, under the direction of the Corporate Secretary, provides assurance to the Executive Committee and Audit Committee Members based upon a risk-oriented approved annual audit plan. The Corporate Audit department (i) reviews the achievement of the Group’s strategic, financial or operational objectives, (ii) reviews the reliability and integrity of Group reporting, (iii) reviews the effectiveness of the ERM system, (iv) reviews the efficiency and effectiveness of selected processes, entities or functions and (v) reviews compliance with laws, regulations, Group guidelines and procedures. Corporate Audit also conducts ad hoc reviews, performed at the request of management, focusing on current (eg, suspected fraudulent activities) and future (eg, contract management and programme management) risks.

CORPORATE SOURCING

The performance of EADS is to a large extent determined through its supply chain. Therefore, sourcing is a key lever for EADS in its marketplace.
EADS’ size and complexity requires a common approach to maximise market levers and to avoid inefficiencies in the procurement process. To help ensure that sourcing is carried out in the most effective, efficient and ethical manner, a set of common procurement processes, which support a common sourcing strategy and ultimately the Group strategy and vision, is defined by the head of Corporate Sourcing and the Chief Procurement Officers Council.
The common approach and processes are then implemented and optimised across all Divisions through the sourcing networks. These sourcing networks comprise representatives from all Divisions. They are tasked by the EADS Chief Procurement Officers Council to define and roll out across EADS strategic sourcing topics such as Supplier Relationship Management, Common Processes and Tools, Global Sourcing, Joint Procurement, Compliance, Corporate Social Responsibility, and Procurement Performance Management. The procurement processes are regularly reviewed by means of performance indicators, audits and self-assessments and thus consistently challenged and optimised.

COMPLIANCE

See “Compliance section” below.