Risk management
Van Oord’s activities inherently involve strategic, operational, financial and compliance risks. An integrated and structured approach is needed to identify, assess and manage risks in line with our long-term objectives of creating value for our clients, society and environment.
Van Oord’s Executive Committee is responsible for an effective risk management and internal control system, supported by our Integrated Risk Management framework that aligns risk activities across projects, business units and corporate functions and is built on standards such as ISO 31000 and COSO (Committee of Sponsoring Organisations of the Treadway Commission). This framework enables informed decision-making, promotes accountability and risk awareness, and embeds risk management throughout the organisation.
Risk management process
Van Oord’s risk profile is dynamic and shaped by periodic risk assessments at the corporate and business unit levels. These assessments consider likelihood, impact and mitigation effectiveness and inform the key risks disclosed in this report. Trends and forecasts are evaluated to examine how developments can influence overall performance and risk maturation.
Governance
Risk management is embedded throughout the organisation. Corporate and business unit risk committees meet quarterly to review risks, define and implement mitigating measures, and ensure cross-functional and inter-business unit alignment where appropriate.
Project risk management
A structured project risk process supports decision-making throughout the acquisition, tender and execution phases:
-
Stage gate approach: All tenders and projects are categorised according to their risk profile to ensure early identification and appropriate management of key risks.
-
Risk registers and mitigation: Mitigation planning and continuous improvement are informed by standardised risk registers, provisions informed by backtesting, scenario analyses and lessons learned.
-
Risk tolerance model: The overall risk exposure is periodically assessed versus Van Oord’s risk tolerance based on a model that integrates historic data, risk capacity and tolerance indicators.
Digital enablement
Aligned with our Founding the Future programme, digital tools and data analytics increasingly support risk identification, monitoring and reporting, which improves the quality and consistency of risk insights. For example, automated dashboards and statistical analyses are being developed to detect emerging risk patterns and assess potential impacts, supporting timely and targeted mitigation actions.
Learning, change and communication
A culture of learning and shared responsibility underpins our approach to risk management. Training, communication and structured feedback loops reinforce awareness and capability across the organisation.
Policies and procedures
Policies are reviewed to reflect evolving standards and organisational needs. All policies and procedures are accessible through the Van Oord Management System.
Risk appetite
Van Oord accepts a certain degree of risk to achieve its objectives. We aim for a healthy balance between risk and return, recognising that investments are required to remain competitive and realise our long-term objectives. Risks are carefully considered, with proper controls in place. Our risk appetite per risk type is as follows:
-
Strategic risks: We apply a balanced risk appetite. We pursue opportunities where possible while remaining realistic about what can be achieved in a volatile and complex international environment.
-
Operational risks: We maintain a cautious to balanced risk appetite, limiting exposure through diversification, and structured project and portfolio management. For safety risks, we are cautious as safety always has the highest priority. For cybersecurity risks, we are averse due to the potentially severe impact on operations.
-
Financial risks: These include currency, interest rate, liquidity, commodity and counterparty risks. We have a cautious risk appetite to safeguard our financial position, cash flow and compliance with banking covenants.
-
Legal & compliance risks: We maintain an averse risk appetite and zero tolerance for non-compliance or behaviour that breaches integrity, reflecting our commitment to ethical and responsible business conduct.
Risk matrix
Van Oord monitors key risks through heatmaps reviewed by the Executive Committee and Supervisory Board. After considering mitigating measures, the overall risk profile has remained broadly consistent with the 2024 profile. The risks that could impede the achievement of our strategic objectives are displayed in the following graph and are outlined in the following table.
|
Risk category |
Key risk |
Mitigating measures |
Trend |
|---|---|---|---|
|
Strategic |
Risks of economic and geopolitical instability |
||
|
A |
Van Oord may face the risk that adverse economic conditions and geopolitical tensions reduce growth opportunities. They could also pressure profit margins and limit our ability to operate internationally. |
Van Oord actively monitors market and geopolitical developments. We use financial controls, dynamic contracting, and diversification to manage risks. We build resilience through operational efficiency, inflation safeguards, strategic collaborations, and international diversification. Local partnerships, diplomatic dialogue, and contingency plans further enhance our adaptability. |
Up |
|
Strategic |
Risks of security breaches regarding information |
||
|
B |
Van Oord may face cyberattacks targeting our IT infrastructure which could lead to business disruptions, unauthorised access to intellectual property, financial losses and reputational harm. |
Van Oord has implemented a comprehensive management system and a risk control framework for information security. These encompass personnel, physical, supplier and systems security. An information security risk committee oversees these risks. |
Equal |
|
Strategic |
Risks of not having an adequate labour force |
||
|
C |
Van Oord may face challenges in attracting and retaining talent with the required skills and diverse backgrounds. This could result in a shortage of skilled personnel and an unbalanced workforce. |
Van Oord prioritises talent acquisition, with focus on diversity and inclusion. We regularly survey employees to assess organisational health. We also invest in development, mentorship programmes, and a positive workplace culture. These efforts help us retain skilled professionals and build a balanced, resilient workforce. |
Equal |
|
Operational |
Risks related to portfolio and project execution |
||
|
D |
Van Oord may face increased complexity within the project portfolio, including reliance on key assets and unforeseen challenges in tendering or execution, which may result in significant financial impacts, capacity issues and project performance. |
Van Oord conducts thorough risk assessments and scenario analyses during tender and execution. We monitor our risk profile through our risk portfolio model. We apply project management methods and diversify our project portfolio. We also invest in skills and strategic collaborations. Our BU and Corporate Risk Committees, adaptive management strategies, and open stakeholder communication help maintain high performance and reduce financial impacts from complex project challenges. |
Equal |
|
Operational |
Risks of supply chain disruptions |
||
|
E |
Van Oord may face the risk that disruptions in the supply chain result in difficulties for Van Oord in delivering its products and services at acceptable margins. |
Van Oord has a diversified supplier base, conducts risk assessments, including due diligence, and establishes contingency plans. Ongoing monitoring of global supply chain dynamics, proactive communication with suppliers and strategic stockpiling of critical resources contribute to the company’s resilience and ensure the delivery of products and services at acceptable margins. |
Equal |
|
Operational |
Risks of safety incidents |
||
|
F |
Van Oord may face unexpected unsafe working conditions that could potentially lead to safety incidents. |
Van Oord promotes a strong, no-blame safety culture through the Say YES to Safety programme. This includes safety instructions and training for everyone working for or on behalf of Van Oord. Inspection programmes, strict HSE protocols, and open communication support a safer working environment and reduce the likelihood of incidents. |
Equal |
|
Operational |
Risks of not being able to roll out the digital agenda on time and within budget |
||
|
G |
Van Oord may face the risk of falling behind in implementing digital solutions, such as AI, hindering our long-term goals. These goals include a uniform way of working, reliable and up-to-date data, and stronger cross-departmental collaboration. |
Van Oord has developed an integrated programme to effectively manage business transformation and digital solutions such as AI. A centralised team is developing a comprehensive roadmap focused on delivery planning, scope, processes, data governance, integrations and more to ensure cohesion across efforts. |
Equal |
|
Operational |
Risks related to maritime cyber threats to critical infrastructure vulnerabilities |
||
|
H |
Van Oord may face the risk of GPS jamming or spoofing compromising vessel navigation and communication systems, which may reduce situational awareness and disrupt operations. |
Van Oord has developed a layered defence strategy. This includes advanced multi-constellation navigation receivers with authentication, diverse correction sources and anti-jamming antennas. |
Up |
|
Financial |
Risks related to tax compliance and treasury access to favourable conditions in the capital markets |
||
|
I |
Van Oord may face the risk that its financial performance is affected by changes in the tax landscape and treasury-related factors. These include exchange and interest rate fluctuations, insufficient funding, and counterparty credit risk. More information on these risks is provided in the Financial Statements. |
Van Oord proactively monitors and addresses tax risks to ensure transparent reporting, regulatory compliance, and effective tax risk management. The mitigating measures for treasury related risks are disclosed in the Financial Statements. |
Equal |
|
Legal & Compliance |
Risks related to compliance and integrity |
||
|
J |
Van Oord may face the risk that intentional acts or omissions by employees or contractors lead to non-compliance with company policies and regulations. Such non-compliance could cause financial losses, regulatory consequences, and reputational damage. |
Van Oord has implemented internal controls and promotes a speak-up culture. We strengthen our digital solutions against compliance risks and conduct thorough audits to ensure adherence to policies and regulations. These measures help protect the company from financial losses and reputational damage. All policy statements, including the Code of Conduct, have been shared with relevant parties and are published on our corporate website. |
Equal |
* In comparison with the prior year
