METSÄ BOARD Annual review 2024
Risk management Risk management is an essential part of Metsä Board’s standard business planning and leadership. Risk management is part of daily decision making, operations follow-up and internal control, helping promote and ensure the achievement of the Company’s objectives. The effective coordination of business mana- gement and risk management is based on the operating principles approved by the Board of Directors, which are designed to keep the overall risk management system clear, understandable and sufficiently practical. Risks and their evolution are regularly reported to the Board of Directors’ Audit Committee. Risk management responsibilities are divided between different institutions. The Board of Directors is responsible for the Company’s risk management and approves the risk management policy, while the Audit Committee evaluates the Company’s risk management levels and practices, as well as key risk areas, and makes proposals to the Board of Directors in this regard. The CEO and the Corporate Mana- gement Team are responsible for defining and implementing risk management principles and are also responsible for ensuring that risks are taken into account in the Company’s planning processes, and that they are adequately and appropriately reported. The owner of Metsä Group’s risk management process is responsible for maintaining and developing the risk mana- gement process and capabilities in cooperation with the business units. Metsä Board’s Risk Committee coordinates risk assessments and compiles a summary of the key risks twice a year, which the CEO presents to the Board after the Management Team review. Risk management’s key objective is to identify and evaluate the risks, threats and opportunities that may have an impact on the implementation of the strategy and the achievement of short- and long-term objectives. The businesses regularly evaluate and monitor the risk environment and related changes as part of their normal operational planning. The risks identified and their management are reported to the Audit Committee and the Board at least twice a year. Business risks also involve opportunities, and they can be capitalised on within the boundaries of the agreed risk limits. Conscious risk-taking decisions must always be based on an adequate evaluation of the risk-bearing capacity and the
Insider administration For insider matters, Metsä Board and its group companies comply with Finnish laws, especially the Securities Markets Act, Regulation No 596/2014 of the European Parliament and of the Council on market abuse (MAR) and sup- porting orders and regulations, and the insider guidelines of NASDAQ Helsinki Ltd (Helsinki Stock Exchange) ( www.nasdaq.com/solutions/ rules-regulations-helsinki ). Based on the above provisions, the Company has approved its own insider guidelines. The goal of insider administration is to enable people considered the Company’s insiders to openly hold shares in the Company while maintaining public trust in the trading and price formation involving the Company’s securities. Insiders and those involved in the preparation of financial reporting are regularly provided with instructions and training. The Company does not maintain a permanent company-specific insider register. If necessary, the Company will, by decision of the Chair of the Board of Directors, establish an insider project, which will include all persons involved in the preparation of a specific project containing insider information. In 2024, the Company’s directors subject to the disclosure requirement include the members of the Board of Directors and the CEO. The ownership of these persons and of their related natural and legal persons is public, as each has an independent duty of disclosure to the Com- pany and the Supervisory Authority in respect of their transactions in Metsä Board shares and other financial instruments. Metsä Board publis- hes the notifications of transactions it receives in the form of stock exchange releases. Directors who are required to report are prohibited from trading in the Company’s shares and other financial instruments between the end of the reporting period and the end of the interim report’s publication date (but always for at least 30 calendar days – the “closed window”). Additionally, Metsä Board maintains a list of persons who, in the course of their duties, are involved in the preparation and communication of interim reports, the financial statements release, and the annual financial statements and may thus receive inside information. These persons are covered by the Company’s closed window and are therefore subject to the trading restriction mentioned above.
Related party transactions The Board of Directors has defined the prin- ciples for monitoring and evaluating related party transactions. The Company has cont- ractual relationships with the parent company Metsäliitto Cooperative and its sister companies Metsä Fibre Oy and Metsä Tissue Oyj in the normal course of business. The most significant are related to the procurement of raw materials such as wood and pulp, and the operation of joint integrated mill sites. The Board of Directors decides on contractual relations with related parties unless the matter is related to the Company’s normal business and is of minor importance. In situations in which the Board of Directors deals with a business or another contractual relationship, or a relation- ship with Metsäliitto Cooperative or a related company, the Board of Directors acts in principle without its members who are dependent on Metsäliitto Cooperative or the related company in question. The Board of Directors’ Audit Committee regularly monitors and evaluates the transactions and contractual relationships of the Company and its related parties. To assess directors’ independence and inte- grity, directors must disclose any matters that may affect their ability to act free of conflicts of interest to the Company. As of 31 December 2024, the members of the Board of Directors, the CEO and the other members of the Corpo- rate Management Team had no financial loans from the Company or its subsidiaries, and no collateral arrangements existed between them. There were no significant business relationships between these persons or their related parties (as defined in IAS 24) and the Company during 2024.
profit/loss potential, among other matters. Such an evaluation must be conducted before any pre-engineering and execution phases of projects and investments. Responsibilities for risk management are sha- red between the various governing bodies. The Board of Directors is responsible for risk mana- gement and approves the risk management policy, while the Audit Committee assesses the Company’s risk management levels and practices and key risk areas, making proposals to the Board of Directors in this regard. The key elements of Metsä Board’s risk management include implementing a comprehensive risk management process that supports the entire business, protecting assets and ensuring business continuity, corporate security and its continuous improvement, and crisis management and continuity and recovery plans. In line with the Risk Management Policy and Principles, adequate risk assessment is part of the pre-appraisal and implementation phases of projects that are financially or otherwise significant. Metsä Board’s risk management function is to: • ensure that all identified risks affecting personnel, customers, products, property, information assets, corporate image, corpo- rate responsibility or operational capacity are managed in accordance with the law and based on the best available information; • ensure the achievement of the objectives set for the Company;
• meet the expectations of stakeholders; • protect assets and ensure business continuity; • optimise the profit/loss potential ratio; and • ensure the management of the Company’s overall risk exposure and the minimisation of overall risks. The most significant risks and uncertainties known to the Company are described in the Report of the Board of Directors. Auditing According to Metsä Board’s Articles of Asso- ciation, the Company has one auditor, which must be an auditing firm approved by the Finnish Patent and Registration Office, with the principal auditor being a Chartered Accountant. The General Meeting of Shareholders elects the auditor annually at the Annual General Meeting. The audit was last put out to tender in 2021, and in accordance with the decision of the Annual General Meeting in the spring of 2024, the Company’s auditor will be KPMG Oy Ab, which appointed Kirsi Jantunen, KHT, as its principal auditor. The Audit Committee oversees the auditor selection procedure and makes recommendations to the Board of Directors on the proposal to the Annual General Meeting regarding the selection of the auditor and the auditor’s remuneration.
Business operations and value creation 2 This is Metsä Board 4 CEO’s review 6
Strategy and financial targets
8
Value creation
Financial development 10 Key figures 12
Report of the Board of Directors
20 20 37 70 89 96
• Sustainability statement
General information
E – Environment
S – Social responsibility
G – Governance
Annexes to the Sustainability statement