Compliance risks are related to the business ability to manage impact of new legislation and regulation, as well as process to manage unforeseen disputes or other legal or contractual uncertainties.
- IT Compliance. Risk that the business lack ability to meet requirements within the new EU privacy regulation (GDPR) which is to be implemented from May 2018.
- Vendor management risks. Risks related to disputes with vendors. Disputes may relate to insufficient product quality of apparel items, third party trademark infringements, interpretation of contractual agreements or similar.
- Risk related to sustainability reporting. Risk that the business lack ability to meet requirements within the sustainability reporting regulation which is to be implemented for the fiscal year of 2017.
Mitigation of risk
- IT Compliance. Initial analysis of effects for the business has been performed and a project plan to ensure compliance has been stated. Training for Group Management and other important stakeholders has taken place. The Group is liaising with legal experts to ensure compliance.
- Vendor management risks. We have long-term relationships with the brands that we work with, and most often possible disputes are managed informally. To minimise risk for uncertainties that may lead to a dispute and the risk for financial exposure contractual agreements has been signed with vendors.
- Risk related to sustainability reporting. Required policies, roles and responsibilities have been implemented. Goals are set and the organisation will be able to meet requirements for sustainability reporting.