Gestão de riscos
Risk management
Risk and impact governance at Klabin operates in an integrated manner in two broad areas: Risk Management and Crisis Management.
Risk Management
Klabin divides its risks into five categories: strategic, financial, operational, regulatory, and social and environmental. These risks are managed in accordance with a specific Risk Management Policy. In order to prevent losses, anticipate events and avoid surprises, preventive action is taken through the stages of identification, classification, evaluation, treatment, and continuous monitoring:
- Identification: In a process coordinated by the Risk Area in conjunction with the directors of operational areas and/or equivalent leaders, identification includes meetings with employees who have extensive knowledge of their respective areas of activity. The goals are to define the aspects to be monitored, evaluate internal documentation, assess third parties and appraise present conditions.
- Classification: Once the characteristics of a risk have been understood, its origin is determined, which may be internal or external.
- Evaluation: The identified risks are assessed in terms of their potential impact and vulnerability. The degree of criticality determined from this assessment – which can be low, medium, high or critical – defines the risk's position on Klabin's risk map and consequently its priority level and possible measures.
- Treatment: There are two methodological approaches to risk management at Klabin: avoid or accept. If a risk is accepted, it can be maintained, reduced or exploited. To this end, risk matrices and action plans are developed.
- Monitoring: In conjunction with areas and risk owners, action plans are monitored and, when necessary, new risks are included in accordance with the Company's maturity and in response to external factors. The map of prioritized risks is presented and monitored every two months by Klabin's internal governance bodies.
Examples of risks, control measures and mitigation
| Identified risk | Description of risk | Mitigation measures |
|---|---|---|
| Rupture and/or explosions of pressure vessel equipment | Some equipment that is essential to the Company's production processes (such as recovery boilers, steam boilers and chemical tanks) contains fluids and is designed to operate at internal pressures that differ from atmospheric pressure. As a result, ruptures and/or explosions could:
|
|
| Fires in manufacturing and forestry units | The Company is subject to fires, considering the business in which it operates, the inputs and equipment used in its production processes, and the final products sold.
|
|
| Cybersecurity | Failures in the Company's information technology systems and/or externally contracted data processing systems could adversely affect the Company's operations, resulting in:
|
Klabin complies with standards such as ISO 27001 and IEC 62443, operating in the following areas:
|
Examples of emerging risks
Klabin's risk management also covers long-term risks that are intrinsically linked to the longevity and survival of the business, such as:
| Emerging risk 1: Biodiversity loss | |
|---|---|
| Definition | Resulting from the extinction and/or reduction of fauna and flora species, the collapse of ecosystems implies irreversible consequences for the environment, humanity and economic activity, leading to permanent destruction of natural capital. |
| Impact for the business | Biodiversity loss threatens the ability of ecosystems to provide resources and services (such as pollen and seed dispersal, natural pest control, water and climate regulation, and soil and nutrient conservation) that are essential to sustaining the high yields of Klabin's forestry plantations. Additional investments in techniques and R&D to replace or artificially compensate for lost ecosystem services will increase the cost of operations, with no guarantee of achieving effective results. |
| Mitigation measures |
|
| Emerging risk 2: Natural resource crisis | |
|---|---|
| Definition | The natural resource crisis has been described by the World Economic Forum as an existential threat. It encompasses crises involving chemicals, food, minerals, water and other natural resources on a global scale, caused by human overexploitation and/or the mismanagement of critical natural resources. |
| Impact for the business | As a pulp and paper company with water- and land-intensive operations, Klabin depends on the quality of natural resources to deliver products to the market. Competition for these resources could generate tensions between the Company, the community and local authorities. Additionally, increased demand for land for other purposes due to expectations of significant population growth could raise production costs and alter the competitiveness of the business. |
| Mitigation measures | All of Klabin's operations incorporate environmental management aspects such as water, energy, climate change and biodiversity into their strategy, using a systemic approach. Risks and impacts related to natural resources are also addressed in Klabin's 2030 Agenda, which sets goals aimed at reducing adverse outcomes:
|
Crisis management
Crisis management means the organizational capacity to anticipate, deal with and recover from significant adverse situations, minimizing negative impacts and restoring normality as quickly as possible.
Among the crisis management tools adopted by Klabin, the Business Continuity Plan is a comprehensive process that:
- identifies potential threats and impacts to the organization's processes;
- promotes organizational preparedness capable of maintaining or quickly resuming critical business functions after a crisis or disaster;
- provides effective responses to safeguard the interests of stakeholders, as well as the Company's reputation, brand and value-creating activities.
Since 2023, the Company has been self-assessing its action plans involving crisis management through a computerized system, which allows for process improvements and greater integration with the risk management methodology.
The topic of human rights encompasses environmental, social and governance issues, such as labor practices, health and safety, diversity and non-discrimination, community relations, the environment and data protection. Given the interdisciplinary nature of this topic, human rights management at Klabin is carried out as a cross-cutting initiative, supported by a comprehensive set of regulatory documents:
- Code of Conduct;
- Suppliers' Code of Conduct;
- Anti-Corruption Manual;
- Sustainability Policy;
- Diversity and Employability Policy;
- Fundamental Rights in Labor Relations Policy;
- Social and Environmental Responsibility Policy for Hiring Suppliers;
- Life Protection Policy;
- Cybersecurity Policy.
All these commitments are underpinned by internationally recognized frameworks, such as the Guiding Principles on Business and Human Rights; the International Bill of Human Rights (which includes the Universal Declaration of Human Rights and the UN Covenants on Civil and Political Rights, and Economic, Social and Cultural Rights); the conventions of the International Labor Organization; and conventions on biodiversity, the environment and climate. The guidelines of the United Nations Global Compact and the UN Sustainable Development Goals are also considered guiding principles.
In 2024, there were no reports of any cases of human rights violations involving the Company.
GRI 411-1 SASB RR-FM-210a.1 SASB RR-FM-210a.2
Traditional Communities
Total forest area in indigenous lands (in acres)
| 2024 | 2023 | 2022 | 2021 |
|---|---|---|---|
| 0 | 0 | 0 | 0 |
Number of traditional communities identified (within a 10-km buffer zone around Klabin's forest management areas)
| 2024 | 2023 | 2022 | 2021 |
|---|---|---|---|
| 177* | 172 | 172 | 161 |
Klabin maps, identifies and characterizes all traditional communities (settlements composed of descendants of runaway slaves, known as “quilombos,” villages in central Paraná that use land communally, known as “faxinal” communities, and indigenous peoples) within its areas of influence. This work has gone through different stages in recent years:
- 2019: 81 traditional communities were identified and characterized within the 10-km buffer zone around Klabin's forest management areas in Paraná;
- 2020: Due to the expansion of Klabin's forestlands, in 2020 a new study was carried out to identify traditional communities within the 10-km buffer zone around the Company's forest management areas, this time covering the states of Paraná, Santa Catarina, Rio Grande do Sul and São Paulo. As a result, 80 new communities were identified for subsequent characterization;
- 2022: After a two-year pause due to the COVID-19 pandemic, work began to characterize the previously identified 80 new communities;
- 2023: Given the continued expansion of forestlands, 16 new communities were identified.
- 2024: Work to characterize the communities identified to date was completed, resulting in:
- 19 indigenous lands;
- 55 quilombos;
- 103 faxinal communities (15 of which are still actively engaged in traditional communal land management practices*).
In its relationships with all identified and characterized communities, the Company complies with Brazilian law and follows the recommendations of International Labor Organization Convention 169, guaranteeing the right to free, prior and informed consent. In 2024, there were no cases of violations of the rights of indigenous peoples and/or traditional communities.
*These studies, conducted using official databases and primary data, enabled an in-depth analysis of the presence of faxinal communities in the region where Klabin operates in Paraná. Of the 103 identified communities, 15 remain engaged in traditional communal land management practices, while the others have lost their traditional characteristics over the years, due to various external factors. Thus, within our region of operation, we found 89 traditional communities located within a 10 km radius of the Company's forest management areas.
Relationships with stakeholders regarding human rights, indigenous rights and the local community
Klabin's Social Responsibility and Community Relations Area operates in a cooperative manner, supporting all the Company's units with the aims of preserving and improving the organization's relations with its stakeholders and affected parties, eliminating or mitigating impacts caused by its operations, and taking measures to contribute to local development in the municipalities where it operates. Its main areas of work in this field are as follows:
- Measures to prevent potential social impacts linked to Klabin's forestry and manufacturing operations;
- Identification of opportunities for engagement with local communities and regional development;
- Promotion and expansion of dialogue between Klabin and the public authorities, local/traditional communities and other stakeholders.
Human rights due diligence at Klabin
Klabin carries out human rights due diligence in a structured and continuous manner, based on the UN Guiding Principles on Business and Human Rights. The process covers 100% of the Company's operations and is integrated into its governance and risk management practices, covering the entire value chain, impacted communities and new business relationships (acquisitions and joint ventures).
In 2021, Klabin began the first stage of human rights due diligence, conducted by an independent consulting firm. Since then, the process has been continuously improved and implemented, structured in six main stages:
1. Public commitment
Although Klabin does not yet have an exclusive human rights policy, the topic is addressed in various corporate guidelines, such as the following:
- Code of Conduct;
- Suppliers' Code of Conduct;
- Anti-Corruption Manual;
- Sustainability Policy;
- Diversity and Employability Policy;
- Fundamental Rights in Labor Relations Policy;
- Social and Environmental Responsibility Policy for Hiring Suppliers;
- Life Protection Policy;
- Cybersecurity Policy.
All these commitments are underpinned by internationally recognized frameworks, such as the Guiding Principles on Business and Human Rights; the International Bill of Human Rights (which includes the Universal Declaration of Human Rights and the UN Covenants on Civil and Political Rights, and Economic, Social and Cultural Rights); the conventions of the International Labor Organization; and conventions on biodiversity, the environment and climate. The guidelines of the United Nations Global Compact and the UN Sustainable Development Goals are also considered guiding principles.
2. Risk and impact assessment
- Mapping of human rights risks
A human rights risk mapping exercise was conducted to identify the main risks inherent to Klabin's business that could impact human rights, considering its activities and operations, as well as its commercial relationships. The risks were identified by mapping rights holders who could be affected.
The diagnosis considered the risks previously defined for each of the supply chains involved: wood, wood chips, logistics, and other goods and services. Local communities were considered to be all those potentially impacted by Klabin's value chain operations, including forest producers, industrial companies, logistics providers and the Company's forest suppliers.
| Rights holders | Included subgroups | Inherent risks |
|---|---|---|
| Employees and contractors | Women, black people, people with disabilities and LGBTQI+ people, among others |
|
| Supply chain workers | Women, black people, people with disabilities and LGBTQI+ people, among others Minors |
|
| Local communities | Women, black people, people with disabilities and LGBTQI+ people, among others Minors Indigenous and traditional communities |
|
| Clients | - |
|
*Including sharecroppers, caretakers and occupants.
**Including environmental and human rights activists.
- Assessment of management capacity
This stage was intensified in 2024 with a comparative assessment of Klabin's practices and international requirements. As a result, a continuous process was structured to periodically update the identified risks while strengthening governance.
This assessment was integrated into the Company's risk management system (ERM), expanding the impact table to include human rights issues, in addition to health and safety. The classification of risks followed a framework based on the severity criteria of the UNGPs, considering:
- scale: severity of the impact;
- degree of reparability: ease of returning to the situation prior to the impact;
- scope: number of individuals potentially affected.
The inherent risks were then cross-referenced with the Company's management capacity, resulting in recommendations and short-, medium- and long-term action plans based on the gaps identified and the prioritization of actions.
| Short term | Medium term | |
|---|---|---|
| Management system | Public commitment | - |
| Risk and impact assessment | - | |
| Risk and impact assessment | - | |
| Adoption of prevention and mitigation measures | - | |
| Monitoring of effectiveness | - | |
| Reporting | - | |
| Complaint and whistleblowing mechanisms | - | |
| Specific topics | Health and safety* | Supply chain workers |
| Freedom of association* | Access to land and livelihoods | |
| Discrimination and harassment* | Decent pay* | |
| Working hours* | Conflicts involving security forces | |
| Community safety | ||
| Indigenous peoples and traditional communities | ||
| Impacts on public infrastructure | - | |
| Child sexual exploitation | - |
*Topics that involve employees and contractors.
3. Adoption of prevention and mitigation measures – integration into internal processes
Based on the mapped risks and management capacity analysis, measures were recommended to prevent and mitigate potential human rights violations, integrating these actions into the company's internal processes.
4. Monitoring of effectiveness
The next phase consisted of defining and implementing key performance indicators (KPIs) aimed at monitoring the effectiveness of actions taken to prevent and mitigate human rights risks. These KPIs were integrated into the Klabin Sustainable Development Goals, ensuring better alignment of strategic commitments and operational results.
5. Reporting
Klabin reports on human rights issues in its Sustainability Report and ESG Dashboard.
6. Complaint and whistleblowing mechanisms
The Company provides accessible and secure channels for reporting allegations and complaints, aimed at internal and external audiences and impacted communities. More information is available in the Ethical Conduct and Integrity section of the ESG Dashboard.
Mitigation and prevention actions
Topic 1: Health and safety
100% of operations covered
KPIs: lost-time injury frequency rate (employees and contractors); number of life-changing injuries; accident severity rate among employees and contractors; units' level in the Hearts and Minds methodology.
Are the actions taken considered sufficient? Yes
Klabin has an Occupational Health and Safety Management System that covers all its operations, employees and contractors. In addition, six industrial units are ISO 45001 certified, while the forestry business units' own plantations have FSC® management certification, attesting to the health and safety conditions of employees involved in these activities. The compliance of procedures with the requirements of the Occupational Health and Safety Management System, ISO 45001 and FSC is periodically assessed through audits.
There are also procedures in place to:
- continuously identify hazards, assess risks and determine necessary controls;
- offer occupational health and safety training in line with function and legal requirements;
- record, investigate and analyze accidents and incidents;
- identify the potential for emergencies and response procedures.
Topic 2: Freedom of association and collective bargaining
100% of operations covered
KPIs: percentage of employees covered by collective bargaining agreements
Are the actions taken considered sufficient? Yes
All employees are covered by collective agreements. In addition, the Code of Conduct includes freedom of association for all employees.
Topic 3: Freedom of association and collective bargaining
100% of operations covered
KPIs: women's share of leadership positions; percentage of employees belonging to marginalized groups who positively assess the conditions of respect and equality in the workplace
Are the actions taken considered sufficient? Yes
Since 2019, campaigns, training sessions, workshops, talks and roundtable discussions have been held on topics such as racism, gender equity, unconscious bias, inclusive language and harassment. Most activities are aimed at all employees and contractors, enabling the topic to be addressed at various hierarchical levels.
The Company also provides training for support groups and People & Management teams (which are directly involved in these cases), aided by the Integrity Area and a professor and consultant in anthropology.
At the same time, there are procedures in place to address reports of harassment and discrimination via the Ombudsman Channel.
Topic 4: Supply chain
100% of operations covered
KPIs: percentage of critical suppliers covered by the Sustainable Supply Chain Management Program
Are the actions taken considered sufficient? Yes
The Code of Conduct and Social and Environmental Responsibility Guidelines for Hiring Suppliers establish minimum human rights standards for suppliers. For contracts, Klabin also has a Minimum Safety, Environmental and Occupational Health Requirements Manual for Contractors.
Topic 5: Slave-like labor and/or child labor
100% of operations covered
KPIs: number of suppliers identified as causing actual and potential negative social impacts
Are the actions taken considered sufficient? Yes
As a signatory to the National Pact for the Eradication of Slave Labor, Klabin is committed to cross-checking its database of active and inactive suppliers multiple times a year against the names listed in the Brazilian government's register of employers that have subjected workers to slave-like conditions (popularly known as the “Slave Labor Dirty List"). If any suppliers are identified, the Company takes the following actions:
- Identification of the supplier and service provided (date and location, among other details);
- Formal notification to the party requesting clarification and a statement on the corrective measures implemented (and suggestions for improvement, if necessary).
At this stage, an assessment is made as to whether the supplier will be monitored or whether the relationship will be terminated. In 2024, no cases were recorded of suppliers in Klabin's chain being included on this list.
Topic 6: Communities
100% of operations covered
KPIs: number of cases of human rights violations involving the Company
Are the actions taken considered sufficient? Yes
Klabin has a community conflict management procedure that establishes an internal committee to address complaints deemed substantiated. In addition, the Company maintains the "Fale com a Klabin” channel, dedicated to responding to community requests, complaints and grievances.
Topic 7: Traditional communities (quilombos, indigenous peoples, “faxinal” rural communities, etc.)
100% of operations covered
KPIs: number of cases of violations of the rights of indigenous peoples and traditional communities
Are the actions taken considered sufficient? Yes
Klabin maps all traditional communities in its areas of influence, according to the procedures described in the section on this form titled “Number of traditional communities identified (within a 10-km buffer zone around Klabin's forest management areas).”
Topic 8: Stakeholder engagement
100% of operations covered
KPIs: Klabin's acceptance rating in local communities
Are the actions taken considered sufficient? Yes
Klabin's social responsibility and community relations activities are described in greater detail in the section on this form titled “Relationships with stakeholders regarding human rights, indigenous rights and the local community.”
Topic 9: Environment
100% of operations covered
KPIs: number of fines and non-monetary penalties related to environmental issues
Are the actions taken considered sufficient? Yes
All Klabin's operational units operate in accordance with an environmental management system that includes the following:
- Means for recording environmental anomalies within each unit;
- Records of occurrences and complaints from stakeholders, together with appropriate analysis of each occurrence and monitoring of applicable legal requirements;
- Identification of environmental aspects and impacts of all operations;
- Mitigation actions, such as socially responsible water management and mosaic forest management;
- Environmental monitoring programs in surrounding regions.
Topic 10: Data protection
100% of operations covered
KPIs: percentage of employees and contractors included in digital language
Are the actions taken considered sufficient? Yes
Klabin has a governance structure focused on data protection, featuring constant systematic monitoring and cybersecurity policies and procedures based on ISO standards, the Brazilian General Data Protection Law (LGPD) and Brazil's Digital Bill of Rights. This information is made available to all employees through a Cybersecurity Handbook and training on the subject.
Suppliers that have access to Klabin’s data and that of its employees are informed of their responsibilities through their contract and they also fill out an LGPD compliance form.
Klabin's Risk Area was created in 2018 with the support of senior management (Board of Directors and Executive Board). The area seeks to apply best practices to support operational, corporate and/or equivalent areas in:
- analyzing their processes, with a focus on risk mapping and assessment;
- implementing controls and/or actions;
- implementing operational and business continuity plans.
In November 2020, the Audit and Related Parties Committee was created in order to advise the Board of Directors. Its functions include assessing the Company's risk exposure control mechanisms. The Risk Area holds at least two fixed annual meetings with this committee to update management concepts and methodology in accordance with the “Tone at the Top" model, as well as to discuss the main risks and action plans.
In 2021, IB Solutions risk management software was implemented to automate the follow-up process for risk owners' actions and controls, assist in tracking and recording changes, and facilitate the creation of dashboards.
Klabin believes that a risk management culture within an organization is key to promoting and implementing the importance of this issue at all levels of the Company. In addition to regular presentations on risk-related topics to the Board of Directors, in 2022 the company launched an internal leadership education program that includes updates on risk management (methodology, main risks, etc.) for new directors and board members. The procedures associated with risk management were audited internally in 2023.
FRAMEWORK – LINES OF DEFENSE
- 1st line: composed of operational and equivalent areas, whose teams are responsible for the Company's daily operational activities and assume primary responsibility for identifying, assessing, and managing risks.
- 2nd line: composed of risk management and related areas (Integrity, Internal Controls, and Information Security), which are responsible for monitoring and supervising first-line activities, as well as providing guidance on appropriate risk management practices.
- 3rd line: composed of the independent Internal Audit Area, which reviews and evaluates the performance of the first and second lines with the objective of ensuring that risk management processes and internal controls are effective and comply with corporate governance best practices.
Updated and verified on: 08/09/2025