Gestão de riscos
Risk management
Risks are assessed according to impact and vulnerability criteria, following the Risk Management area. After this process, they are managed according to their criticality. Methodologically, risks can be dealt with by reducing, transferring, accepting, or exploiting. According to the Risk Management Policy, they are classified into five categories: strategic, financial, operational, regulatory, and socio-environmental.
In 2020, on the recommendation of the Statutory Executive Board and approval by the Board of Directors, a list of 28 macro risks was defined as priorities for continuous monitoring.
Since 2021, the map of prioritized risks has been presented and approved by Klabin's governance bodies. Klabin's risk mapping methodology focuses on preventing losses, anticipating events, and avoiding surprises.
The identification of risks follows a specific procedure coordinated by the Risk Management Department, in conjunction with the Executive Boards, and the managers of the operational, corporate, and/or equivalent areas. Initially, meetings are held with employees who have extensive knowledge of their respective areas of activity to define the main aspects to be monitored, in addition to evaluating internal documentation, third-party evaluations, and current scenarios.
The risks identified are assessed about the degree of potential impact and vulnerability using a methodology defined in an internal risk management procedure, which will determine the criticality of the risk. After this assessment, the risk is inserted into a "heat map" to determine its classification and treatment prioritization. The degree of criticality can be low, medium, high, or critical. From this stage, the monitoring and follow-up of risks follow the flow according to the owners of the risks and the company's governance bodies.
The Risk Management area, in conjunction with the areas, periodically updates the risk matrices, which consist of monitoring the action plans and/or including new risks.
Aspects associated with integrated risk management:
– Identification: identify risks and understand their characteristics.
– Analysis: assess the criticality of risks, based on the respective degree of impact and vulnerability.
– Treatment: decide how to deal with each risk to structure action plans.
- Governance of Mentoring and review of risks and action plans.
– Contingency plan: Contingency and Crisis Management Plans.
To ensure timely monitoring, a computerized system was deployed in 2020 and integrated with the methodology used to classify risks.
In 2023, the company enhanced the process of conducting self-assessment of action plans through a computerized system, bringing greater functionality and improved integration with the risk classification methodology.
Examples of risks, control, and mitigation measures
| Identified risk | Risk description | Mitigation actions |
|---|---|---|
| Pressure vessel equipment rupture and/or explosions | The company uses equipment that is fundamental to the production process and which contain fluids. This equipment are designed to work with internal pressures other than atmospheric pressure, such as pressure, such as recovery boilers, steam boilers, and tanks containing chemical products. chemical products. In the event of a rupture and/or explosion, this could lead to interruptions production for an indefinite period (or even permanently), resulting in injuries or fatalities and/or environmental impacts. |
|
| Fires in industrial and forestry units | The company is subject to fire, considering the business in which it operates, the inputs and equipment used in the production process, and the final product that is sold. The occurrence of a fire in its factories, especially pulp and paper mills, could interrupt production for a period (or even permanently), result in injuries or fatalities and/or environmental impacts. fatalities and/or environmental impacts. |
|
| Cybersecurity | Failures in the Company's InformationKlabin uses standards such as ISO 27.001 and IEC 62.443 and operates on the following fronts: |
Klabin uses standards such as ISO 27.001 and IEC 62.443 and operates on the following fronts:
|
Emerging Risks
Based on the 2023 Top Global Risks Report produced by the World Economic Forum, Klabin’s risk analysis identifies the following long-term risks:
| Emerging risk 1: | Risk of biodiversity loss |
|---|---|
| Definition | Irreversible consequences for the environment, humankind, and economic activity, and a permanent destruction of natural capital, as a result of species extinction and/or reduction. The biodiversity loss and ecosystem collapse pose risks of irreversible consequences for the environment, humankind, and economic activity. The issue is top-ranked in 2023’s World Economic Forum Report. The productivity and quality of planted forests directly depend on the quality of native forests, their biodiversity, and ecological services. The loss of biodiversity threatens the viability of many ecosystems and therefore the productivity of Klabin’s businesses at its core. |
| Impact on the business | The loss of biodiversity threatens the capacity of ecosystems to provide resources and services (e.g. dispersal of pollen and seeds, natural plague control, water and climate regulation, soil, and nutrient conservation, etc.) that are essential for sustaining Klabin’s plantations' high yields. Additional investments in techniques and R&D towards replacing or artificially compensating lost ecosystem services will increase the cost of operations with no guarantee of achieving satisfactory effectiveness or intended results. |
| Mitigation measures | Klabin has been assessing the impacts of this risk with the Continuous Monitoring Program for Fauna and Flora. In doing so, it is possible to understand the behavior of the species and adopt prevention and mitigation measures such as initiatives for reducing road accidents, rewilding actions, and scientific research. Klabin has a biodiversity study center within its Ecological Park, which aims to monitor and re-establish the quality levels of forests through the restoration of wildlife. This department is also responsible for bringing technological solutions to speed and scale the Biodiversity Monitoring program, which includes species tracking with ADN tracking, camera traps, geolocation and radio signal. The department is now studying ways to incorporate IoT sensors in order to increase data-related and make conservation decisions more efficiently. |
| Emerging risk 2: | Risk of natural resource crises |
|---|---|
| Definition | Existential threat involving chemical, food, mineral, water, or other natural resource crises at a global scale as a result of human overexploitation and/or mismanagement of critical natural resources. The Natural Resource Crisis is categorized by the World Economic Forum as an Existential Threat. As a Pulp&Paper company and water and land-intensive business, Klabin relies on the quality of natural resources to deliver products to the market and all of Klabin’s operations incorporate into their strategy environmental management aspects, such as water, energy, climate change, and biodiversity in a systemic view approach. In this way, the company strengthens its commitment to conserve natural resources, such as by working to reduce the use of non-renewable resources, controlling environmental impacts, own and third-party land planning and management, access to high-quality water, as well as an overall safe community. |
| Impact on the business | The increase in demand for land for other uses due to the expectation of a significant increase in the population can raise production costs, change in Klabin's business competitiveness, and generate tensions between the company, community, and local authorities fostered by land and water resource disputes. |
| Mitigation measures |
Assessed as both high likelihood and impact, the natural resource risk and its derived impacts are addressed within Klabin ’s 2030 Sustainability Agenda with goals aiming at reducing adverse outcomes for the next 10 years. For Wood Availability and Forest yield, the main 2030 goal is to maintain productivity levels by Raising the forest partners network through the Plant with Klabin Program which covers large and small producers to increase the diversification of wood sources and Improve plant and harvest technology to use less soil, and to operate over uneven surfaces, without decreasing conservation areas and ecological corridors. As for Water use, one of the 2030 targets is to have 100% forest operation under its management with hydrosolidarity management, which is a strategy based on the balance between forest production and water production. As such, it is possible to integrate the different needs of the input, including neighboring communities' needs and ecological processes. |
Human rights is a cross-functional theme at Klabin, touching on environmental, social, and governance issues such as labor and health and safety practices, diversity and non-discrimination, community relations, the environment, and data protection.
Although there is no specific policy that brings together all human rights issues in a single document, they all have their governance established by the following normative set: Code of Conduct, Anti-Corruption Manual, Sustainability Policy, Diversity and Employability Policy, Fundamental Rights in Labor Relations Policy, Social and Environmental Responsibility in Vendor Procurement Policy, Life Protection Policy, and Cyber Security Policy.
All these commitments are based on internationally recognized milestones such as the Guiding Principles on Business and Human Rights, the International Bill of Human Rights (which considers the Universal Declaration of Human Rights and the UN Covenants on Civil and Political Rights, and Economic and Social Rights), International Labor Organization Conventions, Conventions on biological diversity, environment, and climate. The Guidelines of the United Nations Global Compact and Sustainable Development Goals (SDGs) are also considered.
In 2023, there were no reports of any human rights cases or violations involving the Company.
GRI-411-1 SASB-RR-FM-210a.1 SASB-RR-FM-210a.2
TRADITIONAL COMMUNITIES
Total forest area on indigenous lands (in acres)
| 2023 | 2022 | 2021 | 2020 |
|---|---|---|---|
| 0 | 0 | 0 | 0 |
Number of identified traditional communities (10km buffer of Klabin's forest management areas)
| 2023 | 2022 | 2021 |
|---|---|---|
| 172 | 172 | 161 |
Klabin maps all the traditional communities in its areas of influence, such as quilombolas, faxinalenses (communities that inhabit small areas and live off their relationship with the forest), and Indigenous groups. In its relationship with these communities, the company follows Brazilian legislation and the recommendations of ILO 169, a resolution of the International Labor Organization for Indigenous and Tribal Peoples, guaranteeing their right to prior, free, and informed consent (CLPI).
In 2020, the characterization of traditional communities identified within the 10-km buffer zones of Klabin's forest management areas in Paraná was completed, totaling 81 communities: 12 Indigenous lands identified and characterized across 10 municipalities; 27 quilombola communities identified and characterized in 6 municipalities; and 42 'faxinal' communities identified and characterized in 10 municipalities.
Also in 2020, due to Klabin's forest expansion, a new phase of identifying traditional communities within the company's operational territory began, with the support of specialized consulting. During this phase, traditional communities within the 10-km buffer zones of forest management areas in Paraná, Santa Catarina, and São Paulo were identified, totaling 80 new communities to be characterized later. The characterization phase of these communities was postponed due to the COVID-19 pandemic.
In 2022, the identification of traditional communities within the company's operational territory resumed. At this time, Klabin's forest base in Paraná, São Paulo, Santa Catarina, and Rio Grande do Sul was reviewed, and 11 new communities were identified within the 10-km buffer zone, in addition to those identified in 2020. Following the completion of this identification work, the characterization phase began in 2023.
Throughout 2023, we conducted the characterization of these traditional communities. By December 2023, 53 communities had been characterized, and work will continue into 2024 to characterize the remaining 38 communities.
In 2023, there were no reported cases of rights violations concerning indigenous peoples and traditional communities.
For the units and operations in Paraná, a Manual for the area of Social Responsibility and Community Relations was prepared, as well as other internal procedures, to record the entire process of engagement with stakeholders.
Klabin's Social Responsibility and Community Relations area operates on several fronts, to preserve and improve the company's relationship with its stakeholders and affected parties; nullify or mitigate impacts caused by its operation; and, promote actions that contribute to the local development of the municipalities where it operates, among others. Thus, its main work fronts are:
- Preventive action on possible impacts linked to Klabin's forestry and manufacturing operations;
- Identification of opportunities for engagement with the local community and regional development of the territory;
- Promotion and expansion of dialogue between Klabin and public authorities, the local community (including the traditional community) and other interested publics.
Human Rights Due Diligence Analysis
In 2021, Klabin initiated the first stage of the Human Rights due diligence conducted by a third party. This process was based on the UN Guiding Principles on Business and Human Rights and covered 100% of Klabin's businesses and products, considering not just its operations, but also its value chain, communities and new commercial relationships (acquisitions and joint ventures)
The first phase included a diagnosis to identify risks from the rights holders' perspective, and not only from the corporate risk management perspective, which only considers inherent risks for the company.
This diagnosis considered the pre-established risks for each one of the supply chains involved: wood, wood chips, logistics and other goods and services. Local communities are considered all those that may be impacted by Klabin's value chain operations, including forestry, industrial, logistics (including ports) and forestry producers that supply Klabin.
| Rightsholders | Included subgroups | Inherent Risks |
| Own and third-party employees |
|
|
| Supply chain workers |
|
|
| Local communities |
|
|
| Customers | - |
|
* Includes tenant farmers, housekeepers, squatters
** Includes environmental and human rights defenders
In 2022, the diagnosis was the basis for the second stage of due diligence conducted by the external consulting firm, which, due to the pandemic and the impossibility of carrying out consultations in person, assumed the representation of the active voice of the rights holders, based on their technical prerogative. The Company conducted a cross-analysis of the impact on these groups versus Klabin's ability to manage each of the prioritized topics. The process led to a heatmap of priorities and recommendations, which were broken down into a short-term, medium-term, and long-term roadmap:
Topics prioritized by the human rights roadmap and timeframe for actions
| Short-term | Medium-term | Long term** | |
| Management system | Commitment political | - | - |
| Risk assessment and impact | - | - | |
| Adoption of prevention and mitigation measures | - | - | |
| Monitoring of effectiveness | - | - | |
| Reporting | - | - | |
| Complaint and reporting mechanism | - | - | |
| Specific themes | Health and Safety | Supply chain workers | - |
| Freedom of collective association* | Access to land and means of subsistence | - | |
| Discrimination and harassment* | Decent wage* | - | |
| Working hours* | Conflicts involving security forces | - | |
| Safety of Indigenous peoples and traditional communities | - | - | |
| Impacts on public infrastructure | - | - | |
| Child sexual exploitation | - | - |
*Topics that include direct and indirect collaborators.
**Actions prioritized and planned for the medium term, at least.
In 2023, Klabin continued to monitor the implementation of action plans with each sponsor area as part of the Company's risk management monitoring process.
Human Rights Governance:
-
The entire due diligence process, findings, and recommendations involved the Fixed Sustainability Committee and the Sustainability Committee.
-
The risks identified from the impact on the rightholder group were integrated into the Company’s official Risk Matrix, with monitoring along with sponsoring areas carried out bimonthly.
-
100% of short-term action plans are linked to the individual goals of corporate managers.
Based on the assumption that due diligence in human rights is an ongoing process, Klabin regularly assesses updates of the heatmap of management capacity x impacts from significant changes to business and operations.
Mitigation and preventive actions
| Topic | % Covered operations | Actions taken | Are the actions considered sufficient? | KPI |
|---|---|---|---|---|
| Health and Safety | 100 | Klabin has an Occupational Health and Safety Management System (SGSSO) that covers all operations, own employees, and third parties. Six industrial units are ISO 45001 certified. The forestry units' plantations are FSC Management certified, which assesses the health and safety aspects of the employees involved in these activities. In addition, periodic audits are carried out on procedures to assess compliance with the requirements of the Occupational Health and Safety Management System (SGSSO), ISO 45001 and FSC. Also, there are procedures in place for (a) ongoing identification of hazards, risk assessment and determination of necessary controls, (b) provision of OH&S training by role and legal requirements, (c) recording, investigation, and analysis of accidents and incidents, (d) identification of potential for emergencies and procedures for a response. |
Yes | |
| Freedom of association and collective bargaining | 100 | All employees are covered by collective agreements. Additionally, the Code of Conduct includes freedom of union membership for all employees. | Yes | |
| Diversity and Inclusion | 100 | There are procedures directed at addressing complaints of harassment and discrimination via the Ombudsman Channel. Campaigns, training, workshops, lectures, and conversation circles have been developed since 2019. Most activities are aimed at all employees and third parties. Specific topics such as racism, gender equity, unconscious biases, inclusive language, and harassment are addressed for the various hierarchical levels, in these events and trainings. Welcoming groups are also trained, as well as People & Management teams (which are directly involved in these cases), with monitoring by the Integrity area and a professor and Anthropology consultant. | Yes | |
| Supply chain | 100 | The Code of Conduct and the Vendor Contracting Policy set minimum human rights standards for vendors. For contracts, there is an additional document with minimum standards: List of Minimum Safety, Environment, and Occupational Health Requirements for the Contractor. In addition, in the scope of purchase requests, the requesting area is responsible for defining any additional health and safety requirements for the scope of the contract. | Yes | |
| Labor analogous to slavery and/or child labor | 100 | As a signatory of the National Pact for the Eradication of Slave Labor, Klabin undertakes to cross-reference its base of active and inactive Suppliers, multiple times a year, with the names listed in the Register of Employers who have subjected workers to conditions analogous to slavery (popularly known as the “Black List of Slave Labor”). Thus, if there is any note, the appropriate actions taken by the Company follow the identification of the supplier and service provided (date, place, among other data) and formal notification to the party demanding clarification and declaration on the corrective measures implemented (and suggestions for improvement, if necessary). From this stage, it is evaluated whether the supplier will be monitored or if the supply will be interrupted. In 2022, there were no cases of suppliers in Klabin's chain mentioned in that list. |
Yes | |
| Communities | 100 | Implementation of the procedure for managing conflicts with communities, which establishes an internal committee to address complaints considered valid. In addition, the company maintains Fale com a Klabin, a channel dedicated to answering demands, complaints and complaints from the community. | ||
| Traditional communities (quilombolas, indigenous, faxinalenses, etc.) | 100 | Klabin maps all the traditional communities in its areas of influence, such as quilombolas, faxinalenses (communities that inhabit small areas and live off their relationship with the forest) and Indigenous groups. In its relationship with these communities, the company follows Brazilian legislation and the recommendations of ILO 169, a resolution of the International Labor Organization for Indigenous and Tribal Peoples, guaranteeing their right to prior, free, and informed consent (CLPI). | ||
| Engagement with stakeholders | 100 |
Klabin's Social Responsibility and Community Relations area operates on several fronts, intending to preserve and improve the company's relationship with its stakeholders and affected parties; nullify or mitigate impacts caused by its operation; and, promote actions that contribute to the local development of the municipalities where it operates, among others. Thus, its main work fronts are:
|
Yes | |
| Environment | 100 |
All operating units have an environmental management system that includes:
|
Yes | |
| Data Protection | 100 | Klabin has a governance structure and cyber security policies and procedures and engages in constant system monitoring. The policies and standards are based on ISO standards and consider the Brazilian General Data Protection Law (LGPD) and the Brazilian Civil Rights Framework for the Internet. The process and information are made available to all employees through a Cyber Security Booklet and training. Vendors who have access to Klabin and Klabin employee data are informed of their responsibilities through the contract and fill out an LGPD Compliance form. | Yes |
The Risk Management Department of Klabin was created in 2018 with the support and assistance of the senior management (Board of Directors and Executive Board). The area seeks to apply best practices to support operational, corporate and/or equivalent areas in analyzing their processes, with a focus on mapping and assessing risks, implementing controls and/or actions, and business and operational continuity plans.
In November 2020, the Audit and Related Parties Committee was created, a body to assist the Board of Directors, which has among its functions the evaluation of the control mechanisms of the Company's risk exposures. The Risk Management has, at least, two fixed annual meetings with this committee to promote to the members the risk management methodology and the "Tone the Top" model, updating the concepts, methodology, and discussions about main risks, and action plans.
In the year 2021, the IB Solutions risk management software was implemented, aiming to automate the process of follow-up of the actions and controls of the owners of the risks and actions, assist in the traceability and history of the changes, and the creation of dashboards.
Klabin believes that the risk management culture in an organization is the central point to promote and materialize, at all levels of the Company, the importance of risk management. In addition to the regular presentations of topics related to risks to the Board of Directors, the Company started in 2022 an internal education program for leadership, which includes an update on risk management (methodology, main risks, etc.) for new Directors and Board members.
The procedures associated with risk management were submitted to an internal audit in 2023.
FRAMEWORK – DEFENSE LINES
-
1st line of defense: Composed of the operational areas and their equivalents, who, through their teams, are responsible for the company's daily operational activities, and assume primary responsibility for identifying, assessing, and managing risks.
-
2nd line of defense: Composed of the risk management and related areas (Integrity, Internal Controls, and Information Security), they are responsible for monitoring and supervising the activities of the 1st line of defense and guiding appropriate risk management practices.
-
3rd line of defense: Composed of the independent internal audit area, which reviews and evaluates both the 1st and 2nd lines of defense so that risk management and internal control processes are effective and comply with best corporate governance practices.
Updated and verified on: 07/04/2024