Combined Management Report

Organization of the risk management

The Fraport Executive Board bears overall responsibility for an effective risk management system that ensures uniform and comprehensive risk management. In this context, by preparing the development plan, it has also approved the risk strategy and risk objectives for the Group. The Executive Board appoints the Chief Risk Officer and the members of the Risk Management Committee (RMC), approves the rules of procedure for the RMC and the risk management guidelines, and receives the quarterly reports and ad hoc reports in the risk management system.

The RMC is the highest committee in the risk management system and, following its meetings, releases quarterly risk reports to the Executive Board. The Chief Risk Officer is the spokesperson for the RMC and reports directly to the Executive Board. The Risk Management, Processes, Systems (REW-RS) department is responsible for the organization, maintenance, and further development of the Group-wide risk management and internal control system (ICS), and for regularly updating and implementing the guidelines for risk management system and ICS in the Fraport Group.

Risk and opportunity management is a key function of the respective business, service, and central units of Fraport AG and Group companies that are responsible for their business processes; this involves management of material risks and the use of appropriate measures to mitigate and reduce them to an acceptable level, as well as actively grasping opportunities.

Process-integrated and process-independent monitoring measures form the elements of the internal monitoring systems. The central Group Internal Audit unit is integrated into the internal monitoring system of the Fraport Group with process-independent audit activities.

PricewaterhouseCoopers GmbH Wirtschaftsprüfungsgesellschaft (PwC) has examined the risk early warning system of Fraport AG during the audit of the annual financial statements for stock corporation law requirements. According to Section 91 (2) AktG, it fulfills all the legal requirements that apply to such a system.

The Supervisory Board of Fraport AG is tasked with monitoring the effectiveness of the internal control and risk management system as per Section 107 (3) AktG. The finance and audit committee (FAC) of the Supervisory Board handles this responsibility.

Risk transfer through the purchase of insurance policies is controlled by the Group company Airport Assekuranz Vermittlungs-GmbH.

The risk management system is documented in a guidelines for Fraport AG and for the respective Group companies and is closely linked to the central ICS as well as represented in an integrated risk management software. It follows the “COSO II” (Committee of the Sponsoring Organizations of the Treadway Commission) framework and covers risks in the areas of strategy, operations, finance, and compliance. The risk management system only covers risks.