In short, the categories of risk identified by ECI are as follows:

Investment risk
This risk is monitored especially for existing investments. ECI usually delegates the responsibility for investment risk management to the boards of the investment companies. These delegated responsibilities are preferably executed by appointing its own members in non-executive capacities on those boards.

Performance risk
This risk relates to those risks managed by the ECI and include strategic risk, opportunity risk, reputation risk, liquidity risk and risks relating to corporate governance, social responsibility and stakeholder relations in the broadest sense.

Operational risk
This risk includes operational effectiveness and efficiency, safeguarding of assets, compliance with relevant laws and regulations, reliability of reporting, effective operational risk management, human resource risk, technology risks, business continuity and risk funding.

The ECI has documented and implemented a comprehensive risk management system, which incorporates continuous risk assessment, evaluation, and internal control embedment. The purpose of the risk analysis is to reconfirm and update the consolidated ECI risk profile. This ensures that the residual risk profiles by investment, and in total, remain within the risk tolerances set by the ECI and that new emerging risks are identified and responded to in time.

Risk funding is viewed as a cost of capital activity aimed at reducing the company’s residual exposures to risk with potential impacts or risks which cannot be managed cost beneficially.

Control

ECI has an internal audit function. This is an effective independent appraisal tool and employs an audit approach. ECI pursues a clear and transparent company policy, which includes a solid safeguarding of all stakeholders’ interests.

The company’s external auditors have direct access to all company data. Their audit coverage is complete, including taxes and all finance matters. Independence is assured by terms of appointment.