ESG Report


Risk management

Risk management system, or operations under control

  • Risk B

With any action taken by the Group, it is inherently uncertain whether the process is completed and the goals are met

The impact of such uncertainty on processes and their goals is defined as a risk. The purpose of risk management is to increase the probability that the Group achieves its objectives and delivers its projects by taking measures to mitigate the risk to an acceptable level.

The Group operates a risk management system where all employees participate in performing risk management and internal control activities. The risk management system is designed to allow us to identify, measure, manage and monitor the risks that might affect the achievement of our strategic, operational, financial, reporting and compliance objectives across all business and corporate functions, as well as development projects teams.

The goal of our risk management policy is to ensure a consistent approach to measuring and mitigating various types of risks. The policy sets out the framework structure of risk management, the scope of the system and its rules. It describes the risk management approach applied by the Group and the individual system components.

The existing process ensures accountability for risk management. The scopes of responsibilities and competencies of the individuals involved in the process are set out below. All employees of the Group are responsible for risk identification and reporting.

Allegro-Grafiki-22-ENG_board of directors Allegro-Grafiki-22-ENG_board of directors

Read more on the risk management process in our Consolidated Annual Report for 2021, section “Risk Management System, Risk Factors and Regulatory Matters”.

  • 102-11
  • Risk C

Non-financial risk, or everything counts

Measuring and disclosing ESG performance, risks, and controls is essential to gain the trust of stakeholders and generate maximum value from the market. We identify the following risks as the primary focus of our ESG activities. The non-financial risk identification and assessment process is an integral part of the risk management system.

Principal risks

Environmental & Climate Risk


Although e-commerce is more green than traditional forms of retail, we are aware that the Group’s operations pose a negative environmental impact (e.g. CO2 emission, packaging waste). The growth of our business, without implementing carbon emission and energy reduction programmes, as well as sustainability initiatives, could result in a negative environmental impact. The new regulatory framework related to the EU Green Deal and environmental transition may imply further obligations on retailers and possibly on other entities. The ongoing climate changes have the potential to generate substantive changes in operations, revenue or expenditure. Carbon-neutral initiatives and sustainable technology solutions, e.g. sustainable packaging, may increase the costs of our operations.

More about risk management in section The environment and climate

Read more about TCFD in the Risk Management, or Climate under Control section.

Social Risk

The Group's brand may be adversely affected if its public image or reputation is tarnished by negative publicity. Product recalls, product liability claims, breaches of corporate social responsibility, the presence of counterfeit goods that violate the Group's terms and conditions or other fraudulent activity in the Group's e-commerce marketplace that is not detected by its anti-fraud technology could significantly harm the Group's reputation and business. User complaints or negative publicity about the Group’s websites, products, delivery times, returns processes, the working conditions of its employees (or those of the employees of any of its subcontractors or suppliers), user data handling and security practices or customer support, including on internet-based platforms such as blogs, online ratings, review services and social media websites, could have a significant negative impact on the Group's reputation and on the popularity of the Group's websites.

More about risk management in section Customers at the centre of attention

Risk Related to Human Rights

The control and prevention mechanisms of the Group's compliance structure might not be sufficient to adequately protect the Group from all human rights violations such as unequal employee treatment (hiring, remuneration, training and promotion, etc.) or other violations involving third-party partners and suppliers

More about risk management in section Human rights

Labour Practices

The loss of qualified personnel, high employee turnover or persistent difficulties in filling job vacancies with suitable applicants could have a material adverse effect on the Group's ability to compete effectively in its business and considerable expertise could be lost by the Group or access thereto gained by the Group's competitors. In addition, to attract or retain qualified personnel, the Group might have to offer increased compensation packages and other benefits which could lead to higher personnel costs. Any failure to attract, train, motivate or retain skilled personnel at reasonable costs could result in a material adverse effect on the Group's business, financial condition and results of operations.
The work-related hazards and hazardous situations and the risk of a work-related injury or ill health, including accidents and occupational diseases could also materially adversely affect the Group's business.
The COVID-19 pandemic has profound implications for employees who are required to continue operating in the workplace (especially at the warehouse). Employees working remotely may not have ergonomic and appropriate workspaces at home.

More about risk management in sections: Employees or Diversity and inclusion.

Risk of Corruption and Other Violations

The Group may be exposed to incidents of corruption or bribery (kickback, facilitation payment, payment extortion, cyber extortion), conflicts of interests or other inappropriate behaviour, as well as failure to adequately protect customers’ personal data.


More about risk management in section Ethics and Compliance

Risk of cybersecurity and private data breaches

The Group relies on third-party data centre providers, whose facilities could suffer as a result of a cyberattack. Cybersecurity, private data management and ensuring a sufficient level of security for our infrastructure are important parts of our operations.


More about risk management in section Cybersecurity and personal data protection

The Board of Directors oversees matters of sustainable development and climate, especially by monitoring and supervising the company’s CSR & Sustainability Strategy

At the same time, since climate and environmental risks are subject to risk management and the Risk Management Policy, all Allegro.eu Group employees are responsible for risk identification and reporting. The role of the Board of Directors is to supervise corporate risk, define the scope of risk management, define directions for the development of the risk management system and determine risk appetite levels.

In line with the recommendations of the Task Force on Climate-Related Financial Disclosures (TCFD), Allegro.eu carefully maps climate risks and, even more broadly, environmental risks. The process of identifying, assessing and managing climate risks is part of the overall risk management process at Allegro.eu Group. Read more about TCFD in the Climate Section.

Search results