Risk management

Managing our principal risks and uncertainties

As we transform our business and expand our product portfolio, understanding and managing our principal risks becomes more important than ever. We have listed below the risks that we think are most material to our business and performance at this time. We also explain some of the mitigating actions that help us manage these risks.

EXTERNAL

Risk

Global events

Impact

We are exposed to global market forces, fluctuations in national economies, societal unrest and geopolitical uncertainty, evolving legislation; natural crises, pandemics and so on.

Our operations are spread across the globe and failure to recognise and respond to any of these factors could directly impact the performance of our operations.

Mitigation measures

We continuously evaluate potential short-term market volatility and longer term socio-economic and political scenarios.

We engage with governments, local regulators and community organisations to contribute to, and anticipate, important changes in public policy

Developments in FY 20-21

The most significant emerging risk was the COVID-19 crisis.

It has impacted the price and supply of one of our key raw materials. Our early engagement in understanding the risks and impact helped in building our resilience towards our people and business. We have navigated the crisis successfully so far and continue to monitor the situation closely.

Risk

Consumer demand

Impact

The COVID-19 pandemic had a huge impact on consumer behaviour globally. Consumer preferences are changing and shifting towards branded, health and wellness category products.

Mitigation measures

We are building robust innovation funnel and structured innovation process from ideation to post-launch stage.

Continuous monitoring of changing consumer preferences, direct engagement and understanding market trends help in better development of new products and reformulating the existing ones to improve the value of our portfolio.

Developments in FY 20-21

We have put in place a structured and efficient innovation process to build a healthy pipeline of new products.

Our businesses continue to review their products and partner with others to enable a swift and innovative response to the changing consumer landscape.

Risk

Interest rate and exchange rate

Impact

We operate in multiple countries and thus, both interest rates and exchange rate risks could impact our performance.

Mitigation measures

We have established currency hedging policies and practices.

Developments in FY 20-21

Indian Rupee has strengthened against USD and has weakened against GBP this year.

GBP also strengthened against USD post the closure of Brexit negotiations

Risk

Commodity costs

Impact

Agri-commodities are subject to seasonal and market cyclicality. Volatility in commodity prices and availability can have an impact on our operations, asset values and cash flows.

Mitigation measures

We use hedging where possible. The commercial implications of commodity price movements are continuously assessed and, where appropriate, are reflected in the pricing of our products.

Partnership with quality manufacturers and channel optimisation are the other techniques we have adopted to reduce price volatility and ensure availability.

Developments in FY 20-21

Raw tea prices in India saw an unprecedented inflation due to COVID-led disruptions. The prices have since softened considerably but still remain higher than last year.

Risk

Plantation yield

Impact

The plantation yield of our subsidiary and associate companies depends on rainfall, ageing of bushes and pest attacks, among others.

Mitigation measures

We undertake various initiatives to improve plantation yield and profitability, such as replanting with new varieties, irrigation facilities and pest management.

Developments in FY 20-21

Tea plantation yield was impacted due to lockdown but increased realisation more than compensated for the loss in production.

OPERATIONAL

Risk

Impact

Mitigation measures

Developments in FY 20-21

Risk

Supply chain and business continuity

Impact

Lack of timely availability of resources can halt business operations and supply chain

Mitigation measures

A robust business continuity plan for key co-manufacturers and third parties and an enhanced crisis management system in line with global leading practices helped in responding to the unprecedented impact on business during the COVID-19 crisis.

Developments in FY 20-21

There were lockdowns and disruptions induced by the pandemic. Through better crisis management and business continuity plans, we were able to mitigate its impact on business.

Risk

Environmental

Impact

Failure to reduce our environmental footprint and to meet stakeholders’ expectations, particularly relating to climate change, water security, packaging waste and sustainable agriculture, can damage our license to operate, erode consumer trust and increase our cost of doing business.

Mitigation measures

We have programmes for reducing energy consumption, increasing the use of renewable energy, circular economy, plastic packaging management and recyclable packaging, water stewardship,

We have local and international partnerships on common issues, and we also focus on sustainable sourcing.

Developments in FY 20-21

Leadership in CDP India Index 2020, increase in share of renewable energy, sustainable sourcing of tea from India and Africa through Rainforest Alliance and trustea, extending Project Jalodari on water stewardship to tea communities of Assam and hill communities of Himachal, collaboration through Global Tea Coalition, increased recyclable packaging for Tata Salt and compostable tea bags for Tetley.

Know more

Risk

Workplace health and Safety

Impact

Many of our operations, by their nature, have the potential for loss of life or workplace injuries to employees, contractors and visitors.

Mitigation measures

We have a continuous safety audit programme to verify implementation of safety management and support a culture of continuous improvement

Best practices on safety and occupational health guidance are shared across the businesses

Developments in FY 20-21

During the year, we registered a Lost Time Injury Frequency Rate (LTIFR) of 0.83%, up from 0.60% in the previous fiscal; this is calculated based on one million hours worked.

Risk

Ethics and compliance

Impact

As an international business complying with multiple complex regulations, people with whom we deal must live up to our values and standards and share that responsibility.

Unacceptable behaviour like bribery and corruption pose a threat to our ethical competence.

Mitigation measures

The Tata Code of Conduct is designed to ensure suppliers, representatives and all those we deal with, adhere to our values and standards.

We draw assistance for the Company and our subsidiaries from respective legal departments and/or external legal advisors

We develop and implement internal policies and procedures to ensure compliance on an ongoing basis.

Developments in FY 20-21

We did not have any compliance concerns.

Risk

Product safety and integrity

Impact

Poor quality or contamination could result in safety issues, reputational damage, financial loss and product recalls

Growing impact of a social media-led scrutiny and tougher legal environment can further magnify the impact.

Mitigation measures

All our manufacturing activities are done as per the SOPs defined to ensure quality and food safety.

We ensure raw material safety and quality through vendor assessments

Systems are in place which are controlled and monitored through various KPIs like DPMO, RFT, Good Manufacturing Practice scoring etc. to ensure that quality and hygiene are maintained.

Most of the Units are certified with FSSC22000 & ISO22000 certification.

Developments in FY 20-21

Key performance indicators were defined, monitored, reviewed and actioned to ensure continuous monitoring and improvement across operations.

Risk

Cybersecurity

Impact

Our IT infrastructure has been moved completely to the cloud for greater efficiency in our operations, thus exposing us to information security breaches through cyber attacks.

COVID-19 has given rise to further challenges in cyber security:

  • Enabling our employees to work from home, provide access to data and applications in a secure manner, without any significant interruptions or disruptions.
  • Combatting new range of cyber-attacks that now target individual users to compromise their credentials, instead of attacking a business application directly.

Mitigation measures

While the business applications and data are hosted on the cloud, our carefully designed architecture infrastructure is regularly benchmarked against NIST, CSA and other industry leading standards.

Access to Cloud infrastructure is designed on cloud scale Zero Trust Network architecture of industry leading provider.

Single-Sign-On solution is implemented for all applications with Multi-Factor-Authentication for users for added security on identity / data theft.

We have significantly ramped up our processes and solutions to redefine our perimeter as Identity and Applications, instead of the legacy model of Network / Servers / Offices.

We have deployed cloud-based Identity, Authentication & Access Management solution which is also protected by multi-factor authentication. Using this solution, we have also covered all applications on Single-sign-on.

For applications and mission critical data, we have adopted a high-wall approach - protection by Zero-Trust model-based solution.

Developments in FY 20-21

We continue to invest more in security to safeguard our users, application and data against potential threats.

We have scaled up our proactive monitoring capabilities with Safe Security for the entire digital landscape, based on the industry standard of Common Vulnerability Scoring System (CVSS).

We have implemented MITRE framework for our Security Operations Centre (SOC).

We have also completed a security audit by one of India's big 4 auditors for our cloud infrastructure and implemented mitigation controls.

Our SOC solution has been expanded to identify anomalies on user activities. We have implemented website monitoring solution for availability and unauthorised content change.

We have done VAPT audit for all of our brand and commerce websites and implemented mitigation controls.

NIST - National Institute of Standards and Technology
CSA - Cloud Security Alliance
VAPT - Vulnerability Assessment and Penetration Testing
DPMO - Defects per million opportunities
RFT - Right first time