Operational and societal risks

Operational and societal risks

Risk

Description

Mitigating activities

Customer service and network quality

Telia Company focuses on offering high-quality services and networks, which is fundamental to customer perception now and in the future. The ambition to create a service company on the customers’ terms requires a major internal change of processes, attitude and focus in many parts of the company. Additionally, Telia Company currently outsources many of its key support services, including network construction and maintenance in most of its operations.

Potential impact

Extreme weather conditions and natural disasters may cause serious problems to network quality and availability. The limited number of outsourced service suppliers, and the terms of Telia Company’s arrangements with current and future suppliers, may restrict its operational flexibility and incur unnecessary costs. Failure to meet customers’ quality requirements or expectations may have an adverse impact on customer retention and acquisition.

  • Ensuring network resilience through a combination of sound risk management, business continuity planning and incident management
  • A group wide crisis management organization handles unexpected and critical incidents negatively affecting operations
  • Continuous work to improve internal as well as outsourced operational processes to fulfil customer expectations
  • Customer satisfaction is continuously measured both to improve understanding of, and fulfil, customers’ expectations

Customer privacy

Vast amounts of data are generated in and through Telia Company’s services and networks. New ways of connecting and data-driven business models increase the complexity of understanding and retaining control over how data is collected and used. 

Potential impact

Actual or perceived issues related to data network integrity, data security and customer privacy might lead to adverse impact on the privacy rights of users which may lead to an unfavorable perception of how Telia Company handles these matters, which in turn may impact business. Not meeting national and EU legislation may cause significant financial penalties.

  • Implementation of the EU General Data Protection Regulation (GDPR)
  • Privacy officers appointed throughout the organization

Freedom of expression and surveillance privacy

In the telecommunications industry, there is a high risk for the freedom of expression and surveillance privacy of users. Risks relate to how national laws and regulations on surveillance of communications or shutdown of networks can be overly broad in ways that violate human rights, and complicity by ICT companies in violations linked to major and problematic government requests. Telia Company may be legally required to comply and, like other operators, only have limited possibility to investigate, challenge or reject such (often strictly confidential) requests.

Potential impact

Actual failure in respecting freedom of expression and privacy may first and foremost damage rights holders by limiting their freedom of expression and surveillance privacy. Actual or perceived failure may also damage the perception of Telia Company, leading to exclusion from procurement or institutional investment processes. Network shutdowns and blocking limits core business, which may negatively affect revenues.

  • Building leverage to influence national laws and regulations with peer companies and joining efforts with multi stakeholder Global Network Initiative (GNI)
  • Transparent reporting on statistics of day-to-day conventional authority requests (Law Enforcement Disclosure Reports) and of unconventional requests (“major events”)

Protection 
of children

Children and young people are active users of Telia Company’s services. However, children are particularly vulnerable to online threats such as cyber bullying and inappropriate content. Telia Company’s services may also be used for distributing or accessing child sexual abuse material.

Potential impact

Telia Company may indirectly be complicit in violating children’s rights if products and services as well as network filters are not properly assessed. Actual or perceived failure to create a safe online experience for children and young people may negatively affect brand perception, incurring loss of business.

  • Blocking child sexual abuse material (CSAM) and systems for detecting and reporting CSAM in internal IT system
  • Regular follow up our performance against a number of industry self-regulatory initiatives in the area of protection of children online
  • Understanding children’s perspectives on online life through a Children’s Advisory Panel (CAP)
  • Assessing impact on children’s rights in all relevant business activities

Occupational health and safety (OHS)

The most significant accident risks related to occupational health and safety (OHS) are linked to construction and maintenance work carried out primarily by contractors. Telia Company employees work mainly in office or retail environments where the main risks relate to psychosocial well-being and ergonomics.

Potential impact

Failure to maintain a healthy and safe working environment may lead to increasing sick leave, low employee engagement and a higher number of accidents and injuries, incurring increased costs and potential loss of critical competence.

  • Implementation of OHSAS 18001 occu­pational health and safety management system in all major operations
  • OHSAS 18001 implementation activities include risk assessments, training, investments and support to ­employees’ wellbeing
  • OHS KPI s to follow fatalities, rate of lost time, injuries and sickness absence followed up quarterly locally and on group level

Ability to recruit and retain skilled employees

People are at the core of everything that we do at Telia Company and their talents enable us to execute on our strategy. The demand and competition for talents in the ICT area is getting increasingly tougher. In order to win the battle of talent Telia Company needs to attract, recruit, and retain highly skilled employees.

Potential impact

Failure to recruit and retain necessary skilled employees may impact the ability to develop new or high growth business areas and thereby deliver on the strategy.

  • Efforts to build a strong employer brand to ensure talent attraction
  • Establish a modern and efficient global recruitment process
  • Providing internal growth opportunities
  • Continuous improvements and follow up of the results from yearly employee survey

Corruption and un­ethical business practices

Some of the countries in which Telia Company operates are ranked as having high levels of corruption. The telecommunications industry is particularly susceptible to a range of corrupt practices as it requires government approvals and necessitates large investments. Key areas where the threat of corruption is significant include the licensing process, market regulation and price setting, the supply chain, and third-party management and customer services.

Potential impact

Actual or perceived corruption or unethical business practices may damage the perception of Telia Company and result in financial penalties and debarment from procurement and institutional investment processes. Related fraud may significantly impact financial results. Ongoing disposal processes may in themselves pose risks of corruption, fraud and unethical business practices. Corruption is also linked to higher risks for human rights infringements.

  • Anti-bribery and corruption (ABC) program, based on Telia Company’s compliance framework, implemented in all parts of the organization
  • “Responsible exit” plan for region Eurasia containing actions to ensure continued third party due care activities to prevent, detect and remedy ABC risks
  • Education and communication efforts on ABC to targeted audiences, specifically high-risk roles
  • Review standards and controls, and corruption risk assessments of acquiring cell tower sites

Responsible sourcing

Telia Company relies on a vast number of suppliers and sub-suppliers, many of which are located in countries or industries with challenges in upholding ethical business practices, human and labor rights, health and safety and environmental protection. Despite efforts to conduct due diligence and onsite audits, suppliers and sub-suppliers may be in violation of Telia ­Company’s supplier requirements and/or national and international laws, regulations and conventions.

Potential impact

Failure or perception of failure of Telia Company’s suppliers to adhere to these rules and regulations may damage customers’ or other stakeholders’ perception of Telia Company. Violations of laws and regulations puts suppliers and sub-suppliers at risk of needing to limit or terminate their operations, which may negatively affect how Telia Company is able to deliver its services. Severe violations may lead to Telia Company needing to seek new suppliers, which may negatively impact sourcing costs and delivery times.

  • A standardized risk-based supplier due diligence process implemented and performed prior to signing new or renewed contract
  • Supplier code of conduct, which stipulates our expectations on sustainable business practices, is included in new supplier contracts
  • Security directives are included in contracts where supplier handle customer data