Opportunities from market trends
The market for security and access solutions is in transformation. Megatrends such as the rising need for security, urbanization, demographic change, and increasing prosperity in emerging economies as well as new technological opportunities are driving demand but also require new approaches. Increasing digitalization of services, often cloud-based, is transforming our relationship with our physical surroundings. Patterns of work and travel have adapted to a “new normal” that is very unlike pre-pandemic life, and the need to reduce carbon emissions is becoming a global imperative. dormakaba intends to continue to invest significantly in innovation, product development, and sustainability in order to exploit the growth opportunities brought by these megatrends, and to achieve innovation leadership (see also the statements on Research and Development above).
Opportunities from industry consolidation
Opportunities also arise from the ongoing and anticipated consolidation of the industry in which dormakaba operates. Despite the consolidation that has already occurred, the market for security and access solutions remains highly fragmented: The three biggest companies in the industry together account for only about one third of market share. dormakaba plans to further strengthen its market position and will therefore continue to play an active role in industry consolidation.
Opportunities from market position
dormakaba is already a global leader in security and access solutions; Its commitment to innovation and sustainability will help it maintain and improve that position as the industry consolidates. Its business is characterized by high resilience and barriers to entry. Digitalization, country-specific regulation, complex system integration, and continuing after-sales service all contribute to customers’ need for a close and continuing partnership with their chosen supplier. As a trusted innovator, with a comprehensive solutions portfolio, broad and deep global market presence, and strong pricing power, dormakaba is well-positioned to anticipate, influence, and participate in all significant developments in the building industry.
Opportunities from the “dormakaba” brand
The company’s brands are key assets in its business development as they play a significant role in creating customer loyalty and differentiation. The company’s main brand, “dormakaba” is well-known and appreciated in the market for its seamless flow and integrated access. It emerged from the combination of the renowned brands Dorma and Kaba following the merger in 2015. In addition, segmentation through strong regional, local, and independent brands help the company to improve channel penetration and market reach. This is why the company’s brand portfolio, beside the main brand dormakaba includes constituent brands such as Best, Alvarado, Kilargo, Groom, Dorma Hüppe, Modernfold, Skyfold, Silca, and Ilco that are just as well-established in the market and inspire long-term customer loyalty. The streamlining of the company’s operational model introduced by the Shape4Growth strategy will enable the Group as a whole to gain optimal benefit from market segmentation while maintaining strategic focus and operational efficiency.
Risk policy, risk management, and risks at dormakaba
dormakaba manages a globally active business. All its business activities are conducted with the aim of securing economic success. However, these activities can also bring about risks. The overriding goal of the risk policy of dormakaba is to secure the future development of the Group, to achieve sustainable profitable growth, and thus to increase enterprise value. In the course of its business activities, dormakaba is exposed to the general risks inherent in any entrepreneurial operation, and these may impede or prevent the achievement of its goals. In this context, opportunities to be utilized to meet or exceed planned targets are analyzed to identify and assess the risks they bring about. In the course of business, these risks are monitored and managed carefully, and their mitigation plans are continuously adapted to changes.
dormakaba always takes strategic and operational decisions on the basis of a systematic analysis and evaluation of the opportunities and risks relating to its assets, financial position, and earnings. It avoids risks that are assessed to be incalculable, unreasonably high, or existential.
Opportunities, as understood in the Group’s opportunity and risk policy, are chances to use events, developments, or active operations to achieve or exceed planned quantitative and qualitative objectives. Risks, as understood in the risk policy of dormakaba, are all those internal and external events and developments that could have a negative effect on the Group’s planned economic success. In addition to direct, quantitatively measurable risks, qualitative risks, such as reputational risks, are also taken into account.
The overriding aim of dormakaba is to sustainably increase its enterprise value (see also, section Goals and Strategies ). Active risk management supports the company’s management in achieving this goal.
Opportunities and risks should be identified at an early stage and actively controlled. To do this, dormakaba has implemented a comprehensive risk management system.
a) Internal Control System based on Group accounting
In line with the Swiss Code of Obligations, dormakaba has implemented an Internal Control System (ICS) based on the consolidated (Group) accounting (see bullet points below). The ICS ensures that business activities are correctly recorded, analyzed, evaluated, and transmitted to the external accounts.
The essential characteristics of the ICS with respect to accounting are:
- A clear organizational, business, controlling, and monitoring structure;
- Computer systems used for accounting are protected against unauthorized access;
- Internal regulations about the specific requirements are developed, implemented, and communicated;
- The departments and persons involved in accounting meet the requirements in terms of quantity and expertise;
- The ICS, as it relates to accounting, and the internal reporting systems ensure and continuously check the correctness and completeness of data in the accounting system; the Internal Audit department regularly conducts spot checks of the implemented processes and controls;
- The four-eyes principle has to be applied to all processes relevant to accounting, and the separation of functions has to be respected, both to the extent organizationally possible, which is subject to special audits;
- The BoD regularly deals with the main topics relevant to accounting, risk management, Internal Audit, the external audit mandate, and external audit priorities.
In addition, statutory and specific internal corporate guidelines and directives are used to ensure that accounting is consistent and proper. The application of clear and consistent accounting rules and a uniform consolidation software tool ensure consistent accounting throughout the Group in line with legal and statutory requirements as well as the chosen accounting framework, Swiss GAAP FER.
Further information can be found in the Corporate Governance Report 2022/23.
b) Risk management system
Risk management is integrated into the regular business and decision-making processes, codified in internal rules and regulations, and made binding to all Group companies. It includes an impact-focused assessment of risks, implementation of appropriate risk mitigation measures, regular review of identified risks and measures, and transparent reporting of the risk situation. Responsibility for the definition and monitoring of risk management (“risk governance”) lies with the BoD, while the Audit Committee monitors implementation. Responsibility for implementing and applying the risk management system rests with the EC and with line managers throughout the internal hierarchy.
The company’s risk management system distinguishes between operational and strategic risks:
- Operational risks are future events that could hurt the efficiency or effectiveness of business processes, or that could compromise compliance with regulations or reporting requirements in day-to-day business. Responsibility for identifying and controlling these risks lies with the heads of Regions and Global Functions.
- Strategic risks are future events that may compromise the long-term development of dormakaba and prevent it from achieving its strategic objectives. Reports about strategic risks from the Regions and Global Functions are consolidated at Group level into risk maps that show likelihood of occurrence and potential amount of damage, with both dimensions divided into four evaluation categories. Strategic risks are discussed within the medium-term planning process and consolidated by the EC into a “Group Risk Assessment” that is presented for approval to the BoD through its Audit Committee. The EC reviews the risk situation every half year. Additionally, the risk situation is scheduled for discussion and review during Monthly Performance Review meetings every quarter.
The Group Internal Audit function is responsible for internal audits at dormakaba. Internal Audit reports directly to the Audit Committee, although in functional terms it reports to the CFO. All audits performed in the financial year 2022/23 were in line with the (yearly) audit plan and approved by the Audit Committee.
Risks faced by dormakaba
a) Risks arising from business transactions
Our new strategy includes active portfolio management, acquisition, and divestments. This creates risks in the evaluation, transaction, and integration of the corresponding entities and assets. To minimize these risks, dormakaba manages the acquisition projects rigorously through standardized due diligence and PMI processes, using well-trained specialist employees and professional support from outside the Group.
b) Opportunities and risks arising from the business model
In recent years, dormakaba has continued to extend its product portfolio on electronic and cloud-based solutions. Its products are very frequently used in security-relevant applications such as access control systems which are increasingly often connected. dormakaba is therefore more exposed to cybersecurity risks, e.g., hackers gaining unauthorized access to sites and premises protected by dormakaba products, causing damage to the Group’s reputation and possibly exposing dormakaba to liability claims. dormakaba counters the increasing significance of such cybersecurity threats during the product development process by using the latest methods to identify points that could be attacked, and then closing these known vulnerabilities in the hardware and software with upgrades before new products are launched on the market. Equally important, existing products (mechanical, electronic, and cloud-based) are subject to continuous testing to keep them robust against new threats. dormakaba has taken out product liability insurance to be protected against these cyber threats to an extent that is economically reasonable.
Digital transformation is progressing rapidly, and it is essential to the success of dormakaba that it keeps pace with this development. This applies to the Group’s products and their connectivity as well as services, but also to operational processes. Sudden, disruptive developments are not rare these days, and there is a risk that existing competitors or new entrants to the markets of dormakaba could use such disruptive leaps to create significant advantages for themselves. The company’s innovation management team systematically monitors and analyzes the relevant technologies. As part of mid-term planning, targeted analysis of information relating to the state of the market and the competition is conducted to ensure that local peculiarities are also taken into consideration. For dormakaba, as a manufacturer and supplier of high-quality access products and solutions in the premium market segment, the growing pressure on prices in relevant markets and specific product areas also represents a risk. It counters this risk through the targeted development of new products that offer customers a broader range of solutions, services, business models, and continuous improvement in operational excellence (efficiency), thus helping to secure the Group’s market position. This strategy is complemented by elaborate strategic pricing efforts.
A significant risk in product manufacturing is the possibility of a lengthy interruption to operations at one or several of the Group’s worldwide production sites, for example because of fire or cyberattacks. Supplier failure and poor-quality raw materials and components also constitute a risk. Alongside the essential insurance protection, a central goal of the loss prevention programs in place at all manufacturing sites is to minimize these risks. Through these programs, the measures in place to prevent fire are regularly updated, formulated, and implemented. This is a recurring process that includes regular site visits and systematic risk grading analyses, conducted by the company’s global insurance provider who also organizes feedback loops and support in improvement projects. To counter the increasing risk of cyberattacks aimed at information technology as well as operational technology, dormakaba established an information security organization that assesses cyber threats and orchestrates adequate mitigation projects to protect vital assets.
Manufacturing processes create the risk of air and water pollution. To minimize this risk, dormakaba invests continuously in environmental protection measures. Please see the Sustainability Report for specific information about measures and relevant certifications.
As a globally active company, dormakaba is exposed to risks created by the political situation in individual countries and regions, and also to risks resulting from pandemics as well as war and trade conflicts between countries or country groups. Such risk drivers can rarely be influenced. dormakaba carefully monitors such situations and tries to implement prompt and appropriate risk control measures. Its top priority is always to protect its own employees.
Transnational activities might continue to be impacted by supply chain disruptions, while transportation prices remain at a high level. Shortages of certain commodities and components as well as energy have a negative impact on prices and availability. The war in Ukraine continues to exacerbate these tendencies, as do recent tensions relating to the Taiwan situation. For the time being, central banks’ monetary policies remain on the stricter side, with further interest rate hikes to be expected especially, by the European Central Bank.
To adequately react to changes that might occur from a macroeconomic downturn, dormakaba implements state-of-the-art contingency planning to minimize the impact on business operations and supply chains, and thus on customers and employees, while at the same time placing a strong focus on its financial stability. Additionally, scenario planning methods are used to identify organizational and geographic units that provide opportunities for cost reduction measures. The scenarios are also used to find opportunities to introduce new products or fine-tune the business approach to specific markets. Monitoring and re-evaluation of the current situation is institutionalized and repeated at a quick pace to keep up with geopolitical and economic developments. The target is to be and remain capable of reacting quickly and adequately to changes that might occur.
Many industries face serious skills shortages, which also affect a technology-driven company like dormakaba. To mitigate possible talent shortages, dormakaba is increasing its efforts to find suitable candidates supported by its global employer branding initiative that is regularly adapted and tailored to the needs of the organization. This also includes career path models for certain functions such as product development and IT, as well as remote working models. Through employee engagement surveys, HR monitors employee engagement and management puts plans in place at several levels to work on elements where engagement should be improved.
c) Personnel risks
dormakaba’s success depends on skilled and committed employees. The most significant personnel risks therefore involve skills shortages, where vacant positions cannot be filled properly, or competent employees leave the company. These risks are addressed through extensive employer branding initiatives, expanded talent acquisition practices, improved benefits and succession management, and through individual, targeted employee development programs.
d) IT risks
The main business processes and customer solutions of dormakaba are supported by IT systems. The failure of these systems and the permanent loss of data through operating or program error, or as a result of increasingly prevalent external influences (e.g., cybercrime), represent a risk. To limit the risk of critical systems and infrastructure failing, including operational technology (OT) in manufacturing, the company’s IT strategy is to use state-of-the-art protection standards. These are, for example, email address validation, client security protection and monitoring, identity and access control management, network security management, network and infrastructure management (e.g., 24x7 monitoring, high-level firewall protection tools, redundant network connections), special OT cybersecurity measures, and IT continuity operating plans for provision of redundant data and systems. dormakaba uses advanced threat protection solutions and operates a security operations center to further mitigate cybersecurity risks. A global information security management system (ISMS) in accordance with ISO 27001 is in place. Cybersecurity risk awareness trainings (e-Learnings, behavior trainings concerning phishing malware) are globally mandatory for each employee with access to corporate IT systems. Additionally, dormakaba has taken out insurance to be protected against cyber threats to an extent that is economically reasonable.
Successful and timely execution of the global IT strategy (standardization of applications and infrastructure) is vital for the company’s future success. Failure could result in the delay of integration projects and underperformance of important business or Group-wide processes, including financial damage.
e) Legal and tax risks
As a globally active group of companies, dormakaba is exposed to the risk of legal disputes involving such matters as product liability, competition and antitrust law, or intellectual property rights. Group-wide standards, training, and controls are in place to mitigate this risk.
Similarly, international business activities can give rise to potential tax-related risks. To identify and manage such tax risks, dormakaba sets directives and manuals based on a defined tax policy set by the Board of Directors. Intra-Group transactions can raise issues about the applicable tax jurisdiction: dormakaba applies the “arm’s length” principle of the OECD (Organization for Economic Cooperation and Development), which dictates tax payment where the economic value is created. dormakaba files the amount of taxes paid in a yearly CbCR (Country-by-Country Report). Transactions may further be subject to export control regulations. Compliance is managed through Group-wide standards, including directives and employee trainings. The internal Tax department works closely together with the local internal finance and legal organization and consults external advisors in case of need.
f) Compliance risks
All business activities have their compliance risks, especially when the business model involves worldwide production and sales, growth into new markets, and international procurement. Significant compliance risks include bribery and corruption, infringements of antitrust and competition law, fraud, preferential treatment of business partners out of personal motives, violation of intellectual property protection rights, and shortages of products or their improper installation.
The mission of Group Compliance is to support dormakaba management and employees in taking appropriate decisions, consistent with applicable laws and corporate regulations, and in acting with integrity. Its Compliance Management System meets the most stringent certification demands according to best practice standards. A Group Directive covering the main activities of dormakaba provides a full set of relevant internal rules and regulations and is regularly updated. In addition to the mandatory Code of Conduct trainings for all dormakaba employees, those whose roles expose them to compliance risks receive further training in antitrust and anticorruption measures.
g) Financial risks
dormakaba is exposed to the various financial risks that are part of doing business internationally, including default on trade receivables, liquidity and credit risks, and pricing risks from interest-rate and currency fluctuations.
The “European Market Infrastructure Regulation” (EMIR), the EU initiative to regulate OTC trade in derivatives, imposes an audit duty. During the annual audit under § 20 para. 1 of the German Securities Trading Act for the audit period from 1 July 2021 to 30 June 2022, it was confirmed that dormakaba has an overall and in all respects appropriate and effective system for ensuring compliance with the statutory requirements.
Switzerland regulates the OTC trade in derivatives with the Finanzmarktinfrastrukturgesetz (FinfraG). All Swiss-based Group companies classify as “NFC”(small non-financial counterparties) and have signed agreements with their banks regarding the delegation of reporting duties.
The funding for dormakaba Group companies is managed centrally. A five-year syndicated sustainability-linked credit facility, agreed for dormakaba during financial year 2020/21 with a consortium of banks, amounts to CHF 525 million with options to extend by another two years and to increase the facility by CHF 200 million. There are also agreements in place with various regional banks for bilateral credit facilities. dormakaba thus has sufficient liquidity reserves to ensure that even unexpected events do not have a significant effect on its liquidity position.
The bridge-to-bond credit facility with a major Swiss bank signed in June 2022 was repaid with a successful debt capital market issuance of a CHF 275 million bond for 2022-2027 in September 2022. The new CHF bond, besides the existing CHF 320 million bond for 2017-2025, ensures a solid and well-balanced long- & short-term maturity structure of dormakaba’s debt portfolio.
h) Other risks
The company’s business model could also give rise to other risks not mentioned so far. These could be, for instance, sustainability compliance risks including compliance with materials restrictions laws or human rights due diligence laws, climate change risks, and liability risks resulting from local laws that are not known at Group level. dormakaba counters these risks by diverse measures, including its sustainability framework and organization, the consistently high quality of its products and services, the engagement of legal experts when the risk of a legal dispute is identified, or by taking out appropriate insurance cover. A full disclosure of climate change-related risks is made available in dormakaba’s annual submission to the CDP.