2. Service Responsibility | page 22
Translation of the Estonian original
TABLE OF CONTENTS
2.2 Quality management and risks
The Group’s parent, AS Tallinna Sadam, has been applying an integrated management system,
which complies with the requirements of international quality and environmental management
standards ISO 9001 and ISO 14001, since 2003 already. Conformity with international
standards proves that the management system of AS Tallinna Sadam ensures the satisfaction
of customers and other stakeholder groups, efficiency of work flows, and effective control of risks
and environmental aspects. In March 2020, we successfully passed a recertification audit carried
out by the certification agency Bureau Veritas Eesti OÜ, which confirmed our compliance with the
requirements of ISO 9001:2015 and ISO 14001:2015. The next recertification audit will be carried
out in March 2021. The main quality and environmental management system development goals
included performing customer satisfaction, corporate reputation and employee engagement surveys
and analysing the results. We also continued with several digitalisation projects, which are aimed
at digitalising human resource management activities, implementing digital asset and incident
management solutions and paperless teamwork tools.
TS Shipping has been applying an integrated management system, which complies with the require-
ments of quality management standard ISO 9001:2015, environmental management standard
ISO 14001:2015 and occupational health and safety management standard OHSAS 18001 since
2017. In May 2020, the certification agency Bureau Veritas Eesti OÜ conducted a recertification
audit of the integrated management system in accordance with quality management standard
ISO 9001:2015, environmental management standard ISO 14001:2015 and occupational health and
safety standard ISO 45001: 2018. TS Shipping achieved its key targets for 2020: a ship availability
indicator of at least 90% and a customer satisfaction index of at least 80%.
The risks which influence the activities of Tallinna Sadam are reviewed in accordance with
the Group’s risk management framework. The risks affecting the operations of Tallinna Sadam
have been classified into three main categories: risks resulting from the external environment
(external risks), risks associated with specific business lines and operational risks. Each risk has been
assigned a level of severity (low, moderate, high, extreme) and mitigation measures that depend
on the nature of the risk. The Group’s financial risks are managed separately and a comprehensive
overview of their hedging and mitigation principles and means is provided in note 4 to the financial
statements.
External risks which affect the Group’s operations the most include long-term impacts
of the COVID-19 pandemic on passenger and cargo flows, stricter environmental requirements
resulting from climate change and possible unfavourable changes in national tax policy (including
alcohol excise duties). Other significant risks include the business risks of the Group’s major
customers and prospective customers’ unwillingness to invest due to the instability of the global
economy. In the passenger business, significant risks in the long-term perspective include
the construction of a competing passenger harbour and possible incidents with passengers on
harbour premises. The cargo business is exposed to the continuation and expansion of the EU and
US economic sanctions against Russia, increasing competition (including domestic competition)
between the Baltic Sea ports, and Russia’s ongoing restriction of rail transport volumes. In the real
estate business, significant risks are related to possible delays in local governments’ planning
processes and possible legal disputes. In shipping, ferry operations may be affected in the long-
term perspective by the possible construction of the Saaremaa bridge and the operations of the
icebreaker Botnica may be affected by our inability to secure regular summer work for the vessel.
High operational risks include the risks related to occupational health and safety, the planning and
execution of business projects and a possible decrease in the market value of significant assets.
According to the risk assessment, other risks, including environmental risks (such as the risk
of pollution of the port basin and harbour premises, noise and odour nuisances), safety and security
risks, personnel risks, etc., are not as high (taking into account the risk mitigation measures) and,
depending on the specific risk, fall into the low or moderate category.
In keeping with our values and ethics and to prevent corruption, we have put in place a Group-wide
procedure for avoiding conflicts of interest. The procedure requires, among other things, members
of Group companies’ management and supervisory boards (16 persons in total) and employees
who can influence transactions (13% of the Group’s employees) to declare their business interests.
We also observe the requirements of the General Data Protection Regulation (GDPR) and pay
increasing attention to ensuring cyber security. We address the topics at regularly organised training
events and share relevant information (e.g. on our intranet) with employees and members
of the governing bodies. Additionally, we regularly test our information systems with the assistance
of external experts to improve our cyber security and mitigate related risks.