Risk report

The success of HUGO BOSS is based on the systematic use of opportunities within the framework of the Group’s corporate strategy. The Group is exposed to a variety of risks. Its risk management system includes all measures of a systematic and transparent approach towards risk. It aims to identify risks at the first possible opportunity, evaluate them adequately, handle or avoid them using suitable measures, monitor them and document them. Risks are defined here as possible future developments or events which may lead to negative deviations from the planned operating result. All types of risk are summarized into these five categories: external, strategic, financial, operational and organizational risk.

Risk management system

The Managing Board of HUGO BOSS AG has overall responsibility for an effective risk management system. The central risk management’s job is to coordinate the implementation and ongoing development of the risk management system. It is responsible for the centrally managed risk management process and is in close contact with the respective central departments and Group companies. There, defined risk experts and risk owners are responsible for identifying and evaluating risk, adequately dealing with risk and implementing effective risk mitigation measures. Monitoring the effectiveness of the risk management system is the task of the Supervisory Board of HUGO BOSS AG. This responsibility is exercised by the Audit Committee of the Supervisory Board, also with the involvement of the internal audit department. The proper functioning and appropriateness of the risk management system is also confirmed by the Group auditor.

Group-wide standards for systematically handling risks form the basis of an efficient risk management system. These are set by the Managing Board and documented in a risk manual that is applicable throughout the Group and available for all employees to read online. All employees of the HUGO BOSS Group are obliged to be aware of risks in their behavior, especially regarding those risks that may threaten the existence of the Group. The use of modern risk management software allows for recording and evaluating all identified risks as well as associated measures in a uniform way throughout the Group. The risk management system of HUGO BOSS is designed in accordance with the international standard ISO 31000.

Main features of the HUGO BOSS risk management system (graphic)

The risk management process used at HUGO BOSS consists of the four steps of risk identification, risk evaluation, risk handling and risk monitoring and reporting.

To ensure that risks are identified at the earliest possible stage, the Group continuously monitors the macroeconomic environment, the competitive environment in the premium and luxury goods industry, and all internal processes. The central risk management supports the risk owners across the Group with the regular identification and efficient categorization of risks using a risk catalog as well as the risk manual that is available throughout the Group.

Risk owners delegate the regular assessment of identified risks to the risk experts and give their assessment after a thorough examination. Risk experts are supported in their job by the central risk management.

Measurement criteria for business risks

Likelihood of occurrence




Extent of financial impact





≤ 20%




≤ 2,5% of planned EBIT



> 20 – 40%




> 2,5 – 5% of planned EBIT



> 40 – 60%




> 5 – 15% of planned EBIT

very likely


> 60%




> 15% of planned EBIT

Individual risks are evaluated by assessing their likelihood of occurrence and systematically analyzing their possible impact on the planned operating result (EBIT). Interest rate risks and tax risks however are evaluated based on their possible impact on cash flow.

Risk overview - riskmap (aggregated risks) (graphic)

The valuation criteria likelihood of occurrence and loss amount/exposure together form the criteria which make up the risk matrix. This is intended to create transparency regarding the Company’s current risk situation and support in the prioritization of risks. Any net risk as an actual risk potential is defined as the gross risk reduced by the impact of measures taken to mitigate the risk identified.

Preparing and implementing suitable risk mitigation measures is the job of the risk owners. In general, risks are managed in four different ways: risk avoidance, risk reduction, risk transfer to third parties and risk acceptance. An integral part of the risk management is therefore also the transfer of risk to the insurer, whereby the financial consequences of insurable risks are largely neutralized. The costs of the measures in question in relation to their effectiveness are also taken into consideration when deciding how to implement the respective risk management strategy. By working closely together with the risk owners, the central risk management monitors the progress and effectiveness of measures which are in the planning stages as well as those which have already been implemented.

The current status of all identified risks is assessed twice a year. However, depending on their extent, some risks may be assessed at a frequency of up to once a month. As part of the risk monitoring, insights into the latest trends are documented and risk evaluation and risk handling are revised if necessary. The continuous monitoring of early warning indicators is intended to allow possible deviations from the budget to be identified at an early stage. Reporting chains and the adoption of appropriate countermeasures defined in advance ensure a timely response in the event of a risk occurring. Group Management

As part of the regular risk reporting, the risk owners report the risks they have identified, including the respective likelihoods of occurrence, the potential financial impact as well as the risk mitigation measures to the central risk management. They aggregate the information reported and regularly present a consolidated report to the Managing Board and to the Audit Committee. Material individual risks and aggregated risk categories are given particular emphasis here. When critical or urgent issues arise, the regular reporting process is supplemented by an ad hoc report.

Assessment of the risk situation by the Managing Board

Development and composition of total risk exposure (bar chart)

The individual risks are aggregated using two methods to obtain the most accurate possible picture of the HUGO BOSS Group’s total risk position. On the one hand, the expected loss values of all assessed risks within the five risk categories are added together. On the other hand, the probability distributions of all identified risks are aggregated to form a single probability distribution for a possible total loss by means of a Monte Carlo simulation and so determine maximum annual loss values. The result of this simulation in fiscal year 2019 shows that, as in the prior year, the Group’s equity is in excess of all simulated risk-dependent loss values, even within the tightest confidence intervals.

The risk management system implemented forms the basis of the assessment of the risk situation by the Managing Board and is regularly monitored by it. Material risks faced by the Company are regularly discussed and evaluated by the Managing Board. While the assessment of individual risks in fiscal year 2019 has changed, mainly due to the continued further development of the risk management system, the Managing Board could not identify any individual or aggregate risks that may jeopardize the viability of the Company as a going concern at the time this report was prepared.

Illustration of material risks

The following sections explain the risks considered to be material in terms of the HUGO BOSS Group achieving its targets in fiscal year 2020. This refers to those risks that have been evaluated in the risk management process as having a potential impact that is at least moderate. In general, it is possible that further latent risks or risks that are currently estimated as immaterial may negatively impact the Group’s development in the future to more than the stated extent. Irrespective of the measures introduced to manage the identified risks, entrepreneurial activity is always exposed to residual risks that cannot be entirely avoided even by a risk management system such as that implemented in the HUGO BOSS Group.

Risk categories

Material risks are shown in bold and are explained in more detail below. In contrast, risks assessed as only having a low potential impact are not explained in more detail.

External risks


Strategic risks


Financial risks


Operative risks


Organizational risks

Overall economy


Collection and industry




Suppliers and sourcing markets



Politics and society


Brand and corporate image







Environment and health




Financing and liquidity




Governance and compliance

Product piracy


Vision and direction


Changes in interest rates


Sales and distribution



Competitive environment








Occupational health and safety