The most significant strategic, operational and non-financial risks that could have a negative impact on Sanoma’s business, performance, or financial status as well as key mitigation actions are described below. However, other currently unknown or immaterial risks may arise or become material in the future. Financial risks are described in more detail here.

Risk management and internal control policies, processes, roles and responsibilities are presented in the Corporate Governance section

Main updates to the risks and opportunities since the publication of the latest Annual Report are reported on a continuous basis in each Interim Report during the course of the year. 

Strategic risks

Mergers and acquisitions (M&A)

Sanoma’s strategic aim is to grow through acquisitions in predominantly in Learning and also in Media Finland. In Learning, Sanoma is looking for growth opportunities in new geographies and in expanding its offering in the current eleven operating countries. In Media Finland, Sanoma may be interested in synergistic acquisitions in the chosen strategic focus areas of news and feature, entertainment or B2B marketing solutions. However, Sanoma may not be able to identify suitable M&A opportunities or suitable targets may not be available at the right valuation. Even if suitable M&A opportunities were identified and feasible, there are several risks related to M&A transactions. M&A risks may relate to unidentified liabilities of the target companies or their assets, changes in the market conditions, the inability to ensure the right valuation and effective integration of acquisitions or that the anticipated economies of scale or synergies do not materialise. Future M&A transactions may also be financed with debt, increasing Sanoma’s overall indebtedness, which may, in turn, adversely affect the availability, costs or other terms of future financing. Regulation of M&A activity by competition authorities may, among other things, also restrict or delay the Group’s ability to engage in M&A transactions.

The success of the acquisitions largely depends on the timely and efficient integration of the business operations, processes and ways of working. The process of integrating the acquired businesses into Sanoma’s existing businesses involves uncertainties, and there can be no assurance that Sanoma will be able to integrate the business in the manner or within the timeframe anticipated, and, therefore, achieve the anticipated benefits of the acquisitions.

Sanoma is actively mitigating these risks by actively maintaining its industrial networks, proactively seeking potential targets, working with well-known parties in transaction processes and following its internal policies and procedures in decision-making, organisation and follow-up of M&A transactions. Despite this, there can be no assurance that the acquisitions will be successful and that Sanoma will achieve its strategic aim of acquisition-based growth.

Changes in customer preferences, technology and industry trends

In learning, digital and blended (i.e. combination of printed and digital) learning materials, methods and platforms have gradually been gaining ground, and the outbreak of the coronavirus pandemic has further amplified the growing need for remote learning tools and digital learning materials. Also in the learning material distribution services, this shift is being paralleled by a move from renting and selling books towards subscription-based commercial models. Both trends and/or their acceleration may have an effect on the operational performance, financial performance and/or financial position of Learning. In addition, Learning is, by nature, subject to seasonal fluctuation, with most of the sales and earnings accrued during the second and third quarters when the new school year starts, which further increases the pressure to be able to respond to changes in a timely manner.

With the continued development of alternative forms of media, particularly digital media, the Group’s media businesses and the strength of its media brands depend on its continued ability to identify and respond to constantly shifting consumer preferences and industry trends as well as its ability to develop new and appealing products and services in a timely manner. Ongoing digitalisation is currently the driving force behind many of these changes. The increasing consumption of video-on-demand (VOD) content and increasing global competition in that area are decreasing the viewing time of free-to-air (FTA) television. The demand for advertising derived from printed media has also been in decline in recent years. However, even the digital advertising ecosystem is changing. For example, the deprecation of third-party cookies may result in changes in business models related to digital advertising.

To mitigate these risks, Sanoma is continuously developing digital and hybrid learning and media products and services. In the learning business, Sanoma maintains close and long-term relationships with schools, teachers and governing bodies and typically sells digital solutions and printed materials together. In its media business, the wide cross-media offering provides Sanoma a solid base to constantly develop its offering to advertisers and to introduce new services, such as cross-media solutions, native or branded and premium content. However, there can be no assurance that Sanoma will be able to adjust to and meet the changes of consumer preferences and technological developments in the future. Failure to respond to market changes by developing and/or adopting new products and services through both established and new platforms on a competitive and profitable basis may result in the Group losing market share in its established businesses to competitors.

Competitive environment and threat of new entrants

The media and learning markets in which the Group operates are highly competitive and include many regional, national and international companies. Competition may arise from large international technology and media companies entering new geographic markets or expanding the distribution of their products and services to new distribution channels, which may have a significant effect on competition as these companies enjoy high brand awareness and often have greater financial and other resources to penetrate new markets and gain market share. In addition, new entrants in the market may be able to take advantage of alternative forms of media and new technologies faster than the Group and, therefore, gain market share from Sanoma’s established businesses. In Learning, in addition to the risk stemming from large international companies, digital entrants, educational technology companies, open educational resources, publicly-funded digital platforms and user-generated content may compete in the same markets. Furthermore, Sanoma is exposed to competition also from traditional publishers in different countries. In media, competition is also affected by the level of consolidation within the Group’s markets as well as by the development of alternative distribution channels for media products and services.

To mitigate these risks, the Group’s ability to compete effectively will require continuous efforts in, among other things, sales and marketing, cost innovation and investment in technology to respond to changes in the markets. Although the Group currently holds strong positions in its key markets, there can be no assurance that it will be able to maintain these positions or that these positions will enable the Group to compete effectively in the future.

Changes in applicable laws, regulations or political environment

The Group’s operations are subject to various laws and regulations in the countries in which the Group operates and changes in such laws and regulations could have a material effect on Sanoma’s ability to conduct its business effectively. In general, political risks associated with the performance of Learning relate to the development of public and private education spending especially during the curriculum renewals. Although legislation related to learning is typically country-specific, which limits the magnitude of said risk at Group level, Sanoma faces an increased legislative risk in Poland, one of its largest markets, where the risks are related to possible evolution of the political landscape, and broad or abrupt education-related legislative changes could have a material effect on Learning.

Changes in taxation as well as in the interpretation of tax laws and practices applicable to Sanoma’s products and services or their distribution (e.g. value-added tax) may have an effect on the operations of the Group or on its financial performance. For example, imposing additional value added taxes on newspapers and magazines could have a material adverse effect on the Group’s circulation sales due to a potential decrease of demand. Furthermore, the deterioration of publishers’ and broadcasters’ copyright protection or increase in legal obligations (such as reporting or monetary obligations) towards original authors of copyright protected works affects the Group’s ability to provide its customers with new products and services and may increase costs related to acquiring and managing copyrights.

Data is an increasingly essential part of Sanoma’s business putting privacy and consumer trust at the core of the Group’s daily operations. Regulatory changes regarding the use of consumer data for commercial purposes could, therefore, have an adverse effect on Sanoma’s ability to utilise data in its business. For example, the proposed regulation of the European Parliament and of the Council concerning the respect for private life and the protection of personal data in electronic communications and repealing the Directive 2002/58/EC (Regulation on Privacy and Electronic Communication) may require consent for telesales for subscriptions and may also have a negative impact on cookie-related usage. This would have an effect on business to consumer media sales and business to business advertising both in news and video-on-demand (VOD) businesses.

To mitigate these risks, Sanoma aims to anticipate any changes by close monitoring of the regulatory developments and adapting its business models accordingly. However, implementing changes to its business models in order to adapt to new regulations is likely to impose additional costs, and may take time. Violations of any applicable laws or regulations could also result in penalties and fines.

General economic and market conditions

The general economic and market conditions in Sanoma’s operating countries and overall industry trends could influence Sanoma’s business activities and operational performance. In Learning, the introduction or delay, pace, scope and timing of changes of curriculum renewals in the markets in which Learning operates in may influence its performance as a whole. Currently, this risk is mostly reflected in the Spanish markets, where the phasing and manner of implementation of the educational reform in 2022—2023 is uncertain. In Media Finland, risks associated with business and financial performance typically relate to advertising demand in particular, and to a lesser extent to consumer spending. For example, in 2020−2021, the coronavirus pandemic caused significant fluctuation in Media Finland’s advertising sales, which grew on a comparable basis (excl. acquisitions and divestments) by 8% in 2021 after declining by 9% in 2020. In addition, economic conditions may be affected by various additional events that are beyond Sanoma’s control, such as natural disasters and epidemics, which can have an adverse impact on Sanoma’s possibilities to do business or incur additional costs. Increase in interest rates and overall inflation could have a direct or in-direct adverse impact on the operational and financial performance of the Group’s businesses. Overall increasing geopolitical risks could also have an impact on Sanoma’s possibilities to run its business operations in a normal manner.

Sanoma’s diverse business portfolio and active actions to manage the risks and costs related to prevailing and expected economic conditions, including the impact of the coronavirus pandemic, partially mitigate these risks. In 2021, approx. 51% (2020: 47%) of Sanoma’s net sales was derived from learning, approx. 23% (2020: 26%) from single copy or subscription sales, approx. 5% (2020: 6%) from print advertising, approx. 15% (2020: 16%) from non-print advertising and approx. 6% (2020: 5%) from other sales.

Operational risks

Data and privacy

Data is an increasingly essential part of Sanoma’s products and services in both Learning and Media Finland. The Group holds large volumes of personal data including that of employees, customers and, in its Learning assessment businesses, students and citizens. Sanoma is subject to the General Data Protection Regulation (GDPR), which sets strict requirements for implementing data subject rights, and for companies to demonstrate their accountability for complying with the regulation. Non-compliance with the GDPR in Sanoma’s business and operations or potential inadequacy of the data protection processes and practices may cause problems, difficulties or additional costs to Sanoma. Any infringement of the GDPR could adversely affect Sanoma’s reputation. Furthermore, under the GDPR, a national data protection authority is vested with the power to impose corrective actions, such as temporary or definitive bans on processing, and to impose administrative fines for breaches of the GDPR up to EUR 20 million or 4% of the total worldwide annual turnover of a company. The Directive on Privacy and Electronic Communications also imposes requirements for online data collection and use.

In addition, Sanoma is exposed to potential data breaches resulting from unauthorised or accidental loss of or access to personal data managed by Sanoma or by third parties processing data on Sanoma’s behalf. For example, Sanoma’s or its third-party suppliers’ systems could be vulnerable to unauthorised access, misuse, breaches due to employee error or malfeasance, computer viruses, attacks by hackers or other similar threats. Data is key in the development of Sanoma’s products and services, as it enables content and learning services to be better tailored to the needs of customers, for example by providing individualised learning paths and even more compelling media content. Continuing the use of data in the future is dependent on maintaining the trust of customers, and potential data breaches could significantly undermine this trust. A data breach could lead to reputational damage which could ultimately lead to Sanoma’s inability to effectively compete for future business and to potential cancellations of existing contracts.

To mitigate these risks, Sanoma runs a privacy programme that monitors development and enforcement of privacy regulations. Sanoma’s key privacy implementation processes include conducting privacy impact assessments, data lifecycle management, negotiating data processing agreements with third parties, information security measures to protect data, data breach management procedures and implementation of data subject rights. However, there can be no assurance that such measures will be successful in ensuring compliance with privacy laws, which could lead to penalties, significant remediation costs and reputational damage, or that data breaches will not occur or, in the event that breaches do occur, that Sanoma will be able to mitigate the effects of such a breach.

Information and communication technology (ICT)

Functioning and reliable information and communication technology systems are integral aspects of the Group’s business. The systems include online services, digital learning platforms, newspaper and magazine subscriptions, advertising and delivery systems, as well as various systems for production control, customer relations management, and supporting functions, information and communication technology security risks related to confidentiality, integrity, and/or availability of information, as well as to reliability and compliance of data processing. The risks can be divided into physical risks, such as fire, sabotage and equipment breakdown and logical risks, such as information security risks, for example malware attacks, hacking of personal data or other sensitive data assets, and employee or software failure.

To mitigate these risks, Sanoma has continuity and disaster recovery plans in place for its critical systems and clear responsibilities regarding information and communication technology security. Information security controls include the use of threat intelligence capabilities, cyber security incident detection capabilities, identity and access management solutions, log management capabilities and the use of external information security audits. Sanoma’s insurance programme provides coverage for insurable information security risks, the maximum sum insured is EUR 10 million aggregate per annum, first party (Sanoma) and third party losses, investigation and defence costs in connection to cyber liabilities. However, the Cyber insurance does not provide coverage for all and any costs outside the agreed scope and limit, if information security incidents were to occur. Although Sanoma has several information security control measures in place, there can be no assurances that such measures will be adequate to prevent failures of one or more of the Group’s essential information and communication technology systems, which could cause disruptions to its business and reputational damage resulting from possible data breaches.

Risks related to third parties

A wide network of third-parties plays an integral role in Sanoma’s daily business. Third-party suppliers in Sanoma’s value chain include, among others, technology solution and service providers, paper, print and logistics suppliers as well as content providers both for Learning and Media Finland. Therefore, risks relating to the availability, price, quality and delivery schedules of third-party suppliers are material for Sanoma’s operations. Potential raw material shortages and paper mill shutdowns as well as increased costs and availability of paper, electricity and transport are likely to have impact on both Sanoma’s own printing capabilities as well as third party printing services used in the form of unexpected price increases and potential distribution in supply.

Sanoma also utilises freelancers to support its own editorial staff in content creation. The status of freelancers may vary by authority and country, but no individual case is estimated to become material unless it escalates to concern a large group of freelancers. In addition, certain advertising and marketing efforts are executed with the help of third parties. The advertising technology ecosystem consists of players, such as Google and Facebook, that have dominant market power, which may lead to an imbalance between their rights and liabilities in agreements entered into by Sanoma. In addition, cooperation with third parties exposes Sanoma to certain data-related risks.

Sanoma’s daily business is dependent on its ability to find third-party suppliers that meet Sanoma’s standards and identified business, technology and sustainability requirements although Sanoma is not dependent on individual suppliers. To mitigate third-party related risks, Sanoma follows the guiding principles of supplier risk management set in the Group’s Procurement Policy, Supplier Code of Conduct and legal framework and the most significant suppliers are selected through competitive bidding and qualification processes, including a Know Your Counterparty (KYC) process to identify any risks related to anti-bribery, sanctions and other issues. Despite the processes and risk mitigation activities that Sanoma has in place, Sanoma may not be able to ensure that its third-party suppliers comply or are willing to agree with all relevant regulations and its internal policies and standards.

Intellectual Property Rights (IPRs)

The Group’s products and services largely consist of intellectual learning and media property delivered through a variety of media. Key IPR related to Sanoma’s products and services are copyrights including publishing rights, trademarks, business names, domains, and know-how owned and licensed by the Group. The Group conducts business in certain countries where the extent of effective legal protection and enforcement of IPRs may differ and, therefore, cause uncertainty. Moreover, despite trademark and copyright protection, third parties may copy, commercially exploit, infringe on or otherwise profit from the Group’s proprietary rights without authorisation. These unauthorised activities may be more easily facilitated by the internet. The scarcity of internet-specific legislation relating to trademark and copyright protection or enforcement of rights as well as effective and concrete means to intervene with online IPR infringements create an additional challenge for the Group in protecting its proprietary rights relating to its online business processes and other digital rights, and failure to protect its proprietary rights or IPRs could result in the loss or diminution in value of these rights. Sanoma also uses a high volume of third-party IPRs in its operations, which exposes it to possible infringement claims from third parties. Such claims could result in burdensome litigations and additional costs as well as adversely affect Sanoma’s reputation.

To mitigate these risks, the Group relies on copyright, trademark and other intellectual property laws as well as its group-wide IPR Policy and procedures to establish and protect its proprietary rights in these products. However, there can be no assurance that the Group’s proprietary rights will not be challenged, invalidated or circumvented.

Business interruption, health and safety and environmental risks

Operational disruption to the Group’s business may be caused by a major disaster and/or external threats that could restrict the Group’s ability to supply products and services to its customers. The Group is exposed to various health & safety and environmental risks, such as natural disasters, that are beyond Sanoma’s control and that could cause business interruption and result in significant costs. Climate-related extreme weather patterns, for example flooding, can have an impact on and pose a risk to Sanoma’s offic e facilities and printing facilities e.g. through disruption in energy supply. Also the delivery of Sanoma’s products could be disturbed and the online distribution of learning and media products might be threatened. External threats, including, but not limited to pandemics, such as the coronavirus pandemic, terrorist attacks, strikes and weather conditions, could affect the Group’s businesses and employees, disrupting daily business activities. Any failure to maintain high levels of safety management could result in physical injury, sickness or liability to Sanoma’s employees, which could, in turn, result in the impairment of Sanoma’s reputation or inability to attract and retain skilled employees.

Despite Sanoma’s operational policies, efficient and accurate process management and contingency planning, there can be no assurance that these will be sufficient in preventing any of the above-mentioned risks, in recovering from such risks or in mitigating th eir impacts. Sanoma’s insurance programme provides coverage for insurable hazard risks, subject to insurance terms and conditions, but there can be no assurances that Sanoma’s insurance coverage would adequately cover all or any of such costs, if such an incident were to occur, which could result in significant costs.

Non-financial risks

Talent attraction and retention

The Group’s success depends on having competent, skilled and engaged management and employees, and on their competencies and skills in developing appealing products and services in accordance with customer needs in a changing environment. Recruiting and retaining skilled and motivated personnel may become increasingly difficult as a result of various factors, including a shortage of skills in the labour market and intensifying competition for personnel. In addition, Sanoma’s involvement in M&A transactions generally exposes the company to a risk of employees, including senior management and other key employees, leaving before such projects are completed or the acquired businesses integrated to Sanoma’s existing business. Should the Group fail to attract, retain, develop, train and motivate qualified, engaged and diverse employees at all levels, it could have an adverse effect on the Group’s profitability and value creation, competitiveness and development of its business operations in the long-term.

To mitigate these risks, Sanoma aims to enhance a corporate culture that supports professional development, innovation, creativity, diversity, as well as an ethical and efficient way of working, for which the framework is set in Sanoma’s Code of Conduct and Diversity and Inclusion Policy. Sanoma measures employee engagement on an annual basis, and the results are also linked to the executive and senior management remuneration.

Environmental and climate related risks

Sanoma’s most significant environmental impacts derive from greenhouse gas emissions caused by the energy and paper used in its value chain. The availability and price of forest commodities and energy pose a risk for Sanoma and changes in them may potentially have an adverse impact on the Group’s business and financial performance. Sanoma is also exposed to a risk of increasing pricing of energy due to carbon taxes in both its own operations and in the supply chain. The effects of climate change are wide-ranging and may bring considerable social uncertainty although Sanoma’s business is not highly carbon intensive and climate change risks are not estimated to have a material financial impact.

Sanoma mitigates climate-related risks through an ambitious climate strategy and by developing sustainability together with stakeholders and suppliers. To identify and control environmental and climate-related risks and opportunities, Sanoma evaluates them as part of its annual risk-assessment process. In addition, in 2021 Sanoma analysed its climate-related risks and opportunities using the Task Force on Climate-related Financial Disclosure (TCFD) framework. Sanoma’s TCFD disclosure is available in the Sustainability section of the Annual Report 2021.

Risks related to human rights, anti-corruption and bribery

Sanoma operates in eleven European countries and is committed to conducting business in a legal and ethical manner in compliance with local and international laws and regulations applicable to its business as well as its Code of Conduct. Nevertheless, there is a risk that Sanoma’s employees or business partners may act unethically, or in a way that violates human rights or anti-corruption and bribery laws and regulations. Learning’s business partners mainly include municipalities, other governmental units and schools, while Media Finland, for example, uses many third-party content providers.

Sanoma is committed to ethical and responsible conduct in its operations and expects the same commitment from all of its suppliers. All Sanoma’s employees must comply with Sanoma’s Code of Conduct, which supports the international standards on human rights and labour conditions and clearly prohibits all corruption and bribery. Sanoma aims to ensure compliance with a mandatory e-learning course on the Code of Conduct to all employees, however, there can be no assurance that Sanoma’s internal control measures will detect and prevent misbehaviour by individual employees or third-party suppliers. Breaches of applicable laws and regulations or corporate policies by Sanoma’s employees or business partners may lead to legal processes, sanctions and fines as well as reputational damages affecting Sanoma’s operations, which could have a material adverse effect on Sanoma’s business, financial condition or results of operations. The requirements of the Code of Conduct are extended to Sanoma’s suppliers through the Supplier Code of Conduct, which sets out the ethical standards and responsible business principles the suppliers and service providers are required to comply with in their dealings with Sanoma.