As an international oil, gas, and chemicals company, OMV operates across the entire value chain – from hydrocarbon exploration and production to the trading and marketing of mineral oil products, chemical products, and natural gas. OMV is exposed to a variety of risks, including market and financial risks, operational risks, strategic risks, as well as inherent ESG risks. The Group’s risk management processes focus on the identification, assessment, and evaluation of these risks and their impact on the Group’s financial stability and profitability. The objective of these activities is to actively manage risks based on the Group’s risk appetite and defined risk tolerance levels in order to achieve OMV’s long-term strategic goals.
Risk Management Governance
Effective risk governance is crucial for successfully navigating the uncertainties inherent in OMV’s operations. At the Supervisory Board level, the Audit Committee oversees the implementation and effectiveness of OMV’s risk management processes. By utilizing the expertise within the Audit Committee and remaining adaptable through ongoing education, the Supervisory Board maintains its commitment to robust risk governance. The Executive Board proactively oversees and enhances OMV’s risk management processes and ensures a strong risk culture throughout OMV. A cross-functional Risk Committee chaired by the CFO and composed of senior management members ensures that the risk management processes effectively identify and manage material risks across the Group. OMV has an effective Corporate Risk Management function within the CFO area that reports directly to the Executive Board and is independent from the business segments.
It is OMV’s view that the Group’s overall risk is significantly lower than the sum of the individual risks due to its integrated nature and the fact that various risks partially offset each other. However, the balancing effects of industry risks may lag or weaken over time. OMV’s risk management activities therefore focus on the net risk exposure of the Group’s existing and future portfolio. The interdependencies and correlations between different risks are also reflected in the Company’s consolidated risk profile. Risk management and insurance activities are centrally coordinated at the corporate level by the Treasury and Risk & Insurance Management departments. These departments ensure that well-defined and consistent risk management processes, tools, and methodologies are applied across the entire organization. Risk ownership is assigned to the managers who are best suited to overseeing and managing the respective risk. The overall objective of the OMV risk policy is to safeguard the cash flows required by the Group and to maintain a strong investment-grade credit rating in line with the Group’s risk appetite.
Financial and non-financial risks are regularly identified, assessed, and reported through the Group’s Enterprise-Wide Risk Management (EWRM) process. The main purpose of this process is to deliver value through risk-based management and decision-making, which is ensured by applying a “three lines of defense” model:
Business management
Risk management and oversight functions
Internal audit
The assessment of financial, operational, and strategic risks helps the Group leverage business opportunities in a systematic manner. This approach ensures that OMV’s value grows sustainably. Since 2003, the EWRM system has helped enhance risk awareness and improve risk management skills across the entire organization, including at subsidiaries in more than 20 countries. OMV is constantly refining the EWRM process based on internal and external requirements, for instance developing Environmental, Social, and Governance (ESG) reporting standards and frameworks. OMV’s EWRM process has been set up in accordance with the ISO 31000 standard and is facilitated by a Group-wide IT system that supports the established individual process steps (risk identification, risk analysis, risk evaluation, risk treatment, reporting, and risk review) through continuous monitoring of changes to the risk profile. The overall risk resulting from the bottom-up risk management process is computed using Monte Carlo simulations and compared against planning data. This is then combined with a top-down approach from the senior management view to capture risks associated with the Group’s strategy. The process also includes companies that are not fully consolidated. The EWRM process uses common risk terminology and language across OMV to facilitate effective risk communication, whereby ESG risks play a key role in the OMV risk taxonomy.
Twice a year, the results of this process are consolidated and presented to the Executive Board and the Audit Committee of the Supervisory Board. In compliance with the Austrian Code of Corporate Governance, the effectiveness of the EWRM system is evaluated by an external auditor on an annual basis. The key financial and non-financial risks identified with respect to OMV’s mid-term planning are:
Financial risks, including market price risks, liquidity risks, credit risks, and foreign exchange risks
Operational risks, including all risks and impacts related to physical assets, production risks, project risks, tax risks, personnel risks, IT risks, HSSE, and regulatory/compliance risks
Strategic risks, for example those arising from the energy transition, changes in technology, risks to reputation, or political uncertainties, including sanctions
For further details on risk management and the use of financial instruments, please refer to the Consolidated Financial Statements (Note 29 – Risk Management).
Financial Risks
Market price and financial risks arise from volatility in the prices of commodities, including the market price risks from European Emission Allowances (EEA), foreign exchange (FX) rates, and interest rates (IR). Credit risks, which arise from the inability of a counterparty to meet payment or delivery commitments, are also of importance. As an oil, gas, and chemicals company, OMV has significant exposure to oil, natural gas, and chemicals prices. OMV has substantial FX exposure to USD, RON, NOK, NZD, and SEK. The Group has an economic net USD long position, mainly resulting from oil production sales. The comparatively less significant exposure to RON, NOK, NZD, and SEK originates from expenses in local currencies in the respective countries.
Management of Commodity Price Risks, FX Risks, and European Emission Allowances
The analysis and management of financial risks arising from foreign currencies, interest rates, commodity prices, European Emission Allowances, liquidity, credit, and insurable risks are consolidated at the corporate level. Due to their potential impact on cash flow, market price risks are monitored and analyzed centrally using a specific risk analysis model that considers portfolio effects. The impact of financial risks (e.g., commodity prices, currencies) on OMV’s cash flow and liquidity is reviewed regularly by the Risk Committee, which is chaired by the CFO and comprises the senior management of the business segments and corporate functions.
In the context of commodity price risks and FX risks, the OMV Executive Board opts for hedging strategies to mitigate such risks whenever deemed necessary. OMV uses financial instruments for hedging purposes to protect the Group’s cash flow, for example from the potential negative impact of falling oil and natural gas prices in the Energy division. In the Fuels and Chemicals businesses, OMV is especially exposed to volatile refining and chemicals margins, natural gas prices, and CO2 emissions certificates, as well as inventory risks. Corresponding optimization and hedging activities are undertaken in order to mitigate these risks, including margin and stock hedges. An optimization, trading, and hedging risk control governance system defines clear mandates including risk thresholds for such activities.
Management of Interest Rate Risks
To balance the Group’s interest rate portfolio, loans can be converted from fixed to floating rates and vice versa according to predefined rules. OMV regularly analyzes the impact of interest rate changes on interest income and expenses from floating rate deposits and borrowings.
Management of Credit Risks
Significant counterparty credit risks are assessed, monitored, and controlled at both the Group and segment level using predetermined credit limits for all counterparties, banks, and security providers. These procedures are governed by Group-level guidelines. In light of the challenging geopolitical and economic environment – characterized by volatile commodity prices, high interest rates, and distorted supply chains – special attention is paid to early warning signals, such as changes in payment behavior.
Operational Risks
The nature of OMV’s business operations exposes the Group to various health, safety, security, and environmental (HSSE) risks. Such risks include the potential impact of natural disasters, as well as process safety and personal security events. Other operational risks comprise risks related to the delivery of capital projects or legal/regulatory non-compliance. All operational risks are identified, analyzed, monitored, and mitigated in accordance with the Group’s defined risk management processes. The control and mitigation of assessed risks take place at all organizational levels using clearly defined risk policies and responsibilities. To ensure the Group’s ability to meet planning objectives, the key Group risks are governed centrally through corporate directives, including those relating to health, safety, security, environment, legal matters, compliance, human resources, and sustainability.
Project Risks
As part of implementing its Strategy 2030, OMV is investing in both organic and inorganic growth projects following a mature project risk management process that involves regularly identifying, analyzing, and monitoring project risks. OMV has vast experience in managing major capital projects and mitigating project risks.
OMV may experience operational, political, technological, or other risks beyond its control, both its own and those of its contractual partners, which may delay or hinder the progress of its projects. For example, the execution of major onshore and offshore projects in Romania, Norway, and the United Arab Emirates (UAE) may be affected by changes to the respective regulatory or fiscal frameworks, the unavailability of contractors, or a lack of qualified staff. Project costs may be negatively impacted by price inflation, labor shortages, or the disruption or reorganization of supply chains. Projects, particularly those related to recycling and sustainable fuels, may be affected by insufficient availability of required feedstock supply, the inability to commercially scale up new technologies, or a lack of regulatory clarity. In new business areas in particular, OMV may more often invest through partnerships and joint ventures, which may expose the Company to increased governance and credit risks and may negatively impact project execution. The effect of any of these risks may have a material adverse impact on OMV’s business, results of operations, and financial situation.
IT Risks
As OMV’s activities rely on information technology systems, the Group may experience disruption caused by large-scale cyber events. For this reason, an Information Security Management System (ISMS) with related security controls is implemented across Group IT services to protect information and IT assets that store and process data. IT-related risks are assessed, regularly monitored, and addressed with dedicated mitigation measures or managed through the use of comprehensive information and security programs across the organization. Operational technology-related risks are reflected in the assessment of process safety risks. Additionally, OMV recognizes the emergence of AI-related risks and is actively integrating measures into existing security governance frameworks and controls to address potential security exposures and vulnerabilities associated with artificial intelligence.
Strategic Risks
In order to identify strategic risks that might have long-term effects on the Company’s objectives, OMV continuously monitors its internal and external environment.
Geopolitical and Regulatory Risks
OMV thoroughly monitors geopolitical developments, including the ongoing Russian war on Ukraine and any additional sanctions and countersanctions resulting from it, as well as the US tariffs, and developments in the Middle East particularly in Israel, Iran, and Syria that have raised concerns about regional stability and their potential impact on OMV’s business activities. For further details on the developments in the Middle East please refer to the Consolidated Financial Statements (Note 36 – Subsequent events).
The Company regularly reviews the impact of such geopolitical developments on its business activities. Continued and/or intensified disruptions in Russian commodity flows to Europe, for example, could result in volatile European energy prices. Sanctions imposed on Russia and countersanctions issued by Russia could lead to further disruptions in global supply chains and shortages of products related to energy, raw materials, agriculture, and metals, and consequently further increases in operational costs.
High volatility in natural gas prices can potentially lead to peak liquidity demands to satisfy margin calls for exchange trading activities at short notice. OMV has unused committed and uncommitted credit facilities to meet such short-term requirements if needed. OMV is responding to the situation with targeted measures to safeguard the Company’s economic stability as well as the secure supply of energy.
In addition to the above-mentioned geopolitical tensions, OMV’s operations are exposed to other geopolitical risks such as the expropriation and nationalization of property, restrictions on foreign ownership, civil unrest and acts of war or terrorism, and political uncertainties, for example in Libya and Tunisia, as well as other countries where OMV operates and has financial investments. However, OMV has extensive experience in dealing with the political environment in emerging economies. Potential regulatory changes may also lead to disruptions or limitations in production or an increased tax burden. OMV continuously observes political and regulatory developments in all markets that affect OMV’s operations. Country-specific risks are assessed before entering new countries.
Macroeconomic Risks
Geoeconomic fragmentation, trade restrictions, and disruptions to global supply chains could lead to further cost increases for OMV. Coupled with high interest rates, this situation has the potential to also negatively impact economic growth, which in turn could affect demand for OMV’s products.
Climate Change-Related Risks
OMV consistently evaluates the Group’s exposure to risks related to climate change, in addition to the market price risk associated with the European Emission Allowances. Such risks comprise the potential impact of acute or chronic events, such as more frequent extreme weather events, systemic changes to our business model due to a changing legal framework, or substitution of OMV’s products due to changing consumer behavior. OMV recognizes climate change as a key global challenge and therefore integrates the related risks and opportunities into the development of the Company’s business strategy. Measures implemented to manage or mitigate such risks are set out in the relevant sections of this report, particularly under Sustainability Statement and Strategy.
Business Transformation Risks
OMV’s transformation into a leading provider of sustainable fuels, chemicals, and materials, as well as sustainable energy solutions, is influenced by a variety of uncertainties. Such risks include the availability of skilled employees, technology and scale-up risks, the availability of sustainable feedstock in sufficient quality and quantity, and governance risks related to joint ventures and partnerships.
Personnel Risks
Through systematic employee succession and development planning, OMV’s People & Culture department aims to develop and attract suitable managerial employees to meet future growth requirements and mitigate personnel risks.
Sustainability Impacts, Risks, and Opportunities
Firmly embedded within the Enterprise-Wide Risk Management process, OMV places special emphasis on five sustainability focus areas:
Climate Change
Natural Resources Management
People and Their Human Rights
Health and Safety
Ethical Business Practices
The established risk assurance model briefly described above has been adapted to ensure the effective management of potential environmental, social, and governance impacts, risks, and opportunities.
For further details on environmental, social, or governance-related risks, please refer to the dedicated chapters in the Sustainability Statement.
OMV Group Security
In 2025, geopolitical uncertainty played a pivotal role in shaping both the global security landscape and the energy sector. According to the Uppsala Conflict Data Program, over 60 state-based conflicts are currently active worldwide – the highest number since World War II. Of these, eleven have escalated to the level of war. Global security is especially impacted by the ongoing conflicts in Ukraine and the Middle East.
Consequently, OMV Group Security has continued to invest significant resources in ensuring resilience and security in areas previously considered low risk, while maintaining a focus on assets in the Middle East and North Africa.
In addition to the challenges of operating securely in Tunisia and Libya, the persistent threat of terrorist attacks and hybrid warfare in Europe has not diminished. Political extremism, organized crime, and the increasing convergence of cyber risks with physical threats have necessitated the OMV Group Security department’s unwavering focus on a robust yet flexible security strategy. This strategy enables OMV to continue operating in dynamic environments with asymmetric threats.
OMV’s internal Security Management Standard lays out a comprehensive range of security regulations, plans, procedures, measures, and systems. The document utilizes the IOGP best practice guidelines, along with other industry best practices (ASIS and UK Security Institute), to enable OMV to more effectively detect, deter, protect against, prevent, record, and investigate threats.
Management and Due Diligence Processes
OMV has a unique, agile, and proven security management system that is regularly reviewed, amended, or enhanced as the situation requires. The philosophy of collecting security information and assessing it as a preventive security instrument remains a fundamental principle of OMV’s security strategy. This approach allows us to anticipate or respond instantly to a broad spectrum of geopolitical events, regional conflicts, and isolated incidents. Effective interaction with government and local security agencies further enhances this approach by providing reliable corroboration of facts on the ground.
OMV’s security risk assessment platform continues to provide real-time oversight of OMV’s asset risk exposure levels and can be quickly adjusted in response to geopolitical or security events, as well as enabling the dissemination of security-critical information in real time.
To ensure the effectiveness and appropriateness of security practices within OMV’s business units, the OMV Group Security function conducts regular audits. These occur annually for those ventures deemed as high risk; for 2025, these were Tunisia and Libya. Two other major audits are conducted annually, with business units being chosen based on operational requirements. In 2025, the selected areas were OMV Austria and a more detailed review of OMV Tunisia, which included testing a revamped audit process.
Terms of Reference are agreed with the business unit prior to commencing the audit. A thorough review then takes place, including site visits, interviews, document analysis, and observations. An audit report is then drafted, shared, agreed, and published. The report will include SMART actions, with the entire process being tracked via OMV’s HSSE reporting tool.
The OMV Group Security department continued to deliver operational support to OMV ventures globally in 2025, as well as surge capacity during security challenges. In high-risk countries, OMV also utilized dedicated, on-site Country Security Managers and Asset Protection Experts to enhance security through additional and, where appropriate, local expertise.
Security and Human Rights
OMV is committed to respecting human rights and international humanitarian law (IHL). We achieve this by acting in a manner consistent with all relevant laws and international standards or initiatives, including the Voluntary Principles on Security and Human Rights (VPs) and the International Code of Conduct for Private Security Service Providers (ICoC). This applies specifically, but not exclusively, to our interactions with public and private security forces. This commitment is a part of our business acumen, though it is not yet fully aligned with the European Sustainability Reporting Standards (ESRS). For more information about our human rights approach, please see the Sustainability Statement (S1 Human Rights).
During 2025, OMV was formally accepted as an engaged member of the VPs following its application in 2023. In addition, OMV was accepted as an observer member of ICoCA, thereby reinforcing our strategy target of being an industry leader in this area by 2030.