How we manage risk

A systematic approach in a dynamic environment

Dynamics in the global semiconductor industry present both opportunities and risks. ASML manages risk through an enterprise risk management (ERM) framework that integrates risk management into our daily business activities and strategic planning.

Our risk management process

We deploy our ERM framework through a well-defined governance structure and a robust ERM process. ASML’s Risk and Business Assurance team, which reports to the CFO, develops and maintains our ERM framework and makes sure the right processes are carried out. They are also responsible for security and internal control, as well as compliance.


Risk and Business Assurance identifies, manages and monitors risk by setting standards and enabling ASML’s leadership teams to manage risk more effectively. The team also helps to identify opportunities that allow us to achieve our objectives and enable continuous sustainable growth.

Read more about how ASML manages risk in our annual report.

Risk management process

Risk management governance structure

Risk management  governance structure

Risk universe

ASML’s risk universe is a consolidated overview of the risk categories that may have a material adverse effect in achieving our business objectives. We review and update our risk universe frequently, taking into account a broad range of internal and external information sources, such as macroeconomic and industry trends, relevant guidelines and legislation, and stakeholders’ needs and expectations.

Strategy and products
  • Industry cycle
  • Political
  • Climate change
  • Business model
  • Merger & acquisition
  • Competition
  • Innovation
  • Product Stewardship
  • Product roadmap execution
  • Intellectual property rights
Finance & reporting
  • Business planning
  • Foreign exchange rate
  • Liquidity
  • Interest rate
  • Capital availability
  • Counterparty credit
  • Shareholder activism
  • Disclosure / external reporting 
  • Customer dependency
  • Product / service quality
  • Supplier strategy & performance
  • Supply chain disruption
  • Knowledge management
  • Organizational effectiveness
  • Human resource
  • Product industrialization
  • Process effectiveness & efficiency
  • Environment, health & safety
  • Operational continuity
  • Security
  • Information technology
  • Manufacturing and install
Legal and compliance
  • Contractual liability
  • Violation of laws & regulations 
  • Violation of internal policies

    Risk appetite

    Our ‘risk appetite’ sets out the level of risk we are willing to accept to achieve our objectives, which varies depending on the type of risk.

    ASML's risk appetite