Catrion

Operating Environment and Risks

In 2024, Saudi Arabia continued its ambitious economic transformation as outlined in Vision 2030, marked by a significant advancement in diversifying its economy away from oil dependence.

The Kingdom recorded a GDP growth rate of 2.8%, driven largely by expansion in the non-oil sectors such as tourism, healthcare, and digital service. Government initiatives have accelerated infrastructural developments and regulatory reforms, which attracted foreign direct investments totaling SAR 18 billion during Q3 2024. These efforts are pivotal in positioning the country as a competitive player on the global stage.

The adoption of cutting-edge technologies across various sectors contributed to an increase in operational efficiencies and the emergence of new business models. Saudi Arabia's active pursuit of digital transformation is exemplified by the launch of multiple smart city projects, expected to enhance urban living and economic sustainability. Furthermore, the government's focus on strengthening public-private partnerships saw private sector contributions to GDP rise by 20% from the previous year, signaling a successful shift towards a more inclusive economic model.

Reflecting on the year, Saudi Arabia’s economic landscape in 2024 demonstrated robust growth initiatives and strategic reforms aimed at fostering a diversified and sustainable economy. These developments have not only strengthened the nation’s economic resilience but also laid a solid foundation for future growth and prosperity.

The evolving economic landscape presents both new challenges and unprecedented opportunities, particularly in tourism and aviation. As tourism emerges as a key growth driver, major international events and increased visitor numbers are increasingly integral to global hospitality and catering strategies. For instance, Saudi Arabia welcomed 60 million tourists in the first half of 2024, marking a 10% increase compared to the same period in 2023. This surge in tourism fuels demand for high-quality catering and hospitality services, which creates ample opportunities for industry leaders.

SA Full Year GDP Growth - percent

Source: General Authority for Statistics, Saudi Arabia

In parallel, the aviation sector has witnessed remarkable expansion. Saudi Arabia's civil aviation sector experienced a year-on-year passenger increase in early 2024, accommodating approximately 62 million passengers compared to 53 million in the same period of 2023.4 This 17% increase underscores a growing market for in-flight and on-ground services, signaling higher demand for comprehensive catering solutions, airport lounge management, and digital enhancements that streamline operations and elevate passenger experiences.

As Saudi Arabia leads G20 countries with impressive expansion in its tourism sector, the market dynamics favor companies that invest in innovative technologies, sustainable practices, and customer-centric strategies. For firms like CATRION, which span Inflight Catering and Integrated Hospitality, these macroeconomic trends provide a fertile ground for growth. The burgeoning tourism and aviation markets allow CATRION to capitalize on increased passenger volumes, diversify service offerings, and drive strategic investments, such as expanding capacity in Riyadh and Jeddah, launching new digital platforms, and strengthening sustainability initiatives. By aligning with these sectoral trends, CATRION reinforces its competitive edge and supports its long-term vision for continued growth, innovation, and sustainability in a rapidly evolving economic landscape.

Real GDP Growth rates by economic activities

Source: General Authority for Statistics, Saudi Arabia

Y-O-Y

Q-O-Q

Wholesale and retail trade, restaurants & hotels

5.8

1.9

Transport, storage and communication

4.5

0.7

Finance, Insurance and Business services

5.7

2.0

Community, Social and personal services

3.9

2.6

Construction

4.6

0.9

Agriculture, forestry and fishing

3.4

1.1

Y-O-Y

Q-O-Q

Manufacturing excluding Petroleum Refining

3.3

-1.7

Other Mining & Quarrying

3.3

0.3

Government Activities

3.1

-0.3

Real Estate Activities

2.7

0.3

Electricity, Gas, and Water

1.7

-0.7

Crude Petroleum & Natural Gas

0.0

3.0

Petroleum Refining

-0.8

-5.4

Risk Management Overview

At CATRION, risk management is seamlessly integrated into our corporate strategy, ensuring the identification, analysis, and mitigation of risks across all levels of operation.

Our Board of Directors sets the tone at the top, endorsing a robust governance framework that aligns with our strategic objectives to safeguard interests and enhance sustainability. This framework empowers our management team with the insights needed to make informed decisions, maintain our competitive edge, and uphold stakeholder trust. By effectively balancing growth opportunities with potential risks, we not only preserve but also enhance CATRION's value and reputation in the global marketplace, demonstrating a steadfast commitment to operational excellence and strategic growth.

Risk Management Framework

At CATRION, our Risk Management Framework is meticulously designed across 5 pillars to safeguard our operations and strategic objectives against potential risks. It ensures that risk management is deeply integrated into every aspect of our organizational structure and decision-making processes.

Integration	Design	Implementation	Evaluation	Improvement
Determining management accountability and oversight roles and responsibilities.	Understanding the organization and its internal and external context.	Developing an appropriate implementation plan, including deadlines.	Measuring framework performance against its purpose, implementation, and behaviors.	Continually monitoring and adapting the framework to address external and internal changes.
Ensuring Risk Management is integrated into all aspects of the organization.	Articulate risk management commitment and allocate resources.	Identifying where, when, and how decisions are made and by whom.	Determining whether it remains suitable to support the achievement of objectives.	Taking actions to improve the value of Risk Management.
	Establishing communication and consultation arrangements.	Modifying the applicable decision-making processes where necessary.		Improving the suitability, adequacy, and effectiveness of the RM framework.

Risk Management Process

Communication and Consultation	Scope, Context, and Criteria	Risk Assessment	Risk Evaluation
Foster collaboration across different expertise areas.	Define the purpose and boundaries of risk management activities.	Identify risks that could impact organizational objectives.	Compare risk analysis outcomes with risk criteria to assess risk significance.
Consider diverse perspectives when defining and evaluating risk criteria.	Assess both the external and internal contexts affecting the organization.	Analyze risk characteristics, including likelihood, potential impact, and controls.
Ensure all relevant information is available for oversight and decision-making.	Establish risk criteria that specify acceptable risks and support decision-making.
Promote inclusiveness and ownership among stakeholders.
Risk Treatment	Monitoring and Review	Recording and Reporting
Choose and implement the most suitable risk treatment options.	Continuously improve process design and outcomes.	Document and communicate risk management activities and outcomes.
	Monitor the risk management process and its effectiveness.	Provide essential risk information for organizational decision-making.
	Collect and analyze data to inform management and refine practices.	Enhance overall risk management practices.

Risk Universe

CATRION’s Risk Universe defines the specific risk environment in which the company operates.

It identifies key sources of risk across eight principal categories: Strategic, Reputational, People, IT and Cybersecurity, Regulatory, Governance, Financial, and Operational. These categories frame our risk management processes and guide our continuous review and adaptation to accurately reflect our strategic and operational environments. Each identified risk is categorized to help decision-makers understand the interrelationships between CATRION’s activities and associated risks, ensuring effective management, treatment, and follow-up of risks.

Cyber Security	People	Strategic	Financial
IT and IS	HR	Market and customer risks	Interest rate risk
Application development risk	Succession Planning	branding risk	cash handling risk
information security risk	Recruitment	business continuity	liquidity risk
	Retention and motivation	business environment risks	credit risk
	Payroll	global political risk
	Training	partnering merging and acquisition
		sustainability risk
Reputational	Governance	Operational	Regularity
food safety	corporate risk communications	hazard risks	compliance
customer service	social media	operations disruption	contracts management
		procurement	corporate communications
		quality
		service delivery and contractual compliance

Risk Appetite

Risk Appetite at CATRION describes the level of risk we are prepared to accept in pursuit of our strategic objectives. It varies according to the nature of each strategic objective and risk category.

We are committed to:

Minimizing exposure to risks associated with regulatory compliance, operations, and people.
Encouraging a calculated acceptance of risk to drive our strategic objectives forward.
Ensuring that all potential risks and benefits are thoroughly evaluated before authorizing new developments, with proper measures in place to mitigate risks.

We prioritize protecting our assets and maintaining high employee retention rates, aligning our risk tolerance with our corporate vision and mission. Our approach to risk does not tolerate ethical compromises or quality deficits. This proactive and calculated approach to risk management supports our aim to achieve corporate objectives while ensuring business continuity.

Risk Category	Appetite
Strategic Risks	Low	Focused on aligning CATRION's strategic actions with its vision and mission, emphasizing the importance of response to both internal and external changes to sustain independent and effective operations.
Reputational Risks	Low	Involves risks from various operational aspects including employee conduct and information security, with strategies centered on maintaining CATRION’s public image and trust.
People Risks	Moderate	Addresses risks associated with human resource management such as talent acquisition and retention, with proactive initiatives aimed at fostering a supportive and compliant workplace.
IT and Cybersecurity Risks	Low	Focuses on ensuring system reliability and safeguarding against technological threats, with compliance to national cybersecurity standards.
Regulatory Risks	Zero Tolerance	Pertains to the adherence to legal and regulatory obligations, with strict measures to prevent any breach that could impact operational legality and compliance.
Governance Risks	Zero Tolerance	Concerns risks related to conflicts of interest and governance practices, ensuring thorough compliance with corporate governance standards and ethical conduct.
Financial Risks	Low	Relates to the management of financial resources to prevent conditions that could adversely affect CATRION’s financial stability and capacity to meet its objectives.
Operational Risks	Moderate	Covers risks from internal processes and controls, focusing on operational efficiency and continuity, also integrating financial risk considerations due to their impact on core operations.

Principal Risks and Mitigation

The following describes and provides high-level mitigation approaches to some of the most important risk areas across CATRION.

Financial Risks	Strategic Risks	People Risks	Operational Risks
Cash Flow and Interest Rate Risk	Business Environment Risk	Recruitment Risk	Hazard Risk
CATRION's financial operations are largely independent of market interest rate changes due to having no significant interest-bearing liabilities. The company maintains robust liquidity management to ensure operational cash flow stability.	Mitigated by a diversification strategy across various sectors to reduce dependence on any single economic condition or market.	Addressed by robust talent acquisition strategies and leveraging a broad talent management framework that includes effective training and development programs.	Mitigated by strict adherence to health and safety protocols, comprehensive insurance coverage, and crisis management procedures to ensure employee safety and operational continuity.
Credit Risk	Market and Customer Risk	Retention and Motivation Risk	Service Delivery and Contractual Compliance Risk
Managed through continuous monitoring and stringent controls over receivables, with counterparty risks minimized by transacting only with entities that have high credit ratings.	Managed by nurturing long-term client relationships and not overly relying on any single client or market, which shields the business from sector-specific downturns.	Focused on nurturing a supportive work environment through competitive compensation, career development opportunities, and performance management systems that align personal growth with company goals.	Managed by rigorous compliance checks and quality control processes to meet contractual obligations and maintain service standards.
Liquidity Risk	Global Political Risk
Ensured by maintaining ample liquidity reserves and access to credit facilities, supplemented by regular cash flow forecasting to anticipate funding needs.	CATRION stays adaptive to global political changes that might impact its operations, engaging proactively in policy discussions and scenario planning.
	IT and Cybersecurity Risks
	Managed through comprehensive cybersecurity measures including network security, endpoint protection, and regular vulnerability assessments to safeguard operational integrity and data confidentiality.

NEXT Read

Expanding Frontiers

Meet CATRION

Towards New Horizons

Delivering Excellence

Our Governance

Financial Statements