Skip to website navigation Skip to article navigation Skip to content
Annual Report 2024
directly to annual report
download PDF

Risk management

Risk management is integrated in Vesteda’s strategic and operational processes. We have defined our risk management policy and implemented a risk management framework in line with the core fund risk profile, as defined in the Vesteda Residential Fund’s Terms and Conditions, extending to all levels of the organisation and all lines of business.

Vesteda has developed its internal risk management framework on the basis of the recommendations of the Committee of Sponsoring Organisations of the Treadway Commission (COSO), the aim of which is to create a reasonable level of assurance on the achievement of organisational targets. Vesteda’s internal control systems include various measures for achieving adequate segregation of duties, prompt recording of significant transactions and data security. Internal accountability and management reports, management reviews and other internal research into the design and operation of the internal controls are an integral part of the internal control systems.

Vesteda also uses the ‘Three lines model’ to manage risks (first line: Management; second line: Business control, Risk committee and Compliance officer; third line: Internal Audit). This model enhances the awareness of the risk culture within Vesteda and underlines and supports accountability for the management of risks and internal controls.

The three lines model emphasises that focus should be on the contribution risk management makes to achieving (strategic) objectives and creating value, as well as to matters of ‘defence’ and the protection of value. Vesteda also supports the principles to the effect that:

  • There must be regular interaction between Internal Audit and management to ensure the work of Internal Audit is relevant and aligned with the strategic and operational needs of the organisation.

  • There is a need for collaboration and communication across both the first and second line roles of management and Internal Audit to ensure there is no unnecessary duplication, overlap, or gaps.

Vesteda’s Internal Audit department provides assurance and advice on the adequacy and effectiveness of governance and risk management (including internal controls) to support the achievement of organisational objectives and to promote and facilitate continuous improvement.

Risk appetite

The INREV core fund risk profile implies that Vesteda has a relatively low-risk profile since it typically invests in income-producing real estate investments. Vesteda employs relatively low levels of leverage and has limited exposure to real estate development. A significant and stable proportion of its returns are generated through rental income. Overall, Vesteda has a relatively low risk appetite. Please see Note 27 to the consolidated financial statements for a description of our financial risk management objectives and policies.

Vesteda’s risk management framework

Vesteda’s risk management framework is described in the following section.

Risk Committee

Vesteda’s risk management activities are overseen by the Risk Committee. The Committee’s tasks include, but are not limited to:

  • Providing support and advice to the Management Board and Management Team with regard to the periodic identification of Strategic Risks and their assessment and management;

  • Formulating policy frameworks for operational risk management and ensuring compliance with them;

  • Making method(s) and techniques available that support line management in the risk management of Operational Risks;

  • Monitoring Operational Risks and Compliance Risks and their control;

  • Stimulating risk awareness in the organisation;

  • Providing insight into the risk profile of the organisation.

The Risk Committee explicitly does not focus on identifying and monitoring Strategic Risks. These are risks that could negatively affect Vesteda’s strategic objectives and are formulated in the most recent Business Plan. This is the responsibility of the Management Board and the Management Team. However, should the Risk Committee identify a risk in the context of its activities that could have an impact on Vesteda's strategic objectives, the Risk Committee will immediately report its findings to the Management Board.

The Risk Committee is chaired by the CFO, who is charged with risk management at Vesteda. Other members of the Risk Committee include the COO, the General Counsel, the Control Manager, the Digital & Innovation Manager and the Compliance Officer. The Internal Audit Manager also joins the meetings of the Risk Committee but is not a member of the Risk Committee. A Risk Charter defines the roles and responsibilities, the tasks, authorities and reporting requirements of the Risk Committee. Vesteda’s Risk Management Policy forms the basis for the activities of the Risk Committee. It sets out the goals, frameworks and responsibilities in the field of risk management for Vesteda. It also states how Vesteda has implemented its risk management process at various levels in the organisation. The Risk Management Policy was last updated and approved by the Management Board in 2022.

The scope of risk management

Vesteda distinguishes the following three main risk areas:

1. Risks related to strategic targets as defined in the Business Plan

This relates to specific risks regarding tenants, portfolio, participants (equity funding), organisation and debt funding.

The Management Board and the Management Team primarily focus on:

  • Identifying and assessing the Strategic Risks annually on the basis of the most recent Business Plan;

  • Monitoring the Strategic Risks and the effectiveness of the associated control measures on a quarterly basis;

  • Adjusting the control measures with regard to the Strategic Risks if these are not considered sufficient.

The Management Board reports to the Supervisory Committee on the strategic risks and measures on a quarterly basis.

2. Operational risks related to the failure of systems and processes

Operational risk management is part of Vesteda’s business processes and is governed by specific guidelines, policies and key controls designed to manage these operational risks, which are subject to internal reviews and external audits where appropriate.

Each year, Vesteda’s external auditor provides assurance with respect to the design and effective operation of controls based on the International Standards on Assurance Engagements (ISAE), Standard 3402, type II. Vesteda selects the relevant controls to be audited and concluded upon in the assurance report and these relate to key controls within the most important business processes, primarily Acquisitions, Property and Portfolio Sales and Operations.

3. Compliance risks related to non-compliance with legislation and (internal) regulations

Vesteda has a dedicated Compliance Officer who reports on a quarterly basis to the Management Board and Supervisory Committee. The scope of the Compliance Officer’s activities is set out in the Compliance Charter. Both internal and external developments, such as trends, risk-increasing developments, incidents and new or changed legal and regulatory requirements, can lead to the (partial) revision or adjustment of an established programme. The Compliance Officer constantly monitors these developments, responds to these and discusses them (where necessary) in the quarterly consultations or on an ad-hoc basis with the Management Board and/or the Supervisory Committee or addresses these matters in the Risk Committee. If necessary, the Compliance Officer adjusts these activities (advice, monitoring) accordingly. The annual compliance programme therefore has a dynamic character. It is also possible that the results of (un)planned compliance monitoring gives cause to prioritise a topic, while this was not previously planned. The Compliance Charter gives substance to this dynamic of compliance activities in various areas. For more detailed information, please see the Compliance and integrity section of this report.

Fraud risks and measures to prevent fraud are evaluated as part of the annual review of the design and effective operation of controls based on the ISAE, Standard 3402, type II, as well as part of the annual Systematic Compliance Risk Analysis (SCRA, see page 60). This SCRA includes relevant fraud risk scenarios based on likelihood, impact, risk appetite and mitigating control measures. In 2024 Vesteda made further improvements of internal controls based on findings from reviews or activities performed by the Internal audit department and the Compliance Officer relating to Vesteda’s business operations.

As mentioned in the Compliance and integrity section of this report, the Compliance Officer and Internal Audit Manager conducted several investigations regarding potential fraud by suppliers and (prospective) tenants in 2024. The findings from these investigations are also used to improve internal controls.

Strategic risk analysis

Vesteda’s strategic risk analysis is based on the following assessment, which is executed by the Management Board and Management Team jointly:

  • Identification of strategic risks, based on the strategic targets and key performance indicators within the three strategic pillars: economic value, societal value and organisation. These strategic targets and risks are based on the five-year Business Plan, as approved by Vesteda’s Participants each year in December, and actual developments;

  • An assessment of the level of risk Vesteda is willing to accept in achieving its strategic targets (risk aversion) to provide guidance for decisions related to risk and return management. The outcome of this assessment also serves as a basis for the review of the effectiveness of the nature and level of internal controls for each risk. The level of risk aversion is measured based on a scale of 1 to 5: Risk averse, Limited risk, Cautious, Flexible, Open.

In alignment with the key characteristics of Vesteda as a Core INREV fund, with a conservative funding policy focusing only on residential real estate in the Netherlands, limited risks or a cautious approach is necessary for Vesteda’s strategic targets (risk aversion of mostly 2, partly 2-3):

  • Classification of identified risks based on impact (high – low) and to what extent the risk is manageable (ranging from largely manageable – not manageable);

  • Defining the internal controls (implemented or to be implemented) for each of the identified risks, the required level of effectiveness for these controls and the relevant key performance indicators to monitor effectiveness.

The outcome of this review is depicted in the Vesteda Risk Profile figure on the next page.

The monitoring of the following strategic risks and the effectiveness of internal controls, as well as the identification of new strategic risks is the responsibility of the Management Board and the Management Team and will be discussed at least quarterly in 2025.

Vesteda Risk Profile

For each of the risks shown in the Vesteda Risk Profile above, the main internal controls are:

External risks, potential high impact, no or limited controls on risk occurring  

Risk: New legislation for the sector on rental processes, fiscal matters, construction & development, climate and sustainability

Changes in laws and regulatory requirements related to rent (increases), investments (local requirements or product-specific requirements, e.g. regulated mid-rental segment), building requirements (sustainability), fiscal laws impacting investments in real estate, etc.

Internal controls
As changes in laws and regulatory requirements are beyond Vesteda’s direct control, the main focus in addressing this risk is on identifying and discussing possible changes and alerting and preparing the organisation. This is realised through our multiple contacts with the sector association IVBN and contacts with city councils, politicians, developers, etc. Where relevant, we take the effect of potential changes in laws and regulatory requirements into account in our business planning, including impact analyses and stress testing, where relevant.

With respect to the risk related to rental regulation, we are taking an active role in the affordability debate, together with the IVBN. We believe it is important to behave as a socially responsible investor and to highlight the role we have in responsibly investing pension savings and insurance premiums entrusted to us by our participants in residential real estate for middle-income tenants.

We execute stress tests to calculate the impact of (potential) new regulatory requirements on Vesteda’s portfolio and rental income and we make sure that we have ongoing insight in the entire portfolio to anticipate changes in legislation. In 2024, we started to scan and remeasure the entire portfolio, including determining the WWS-points for each unit, which will be completed in the first half of 2025.

In addition, Vesteda follows the legislative developments on sustainability closely to stay on top of (reporting) requirements. In 2024, we started preparing for the implementation of the CSRD, which we will, in part, apply on a voluntary basis. Please refer to the Sustainability Statement for more information on the scope of the CSRD.

Vesteda also executes a periodic review of its technical standards for new-build homes. We have also recalibrated our complex tactics based on an accelerated ESG strategy which is part of the Business Plan. In addition, Vesteda closely monitored the outcome of court verdicts on rent increase clauses, the verdict of the Dutch Supreme Court on the prejudicial questions submitted to it and the potential impact on Vesteda.

Risk: Homes are not compliant with legislation

Our homes cannot meet all requirements set by (EU) legislation with respect to climate mitigation and sustainability.

Internal controls
Vesteda has implemented a number of internal controls for this specific risk, the most important of which are:

An investment programme to improve the energy labels of our homes. Please see the Environmental section of this report.

Vesteda has a ‘Policy on the integration of sustainability risks and factors into the investment decision-making process’, which provides insight into which potential sustainability risks Vesteda has identified and how these risks and principal adverse impacts on sustainability factors are integrated in investment decisions related to new acquisitions or renovation projects.

Sustainability and climate risks form an important part of Vesteda’s investment decision process for new acquisitions and renovation projects. Vesteda applies its technical standards to assess whether new (potential) investments comply with Vesteda’s sustainability and technical requirements (which focus on climate change mitigation and adaptation) and reviews these technical standards on a periodic basis to ensure they still comply with applicable legislation. Vesteda uses an ESG framework to determine a sustainability impact score for each project to provide a broader view of relevant sustainability risks and factors and to ensure new projects meet the applicable ESG requirements to qualify as sustainable. This score was updated in 2024 to reflect new insights and developments.

Please see the Environmental and the Acquisitions and property sales sections of this report.

Risk: Climate incidents

Incidents related to extreme weather conditions/climate change affecting our portfolio, such as flooding, heat stress, earthquakes, etc.

Internal controls
This is also a risk that is largely beyond Vesteda’s direct control. However, in terms of mitigating the impact of climate incidents, Vesteda has taken the following measures:

A climate risk scan for the entire portfolio. Based on this scan, we devote specific attention to the risks of heat stress and flooding in our long-term maintenance programme per building complex. Climate risks are also a recurring topic when reviewing our insurance programme. Please see the Physical climate risks section in the Environmental section of this report.

Furthermore, we assess our insurance programme on an annual basis and take this topic into account.

Risk: Affordability under pressure

Affordability of housing is under pressure due to scarcity and energy costs and inflation.

Internal controls
Vesteda is taking several measures to manage and improve the affordability of housing. We invest in the sustainability of our assets and inform tenants about energy-saving possibilities, to lower energy costs. We also focus our new investments in new-build projects on the (regulated) mid-rental segment, to add affordable homes to the housing market. Furthermore, by executing a thorough income check prior to entering into a rental agreement and monitoring our tenants’ payment behaviour, we can take action, for example by offering more affordable housing to tenants in difficulty. We also inform our tenants on how to reduce their own energy consumption.

Risk: Annulment of rent increase clauses

During 2023, district courts throughout the Netherlands, started the trend of applying the ex officio review to rent agreements in court cases regarding rent arrears and/or evictions. Various district courts ruled that specific rent increase clauses (CPI plus a maximum top-up percent) were not deemed fair and therefor null and void. The risk is that all rent increases under such agreements are deemed not valid and therefore should be repaid by the lessor. Preliminary questions were asked by the Amsterdam District Court to the Dutch Supreme Court on this matter. 

In Q4 2024, the Supreme Court issued its verdict. It followed the advice of the Deputy Advocate General, stating that a standard surcharge on rent (in addition to inflation) does not raise legal objections. According to the Supreme Court, the indexation clause and the surcharge clause must be viewed separately because they have different functions. The indexation clause is intended to compensate for inflation; the surcharge clause is intended to keep the rent in line with cost increases and with the increase in value of the property. By definition, the indexation clause is not unfair. A rent modification clause with an annual surcharge on the rent of up to 3% on top of the consumer price index is generally not an unfair clause, because it is intended to compensate for cost increases that exceed inflation and to keep the rent in line with the increase in value of the property.

Internal controls
This risk is largely beyond Vesteda’s direct control. Vesteda did contribute to an “interested party statement” prepared by IVBN that was submitted to the Supreme Court. In addition, Vesteda executed high level scenario analyses, depending on the outcome of the verdict of the Supreme Court.

Please see Note 32 in the Notes to the consolidated financial statements section of this report.

Strategic risks, potential medium to high impact, reasonable or high level of controls possible on risk occurring

Risk: Investors seek other investment opportunities

Investments in Vesteda (residential real estate) become less attractive for potential new and current investors (primarily as a result of an imbalance between return and risk).

Internal controls
Each year, participants have to approve the Business Plan, which includes the strategy to achieve the targets as set out in the Investment Guidelines of the Terms and Conditions. For example, the outperformance of the three-year MSCI index and a target for the TER. The achievement of the targets is monitored on a monthly, quarterly and annual basis.

During the Business Plan period, management focuses on stable direct returns and increasing dividend yield, providing an inflation hedge for the existing participants and an interesting proposition for potential new investors with a low-risk profile.

Vesteda has engaged Van Lanschot Kempen to assist in finding new investors in the fund and thus create more liquidity for existing investors.

In 2024, management has started preparations for an update of the Fund’s liquidity mechanism. The participants were sounded on possible solutions and various scenarios were drafted. In 2025, the proposal will be submitted for approval to the participants. Furthermore, management has started preparing for the upcoming liquidity review event that takes place once every seven years, scheduled for February 2026.

Vesteda’s new Business Plan reflects its current impact and ambitions to make further impact on society. 

We have an active Investor Relations department and have frequent meetings with participants, at which we communicate market developments and the progress of the strategy implementation. In the current market environment, with political discussions on affordability, the impact of rent increases and (potential) new legislation on rent increases, we believe it is important to discuss Vesteda’s strategy as a socially responsible investor, especially when this pertains to decisions regarding tenant satisfaction, rent increases and sustainability.

Risk: Redemptions by investors may prevent Vesteda to make new investments or to deleverage or could lead to the sale of assets or an increase in leverage (Liquidity risk)

Once in every seven years, the Fund is subject to the ‘liquidity review’ by the participants of the Fund. In February 2026, the Fund will be subject to the next liquidity review. The liquidity review triggers the mechanism by which participants are given the opportunity to re-evaluate their respective Participation Rights in the Fund and to indicate if and to what extent they would like to redeem all or a portion of their Participation Rights or increase the number of their Participation Rights. In general, if participants want to be redeemed this may lead to a redemption queue.

Internal controls
If less than 10% of the participants decide that they would like to have all their Participation Rights redeemed, the Fund could use the yearly €50 million Redemption Available Cash amount to redeem Participation Rights and/or attract new financing, attract new participants or sell assets. If more than 10% of the participants decide that they would like to have all Participation Rights redeemed, Vesteda must draw up a liquidity plan.

Vesteda has an active investor relations program to attract new investors enabling participants to redeem their participations well ahead of the liquidity review date.

The manager is working on to update the Fund’s liquidity mechanism in 2025. The main aim of this proposal is to provide continuous liquidity access to participants depending on, among others, the financial ratios of the Fund and the amount of the redemption queue. By facilitating liquidity access, the impact of the liquidity review may be mitigated.

Risk: Disruptive technology

Vesteda’s business model is disrupted by new innovative technology.

Internal controls
Digital technology provides the residential investment industry (and adjacent sectors) in general and Vesteda specifically with new resources to create and capture value for all stakeholders. This may, for example, mean that a residential property also functions as a platform for the sale of additional goods and services to its users, thereby increasing the tenant’s perception of value and willingness to pay for it. As a result, boundaries between sectors may blur and young, agile and cost-efficient companies may become a competitor for existing players in the relatively traditional housing market. Digital technology may also be a source of optimised rental income streams and structural savings in general, operational and capital expenditures, while at the same time improving sustainability, tenant satisfaction and the risk profile of the investment.

Exploiting the full potential of digital technology requires a deep understanding of the opportunities and risks associated with it and requires a holistic vision on digital technology as a key resource for strategy definition and execution. Vesteda is already applying digital technology in several parts of its business model and processes, and is increasingly working on incorporating digital technology in strategy definition and organisational design. Failure to keep up with these developments may have a negative effect on Vesteda’s competitive position in the longer term and access to new investment products. Vesteda mitigates this risk today by recognising both the opportunities and the risks of digital technology and improving its business model and organisation in phases using digital technology, which is reflected in Vesteda’s ambition to become a digital powerhouse, as set out in its Business Plan.

Risk: Unable to invest in attractive acquisitions

Vesteda is unable to invest in new acquisition projects to strengthen the portfolio due to lack of success in acquisition processes and/or reduced appetite to invest as a result of fund and/or market circumstances.

Internal controls
Dutch residential investments are seen as a safe haven with an attractive risk/return profile, due to the scarcity in supply and high demand. Vesteda is active throughout the value chain: Vesteda is proactively interacting with developers, contractors and local authorities using our in-depth knowledge of local markets and developments and positioning itself as a solid long-term partner. We are temporary scaling-back in acquisition volumes to reduce our funding needs as part of our preparations for the upcoming liquidity review event in February 2026. However, we aim to stay in the market, since a modest but constant inflow level increases the quality of our portfolio. We will continue long-term business partnerships, to be able to benefit from potential market opportunities in the future. In addition, we will continue to focus on optimising value creation on our standing portfolio.

As part of our acquisition policy, we have also implemented a range of internal controls, including:

  • Monitoring of acquisition leads funnel and conversion of leads;

  • Annual evaluation of IRR requirements;

  • Optimising value creation for the standing portfolio.

Preventable risks, medium to low impact, high level of controls possible on risk occurring

Risk: Negative tenant experiences

Vesteda’s image and reputation is affected by collective/individual negative tenant experiences, which may result in low(er) tenant satisfaction scores.

Internal controls
Tenant satisfaction is one of Vesteda’s major key performance indicators and therefore this is monitored on a continuous basis. Customer satisfaction surveys are sent out after repairs, termination of the rental contract, etc. Tenant satisfaction is included in the annual targets for the Management Team, senior management, departments and employees. Please see the Tenant satisfaction section in the Social section of this report.

In the event of tenant complaints, Vesteda strives to act and communicate quickly and transparently. Vesteda makes sure that cases are evaluated and that lessons learned are shared internally in order to improve future processes. In 2024, Vesteda has taken various concrete measures such as monitoring and improving telephone accessibility and improving its maintenance process.

Risk: Irregularities in the letting process

Vesteda’s image and reputation is affected by irregularities in the letting process.

Internal controls
Vesteda has a customer due diligence procedure in place to comply with anti-money laundering legislation related to tenants, among other things. Vesteda provides employees who are in charge of screening tenants with additional training and reference materials in an easy and confidential way.

Vesteda is working on the further digitalisation of the letting process, in order to ensure a more uniform applicability of the set selection criteria.

The Compliance department provides support to the Operations department in the letting process and the assessment of new tenants. In addition, Vesteda organises inhouse workshops on client due diligence. Vesteda has opened up its Speakup line to external parties, including tenants and has investigated fraud cases and, when deemed appropriate reported these to the police. Please see the Compliance and integrity section of this report.

Risk: Retention, engagement and performance of employees

The risk that Vesteda cannot attract and retain the right talent to achieve its ambitions and the risk that Vesteda’s employees are less engaged and show a lack of performance.

Internal controls
Vesteda has a professional HR department in charge of attracting and retaining highly qualified staff, through recruitment procedures, talent management and training programmes. Please see the Workforce section of this report.

Vesteda aims to become a High Performance Organisation and focuses continuously on actions and milestones to achieve this goal. In order to monitor Vesteda’s status, we conduct a bi-annual survey among our employees. The results of the latest HPO and employee engagement surveys show that our employees are increasingly positive on our organisation and feel connected to the company, even though many employees continue to work from home part of the time. In order to stimulate employee development, Vesteda offers development budgets.

Please see the Organisation section of this report.

Risk: Supply chain shortages

Materials and tooling are not available or extremely high priced with possible delay in start/execution of investments and maintenance.

Internal controls
Vesteda continuously assesses projects for which this could be an issue and has looked into possibilities of delaying projects or providing additional budget. In 2024, the procurement/technical department set up long-term contracts with a select group of suppliers in order to improve supplier management.

Risk: Sanctions Russia

The risk that Vesteda would enter into agreements with persons or parties that are on the Dutch or European sanction lists.

Internal controls
Vesteda has a due diligence process in place for when it enters into contracts with new suppliers, tenants, home buyers and other relevant parties. A check against sanction lists is part of that.

Risk: Tenants without adequate insurance

The risk that Vesteda’s tenants do not have adequate contents insurance (in Dutch: inboedelverzekering) and expect Vesteda to reimburse damages.

Internal controls
The tenant’s obligation to take out contents insurance is taken up in the rental contract. In addition, Vesteda points out the importance of having this kind of insurance.

Risk Committee activities in 2024

In the year under review the Risk Committee convened seven times. The Risk Committee frequently discussed Vesteda’s digital organisation and the risks related to our IT systems and possible cybercrimes and attacks with the D&I Manager, as well as the implementation process of DORA. The Treasury Manager reported to the Risk Committee on a quarterly basis on the compliance with Vesteda’s funding targets, including stress tests on liquidity and financial covenants. The Internal Audit Manager reported to the Risk Committee on ISAE controls. Furthermore, the Compliance Officer reported on Compliance risks, the outcome of the systematical compliance risk assessment, including matters related to privacy and data protection. Regulatory matters, their potential impact on Vesteda’s business and reports of AFM were addressed regularly.

‘In control’ statement

The Management Board is responsible for implementing and maintaining adequate risk management and internal control systems and for assessing the effectiveness of these systems.

In the year under review, we evaluated and monitored our risk management and internal control systems, as further described in the above Risk management section of this report. Based on this assessment, we concluded with reasonable, but not absolute, assurance that:

  • The annual report provides sufficient insights into any failings in the effectiveness of the internal risk management and control systems;

  • The aforementioned systems provide reasonable assurance that the financial reporting does not contain any material inaccuracies;

  • Based on the current state of affairs, it is justified that the financial reporting is prepared on a going concern basis;

  • The annual report states those material risks and uncertainties that are relevant to the expectation of Vesteda’s continuity for the period of twelve months after the preparation of the report.

It is important to note that effective risk management, with embedded internal controls, no matter how well designed and implemented, provides the Management Board with only reasonable assurance regarding the achievement of Vesteda’s objectives. The achievement of objectives is affected by limitations inherent in all management processes. Therefore, in this context ‘reasonable assurance’ refers to the degree of certainty that would be satisfactory for a prudent manager in the management of their business and affairs in the given circumstances.