Internal control
According to the Swedish Companies Act, the Board of Directors is responsible for the Company’s organization and the management of the Company’s affairs and must regularly assess the Company’s and the Group’s financial position and ensure that the Company’s organization is designed to make sure the accounting, asset management and the Company’s financial conditions are adequately monitored.
The overall purpose of the internal control is to ensure that the Company’s strategies and targets can be implemented and to ensure that the financial reporting has been prepared in accordance with applicable laws, accounting standards and other requirements imposed on listed companies. The Swedish Companies Act, the Swedish Annual Accounts Act and the Code govern the Board of Director’s responsibility for the internal control of the Company. In the rules of procedure for the Board of Directors, the instructions for the CEO and the instructions for financial reporting, all of which have been adopted by the Board of Directors, the allocation of the roles and responsibilities have been stated to contribute to an effective management of the Company’s risks.
The Board of Directors is also responsible for monitoring the Company’s financial position, monitoring the efficiency of the Company’s internal control and risk management, for staying informed about the audit of the annual report and combined financial statements, and for reviewing and monitoring the auditor’s impartiality and independence.
CONTROL ENVIRONMENT
The Board of Directors bears the overall responsibility for internal control of financial reporting. To create and maintain a functioning control environment, the Board of Directors has adopted a number of policies and governing documents that regulate, among other things, financial reporting, but also IT security. These mainly comprise the rules of procedure for the Board of Directors, the instructions for the CEO, instructions for committees set up by the Board of Directors and instructions for financial reporting. The Board of Directors has also established an audit committee whose main task is to monitor the Company’s financial reporting, to monitor the effectiveness of the Company’s internal control, internal audit (to the extent such a function is established) and risk management, and to review and monitor the auditor’s impartiality and independence.
The responsibility of the day-to-day work of maintaining the control environment rests primarily with the Company’s CEO, who reports to the Board of Directors regularly in accordance with established instructions. The CEO shall regularly and, if needed, keep the Board of Directors informed of the condition and progress of the Group’s business, revenues, earnings, financial position, cash flow and credit position. Furthermore, the CEO shall inform the Board of Directors of any significant business event for the Group and any event or circumstance whose existence, from the perspective of the Board of Directors, is significant to the Group.
In addition to the internal monitoring and reporting, the Company’s external auditors report to the CEO and the Board of Directors during the financial year. The auditors’ reporting keeps the Board of Directors informed of reliable documentation for the financial reporting in the annual report.
RISK ASSESSMENT AND CONTROL ACTIVITIES
The risk assessment work includes identifying and evaluating the risk of significant errors in the Company’s operational process, which includes accounting and reporting at Group- and subsidiary level. Risk assessment is carried out on an ongoing basis and in accordance with established guidelines focusing on the Company’s significant business processes. Within the Board of Directors the audit committee is primarily responsible for continuously evaluating the risk situation of the Company, after which the Board of Directors conducts an annual review of the risk situation. The main purpose of control activities is to identify and limit risks. The Board of Directors is responsible for the internal control and the monitoring of the senior management. This is implemented through both internal and external control activities as well as through review and follow-up of the Company’s policies and governing documents.
INFORMATION AND COMMUNICATION
The Company has information and communication channels intended to promote the accuracy of financial reporting and to facilitate reporting and feedback from operations to the Board of Directors and the management, for example by making corporate governance documents such as internal policies, guidelines and instructions regarding the financial reporting available and known for affected employees. Financial reporting is implemented mainly in a group-wide system with predefined report templates. The Company’s financial reporting follows the laws and regulations that apply in Sweden and the local rules in each country where the business is conducted. The Company’s information to the shareholders and other stakeholders is provided via the annual report, interim reports and press releases.
MONITORING
The CEO ensures that the Board of Directors receives continuous reports on the development of the Company’s operations, including the Company’s results and position, and information about important events, such as the progress in individual projects. In general, the CEO also reports on these issues at each board meeting. The Board of Directors and the audit committee review the annual report and quarterly reports and carry on financial evaluations in accordance with the established plan. The audit committee monitors financial reporting and other related issues and continuously discusses these issues with the external auditors.