INTERNAL CONTROL OF FINANCIAL REPORTING
In accordance with the Swedish Companies Act and the Swedish Code of Corporate Governance, the Board is responsible for internal control. This report has been prepared in accordance with the Code and describes how the internal control of the financial reporting is organised.
Control environment
Effective board work is a prerequisite for good internal control. The Board's work plan and the instructions for the CEO and the Board's committees ensure a clear delegation of roles and responsibilities to the benefit of effective management of operational risks.
In addition, the Board has adopted a number of fundamental guidelines and policies designed to create the conditions for a good control environment. These include economic and financial reporting, a finance policy and an investment policy, among others. One of the aims of these policies is to create a platform for good internal control. These policies are followed up and revised as needed.
Company management continually draws up instructions on the Group's financial reporting which, together with the policies adopted by the Board, such as the finance policy and the policy for social responsibility and environmental work, are included in the Group's financial manual.
The Group has a joint reporting system that serves as the platform for the Group's monthly consolidation work.
Risk assessment
The Company has implemented a structured process for assessing risks that could affect financial reporting. This is an annually recurring process and is evaluated by the Audit Committee and reported to and discussed with the Board.
Through this risk assessment it has been ascertained that the Group's structure, consisting of a multitude of stand-alone companies that are independent from each other in various sectors and of varying size, offers a considerable spread of risk. The risk assessment also covered the Group's income statement and balance sheet items to identify areas in which the aggregate risk for error would be greatest. The areas identified consisted primarily of revenue recognition, trade accounts receivable and inventories.
In addition, continuous risk assessment is conducted in connection with strategic planning, budgeting/forecasts and acquisition activities, aimed at identifying events in the market or operations that could give rise to changes in valuations of assets or liabilities, for example.
Control activities
The Group's companies are organised in four business areas. In addition to a business area president, the respective business area management teams include a controller. The controller plays a central role in analysing and following up the business area's financial reporting and in ensuring compliance by the companies in the business area with Group policies that could have an impact on the financial reporting. In addition, the Parent Company has a function for continuous analysis and follow-up of financial reporting by the Group, the business areas and subsidiaries. The Parent Company's finance department also initiates the work on the annual self-evaluation routine regarding the internal control of financial reporting. This is a process that involves several parts.
In this evaluation, the Group's companies have been grouped into three categories, based on the nature and scope of the respective companies' businesses. For each group of companies, a questionnaire for evaluation of internal control has been prepared based on the performed risk analysis. A minimum acceptable level of internal control has been determined for each respective group, which served as the baseline for the evaluation.
All companies owned by Indutrade at the start of 2009 were required to respond to the evaluation questionnaire. An evaluation of the responses was made per group of companies and for the Group as a whole. As a complement to Indutrade's own work, the auditors conducted a validation of the respective companies' completed questionnaires. Both the evaluation performed by Indutrade and the result of the auditors' validation have been reported and discussed with the Audit Committee and the Board of Directors. The overall assessment of the evaluation of the internal control of the Group's financial reporting will serve as documentation for the next year's self evaluation and work on further strengthening internal control.
Information and communication
The Company's key governing documents, consisting of policies, guidelines and manuals – to the extent that these pertain to financial reporting – are updated on a regular basis and communicated via relevant channels to the companies within the Group.
Systems and routines have been created to provide management with necessary reports on the business results in relation to set targets. Necessary information systems are in place to ensure that reliable and current information is available, to enable management to perform its duties in a correct and effective manner.
Follow-up
The Board conducts a monthly evaluation of business development, earnings, position and cash flow based on a report packet containing outcomes, forecasts and comments on certain key factors.
The Audit Committee, which reports to the Board on a regular basis, has a supervisory role regarding the Company's financial reporting, risk management, and governance and control. In addition, the Audit Committee maintains regular contact with the Company’s auditors to ensure that the Company's internal and external accounting satisfies requirements made on market-listed companies and to follow up any observations that emerge from the audit.