Header - hero image Corporate Governance
Annual
report
2023
Corporate Governance Statement
Reporting Period Jan. 1–Dec. 31, 2023

Roles and Responsibilities Regarding Risk Management and Internal Control

The key roles and responsibilities regarding the Company´s internal control and risk management are defined as follows:

Board of Directors

The Board of Directors is ultimately responsible for the administration and the proper organization of the operations of the Company. According to good corporate governance, the Board also ensures that the Company has duly endorsed the corporate values applied to its operations. The Board approves the internal control, risk management and corporate governance policies. The Board establishes the risk-taking level and risk bearing capacity of the Company and re-evaluates them on a regular basis as part of the strategy and goal setting of the Company. The Board reports to the shareholders of the Company.

Audit Committee

Audit Committee is responsible for the following internal control related duties:

  • to monitor the reporting process of financial statements;
  • to supervise the financial reporting process;
  • to monitor the efficiency of the company´s internal control, internal audit, if applicable, and risk management systems;
  • to review the description of the main features of the internal control and risk management systems pertaining to the financial reporting process, which is included in the company´s corporate governance statement; and
  • to monitor the statutory audit of the financial statements and consolidated financial statements.

More detailed descriptions how the Audit Committee is fulfilling its monitoring role are defined in the Committee´s annual plan. The Audit Committee reports to the Board of Directors of the Company.

Chief Executive Officer

The CEO is in charge of the day-to-day management of the Company in accordance with the instructions and orders given by the Board. The CEO sets the ground for the internal control environment by providing leadership and direction to senior managers and reviewing the way they are controlling the business. The CEO is in charge of the allocation of resources to the risk management work, review of risk management policies as well as defining the principles of operation and overall process. The CEO reports to the Board on risk management according to the Annual Clock.

Management Group

The members of the Management Group are responsible for internal control implementation in their responsibility areas. More specific internal control policies and procedures are established within the principles set by the Board and CEO. Additionally, the management of the subgroup and the Group Management are responsible for implementing risk management practices in planning cycle and daily operations, and ensure the adherence of:

  • laws;
  • regulations;
  • internal policies; and
  • ethical values

in their designated responsibility areas.

The CFO:

  • ensures a setup of adequate control activities for Business Segments in cooperation with the Business Segment management;
  • follows the adequacy and effectiveness of control activities; and
  • ensures that external reporting is correct, timely and in compliance with regulations.

Finance function does not have a separate internal control function. CFO reports any supervisory findings to the Audit Committee.

The CLO ensures that the Group´s corporate governance practices comply with the law and that legal matters of the Group are handled appropriately, in particular the contractual risks relating to business operations.

The CLO is in charge of the Company’s risk management process and its continuous development. The CLO reports to the CEO and management group on risk management as part of the monthly reporting.

Internal Audit

The Company has no specific internal audit organization. This is taken into account in the content and scope of the annual audit plan. On the one hand, external auditing focuses on specific areas in turn to be audited, and on the other hand, on separately agreed priority areas.