Internal control over financial reporting
According to the Swedish Companies Act, the Board of Directors is responsible for internal control. This report has been prepared in accordance with the Annual Accounts Act and describes how the Company’s internal control over financial reporting is organized.
Effective board work is the foundation for good internal control. The Board’s work plan and the instructions for the CEO and the Board’s committees ensure a clear delegation of roles and responsibilities to the benefit of effective management of risks in the Company’s operations. In addition, the Board has adopted a number of fundamental guidelines and policies designed to create the conditions for a good control environment. These include, among other things, Indutrade’s Code of Conduct, a policy for economic and financial reporting, a finance policy and an investment policy. These policies are followed up and revised as needed. The Group Management continuously draws up instructions for the Group’s financial reporting which, together with the policies adopted by the Board, are included in the Group’s financial manual. The Group has a joint reporting system that serves as the base for the Group’s monthly reporting, consolidation work and monitoring of earnings performance.
The Company has implemented a structured process for assessing risks that could affect financial reporting. This is an annually recurring process and is evaluated by the Audit Committee and the Board.
Through this risk assessment it has been ascertained that the Group’s structure, consisting of a large number of standalone companies of varying size that are independent from each other in various sectors and geographic markets, entails a considerable diversification of risk. The risk assessment also covered the Group’s income statement and balance sheet items to identify areas in which the aggregate risk for error and the effects of these would be greatest. The areas identified consisted primarily of revenue recognition, trade receivables and inventories.
In addition, continuous risk assessment is conducted in connection with strategic planning, budgeting, forecasts and acquisition activities, aimed at – among other things – identifying events in the market or operations that could give rise to changes in e.g., revenue streams and valuations of assets or liabilities.
The Indutrade Group was organised in eight business areas in 2018. In addition to a business area director, the respective business area management teams include a controller. The controller plays a central role in analysing and monitoring the business area’s financial reporting and in ensuring compliance by the companies in the business area with Group policies. The Parent Company has additional functions for continuous analysis and monitoring of financial reporting by the Group, the business areas and subsidiaries. The Parent Company’s finance department also initiates work on the annual self assessment routine regarding internal control over financial reporting. In this evaluation the Group’s companies have been grouped into three categories, based on the nature and scope of the respective companies’ businesses. For each group of companies, a questionnaire for evaluation of internal control has been prepared based on the performed risk analysis.
All companies owned by Indutrade at the start of 2018 were required to respond to the evaluation questionnaire. The responses were compiled and evaluated per group of companies and for the Group as a whole. As a complement to this work, the auditors validated parts of the respective companies’ completed questionnaires.
In addition to this, the controllers of the business areas and Parent Company monitor internal control through visits to a number of companies each year. Both the evaluation performed by the Company and the result of the auditors’ validation were reported and discussed with the Audit Committee. Feedback is provided to the companies in the Group where a need for improved routines has been identified. The audit committee also presented the results to the Board. The evaluation of internal control over the Group’s financial reporting will serve as documentation for the subsequent years’ self assessment and work on further strengthening internal control.
Information and communication
The Company’s governing documents, consisting of policies, guidelines and manuals – to the extent that these pertain to financial reporting – are updated on a regular basis and communicated to the companies within the Group. Systems and routines have been established to provide management with reports on the results of operations and financial position in relation to set targets, among other things.
The Board conducts a monthly evaluation of business development, earnings, position and cash flow using a report pack containing comments on outcomes and certain key ratios. The Audit Committee has an oversight role regarding the Company’s financial reporting, risk management, and governance and control.
In addition, the Audit Committee maintains regular contact with the Company’s auditors to ensure that the Company’s internal and external reporting satisfies requirements made on market-listed companies and to monitor any observations that emerge from the audit.