Internal Controls over Financial Reporting
The Groupīs external financial reporting process, internal control and risk management systems are briefly decribed in this section. The main focus is on financial accounting and related controls.
FINANCIAL REPORTING ORGANIZATION
The Groupīs financial administration is organized so that both Business Segments have their own operative financial organization, and the financial management as well as central expert functions regarding accounting, taxation, financing, and asset management are centralized in the Groupīs parent company.
The financial management of the Business Segments is responsible for organizing the accounting, money transactions and other daily financial operations of the companies belonging to the segment as well as organizing the internal reporting that supports the segmentsī business. The financial management of the business segment controls and supervises the operation of the financial administration organizations of the segment companies, and it reports primarily to the President of the business segment but matrix-wise also to the CFO of the Group.
The tasks of the Groupīs parent companyīs financial administration consist of, inter alia, monthly consolidation of the Group entity, preparation of interim reports and consolidated financial statements, management and investment of monetary assets of the Group, management of liabilities, protection against exchange risk, and transfer pricing. The finance function of the Groupīs parent company implements operative supervision under the Groupīs CFO who reports any supervisory findings to the Finance and Audit Committee. The Groupīs parent companyīs financial administration and financial management of the Wireless Business Segment is located in Finland and the financial management of the Automotive Business Segment in Germany. The Groupīs subsidiaries in China, Germany and the USA have accounting departments of their own. Accounting functions in smaller subsidiaries in France and Japan are organized in external accounting offices or, as in Austria, in the accounting department of the German subsidiary. The tasks and responsibilities of the accounting function of the parent company and each subsidiary are included in the job descriptions of the teams and employees.
FINANCIAL REPORTING SYSTEMS
Consolidated financial statements are prepared by using the chosen consolidation tool. The accounting of the Groupīs subsidiaries is done by using the local accounting systems from which the actual figures are reported either manually or by automatic transfer to the group consolidation system.
The accounting system in use includes general ledger accounting, accounts payables and accounts receivables. Current assets and payroll accounting is organized through various programs or purchased as an outsourced service. Purchase invoices are circulated through an electronic invoice processing system. The same bank application is used in both Finland and Germany, USA has a similar bank application.
Global forecasts and budgets are prepared by using the same forecast and reporting program maintained by the Group parent company. In some business segment companies, separate programs supporting internal reporting are in use.
The Groupīs internal control mechanisms are based on policies, instructions, limited process descriptions, authorization matrix, financial reporting review meetings, and segregation of key accounting duties.
Compliance procedures are in place at all levels of the organization to ensure that all applicable laws, regulations, internal policies and ethical values including sustainability are adhered to. Group functions and businesses are responsible for following up developments in legislation and regulations in their respective areas and communicating them to the organization. Businesses and corporate function directors are responsible for setting up adequate compliance controls and compliance related training in their units.
ROLES AND RESPONSIBILITIES REGARDING RISK MANAGEMENT AND INTERNAL CONTROL
The key roles and responsibilities regarding the Groupīs internal control and risk management are defined as follows:
BOARD OF DIRECTORS
The Board of Directors is ultimately responsible for the administration and the proper organization of the operations of the Company. According to good corporate governance, the Board also ensures that the Company has duly endorsed the corporate values applied to its operations. The Board approves the internal control, risk management and corporate governance policies. The Board establishes the risk-taking level and risk bearing capacity of the Company and re-evaluates them on a regular basis as part of the strategy and goal setting of the Company. The Board reports to the shareholders of the Company.
AUDIT AND FINANCIAL COMMITTEE
Audit and Financial Committee is responsible for the following internal control related duties
• to monitor the reporting process of financial statements;
• to supervise the financial reporting process;
• to monitor the efficiency of the Companyīs internal control, internal audit, if applicable, and risk management systems;
• to review the description of the main features of the internal control and risk management systems pertaining to the financial reporting process, which are included in the Companyīs corporate governance statement; and
• to monitor the statutory audit of the financial statements and consolidated financial statements.
More detailed descriptions how Audit and Financial Committee is fulfilling its monitoring role are defined in the Committeeīs annual plan. The Audit and Financial Committee reports to the Board of Directors of the Company.
CHIEF EXECUTIVE OFFICER
CEO is in charge of the day-to-day management of the Company in accordance with the instructions and orders given by the Board. CEO sets the ground of the internal control environment by providing leadership and direction to senior managers and reviewing the way they are controlling the business. CEO is in charge of the risk management process of the Group and its continuous development, allocation of resources to the work, review of risk management policies as well as defining the principles of operation and overall process. CEO reports to the Board on risk management as part of the monthly reporting. CEO and the management of the Group functions and the Presidents of the business segments, which operate under CEO, are responsible for the management of risks endangering the fulfillment of objectives set for the Company.
CHIEF FINANCIAL OFFICER
CFO ensures and controls that the Groupīs accounting and financial reporting practices comply with the law and that the financial reporting is reliable.
CHIEF LEGAL OFFICER
Chief Legal Officer ensures that the Groupīs corporate governance practices comply with the law and that legal matters of the Group are handled appropriately, in particular the contractual risks related to business operations.
Segment Boards and management of business segments are responsible for internal control implementation in the business segments. More specific internal control policies and procedures are established within each segment within the principles set by the Group functions. Additionally, the management of business segments and the Group Management are responsible for implementing risk management practices in planning cycle and daily operations, and ensure the adherence of
• internal policies, and
• ethical values
in their designated responsibility areas. Some areas of risk management, in particular the management of financial risks and insurances, have been centralized for the purpose of scale advantage and for securing sufficient Group-level control.
Groupīs parent companyīs finance function is responsible for:
• ensuring a setup of adequate control activities for business segments in cooperation with the business management;
• operative follow-up of the adequacy and effectiveness of control activities; and
• ensuring that external reporting is correct, timely and in compliance with regulations.
Finance function does not have a separate internal control function. Group CFO reports any supervisory findings to the Finance and Audit Committee.
The Company has no specific internal audit organization. This is taken into account in the content and scope of the annual audit plan. On the one hand external auditing focuses on specific areas in turn to be audited, and on the other hand, on separately agreed priority areas.