Corporate Governance Statement,
reporting period Jan. 1 – Dec. 31, 2014

Roles and responsibilities regarding risk management and internal control

The key roles and responsibilities regarding the Group´s internal control and risk management are defined as follows:

The Board of Directors is ultimately responsible for the administration and the proper organization of the operations of the Company. According to good corporate governance, the Board also ensures that the Company has duly endorsed the corporate values applied to its operations. The Board approves the internal control, risk management and corporate governance policies. The Board establishes the risk-taking level and risk bearing capacity of the Company and re-evaluates them on a regular basis as part of the strategy and goal setting of the Company. The Board reports to the shareholders of the Company.

Audit and Financial Committee is responsible for the following internal control related duties

  • to monitor the reporting process of financial statements;
  • to supervise the financial reporting process;
  • to monitor the efficiency of the Company´s internal control, internal audit, if applicable, and risk management systems;
  • to review the description of the main features of the internal control and risk management systems pertaining to the financial reporting process, which are included in the Company´s corporate governance statement; and
  • to monitor the statutory audit of the financial statements and consolidated financial statements.

More detailed descriptions how Audit and Financial Committee is fulfilling its monitoring role are defined in the Committee´s annual plan. The Audit and Financial Committee reports to the Board of Directors of the Company.

CEO is in charge of the day-to-day management of the Company in accordance with the instructions and orders given by the Board. CEO sets the ground of the internal control environment by providing leadership and direction to senior managers and reviewing the way they are controlling the business. CEO is in charge of the risk management process of the Group and its continuous development, allocation of resources to the work, review of risk management policies as well as defining the principles of operation and overall process. CEO reports to the Board on risk management as part of the monthly reporting. CEO, and CFO, CLO, Segment Boards and the Presidents of the business segments, which operate under CEO, are responsible for the management of risks endangering the fulfillment of objectives set for the Company.

CFO ensures and controls that the Group´s accounting and financial reporting practices comply with the law and that the financial reporting is reliable.

Chief Legal Officer ensures that the Group´s corporate governance practices comply with the law and that legal matters of the Group are handled appropriately, in particular the contractual risks related to business operations.

Segment Boards and management of business segments are responsible for internal control implementation in the business segments. More specific internal control policies and procedures are established within each segment within the principles set by the Group functions. Additionally, the management of business segments and the Group Management are responsible for implementing risk management practices in planning cycle and daily operations, and ensure the adherence of

  • laws,
  • regulations,
  • internal policies, and
  • ethical values

in their designated responsibility areas. Some areas of risk management, in particular the management of financial risks and insurances, have been centralized for the purpose of scale advantage and for securing sufficient Group-level control.

Group´s parent company´s finance function is responsible for:

  • ensuring a setup of adequate control activities for business segments in cooperation with the business management;
  • operative follow-up of the adequacy and effectiveness of control activities; and
  • ensuring that external reporting is correct, timely and in compliance with regulations.

Finance function does not have a separate internal control function. Group CFO reports any supervisory findings to the Finance and Audit Committee.

The Company has no specific internal audit organization. This is taken into account in the content and scope of the annual audit plan. On the one hand external auditing focuses on specific areas in turn to be audited, and on the other hand, on separately agreed priority areas.