Internal control and risk management
The Board’s responsibility for the internal control regulated in the Swedish Companies Act, the Annual Accounts Act – which contains requirements that information about the most important elements of Pamica Group’s system for internal control and risk management in connection with the financial reporting must be included in the corporate governance report every year. The Board must, among other things, ensure that the Company has a high level of internal control and formalized routines that ensure compliance with established principles for financial reporting and internal control and that appropriate systems are in place for monitoring and controlling the Company’s operations and the risks associated with the Company and its operations.
The overall purpose of internal control is to provide reasonable assurance that the Company’s operational strategies and goals are monitored and that the owners’ investment is protected. Furthermore, internal control must ensure that the external financial reporting is, with reasonable certainty, reliable and prepared in accordance with generally accepted accounting principles, complies with applicable laws and regulations and also the requirements for listed companies. The control environment forms the basis for the internal control, which also includes risk assessment, control activities, information and communication and monitoring. These components are described in more detail below.
Control environment
The Board has the overall responsibility for the internal control over the financial reporting. In order to create and maintain a functioning control environment, the Board has adopted a number of policies and governing documents that regulate the financial reporting. These mainly consist of the Board’s rules of procedure, instructions for the CEO, instructions for committees established by the Board and instructions for financial reporting. The Board has also adopted a special authorization manual, financial policy, internal control policy and risk management policy.
Pamica Group also has a financial manual that contains principles, guidelines and process descriptions for accounting and financial reporting. The Board has also established an Audit Committee whose main task is to monitor the Company’s financial reporting, to monitor the effectiveness of the Company’s internal control, internal audit (if such a function has been established) and risk management, as well as to review and monitor the auditor’s impartiality and independence. Responsibility for the day-to-day work of maintaining the control environment rests primarily with the company’s CEO, who reports continuously to the Board in accordance with established instructions.
In addition to the internal follow-up and reporting, Pamica Group’s external auditor reports to the CEO and to the Board during the financial year. The auditor’s reporting provides the Board with a sound understanding and a reliable basis for the financial reporting in the annual report.
Risk assessment and control activities
The risk assessment includes identifying and evaluating the risk of significant errors in the Company’s business processes, which includes, among other things, accounting and reporting at Group and subsidiary level. Risks are assessed continuously and according to established guidelines with a focus on the Company’s essential business processes. Within the Board, the Audit Committee is primarily responsible for monitoring the framework for risk management and internal control, after which the Board evaluates and decides on the tolerance level for each risk at an annual review of the risk situation and evaluates and manages the most significant risks for the business.