Aspo’s internal control includes the control that is built in to the business processes, the Group’s management system and financial reporting covering the entire Group. Internal control is an integral part of the company’s management, risk management and administration.
The aim of internal control is to create sufficient certainty of goals and objectives being reached in the following issues:
- operational profitability and efficiency, and capital management
- reliability and integrity of financial and operational information
- compliance with laws, regulations and agreements, as well as ethical principles and social responsibility
- safeguarding and responsible management of assets and brands
The responsibility to arrange the control lies with the Board of Directors and the CEO both at Group and business unit level. The Aspo Board is responsible to the shareholders and the CEO to the Board. The chain of responsibility continues throughout the organization so that each Aspo employee is responsible to his/her superior for control over his/her responsibility area. Group company controllers have control responsibility concerning compliance with legislation and Group instructions. As well as to the subsidiary management, they also report to the CFO. The CFO reports to the CEO and Board on possible findings. The internal audit function supports the Group management in their control task and the aim is to offer the Aspo Board sufficient assurance that the control is working.
The control of financial reporting is based on monitoring of business processes. The information for financial reporting is created as business processes progress, and the responsibility for correct information is shared by all participants in the process. The financial reporting process is decentralized and monitored by the Audit Committee.The financial statements of the Group are compiled according to the IFRS standards; those of the parent company and Finnish subsidiaries according to the Finnish accounting standards. Each separate company complies with the legislation of the country where it is located, but reports based on
The financial statements of the Group are compiled according to the IFRS standards; those of the parent company and Finnish subsidiaries according to the Finnish accounting standards. Each separate company complies with the legislation of the country where it is located, but reports based on Aspo’s internal accounting instructions. Separate companies may have their own chart of accounts, but all information is consolidated on the basis of a common chart of accounts to the unit level, where their reliability is assessed before the information is transferred to the Group level. Aspo Group’s financial information is verified and its quality assessed on monthly basis. At each phase the unit responsible for the quality and preparation of information will assess its reliability. The Group-level monitoring and reconciliation mechanisms are used on both monthly and quarterly bases.The systems required for financial reporting are decentralized and used according to the principles of internal control. Achieving the set targets is monitored on a monthly basis with the Group’s consolidation and reporting system. In addition to actual and comparative figures, the system provides up-to-date forecasts. The reports are provided to the
The systems required for financial reporting are decentralized and used according to the principles of internal control. Achieving the set targets is monitored on a monthly basis with the Group’s consolidation and reporting system. In addition to actual and comparative figures, the system provides up-to-date forecasts. The reports are provided to the Aspo Board of Directors monthly. The Board of Directors assesses the Group’s position and future based on the provided information. The Board of Directors is responsible for the contents and publication of the financial statements.
Besides the Audit Committee, the reliability of reporting and processes are assessed by an independent, external audit firm.
The purpose of internal audit is to support assessment and assurance of the Group to verify the efficiency of risk management, control, management and administration. Internal audit assists the management and the organization in ensuring the achievement the Group targets and ensuring the effectiveness and development of the control system.
The Board of Directors approves the principles of internal audit as part of internal control. The Group CFO is responsible for the coordination of internal audit, and reports the findings to the CEO, the Audit Committee and the Board of Directors. Internal audit and its organization have been evaluated during 2016. Internal audit is organized corresponding to the size of the Group. Additional resources and special skills will be purchased for demanding assessments if needed. The target is to perform two or three risk-based audits annually. The audits are based on risk assessment as defined in the risk analyses of individual business units. The objects of the audit assessment and assurance are profitability and efficiency of activities, reliability of financial and operational reporting, compliance issues and safeguarding of assets.
The Audit Committee monitors the operations and efficiency of the company’s internal audit in its meetings. The committee also reviews the plans and reports of the internal audit.