Internal control of financial reporting
We have a system for internal control over financial reporting which aims to contribute to reliable and timely financial reporting in Statkraft's monthly, quarterly and annual reports. We base the work on internal control over financial reporting on the COSO framework for internal control, published by the Committee of Sponsoring Organizations of the Treadway Commission.
The overall management system, "The Statkraft Way", defines the Group's guidelines and ensures a sound control environment for fulfilling the management's goals and intentions. Internal control requirements have been incorporated into HSE, ethics, ICT, corporate responsibility and financial reporting.
A healthy management system and a sound control environment are important as a basis for the other work on internal control over financial reporting.
Internal control over financial reporting
The system for internal control over financial reporting will contribute to reliable and timely accounting information in monthly, quarterly and annual reports. All subsidiaries are required to comply with the requirements in the internal control system as described in "The Statkraft Way" and in the Group's financial manual. The same applies to joint ventures, joint operations and affiliated companies where Statkraft is responsible for the bookkeeping and financial reporting. If a third party is responsible for the bookkeeping and financial reporting of the joint venture, joint operation or affiliated company, the responsible segment in Statkraft shall perform compensatory controls as described in the financial manual.
The board of Statkraft has the overall responsibility for ensuring that the Group has a well-functioning internal control system. The main elements of the internal control system are risk assessment, control measures, self-evaluation, reporting and continuous exercise of control and compliance follow-up:
- Risk assessment
The Group's Internal Control Network conducts an annual evaluation of the Group's inherent and remaining risk of errors in the financial reporting. The result of this risk assessment is documented in a financial risk map showing the probability of the incident becoming reality and the consequences for the consolidated accounts for the identified risks. The risk map is presented to the Group management and the audit committee. Business and support processes for handling the inherent risk are identified on the basis of the Group's risk map.
- Control measures
We thoroughly review these processes when the overall risk assessment is available and we have identified the processes for handling the risks. We consider the risks on a more detailed level and define necessary control measures for the individual risks. We describe how the control measures are implemented, who will implement them, who is responsible for them and how they will be documented. The control descriptions are available to all employees in the Group's financial manual.
For each individual control measure in the internal control system, we have identified a responsible person who will ensure that the control measure is implemented and documented as described. These responsible persons will perform a self-evaluation of how the control measures were implemented throughout the entire accounting year. The result of the self-evaluation is presented to the Group management and the audit committee with the annual accounts.
The Group's financial risk map and result of the self-evaluation are normally presented twice a year to the Group management and the board; Simultaneously, we also review the main elements of the internal control system and indicate to which extent the framework functions as intended.
- Continuous control and compliance follow-up
In the control descriptions, we have defined how often each individual control measure must be performed and who is responsible. The controls take place continuously throughout the fiscal year and the managers are responsible for ensuring that the controls are carried out as part of the daily operations.
VP FRC - Internal Control is responsible for managing the internal control system and assisting the management with ensuring that the main elements are complied with and function as intended. VP FRC - Internal Control is responsible for training the units and implementing internal control measures in new units. VP FRC – Internal Control reports to the Senior Vice President Financial reporting and accounting who in turn reports to the CFO.