Risk management and internal control
We have strict procedures for internal and disclosure controls and auditor independence. The Disclosure Committee monitors the procedures established by the company and advises the Executive Committee to ensure adequate and timely disclosure of material financial and non-financial information.
An Internal Control committee is responsible for maintaining the company’s internal control framework. The awareness of the company-wide internal control framework and self-assessment process was improved in 2013 by publishing and distributing the AkzoNobel control framework in an infographic format (see the following page). An area of continued focus in 2013 was the control standards for our key IT systems and making more use of automated controls in these systems.
We also have a company-wide compliance monitoring tool in place to discuss and monitor progress with respect to compliance-related issues. More detail on the so-called non-financial letter of representation process is available in the Compliance and integrity management chapter.
The AkzoNobel control framework provides reasonable assurance in achieving business goals, including strategic, operational and reporting goals, as well as those covering compliance. Internal control is not only about policies and procedures, but also relates strongly to people.
- Control environment
The control environment provides the foundation. On the one hand, it gives organizational structure and assigns responsibillities. On the other, it shows commitment to the company’s values and to all employees.
- Setting objectives
Clear targets are vital for internal control. These align our vision, strategy and day-to-day business activities.
- Responding to risk
Achieving our targets can be threatened by all possible risks. What these risks are, where they come from and how to handle them is a dynamic and ongoing process.
- Control activities
Controls are executed everywhere, at all levels of the company and in all stages of business processes.
- Monitoring activities
Monitoring activities give feedback on the quality of the business processes.
The four lines of defense:
- Business management
- Corporate departments
- Internal audit
- External audit
- Information and communication
Nothing happens without information and communication between people.