The Rules of Procedure of the Remuneration Committee are available at investor.dsv.com/policies.cfm Internal control and risk management systems in relation to the financial reporting process The Board of Directors has the overall responsibility for risk management and internal controls in relation to the presentation of the financial statements. The Company’s internal control and risk management systems relating to the financial reporting process are designed to minimise the risk of irregularities and significant errors in internal and external financial reports. The internal control and risk management systems are not designed according to one specific method package; rather, they are inspired by a series of methods which have been used in establishing the Group’s risk management methodology. The key elements of the Group’s risk management and internal control systems relating to the presentation of financial statements are summarised below. Control environment The control environment in DSV is based on clear guidelines, a simple organisational structure, clear division of responsibilities and constant efforts to strengthen the control environment with due consideration of materiality and risk. This culture is driven from senior management level. The Board of Directors and the Executive Board believe that a strong control environment supported by the tone at the top is crucial to good risk management and effective internal control. The entire corporate structure is designed as a simple structure based on the Group’s commercial activities with a clear division of management responsibilities. The Group Executive Board is represented in the boards of directors of all material subsidiaries, which apply standard provisions regulating the power to bind the company. This supports the maintenance of a strong control environment across the organisation. At least once a year, the Board of Directors and Executive Board establish and approve all general policies, procedures and control systems in essential fields, including the Code of Conduct, Corporate Social Responsibility Policy and the Rules of Procedure of the Board of Directors and Executive Board. In addition, policies have been adopted and manuals created within essential fields of financial reporting: accounting and reporting manual, finance, credit and authorisation policies, IT strategy and effective separation of functions. The Group’s central control and compliance functions are responsible for establishing essential policies and manuals and for the relevant follow-up in this respect. The Audit Committee also supports a strong control environment. As part of its annual tasks, the Audit Committee assesses the need for an internal audit function and in that connection formulates recommendations for the Board of Directors regarding the establishment of such function. The Audit Committee deems that the existing control and risk management systems are adequate, and DSV has opted not to establish an internal audit function for the time being. Risk assessment The Board of Directors and Executive Board regularly assess key risks and internal control systems in connection with the presentation of consolidated financial statements. This implies, inter alia, that the risk factors and financial and management control systems relating to financial reporting are assessed by the Board of Directors at least once a year. The process includes an assessment of whether the organisational structure and allocation of human resources remain optimal. The most material and risky items are identified and assessed annually, and the identified risks are matched with internal procedures and controls. The items deemed to be the most material and risky are described in more detail in the Annual report for 2017. Control activities Our control activities are designed to address the risks identified by Management. The purpose of the control activities is to verify that the established policies, manuals and procedures are followed and that any material misstatement is prevented, discovered and remedied. In that connection it is vital that the reasons for any misstatements are identified and eliminated. Minimum requirements of control systems that apply to all Group companies have been laid down on the basis of the risks identified. The control activities include procedures for authorisation, approval, reconciliation, results and liquidity analyses and effective separation of functions. The control systems comprise both manual and automated controls. We also apply various key IT control systems. The key control systems are primarily targeted at corporate IT functions to help safeguard IT operations and thereby support the quality and reliability of the Group’s financial reporting. Group Management and the national managements of the subsidiaries in the various countries have high focus on financial ratios and follow-up in this respect. Monthly internal financial reports are subject to established internal control procedures, including central closing of reporting systems and central review and analysis of reports from the subsidiaries. The review of the reports received is based on an assessment of materiality and risk factors relating to the individual subsidiary. Detailed procedures and control systems have been established at Group level to ensure timely notification of NASDAQ Copenhagen in accordance with applicable rules. Information and reporting DSV has established standardised information and reporting systems to ensure that the financial reporting gives a true and fair view and is in compliance with legislation and that other internal control procedures of the Group are observed. Internal reporting instructions and control procedures are continuously revised and evaluated to constantly ensure that financial reports are reliable and transparent. Management’s position on risk management and changes in reporting requirements is regularly communicated through newsletters, by holding financial conferences for the financial managers of the subsidiaries, through the corporate intranet and dialogue with the individual national managements. Management emphasises an adequate level of internal communication within the framework of the current stock exchange legislation to ensure in the best possible manner that all employees are aware of their responsibilities within the organisation and accordingly are able to effectively and reliably perform their duties. Monitoring The internal control and risk management systems in relation to the presentation of financial statements are monitored at various levels. The monitoring consists of monthly reports to the DSV Management on comprehensive consolidated accounting data and the Group’s segments and markets, and of regular control visits to Group entities and the Audit Committee’s work. Furthermore, Management receives cash reports from the subsidiaries on a weekly basis. The monitoring of the financial reporting process by the Audit Committee is based on regular reports from the Group Finance Department, annual updates on the status of key financial reporting control systems and review of critical accounting estimates and policies. The reports are also reviewed by the external auditors, and the Board of Directors oversees the Executive Board to ensure that it responds effectively in case of weaknesses or deficiencies detected by internal control systems or external audits and that any agreed initiatives to improve risk management and internal control are implemented as planned. DSV has also implemented a global whistleblower programme. The system enables the employees to anonymously report any material offences or suspicion thereof and contributes to strengthening the monitoring of compliance with Group policies. Information regarding the intended use of DSV’s Whistleblower Programme has been communicated to all subsidiaries and is available to all employees at the corporate intranet. DSV A /S STATUTORY CORPOR ATE GOVERNANCE REPORT 3
Download PDF file
Cookie policy