Internal Control over Financial Reporting is designed to provide reasonable reliability and security of financial reporting and to ensure that external financial reporting is in compliance with applicable laws and accounting standards. The Board of Directors has the ultimate responsibility for Attendo's risk management and internal control which is continuously monitored via the Audit Committee. Attendo’s internal controls are based on principles developed by the Committee of Sponsoring Organizations of the Treadway Commission (COSO).
Areas of responsibility
Attendo has a function responsible for risk management and internal control, which supports the Business Areas in their internal control work. This function works with continuous development and improvement of internal controls for financial reporting, through both preventative measures and annual reviews. The function for internal control continuously reports to the Audit Committee on risk management, control activities and monitoring of financial reports. The internal control function follows an annual plan approved by the Audit Committee. Attendo considers that the internal control function’s work, together with the external audit, provides sufficient reliability in the financial reporting without establishing an independent internal audit department. Attendo’s management continuously evaluates the need for an internal auditing function.
Attendo’s vision and values are based on Attendo’s corporate culture and control environment. Attendo’s Board of Directors has the ultimate responsibility for the Group’s internal controls, which are effected by written instructions and work schedules that define the Board of Directors’ responsibilities and work divisions between the Members of the Board, the Board’s Committees and the CEO. This internal control is based on the Group’s policies, guidelines and instructions that are communicated within the Group and the responsibility and authorities that is implemented. The Group’s corporate governance and governing documents are described in Attendo’s financial manual, which contains all important internal policies and guidelines.
The Audit Committee is represents the Board in matters concerning consolidated financial statements, taxes, risk management and internal controls, as well as external reporting and auditing. The Audit Committee also continuously reviews and monitors the auditor’s independence and impartiality as well as assists at the Annual General Meeting to appoint the auditors in charge. The responsibility for maintaining good internal control is relegated to the CEO.
Attendo’s risk management process is monitored by Attendo’s Audit Committee and is performed by the internal control function. Risk assessment is based on the degree of risk, i.e. the impact on financial reporting and the likelihood of occurrence. Consideration is also given as to what control measures Attendo has implemented to manage risks. The risk assessment is annually updated and the results are reported to the Audit Committee.
Attendo’s Business Area Directors are responsible for the internal control in their respective Business Area. Attendo has based its control environment on the risks identified during the risk assessment process. To ensure a uniform control environment, the function for internal control has created a number of common controls for the critical processes that are to be followed. Each business area is responsible for ensuring that this is done.
Attendo has several activities to follow up financial reporting and ensure that any inaccuracies are discovered and corrected. This is built on a robust reporting structure that begins at the operational level, with each region following up the unit’s results and financial position on a monthly basis. In addition, the regions are monitored by a Business Area Director who, in turn, reports to the CEO on a monthly basis. For assistance, the CEO, the Business Area Directors and the Regional Director has a controller team that continuously monitor the activities and ensure that reporting is complete and accurate in accordance with Attendo’s guidelines.
Information and communication
Attendo’s framework and policies are accessible to all employees via Attendo’s Intranet and other suitable information channels. Other information, for example guidelines and instructions for financial reporting, is found in Attendo’s Finance Manual, and Accounting and Reporting Manual, which is communicated to the concerned persons.
Attendo’s Group accounting team is responsible for statutory accounting and for implementing and communicating the common accounting principles. Communication with the Audit Committee occurs via the function for internal control and the CFO.
The Group’s function for internal control monitors compliance of the Group’s control activities based on the internal control plan that is presented annually to the Audit Committee. Attendo works in several ways to ensure the internal controls meet the Group’s requirements, for example via self-assessments, internal audits and with the help of the company’s external auditors.