Internal control

Vaisala aims to be a good corporate citizen, and an appropriate level of documented internal control policies support this. According to the Finnish Corporate Governance Code, the purpose of internal control is to ensure the effective and profitable operations of the company, reliable information and compliance with the relevant regulations and operating principles. Internal control aims to improve the efficient fulfillment of the Board’s supervision obligation.

Internal control is a process carried out by the Board of Directors, management and other employees within Vaisala. It is designed to provide reasonable assurance that:

• operations are effective, efficient and aligned with strategy,
• financial reporting and management information is reliable, complete and timely, and
• the Group is in compliance with applicable laws and regulations as well as Vaisala internal policies and ethical values, including sustainability.

The Vaisala internal control framework consists of:
• the internal control, risk management and corporate governance policies and principles set by the Board of Directors,
• management overseeing the implementation and application of the policies and principles
• finance department and business controllers monitoring the efficiency and effectiveness of the operations and reliability of the financial and management reporting
• enterprise risk management process identifying, assessing and mitigating risks threatening the realization of Vaisala’s objectives
• compliance procedures making sure that all applicable laws, regulations, internal policies and ethical values, including sustainability, are adhered to
• effective control environment at all organizational levels including control activities tailored for each process and creating group minimum requirements for business and geographical areas
• shared ethical values and internal control culture among all employees
• internal audit assignments reviewing the effectiveness of the internal controls as needed.

Internal Control roles and responsibilities

Board of directors
• Is ultimately responsible for the administration and the proper organization of the operations of the company
• Ensures that the company has duly endorsed the corporate values applied to its operations.
• Approves the internal control, risk management and corporate governance policies.
• The Board of Directors or the President and CEO can assign Vaisala’s external auditors or other external service provider to perform internal audit assignments as needed.

President and CEO
• Is in charge of the day-to-day management of the company in accordance with the instructions and orders given by the Board
• Sets the ground of the internal control environment by providing leadership and direction to senior managers and reviewing the way they're controlling the business
• Ensures that the accounting practices of the company comply with the law and that the financial matters are handled in a reliable manner.
   
Management Group
• Senior managers assign responsibility for establishment of more specific internal control policies and procedures to personnel responsible for the unit's functions. Of particular significance are financial officers and their staffs, whose control activities cut across, as well as up and down, the operating and other units of the group.

Finance and control function
• Helps units and functions to set up adequate control activities
• Together with risk management director, facilitates the enterprise risk management process and reporting its results to the management
• Operatively follows-up the adequacy and effectiveness of control activities.

Internal audit assignments
• Examines and evaluates the adequacy and effectiveness of the organization's governance, risk management process, system of internal control structure, and the quality of performance in carrying out assigned responsibilities to achieve the organization's stated goals and objectives.

General Counsel, business area and corporate function directors
• Are responsible for making sure that all functions and employees in their responsibility areas adhere to applicable laws, regulations and internal policies.