Main Features of the Internal Control and Risk Management Systems Pertaining to the Financial Reporting Process
The internal control seeks to ensure the Company's compliance with applicable laws, regulations and with Vaisala's code of conduct as well as the reliability of financial and operational reporting. Furthermore, the internal control seeks to safeguard the Company's assets and to ensure overall effectiveness and efficiency of operations to meet Vaisala's strategic, operational and financial targets. Internal control practices are aligned with Vaisala's risk management process. The goal of the risk management is to support Vaisala's strategy and the achievement of targets by anticipating and managing potential business threats and opportunities.
Vaisala's operating model of internal control and risk management related to financial reporting aims to provide sufficient assurance regarding the reliability of financial reporting and that the financial statements have been prepared in accordance with the applicable laws and regulations, generally accepted accounting principles (IFRS) and other requirements for listed companies. The principal components of internal control are control environment, risk assessment, control activities, communications and monitoring.
The Board of Directors has the overall responsibility for the internal control of financial reporting. The Board of Directors has established a written formal working order that clarifies its responsibilities and regulates the internal distribution of work of the Board of Directors and its committees. The Board of Directors has appointed the Audit Committee whose primary task is to ensure that established principles for financial reporting, risk management and internal control are followed to and that appropriate relations are maintained with the Company's auditors. The President and CEO has the responsibility for maintaining an effective control environment and the ongoing work on internal control as regards the financial reporting. The Internal Audit reports all relevant issues to the Audit Committee and the President and CEO.
The Internal Audit focuses on developing and enhancing control over the financial reporting by proactively concentrating on the internal control environment and by monitoring the effectiveness of the control. The most important internal steering instruments for Vaisala's financial reporting comprise the Code of Conduct, treasury policy, credit policy, accounting policies and reporting instructions.
Vaisala's risk assessment as regards financial reporting aims to identify and evaluate the most significant threats at the levels of Group and reporting segments as well as at the level of functions and processes. The risk assessment results in control targets through which Vaisala seeks to ensure that the fundamental requirements placed on financial reporting are fulfilled. Information on the development of essential risk areas as well as the plans and measures to mitigate the risks are communicated regularly to the Audit Committee.
Vaisala's management has operational responsibility for internal controls. Internal control related to the financial activities as well as to control of the business and the management has been integrated into Vaisala's business processes. Vaisala has defined and documented significant internal control activities related to its financial statement reporting process as part of business processes. Internal control activities include approvals, authorizations, verifications, reconciliations, reviews of operating performance and segregation of duties.
All business units have their own defined controller functions whose representatives participate in planning and evaluating unit performance. They ensure that monthly and quarterly financial reporting follows the company's policies and instructions and that all financial reporting is delivered on time. Management follow-up is carried out through monthly management reporting routines.
Vaisala seeks to ensure that the Company's internal and external communication is open, transparent, accurate and timely. Code of Conduct, treasury policy, credit policy, accounting policies, and reporting instructions as well as disclosure policy are available on Vaisala's intranet. The disclosure policy defines how and when information should be given and by whom it is given. It also defines the accuracy and comprehensiveness of the information in order to fulfill the communication obligations. Vaisala's CFO reports the results of the internal control work and efficiency of the control activities as a standing item on the agenda of the Audit Committee.
The effectiveness of internal control related to financial reporting is monitored by the Board of Directors, the Audit Committee, the President and CEO, Management Group and internal audit. The monitoring includes the follow up of monthly financial reports, review of the rolling estimates and plans, as well as reports from Internal Audit and auditors. The Internal Audit assesses the effectiveness of Vaisala's operations and the adequacy of risk management and reports the risks and weaknesses related to the internal control processes. Internal Audit compiles an annual audit plan, the status and findings of which it regularly reports to Audit Committee and Vaisala's management. Furthermore, the CFO, General Counsel, Internal Audit and Auditor coordinate the audit planning and monitoring at least twice a year.