Internal control

Internal control

engcon has established an internal control system aimed at achieving an efficient organisation that achieves the targets set by the board of directors. This system includes work to ensure that engcon’s operations are conducted correctly and efficiently, that laws and regulations are complied with and that financial reporting is accurate and reliable and in accordance with applicable laws and regulations.

The board of director’s responsibilities regarding the internal control are regulated in the Swedish Companies Act, the Annual Accounts Act (Sw. årsredovisningslagen) and the Code. In addition, engcon has adopted a policy for internal control and risk management in which the basic principles for engcon’s internal control are established.

Control environment

Internal control is based on divisions of responsibilities through, among other things, the rules of procedure of the board of directors, instructions for the board of directors’ committees, the CEO and the financial reporting as well as the Group’s Code of Conduct and other policies. Compliance with these governing documents and policies is continuously monitored and evaluated by the responsible person.

Risk assessment

engcon conducts an annual group-wide risk assessment where risks are identified and evaluated based on their potential impact on the Group’s ability to achieve its long-term targets and visions and the likelihood of the risks being realised. The risk assessment aims to identify and evaluate risks of material errors in engcon’s financial reporting and other group-wide risks and forms the basis for the work to ensure that financial reporting is reliable and how the risks in the reporting are to be handled through various control structures.

Control activities

engcon has an established internal control process where key controls in the operations are defined and the effectiveness of key controls is regularly followed up. The results are compiled in an internal control report that is presented annually to the board.

Information and communication

engcon’s board has adopted a communication policy and an insider policy that governs engcon’s management and communication of insider information and other information. engcon has established an insider committee, consisting of the CEO, CFO and Head of Investor Relations, that is responsible for the Group’s management of insider information. Group management meetings are to be used as a forum for internal communication and dissemination of information linked to risk management in the Group. It is also the responsibility of the Group management to ensure that the process managers associated with financial reporting have sufficient knowledge of the material risks and related control activities in the specific process.

Governance and follow-up

The Group management is to evaluate that the group-wide risk assessment and management, as well as the specific control activities carried out within the framework of the internal control process, continues to be relevant for managing the material risks that engcon encounters. Control activities must be documented so that their execution is traceable. Follow-up to ensure the effectiveness of internal control is carried out by the board, the audit committee, the CEO, Group Management and the finance department.