Internal control and compliance
This is where we describe the most important elements of Nobina’s system for internal control and risk management in conjunction with its financial reporting. The purpose of internal control is to ensure correct, appropriate and reliable financial reporting and disclosures.
Nobina’s internal control is shaped by the overall control environment. The Board of Directors is responsible for establishing an efficient system for internal control and then steers the internal control work through the Audit Committee, Nobina’s CEO and Group management. They are, in turn, responsible for ensuring that operations and all employees comply with the internal governance and control structures. Achieving a strong and transparent control environment requires a good organisational structure, clear decision-making procedures, Group-wide values in terms of ethics and integrity, and clearly defined and communicated authorities through internal qualitative control parameters, comprising, for example, policies, instructions and guidelines.
Nobina’s operational governance of its control environment is based on a process-oriented management system, which aims to ensure behaviour and a corporate culture with integrity and that does not compromise on ethical values. The corporate culture includes employees’ experience, skills, attitudes, ethical values and perception of how responsibility and authority are distributed. The control process comprises the operations’ main processes and frameworks, which include Group policies and instructions at Group and local level. Each main process has a process owner who is responsible for the process and for proposing preventative measures, as well as suggestions on how to develop and improve the process. Nobina’s various business leaders are responsible for implementation, and the follow-up and correction of deficiencies in the different main processes.
Nobina also has other control processes that act as an extension of the main operational control. Among other features, there is a compliance function that is independent from business operations at the same time as serving as a support function for the Group’s operations. The function supports business operations and management in matters involving regulatory compliance and works proactively to update the company on new regulations and other external events that could impact our business. The function also continuously follows up various activities and reports compliance risks that may arise if Nobina does not comply with external and internal rules. Included in this function are also organisations in information security and data protection, which in turn work with compliance through their structures. The compliance work is strengthened through Nobina’s KAMS activities (quality, work environment, environment and safety), which are integrated throughout the Group, at central and local level, to enable us to prevent operational risks, for example. This work is evaluated through regular self-inspections and internal audits.
Nobina also has an internal and external whistleblower service that employees can reach on the intranet and other stakeholders through the companies’ websites. The purpose is to identify at an early stage economic crimes and any deviation from, for example, Nobina’s values and business ethics guidelines. Anonymity and professional handling are guaranteed by the person wanting to make a report doing so completely anonymously through Nobina’s external partner, who administers the service.
- Security policy
- Employee policy
- Environmental policy
- Purchasing policy
- Nobina’s values
- Insider policy
- Information security policy
- Communication policy
- Authorisation policy
- Code of Conduct
- Financial policy