EUROPE

NORTH AMERICA

LATIN AMERICA

ASIA & OCEANIA

Contact us
Home icon Kalmar global / Investors / Governance / Internal control and risk management
Share: KALMAR.HE31.08

Internal control and risk management

Internal control and risk management

 

Internal Control

The Board of Directors ensures that Kalmar has defined the operating principles of internal control including approving the Internal Control Policy. Kalmar’s Internal Control Policy specifies the applicable control principles, procedures and responsibilities. These principles are designed to ensure that Kalmar operates efficiently and economically, provides accurate and reliable financial and other key data; and complies  with applicable laws, regulations, policies, and practices.

Responsibility for internal control is divided into three tiers. The first tier is part of the daily operations of line management who have ownership of internal controls. The second tier is formed of group support functions, which define instructions applicable across the Company, supervise risk management and monitor the operation of internal controls. The third tier, internal audit, is responsible for providing independent, objective assurance and advice on the operational effectiveness of the first two tiers.

For the financial reporting process, these controls are supported by Kalmar’s accounting policies and guidelines, as well as its internal financial reporting process where the reports are reviewed at a relevant operative management level, followed by group management level reviews.

The company SpeakUp Line gives an opportunity to confidentially and anonymously raise concerns of possible misconduct or other matters that may not be in line with company values and policies.

 

Internal Audit

The purpose of the Internal Audit function is to strengthen Kalmar’s ability to create, protect, and

sustain value by providing the ARC and management with risk-based and objective assurance, advice, insight, and foresight. 

 

Internal Audit’s role, positioning and key principles within Kalmar are described in the Internal Audit Charter approved by the ARC. In order to secure the organisational authority and independence the Head of Internal Audit reports functionally to the ARC, and administratively to the CFO.

 

The scope of internal audit activities encompasses but is not limited to providing assessments on the adequacy and effectiveness of governance, risk management, and control processes for Kalmar. Internal audit work is carried out based on a rolling, flexible assignment plan which considers Kalmar’s strategic priorities, key risks and specific requests from the ARC and management. The plan is approved by the ARC and also the internal audit overall results and significant findings, including follow up results, are communicated to them and the management.

 

 

Risk management

Kalmar's risk management aims at anticipating risks involved in operations and managing them in the appropriate manner. The purpose of this is to support the values, strategy and goals, and the continuity of operations.

 

Kalmar’s global operations require comprehensive risk management. Kalmar defines a risk as any internal or external threat or uncertainty which may prevent or jeopardise operations and the achievement of company objectives.

 

At Kalmar, risk management is part of internal control operations. The key principle is continuous, systematic and preventive action taken to identify risks, define the company’s risk appetite, assess and manage risks and, should they materialise, deal with them effectively.

 

Responsibilities

The objectives and principles of risk management are defined in the Kalmar Risk management policy approved by the Board of Directors. Kalmar’s risk management is spread across units and corporate support functions that assign responsibility for risk management and which are in charge of identifying, managing and reporting risks.

 

The Board of Directors is responsible for ensuring sufficient risk management and control. The Board is also responsible for defining Kalmar’s risk appetite, that is, the level of risk accepted, on an overall basis. The Board shall receive relevant and timely reporting on risks and risk management as defined in the risk management policy, and it can mandate the Audit and Risk Management Committee of the Board to assist in the practical oversight role.

 

The President and CEO and Leadership Team are responsible for the methods, implementation and supervision of risk management, and report on these to the Board of Directors.

 

As far as it is possible and practical, risk management is conducted within business units and support functions as part of day-to-day processes. Identification, assessment, treatment planning and reporting are part of Kalmar’s planning and decision-making processes. Follow-up of risks and risk management actions forms part of the management and follow-up of the company’s operations as a whole. Each Kalmar employee is responsible for identifying, assessing and managing risks in his or her area of responsibility, and for reporting any significant risks to the relevant managers.

 

The role of the corporate risk management function is to develop and coordinate the overall risk management framework and process. This function supports the businesses in implementing risk management and performs certain specified tasks, such as the coordination of global insurance programmes.

 

Climate-related risks and opportunities are identified and assessed with the help of the general corporate risk management process as well as a dedicated climate-related risk management process, created by the corporate sustainability and strategy teams. Financial risks are managed centrally by the Corporate Treasury and reported on for corporate management and the Audit and Risk Management Committee on a regular basis.