You are here: Home /
Investor Relations /
Corporate Governance / Risk Management and Internal Control
Risk Management and Internal Control
The Management Board confirms that it is responsible for risk management, internal control, and integrity and compliance systems and has reviewed the operational effectiveness of these systems. The Board believes that the company maintains a system of risk management and internal control that complies with the Dutch Code of Corporate Governance and suits our business needs and structure.
Internal control systems are designed to manage, rather than eliminate, the risk of failure to achieve business objectives, and can provide reasonable, but not absolute, assurance against material misstatement or loss. As such, the controls are subject to regular review as the business evolves and changes.
The company views the careful management of risk as a key management activity. The Board reviews the effectiveness of the systems of internal control relative to strategic, financial, operational and compliance risks. The Board discusses risk management and internal controls with the Supervisory Board on at least a quarterly basis.
We embed risk management into periodic planning and internal control mechanisms. A top-down approach is followed, whereby we identify the major risks that could affect our business and our preparedness should these problems arise.
The above however does not imply that we can provide certainty as to the realisation of business and financial strategic objectives, nor can the followed approach to internal control over financial reporting be expected to prevent or detect all misstatements, errors, fraud or violation of law or regulations. As such, the controls are subject to regular review as the business evolves and changes.
The key features of the systems of internal control are as follow.
Assurance on compliance with systems of internal control, and on their effectiveness, is obtained through management reviews, control self assessment, internal audits and testing of certain aspects of the internal financial control systems by the external auditors during the course of their audit.
During 2008 we made the following changes to our internal control systems, which we believe have led to improvements in our control environment:
Internal control over financial reporting
Internal control over financial reporting is a process designed to provide reasonable, but not absolute, assurance regarding the reliability of management and financial reporting, in accordance with generally accepted accounting principles. Controls over financial reporting policies and procedures include controls to ensure that:
Statement within the meaning of article 5:25C (2) (C) Financial Markets Supervision Act
The Management Board states that, to the best of their knowledge,
Harold Goddijn, CEO
Marina Wyatt, CFO
Alain De Taeye, member of the Management Board
23 February 2009
Updated by TomTom IR September 2009
Internal control systems are designed to manage, rather than eliminate, the risk of failure to achieve business objectives, and can provide reasonable, but not absolute, assurance against material misstatement or loss. As such, the controls are subject to regular review as the business evolves and changes.
The company views the careful management of risk as a key management activity. The Board reviews the effectiveness of the systems of internal control relative to strategic, financial, operational and compliance risks. The Board discusses risk management and internal controls with the Supervisory Board on at least a quarterly basis.
We embed risk management into periodic planning and internal control mechanisms. A top-down approach is followed, whereby we identify the major risks that could affect our business and our preparedness should these problems arise.
The above however does not imply that we can provide certainty as to the realisation of business and financial strategic objectives, nor can the followed approach to internal control over financial reporting be expected to prevent or detect all misstatements, errors, fraud or violation of law or regulations. As such, the controls are subject to regular review as the business evolves and changes.
The key features of the systems of internal control are as follow.
-
Clearly defined lines of accountability and delegation of authority are in place, together with comprehensive reporting and analysis against approved budgets.
We minimise our operating risk by ensuring that the appropriate infrastructure, controls, systems and people are in place throughout the businesses. Key policies employed in managing operating risk include segregation of duties, authorisation of transactions, monitoring, and financial and management reporting.
Centralised treasury operations manage the investment of cash balances and exposure to currency transaction risks. Treasury policies, risk limits and monitoring procedures that are approved annually by the Supervisory Board.
A Code of Conduct and a Code of Ethics is accessible by staff via our intranet site. The Code of Conduct is also available on the TomTom website (www.tomtom.com).
Assurance on compliance with systems of internal control, and on their effectiveness, is obtained through management reviews, control self assessment, internal audits and testing of certain aspects of the internal financial control systems by the external auditors during the course of their audit.
During 2008 we made the following changes to our internal control systems, which we believe have led to improvements in our control environment:
-
implementation of a new organisational Group structure consisting of five business units and two supporting centres;
formation of a Technology Board, determining the long-term shared technologies roadmap for driving the engineering resources across all business units;
restructuring Tele Atlas from a regional to centralised organisation;
implementation of a new Enterprise Resource Planning system for the TomTom PND and WORK business units;
launch of a new financial planning and reporting system;
adoption of a new help desk system to track customer returns and supports the return material authorisation process; and
integration of the Tele Atlas insurance contracts into the Group Corporate Insurance portfolio and implementation of changes to improve coverage and to identify and mitigate additional areas of risk.
Internal control over financial reporting
Internal control over financial reporting is a process designed to provide reasonable, but not absolute, assurance regarding the reliability of management and financial reporting, in accordance with generally accepted accounting principles. Controls over financial reporting policies and procedures include controls to ensure that:
-
commitments and expenditures are appropriately authorised by management;
records are maintained which accurately and fairly reflect transactions;
any unauthorised acquisition, use or disposal of the company's assets that could have a material effect on our financial statements would be detected on a timely basis; and
transactions are recorded as required to permit the preparation of financial statements.
Statement within the meaning of article 5:25C (2) (C) Financial Markets Supervision Act
The Management Board states that, to the best of their knowledge,
-
the annual Financial Statements give a true and fair view of the assets, liabilities, financial position and profit or loss and the undertakings included in the consolidation taken as a whole, and
the management report includes a fair review of the development and performance of the business and the position of the company and the undertakings included in the consolidation taken as a whole, together with a description of the principal risks and uncertainties that the company faces.
Harold Goddijn, CEO
Marina Wyatt, CFO
Alain De Taeye, member of the Management Board
23 February 2009
Updated by TomTom IR September 2009