• IRRIGATION
  • ASPIRATION
  • TRANSFORMATION

Internal control

Under the Companies Act and the Code, the Board of Directors is responsible for internal control. The Board’s internal control activities are based on the company’s control environment, risk assessment, control activities, information and communication, and monitoring. Internal control is a process that is impacted by the Board, company management and other employees, and is designed to provide reasonable assurance that the company’s goals with respect to suitable and efficient operations, reliable financial reporting and compliance with laws and regulations are achieved.

Control environment
The Board of Directors has overall responsibility for establishing and maintaining proper internal control by shaping the organization, decision making channels, authorizations and responsibilities as expressed in policies and guidelines. Shared values create consensus and strengthen internal control. The structure created in 2017 and improved during the following years worked well in 2022 and only minor adjustments to specific controls were made. The Board establishes certain policies and instructions, including authorization instructions. The Board and company management consider quick, correct reporting to be important. The accounting function ensures that all operations are evaluated and their efficiency enhanced. The evaluation of internal control in the Group follows a plan approved annually by the Audit Committee. Responsibility for creating processes with suitable internal control lies with the respective department manager. 

Risk assessment
The company has established a process for risk assessment and risk management in order to ensure that the risks the company is exposed to are handled within the framework established by the Board. This is monitored by the Audit Committee through regular reporting from company management, which presents risk status updates and ongoing activities for managing the company’s risks. Risk assessments with mitigation actions are regularly presented to the Board of Directors, which also resolves on the company’s risk appetite. 

Business processes are evaluated with regard to efficiency and risk. This includes identifying risks for inaccuracies in the financial reports. The company’s support processes are also analyzed. An overall risk assessment is conducted yearly. The risks are graded and linked to processes. Processes deemed to be critical include development, manufacturing, sales and support processes such as accounting and IT. Processes for payments, salaries and pensions are also deemed to be critical and are included in evaluations. Any risks of material errors or shortcomings in the financial reports are to be reported to the Audit Committee.

Control activities
Identified risks regarding financial reporting are managed through control measures that limit the identified risks and ensure correct and reliable reporting. Control activities are developed by documenting important processes and defining central activities, after which the controls for them are determined and implemented. 
All of the company’s risk management activities and controls are managed in the Stratsys support system.

Information and communication
The Board and company management have established information and communication channels to ensure the company’s financial reporting is complete and correct. Policy documents such as internal policies, guidelines and instructions are available through the company’s quality system. Personnel from Group management regularly visit all the companies in the Group.

Monitoring
The Board of Directors has determined that internal control is to be monitored through self-assessment and testing of controls. Self-assessment means that the person responsible for each control evaluates the process and decides how well it has per - formed during the period. Regular testing of all of the company’s controls is conducted by an internal, independent party, and is reported to the Audit Committee together with planned measures to improve any weaknesses in the controls. 

The company’s improvement efforts in 2022 included improved process documentation with focus on processes related to the company’s ERP. The purpose of the review is to identify the overall control environment and material risks, and to introduce shared rules regarding overall control issues. 

The Audit Committee monitors the company’s internal control activities through continual feedback, and has regular contact with the external auditors, which also contributes to the Board’s overall picture of internal control.

Planned activities for 2023
In 2023 the company will maintain the focus on the project processes and on an updated process mapping of all major financial processes in the company.