Internal Control over Financial Reporting 2012
This section has been prepared in accordance with the Annual Accounts Act and the Swedish Corporate Governance Code and is limited to internal control over financial reporting.
Since Ericsson is listed in the United States, the requirements outlined in the Sarbanes-Oxley Act (SOX) apply. These regulate the establishment and maintenance of internal controls over financial reporting as well as management’s assessment of the effectiveness of the controls.
In order to support high quality reporting and to meet the requirement of SOX, the Company has implemented detailed documented controls and testing and reporting procedures based on the internationally established COSO framework for internal control. The COSO framework is issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO).
Management’s internal control report according to SOX will be included in Ericsson’s Annual Report on Form 20-F and filed with the SEC in the United States.
During 2012, the Company has included operations of acquired entities as well as continued to improve the design and execution of its financial reporting controls.
Ericsson’s financial disclosure policies aim to ensure transparent, relevant and consistent communication with equity and debt investors on a fair and equal basis. This will support a fair market value for Ericsson securities. Ericsson wants current and potential investors to have a good understanding of how the Company works, including operational performance, prospects and potential risks.
To achieve these objectives, financial reporting and disclosure must be:
- Transparent – enhancing understanding of the economic drivers and operational performance of the business, building trust and credibility
- Consistent – comparable in scope and level of detail to facilitate comparison between reporting periods
- Simple – to support understanding of business operations and performance and to avoid misinterpretations
- Relevant – with focus on what is relevant to Ericsson’s stakeholders or required by regulation or listing agreements, to avoid information overload
- Timely – with regular scheduled disclosures as well as ad-hoc information, such as press releases on important events, performed in a timely manner
- Fair and equal – where all material information is published via press releases to ensure that the whole investor community receives the information at the same time
- Complete, free from material errors and a reflection of best practice – disclosure is compliant with applicable financial reporting standards and listing requirements and in line with industry norms.
Ericsson’s website comprises comprehensive information on the Group, including:
- An archive of annual and interim reports
- On-demand access to recent news
- Copies of presentations given by senior management at industry conferences.
Disclosure controls and procedures
Ericsson has controls and procedures in place to allow for timely information disclosure under applicable laws and regulations, including the US Securities Exchange Act of 1934, and under agreements with NASDAQ OMX Stockholm and NASDAQ New York. These procedures also require that such information is provided to management, including the CEO and CFO, so timely decisions can be made regarding required disclosure.
The Disclosure Committee comprises members with various expertise. It assists managers in fulfilling their responsibility regarding disclosures made to the shareholders and the investment community. One of the main tasks of the committee is to monitor the integrity and effectiveness of the disclosure controls and procedures.
Ericsson has investments in certain entities that the Company does not control or manage. With respect to such entities, disclosure controls and procedures are substantially more limited than those maintained with respect to subsidiaries.
During the year, Ericsson’s President and CEO and the CFO evaluated the disclosure controls and procedures and concluded that they were effective at a reasonable assurance level as at December 31, 2012.
Internal control over financial reporting
Ericsson has integrated risk management and internal control into its business processes. As defined in the COSO framework, internal control is an aggregation of components such as a control environment, risk assessment, control activities, information and communication and monitoring.
During the period covered by the Annual Report 2012, there were no changes to the internal control over financial reporting that have materially affected, or are likely to materially affect, the internal control over financial reporting.
The Company’s internal control structure is based on the division of tasks between the Board of Directors and its Committees and the President and CEO. The Company has implemented a management system that is based on:
- Steering documents, such as policies, directives and a Code of Business Ethics
- A strong corporate culture
- The Company’s organization and mode of operations, with well-defined roles and responsibilities and delegations of authority
- Several well-defined Group-wide processes for planning, operations and support.
The most essential parts of the control environment relative to financial reporting are included in steering documents and processes for accounting and financial reporting. These steering documents are updated regularly to include, among other things:
- Changes to laws
- Financial reporting standards and listing requirements, such as IFRS and SOX.
The processes include specific controls to be performed to ensure high quality financial reports. The management of each reporting legal entity, region and business unit is supported by a financial controller function with execution of controls related to transactions and reporting. The financial controller functions are organized in a number of Company Control Hubs, each supporting a number of legal entities within a geographical area. A financial controller function is also established on Group level, reporting to the CFO.
Risks of material misstatements in financial reporting may exist in relation to recognition and measurement of assets, liabilities, revenue and cost or insufficient disclosure. Other risks related to financial reporting include fraud, loss or embezzlement of assets and undue favorable treatment of counterparties at the expense of the Company.
Policies and directives regarding accounting and financial reporting cover areas of particular significance to support correct, complete and timely accounting, reporting and disclosure.
Identified types of risks are mitigated through well-defined business processes with integrated risk management activities, segregation of duties and appropriate delegation of authority. This requires specific approval of material transactions and ensures adequate asset management.
The Company’s business processes include financial controls regarding the approval and accounting of business transactions. The financial closing and reporting process has controls regarding recognition, measurement and disclosure. These include the application of critical accounting policies and estimates, in individual subsidiaries as well as in the consolidated accounts.
Regular analyses of the financial results for each subsidiary, region and business unit cover the significant elements of assets, liabilities, revenues, costs and cash flow. Together with further analysis of the consolidated financial statements performed at Group level, these procedures are designed to produce financial reports without material errors.
For external financial reporting purposes, the Disclosure Committee performs additional control procedures to review whether the disclosure requirements are fulfilled.
The Company has implemented controls to ensure that financial reports are prepared in accordance with its internal accounting and reporting policies and IFRS as well as with relevant listing regulations. It maintains detailed documentation on internal controls related to accounting and financial reporting. It also keeps records on the monitoring of the execution and results of such controls. This allows the President and CEO and the CFO to assess the effectiveness of the controls in a way that is compliant with SOX.
Entity-wide controls, focusing on the control environment and compliance with financial reporting policies and directives, are implemented in all subsidiaries. Detailed process controls and documentation of controls performed are also implemented in almost all subsidiaries, covering the items with significant materiality and risk.
In order to secure compliance, governance and risk management in the areas of legal entity accounting and taxation, as well as securing funding and equity levels, the Company operates through a Company Control hub structure, covering subsidiaries in each respective geographical area.
Based on a common IT platform, a common chart of account and common master data, the hubs and shared services centers perform accounting and financial reporting services for most subsidiaries.
Information and communication
The Company’s information and communication channels support complete, correct and timely financial reporting by making all relevant internal process instructions and policies accessible to all the employees concerned. Regular updates and briefing documents regarding changes in accounting policies, reporting and disclosure requirements are also supplied.
Subsidiaries and operating units prepare regular financial and management reports for internal steering groups and Company management. These include analysis and comments on financial performance and risks. The Board of Directors receives financial reports monthly. Ericsson has established a whistleblower procedure for the reporting of alleged violations that (i) are conducted by Group or local management, and (ii) relate to corruption, questionable accounting or auditing matters or otherwise seriously affect vital interests of the Group or personal health and safety.
The Company’s process for financial reporting is reviewed annually by the management. This forms a basis for evaluating the internal management system and internal steering documents to ensure that they cover all significant areas related to financial reporting. The shared service center and company control hub management continuously monitors accounting quality through a set of performance indicators. Compliance with policies and directives is monitored through annual self-assessments and representation letters from heads and company controllers in all subsidiaries as well as in business units and regions.
The Company’s financial performance is also reviewed at each Board meeting. The Committees of the Board fulfill important monitoring functions regarding remuneration, borrowing, investments, customer finance, cash management, financial reporting and internal control. The Audit Committee and the Board of Directors review all interim and annual financial reports before they are released to the market. The Company’s internal audit function reports directly to the Audit Committee. The Audit Committee also receives regular reports from the external auditor. The Audit Committee follows up on any actions taken to improve or modify controls.
BOARD OF DIRECTORS
Stockholm, March 5, 2013
Telefonaktiebolaget LM Ericsson (publ)
Org. no. 556016–0680