Vattenfall - Internal control

Internal control

The Board’s report on internal control of financial reporting

This report has been prepared in accordance with section 3.7.2 of the Swedish Code of Corporate Governance (the Code). It includes a description of the most important internal control routines regarding Vattenfall’s financial reporting.

Control environment

Apart from relevant legislation, the framework surrounding the Board consists of the Swedish state’s ownership and administration policy and the Code. Vattenfall’s Group-wide Code of Conduct, which has been approved by the Board, expresses the expectation that all employees agree to adhere to Vattenfall’s company philosophy, Code of Conduct, core values, policies and rules. The formal decision-making structure in the Group is based on the division of responsibility between the Board and CEO, which the Board has established in its Rules of Procedure. To define and ensure a shared view of roles and responsibilities, the EGM has adopted a management system with governing documents which provide – among other things – Group instructions for decision-making, delegation and authorisation, governance of subsidiaries, risk management and internal control.

Risk analysis

The rules and outcome of the Group’s risk assessment and risk management processes are reviewed by the Board each year. The Board has appointed an audit committee tasked with, among other things, assessing the scope and focus of the Group’s risk management. The Group’s risk management and reporting are co-ordinated by a risk committee that is headed by Vattenfall’s CFO.

Control activities and follow-up

The Board receives monthly financial reports, and the Parent Company’s and Group’s financial position are discussed at every board meeting. The EGM has regular follow-up meetings on the financial outcome with the managementand finance functions of the various business areas. Vattenfall’s management system contains a description of the essential financial reporting processes. The management system serves as a platform for internal control for all units within the Group. The control activities for financial reporting in the Group are followed up, analysed, developed and improved on a continuous basis. In 2007 Vattenfall conducted a Group project aimed at further strengthening internal control of financial reporting. A newly developed framework focusing on adopting key controls in financial reporting was completed during the year. Starting on 1 January 2008, responsibility for reporting, follow-up and continuous development of the framework for good internal control in financial reporting has been transferred from the project organisation to a newly established Compliance Officer function in the Group Function Finance. In addition, Internal Audit has performed and reported on reviews in selected areas.

Information and communication

Information and communication about the Group’s policies, instructions, guidelines and manuals are available on Vattenfall’s intranet. Updates and changes in accounting and reporting principles are communicated via messages on the intranet, e-mail, and at regular meetings held by the Group’s finance and control functions.