The Board of Director’s responsibility for internal control is regulated in the Swedish Companies Act, the Swedish Annual Reports Act – which requires that information about the main features of Immunovia’s system of internal control and risk management related to financial reporting each year must be included in the corporate governance report – and the Swedish Corporate Governance Code. The Board of Directors shall, among other things, see to it that Immunovia has sufficient internal control and formalized routines to ensure that established principles for financial reporting and internal control are followed and that there are effective systems for monitoring and control of the Company’s operations and the risks associated with the Company and its operations.
The overall aim of the internal control is to ensure to a reasonable degree that the Company’s operating strategies and targets are followed up and that the owners’ investments are protected. The internal control shall also ensure that the external financial reporting, with reasonable certainty, is reliable and prepared in accordance with IFRS, that applicable laws and regulations are followed, and that the requirements imposed on companies listed at Nasdaq Stockholm are complied with.
The internal control environment consists primarily of the following five components:
The Board of Directors has overall responsibility for the internal control in regard to financial reporting. In order to create and maintain a functioning control environment, the Board of Directors has adopted a number of policies and steering documents governing financial reporting. The internal policy documents consist first and foremost of the rules of procedure for the Board of Directors, instructions for the CEO and instructions for financial reporting. The Board of Directors has also adopted a special authorization procedure and a finance policy. The company also has a finance manual which contains principles, guidelines and process descriptions for accounting and financial reporting. The Board of Directors has established an Audit Committee whose main task is to ensure that established principles for financial reporting and internal control are followed and that regular contacts with the Company’s auditors are maintained. Responsibility for maintaining an effective control environment and the ongoing work of the internal control over financial reporting have been delegated to the Company’s CEO. The CEO reports regularly to the Board in accordance with the established instructions for the CEO and the instructions for financial reporting.
Risk assessment includes identifying risks that may arise if the basic requirements for the financial reporting of the Company are not met. Immunovia’s management team has in a specific risk assessment document identified and evaluated the risks that arise in the Company’s operations, and has assessed how these risks can be managed. Within the Board of Directors, the Audit Committee is primarily responsible for continuously assessing the Company’s risk situation, after which the Board of Directors also conducts an annual review of the risk situation.
Control activities limit the identified risks and ensure accurate and reliable financial reporting. The Board of Directors is responsible for the internal control and monitoring of the Company’s management. This is done by internal control activities, and through examination and monitoring of the Company’s steering documents that are related to risk management.
Information and communication
The Company has information and communication channels intended to promote the accuracy of financial reporting and to facilitate reporting and feedback from operations to the Board and management, for example by making corporate governance documents such as internal policies, guidelines and instructions regarding the financial reporting available and known for the employees concerned. The Board of Directors has also adopted an information policy that governs the Company’s provision of information.
The compliance and effectiveness of internal controls are constantly monitored. The CEO ensures that the Board of Directors receives continuous reports on the development of the Company’s activities, including the development of the Company’s results and financial position, and information about important events, such as research and important contracts. The CEO also reports on these issues at each Board meeting.
The Audit Committee’s role is mainly to monitor the Company’s financial position, to monitor the effectiveness of the Company’s internal control, internal audit and risk management, to be informed about the audit of the annual report and consolidated financial statements, and to review and monitor the auditor’s impartiality and independence. The Audit Committee shall also assist the Nomination Committee in proposals for decisions on the election and remuneration of the auditor.
After the annual general meeting in 2017 until the next annual general meeting during 2018, the Audit Committee has been comprised of Åsa Hedin and Hans Johansson.