Internal control

Pursuant to the Swedish Companies Act and the Swedish Corporate Governance Code, the Board is responsible for internal controls.

Pursuant to the Swedish Companies Act and the Swedish Corporate Governance Code, the Board is responsible for internal controls.

Internal control is important for ensuring that the goals and strategies set achieve the desired results, that there is compliance with laws and ordinances, and the risk of undesirable events and misstatements in financial reporting is minimised. Kungsleden's report has been prepared pursuant to section 3.7.2 and 3.7.3 of the Code as well as the established COSO framework, which consists of the following components:

  • Control environment
  • Risk assessment
  • Control activities
  • Information and communication
  • Monitoring

Internal controls are considered satisfactory and expedient for an organisation of Kungsleden’s scale.

Control environment

Kungsleden’s internal controls rest on the control environment the Board and Management operate from continuously, as well as the decision paths, authorisations and responsibilities communicated within the organisation.

Risk assessment

Maintaining a clear view of the risk of the misstatement possible in external reporting, and that organisational resources and processes to manage these risks are in place, is a significant component of internal controls. Kungsleden works continuously and actively on mapping,

evaluating and managing the risks the company faces in its financial reporting. An assessment of risks of misstatement in financial reporting is conducted yearly for each line of the income statement, statement of financial position and cash flow statement. Processes are in place to minimise the risk of misstatement in those items subject to a material and/or increased risk. The processes apply not only to the actual accounting procedures, but also encompass business control and business planning processes, as well as IT systems.

Examples of  operational control are those tools of control instruments that have been produced. They are used firstly for preparations for property acquisitions and divestments, and secondly for overall monitoring of operations, as well as supporting data for valuations.

Control activities

Kungsleden has structured its internal controls so that control activities are conducted as a matter of routine, at an overall level, or are of a more process-oriented nature. Overall controls include ongoing performance analysis based on operational and legal group structure, and an analysis of KPIs. Formal reconciliation, authorisation and similar controls are examples of procedures or process-oriented controls designed to prevent, discover and rectify misstatements and variances. Control activities have been designed to address the material risks in financial reporting.

Information and communication

The Board of Directors receives regular accounting reports, and deals with the Group’s accounting position at four Board meetings per year. The company’s auditor makes a personal report on his observations from the audit and evaluation of internal controls once per year. Kungsleden has a policy ensuring that employees can anonymously contact a third party to report actions or other impropriety that involve breaches, or suspected breaches, of laws or other guidelines and regulations, anonymously and without consequence. A whistleblower system is available from Kungsleden’s website. All potentially share-price-sensitive information is reported to the market via press releases. The company ensures that this information reaches the market simultaneously. The CEO, Deputy CEO/CFO are Kungsleden’s designated spokespeople on financial issues.

Monitoring

The Board requires Management to assess the risks of operations continuously. The results are compiled in reports that are presented to the Audit Committee. Internal controls are considered satisfactory and expedient for an organisation of Kungsleden’s scale. Kungsleden’s Board judges that at present, the company does not need an internal audit function.