Internal control and risk management systems in relation to the preparation of the consolidated financial statements
The following description of Bekaert’s internal control and risk management systems is based on the Internal Control Integrated Framework (1992) and the Enterprise Risk Management Framework (2004) published by the Committee of Sponsoring Organizations of the Treadway Commission (“COSO”).
The accounting and control organization consists of three levels: (i) the accounting team in the different legal entities or shared service centers, responsible for the preparation and reporting of the financial information, (ii) the controllers at the different levels in the organization (such as plant and region), responsible inter alia for the review of the financial information in their area of responsibility, and (iii) the Group Control Department, responsible for the final review of the financial information of the different legal entities and for the preparation of the consolidated financial statements.
Next to the structured controls outlined above, the Internal Audit Department conducts a risk based audit program to validate the internal control effectiveness in the different processes at legal entity level to assure a reliable financial reporting.
Bekaert’s consolidated financial statements are prepared in accordance with the International Financial Reporting Standards (IFRS) which have been endorsed by the European Union. These financial statements are also in compliance with the IFRS as issued by the International Accounting Standards Board.
All IFRS accounting principles, guidelines and interpretations, to be applied by all legal entities, are grouped in the IFRS manual, which is available on the Bekaert intranet to all employees involved in financial reporting. Such manual is regularly updated by Group Control in case of relevant changes in IFRS, or interpretations thereof, and the users are informed of any such changes. IFRS trainings take place in the different regions when deemed necessary or appropriate.
The vast majority of the Group companies use Bekaert’s global enterprise resource planning (“ERP”) system, and the accounting transactions are registered in a common operating chart of accounts, whereby accounting manuals describe the standard way of booking of the most relevant transactions. Such accounting manuals are explained to the users during training sessions, and are available on the Bekaert intranet.
The in 2016 acquired companies of the Bridon Group are using different systems which are in the process of being aligned to and harmonized in the way of working to the existing Bekaert practices. All Group companies use the same software to report the financial data for consolidation and external reporting purposes. A reporting manual is available on the Bekaert intranet and trainings take place when deemed necessary or appropriate.
Appropriate measures are taken to assure a timely and qualitative reporting and to reduce the potential risks related to the financial reporting process, including: (i) proper coordination between the Corporate Communication Department and Group Control, (ii) careful planning of all activities, including owners and timings, (iii) guidelines which are distributed by Group Control to the owners prior to the quarterly reporting, including relevant points of attention, and (iv) follow-up and feedback of the timeliness, quality and lessons learned in order to strive for continuous improvement.
A quarterly review takes place of the financial results, findings by the Internal Audit Department, and other important control events, the results of which are discussed with the Statutory Auditor.
Material changes to the IFRS accounting principles are coordinated by Group Control, reviewed by the Statutory Auditor, reported to the Audit and Finance Committee, and acknowledged by the Board of Directors of the Company.
Material changes to the statutory accounting principles of a Group company are approved by its Board of Directors.
The proper application by the legal entities of the accounting principles as described in the IFRS manual, as well as the accuracy, consistency and completeness of the reported information, is reviewed on an ongoing basis by the control organization (as described above).
In addition, all relevant entities are controlled by the Internal Audit Department on a periodic basis. Policies and procedures are in place for the most important underlying processes (sales, procurement, investments, treasury, etc.), and are subject to (i) an evaluation by the respective management teams using a self-assessment tool, and (ii) control by the Internal Audit Department on a rotating basis.
A close monitoring of potential segregation of duties conflicts in the ERP system is carried out.
Information and communication
Bekaert has deployed in the majority of the Group companies a global ERP system platform to support the efficient processing of business transactions and provide its management with transparent and reliable management information to monitor, control and direct its business operations.
The provision of information technology services to run, maintain and develop those systems is to a large extent outsourced to professional IT service delivery organizations which are directed and controlled through appropriate IT governance structures and monitored on their delivery performance through comprehensive service level agreements.
Together with its IT providers, Bekaert has implemented adequate management processes to assure that appropriate measures are taken on a daily basis to sustain the performance, availability and integrity of its IT systems. At regular intervals the adequacy of those procedures is reviewed and audited and where needed further optimized.
Proper assignment of responsibilities, and coordination between the pertinent departments, assures an efficient and timely communication process of periodic financial information to the market. In the first and third quarters a trading update is released, whereas at midyear and year end all relevant financial information is disclosed. Prior to the external reporting, the sales and financial information is subject to (i) the appropriate controls by the above-mentioned control organization, (ii) review by the Audit and Finance Committee, and (iii) approval by the Board of Directors of the Company.
Any significant change of the IFRS accounting principles as applied by Bekaert is subject to review by the Audit and Finance Committee and approval by the Company’s Board of Directors, including the first-time adoption of IFRS in 2000.
On a periodic basis, the members of the Board of Directors are updated on the evolution and important changes in the underlying IFRS standards. All relevant financial information is presented to the Audit and Finance Committee and the Board of Directors to enable them to analyze the financial statements. All related press releases are approved prior to communication to the market.
Relevant findings by the Internal Audit Department and/or the Statutory Auditor on the application of the accounting principles, as well as the adequacy of the policies and procedures, and segregation of duties, are reported to the Audit and Finance Committee.
Also a periodic treasury update is submitted to the Audit and Finance Committee.
A procedure is in place to convene the appropriate governing body of the Company on short notice if and when circumstances so dictate.
General internal control and ERM
The Board of Directors and the BGE have approved the Bekaert Code of Conduct, which was first issued on 1 December 2004. The last update was done in November 2017. The Code of Conduct sets forth the Bekaert mission and beliefs as well as the basic principles of how Bekaert wants to do business. Implementation of the Code of Conduct is mandatory for all companies of the Group.
The Code of Conduct is included in the Bekaert Charter as Appendix 3 and available at www.bekaert.com.
More detailed policies and guidelines are developed as considered necessary to ensure consistent implementation of the Code of Conduct throughout the Group.
Bekaert’s internal control framework consists of a set of group policies for the main business processes, which applies Group-wide. Bekaert has different tools in place to constantly monitor the effectiveness and efficiency of the design and the operation of the internal control framework. A mandatory training on internal control is organized for all new employees and a self-assessment tool is in place allowing management teams to evaluate themselves on the internal control status. The Internal Audit Department monitors the internal control situation based on the global framework and reports to the Audit and Finance Committee at each of its meetings.
The BGE regularly evaluates the Group’s exposure to risk, its potential financial impact and the actions required to monitor and control the exposure.
At the request of the Board of Directors and the Audit and Finance Committee management has developed a permanent global enterprise risk management (“ERM”) framework to assist the Group in managing uncertainty in Bekaert’s value creation process on an explicit basis.
The framework consists of the identification, assessment and prioritization of the major risks confronting Bekaert, and of the continuous reporting and monitoring of those major risks (including the development and implementation of risk mitigation plans).
The risks are identified in five risk categories: business, operational, financial, corporate and country risks. The identified risks are classified on two axes: probability and impact or consequence. Decisions are made and action plans defined to mitigate the identified risks.
Also the risk sensitivity evolution (decrease, increase, stable) is measured to address the effectiveness of the action implementation and potential risk context changes.
Bekaert’s 2017 ERM report includes among others, the following potential risks:
- overall pressure on profitability;
- political/economic/social instability in emerging countries (e.g. Venezuela, Russia);
- globalizing competition;
- asset and profit concentration (e.g. in one city);
- intellectual property risk (overall and permanent risk);
- non-compliance risk with local regulations and with the Bekaert standards;
- wire rod price volatility and source dependency;
- evolution of environmental regulations;
- creditworthiness of customers; and
- the risk of failure of the banking system in specific countries.