Internal control, risk management and internal audit

Internal control, risk management and internal auditing are crucial elements of Marimekko’s administration and management. The Board of Directors and the President and CEO bear responsibility for organising controls. The Audit and Remuneration Committee will handle and prepare matters relating to risk management.

Risk management and risks

Marimekko Corporation’s risk management is based on the risk management policy confirmed by the company’s Board of Directors, which defines the principles, objectives and responsibilities of risk management, as well as the organisation and control of the risk management process.

Risk management principles

Marimekko Corporation’s risk management aims to safeguard the smooth continuity of business operations and ensure stable profit development for the company.

Comprehensive risk management is an ongoing, systematic process which involves identifying and evaluating risks associated with the company’s operations and operating environment. The company’s key risks comprise risks which could prevent company from exploiting business opportunities or jeopardise or prevent the achievement of the strategic objectives of the Group or a Group company, or the continuity of operations or would otherwise have significant consequences for the company, its personnel or stakeholders. Risk management is an integral element of the company’s management and decision-making process, covering all of the Group’s functions.

A more detailed description of Marimekko’s risk management process and the most significant risks is available under Risk management and risks.

Internal control and internal audit

Marimekko applies internal control principles and an operating plan for the execution and monitoring of internal control. Considering the nature and extent of the company’s business, Marimekko has not found it necessary to establish a separate internal audit function. The Audit and Remuneration Committee is responsible for monitoring the efficiency of internal controls and risk management and reporting it to the Board at least once a year. The Board verifies the level of internal control. Where necessary, the Board may purchase internal audit services from an external service provider.

In the Marimekko Group, internal control is a process, for which the Board of Directors and the President and CEO are responsible.

The objective of internal control is to provide reasonable assurance that:

•    the company’s operations are effective and aligned with strategy
•    financial reporting and management information is reliable
•    the Group is in compliance with applicable laws and regulations
•    Code of Conduct and ethical values are established.

The system of internal control of Marimekko Corporation is based on the Committee of Sponsoring Organizations (COSO) framework, which consists of five key components: the control environment, risk assessment, control activities, information and communication and monitoring.