Internal controls

Internal controls

Internal Control is one of Ordina’s main priorities. The internal control structure is constantly reviewed and professionalised, with the emphasis being placed on governance structure, processes, systems and specific controls, as well as raising awareness amongst management and staff of the importance of the proper application of such controls:

Strategy development

At Ordina, we scrutinise our strategy and related objectives and ambitions annually and adjust them where necessary on the basis of market developments and an analysis of strengths and weaknesses and opportunities and threats and lastly, a strategic risk assessment.   This is the responsibility of the Management Board. Ordina’s strategic course is also discussed extensively with the Supervisory Board on an annual basis.

Translating strategic targets to business plans and long-term ambitions

The strategic targets, including key opportunities and threats, are shared with the boards of the different divisions, both on a group and individual basis. Ordina’s overall strategic targets and the contributions to achieving them by the different divisions, form the foundation for the business plans and long-range plans of the divisions. In addition to setting the financial budget, each division’s business plan includes several concrete business targets that are translated into a number of key performance indicators (KPIs), which are consistently monitored for progress throughout the year.

Analysis of results and forecasts and monthly internal report cycles

The financial results of the divisions and their forecasts are analysed monthly, both at local and at corporate level.

Risk assessments are held annually at divisional level and risks identified are translated into action. Management then reports periodically on the results of the measures. We conduct new interim assessments when necessary as a result of changing material conditions.

Management and business controllers of the various business units submit monthly progress reports regarding continuation of the implementation of their business plans, the resulting Key Performance Indicators and the financial performance to the Board of Directors. Based on the reports, monthly progress meetings are held, which serve to discuss any previously agreed actions, relevant commercial developments, the financial performance for the past month and the updated forecasts, staff turnover and recruitment, and any progress made in the execution of important projects.

Reports are issued on a quarterly basis. During monthly rotations the progress of strategic objectives, risk management and forecasting for the coming quarters are considered with a critical eye.

Monthly forecasts are only adjusted in the event of material changes.

Transparent administrative organisation

We have formalised responsibilities, mandates, segregation of duties, guidelines, procedures and processes within Ordina in a clear and accessible format in the Success Manual (Business Management Framework), which is the form of a digital handbook.

Management and business controllers of the business units are responsible for the correct application of processes and systems. In 2011, emphasis was placed on creating awareness of the importance of applying the processes and procedures that have been formalised in the Success Manual. The financial accounts are kept in SAP, our primary system for accounting and operations.

Once further integration has been achieved, including in the area of new business lines, guidelines, procedures, processes and systems are integrated. In our Belgian operations the Dutch internal governance model to guide the further development and professionalization of risk.

Ordina only reports on sustainable performance that can be explicitly measured. The goal is to gradually expand the report on the basis of a growth model. No external 'assurance' is placed on sustainability performance yet.

Project Management

A critical review of opportunities and threats in the course of the commercial process and the mandatory involvement of management at the right level (depending on the size of a prospective contract) are the first steps in the control and management of projects with bottom-line responsibility. The Deal Review System was implemented to guarantee this. In the various phases of procurement the system helps to make conscious decisions about aspects not included with a project or contract (bid, no bid).

Key elements of the Deal Review System include the assessment of risks and measures available to mitigate those risks. By accepting a project we inherently assume risk, but our track record, experience, stringent project management and contractual agreements with our clients that limit our liability are all measures to identify and manage these risks.

The Assurance Department (fusion of Internal Audit and Business Assurance) oversees consistent application of the DRS. The progress of major projects is included in the monthly review meetings of the divisions, as well as the main results of the findings of the Assurance Department.

Self-assessment audit and internal and external audits

The final element in our internal governance structure is formed by a written statement by our second-line management of their compliance with the processes and procedures formalised in the Success Manual during the reporting period. In addition, a broad group of executives are asked to perform periodic control self-assessments. In 2011 we conducted a self-assessment audit in Belgium and the risk assessment was within the Dutch organisation with the directors. Finally, internal and external audits are conducted.
The Assurance Department, which reports directly to the Chief Financial Officer, carries out audits of the correct application of, and compliance with, internal procedures and guidelines. The focus is on financial and operational audits. The objective is to further professionalise our internal control structure. In addition, these instruments contribute to the continual enhancement of risk awareness within the Ordina Group.

Besides internal audits, independent external auditors conduct external audits of the quality system, accounting system and the financial statements. In addition, independent assurance is given to clients in the areas of Application Outsourcing with respect to the existence and effectiveness of relevant processes and specific controls. External audits are conducted by companies including KPMG, Bureau Veritas and our external auditors PricewaterhouseCoopers on the quality system used, as well as the administrative organisation and financial results. Independent assurance is also provided to customers in the field of application outsourcing. This involves the presence and operation of relevant processes and control measures. The financial statement audit focuses on the correct application and effectiveness of the internal control procedures that are relevant for the preparation of the financial statements. The findings of these audits by the external auditor are reported, both orally and in writing, to the Management Board as well as to the Supervisory Board.

Opinion of the Management Board

As Ordina’s Management Board, we are responsible for the Company’s corporate strategy and the related risk profile, as well as for the design and effectiveness of our internal risk management and control systems. These systems are aimed at providing a reasonable level of certainty, at all times, as to what extent we are achieving our strategic and operational targets, guarantee the reliability of our financial reporting, and act in accordance with the legislation and regulations that apply to our organisation.

The design of our internal risk management and control systems with respect to our strategic, operational, compliance-related and financial risks is of the highest priority at Ordina and is continually being fine-tuned and improved, also in light of developments in the environment in which we operate and in our organisation itself. We evaluated the design and the effectiveness of these internal risk management and control systems in the reporting period. The outcome of our evaluation, as well as our risk profile, was positive and was discussed with the Supervisory Board.

Nevertheless, we cannot provide absolute assurance that no material misstatements will occur at Ordina.