Internal control over financial reporting

The Electrolux Control System (ECS) has been developed to ensure accurate and reliable financial reporting and preparation of financial statements in accordance with applicable laws and regulations, generally accepted accounting principles and other requirements for listed companies. ECS adds value through clarified roles and responsibilities, improved process efficiency, increased risk awareness and improved decision support.ECS is based on the framework for internal control issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). The five components of this framework are control environment, risk assessment, control activities, monitor and improve and inform and communicate.

Control environment

The foundation for the Electrolux Control System is the control environment, which determines the individual and collective behavior within the Group. It is defined by policies and procedures, manuals, and codes, and enforced by the organizational structure of Electrolux with clear responsibility and authority based on collective values.

The Electrolux Board has overall responsibility for establishing an effective system of internal control. Responsibility for maintaining effec­tive internal controls is dele­gated to the President. The governance structure of the Group is described in the first section of the Corporate governance report 2011. Specifically for financial reporting, the Board has established an Audit Committee, which assists in overseeing relevant manuals, policies and important accounting principles applied by the Group.

The limits of responsibilities and authorities are given in instructions for delegation of authority, manuals, policies and procedures, and codes, including the Electrolux Code of Ethics, the Electrolux Workplace Code of Conduct, and the Electrolux Policy on Bribery and Corruption, as well as in policies for information, finance and credit, and in the accounting manual. Together with laws and external regulations, these internal guidelines form the control environment and all Electrolux employees are held accountable for compliance.

Responsibility for internal control is defined in the Electrolux Internal Control Policy. All entities within the Electrolux Group must maintain adequate internal controls. As a minimum requirement, control activities should address key risks identified within the Group. Group Management have the ultimate responsibility for internal controls within their areas of responsibility. See the Presentation of Group Management.

The Electrolux Control System Program Office, a department within the Internal Audit function, has developed the methodology and yearly time plan for maintaining the Electrolux Control System. To ensure timely completion of these activities, specific roles aligned with the company structure, with clear responsibilities regarding internal control, have been assigned within the Group, see table Electrolux Control System – Roles and responsibilities.

Over the last years, training and support have been provided to the thousands of persons with assigned ECS roles globally. The objective of the training has been to educate in risk and internal control and provide hands-on tools and techniques in order to effectively carry out the assigned responsibilities. These training sessions have been a mix of regional training sessions, computer-based training modules and net meetings.

Control environment — Example trade receivables

Accounting Manual

Rules for revenue recognition and calculation of provision for doubtful trade receivables.

Credit Policy

Rules for customer assessment and credit risk that clarify responsibilities and are the framework for credit decisions.

Delegation of Authority Document

Details the approval rights, with monetary, volume or other appropriate limits, e.g., approval of credit limits and credit notes.

Internal Control Policy

Details responsibility for internal controls. Controls should address the Minimum Internal Control Requirements (MICR) within every applicable ­process, for example “Order to Cash”.

Risk assessment

Risk assessment includes identifying risks of not fulfilling the fundamental criteria, i.e., completeness, accuracy, valuation and reporting, for significant accounts in the financial reporting for the Group. Risks assessed also include risk of loss or misappropriation of assets.

At the beginning of each calendar year, the Electrolux Control System Program Office performs a global risk assessment to determine the reporting units, data centers and processes in scope for the ECS activities. Within the Electrolux Group, a number of different processes generating transactions that end up in significant accounts in the financial reporting have been identified. For each process, key risks are identified and documented. See below examples of key risks within processes generating transactions to the significant account trade receivables.

All larger reporting units perform the ECS activities. These larger units cover approximately 75% of the total external sales and external assets of the Group.

ECS has been rolled out to almost all of the smaller units within the Group. The scope for these units is limited to the four major processes Closing Routine, Order to Cash, Manage Inventory and Procure to Pay and predetermined key risks within these. The scope is also limited in terms of monitoring as management does not formally have to test the controls.

Risk assessment – Example trade receivables

Control activities

Control activities mitigate the risks identified and ensure accurate and reliable financial reporting as well as process efficiency.

Control activities include both general and detailed controls aimed at preventing, detecting and correcting errors and irregularities. In the Electrolux Control System, the following controls are implemented, documented and tested;

  • Manual and application controls – to secure that key risks related to financial reporting within processes are controlled. Examples of important manual and application controls are ones over journal entries, reconciliations, access rights and segregation of duties.
  • IT general controls – to secure the IT environment for key applications. Examples of important IT general controls are ones over change management, user administration, production environment and back-up procedures.
  • Entity-wide controls – to secure and enhance the control environment within Electrolux. Examples of important entity-wide controls are ones over Group policies, accounting rules, delegation of authority and financial reviews.

Every calendar year, usually between March and May, the documentation of controls is updated and quality-assured. Documentation of controls is stored in a central web-based tool. Documentation comprises of both flowcharts of the process and descriptions of the control activities detailing who performs the control, what he or she does and how often the control is performed. Each control activity documented is also evidenced, i.e., a document or file proving that the control actually has taken place is maintained.

Control activities – Example trade receivables

Process   Risk assessed   Control activity   Type of control
Internal Control and Risk Management   Risk of incorrect and inconsistent financial reporting.    Periodic controls to ensure that
the Accounting Manual is updated, communicated and adhered to.
  Entity-wide control
Closing Routine   Risk of incorrect financial reporting.   Reconciliation between general ­
ledger and accounts receivable
sub-ledger is performed,
documented and approved.
  Manual control
Manage IT   Risk of unauthorized/incorrect changes in IT environment.   All changes in the IT environment are authorized, tested, verified and finally approved.   IT general control
Order to Cash   Risk of not receiving payment from customers in due time.   Customers’ payments are monitored and outstanding payments are followed up.   Manual control
Order to Cash   Risk of incurring bad debt.   Application automatically blocks sales orders/deliveries when the credit limit is exceeded.   Application control

Monitor and improve

Monitor and test of control activities is performed periodically to ensure that risks are properly mitigated.

The effectiveness of control activities are monitored continuously at four levels: Group, sector, reporting unit, and process. Monitoring involves both formal and informal procedures applied by management, process owners and control operators, including reviews of results in comparison with budgets and plans, analytical procedures, and key-performance indicators.

Within the Electrolux Control System, management is responsible for testing key controls. Management testers who are independent of the control operator perform these activities. The Group’s Internal Audit function maintains test plans and performs independent testing of selected controls. Testing is usually performed between June and August each calendar year with some additional testing performed up to and at year-end. Results from testing of controls are monitored through the web-based tool. Controls that have failed need to be remediated, which means establishing and implementing actions to correct weaknesses.

The test results from the larger reporting units are presented to the external auditors who assess the results of the testing performed by management and the Internal Audit function and determine to what extent they can rely upon the work within ECS for Group audit and statutory audit purposes. The external auditors’ evaluation of ECS as part of the audit is reported to management as well as to the Audit Board and Audit Committee.

The Audit Committee reviews reports regarding internal control and processes for financial reporting, as well as internal audit reports submitted by the Internal Audit function. The external auditors report to the Audit Committee at each ordinary meeting.

In addition, the Group’s Internal Audit function proactively proposes improvements to the control environment. The head of the Internal Audit function has dual reporting lines: To the President and the Audit Committee for assurance activities, and to the CFO for other activities.

Test of controls and quality assurance

Management testers perform tests of controls in different test phases during the year.

The Internal Audit function performs independent testing of selected controls through desktop reviews and on-site re-performance of tests to ensure methodology is adhered to.

Inform and communicate

Inform and communicate within the Electrolux Group regarding risks and controls contributes to ensuring that the right business decisions are made.

Guidelines for financial reporting are communicated to employees, e.g., by ensuring that all manuals, policies and codes are published and accessible through the group-wide intranet as well as information related to the Electrolux Control System. This information includes the methodology, instructions and hands-on checklists, description of the roles and responsibilities, and the overall time plan.

Inform and communicate is a central element of the ECS and is performed continuously during the year. Management, process owners and control operators in general are responsible for informing and communicating the results within the ECS. This is done through different sign-off procedures during the year.

The status of ECS activities is followed up continuously through status calls between the ECS Office and sector internal control coordinators. Information about the status of the ECS is provided periodically to relevant parties such as Sector and Group Management, the Audit Board and the Audit Committee.

External reporting

The final result after performing the ECS activities is a quality assured internal and external financial reporting.

Financial reporting and information

Electrolux routines and systems for information and communication aim at providing the market with relevant, reliable, correct and vital information concerning the development of the Group and its financial position. Specifically for purposes of considering the materiality of information, including financial reporting, relating to Electrolux and ensuring timely communication to the market, a Disclosure Committee has been formed.

Electrolux has a communications policy meeting the requirements for a listed company.

Financial information is issued regularly in the form of:

  • Full-year reports and interim reports, published as press releases
  • The Annual Report
  • Press releases on all matters which could materially affect the share price
  • Presentations and telephone conferences for financial analysts, investors and media representatives on the day of publication of full-year and quarterly results and in conjunction with the release of important news
  • Meetings with financial analysts and investors in Sweden and worldwide

All reports, presentations and press releases are published simultaneously at


Stockholm, February 1, 2012
AB Electrolux (publ)
The Board of Directors


The objective of ECS is to quality assure the internal and external financial reporting.