Internal control is an essential part of Tokmanni Group’s governance and management system, in which Tokmanni Group Corporation’s Board of Directors, management and personnel participate. The purpose of internal control is to ensure the achievement of Group’s goals.

Tokmanni’s internal auditor is responsible for internal auditing within the Group. Administratively, the unit reports to the CFO. However, in matters related to internal auditing, the auditor reports to the Finance and Audit Committee. The purpose of internal auditing is to monitor and ensure that the company’s business operations are efficiently managed and profitable, that its risk management is at a sufficient level and that its internal and external reporting is accurate and appropriate.

Internal control helps Tokmanni Group comply with good governance practices, provides the Group’s management with an independent perspective on examining its operations and helps the company achieve its targets by providing a systematic and disciplined approach to assessing and enhancing the efficiency of risk management, monitoring and governance processes.

The operating principles and key procedures for internal controlling are defined in the operating guidelines confirmed by the Finance and Audit Committee (internal principles of auditing). The internal control unit prepares a three-year plan that is implemented in line with a separately approved annual plan. In accordance with the plan, the internal control unit also independently carries out audits on different parts of the company. In addition, it may conduct special audits and stipulated audits in cooperation with auditors and external experts.

Key practices of the Compliance function

The task of the Compliance functions is to assist senior and operational management as well as other business operations in complying with regulations, monitor compliance, and contribute to the development of internal control and risk management.

Compliance risk is the risk of legal or administrative penalties, financial losses or loss of reputation as a result of a failure of the company to comply with laws, regulations or other administrative provisions applicable to its activities. Tokmanni Group’s compliance risk management ensures that operations comply with legislation and the company’s own requirements. Tokmanni Group expects all its staff to comply with the company’s Code of Conduct and its principles and unit-specific guidelines. The Code of Conduct and guidelines cover a wide range of compliance issues, including the prohibition of corruption and bribery, issues regarding labour, occupational health and safety, and human rights issues.

The Compliance Team of the Tokmanni Group is led by the Chief Legal Officer of the Tokmanni Group, who reports directly to the CEO and regularly to the Board of Directors. In addition to the Chief Legal Officer, the Compliance Team includes seven Group’s employees, each with their own area of responsibility. The Compliance Team meets quarterly, but urgent matters are handled without delay.

Notifications of financial misconduct or activities that violate the Tokmanni Group’s Code of Conduct, whether received through reporting channels or otherwise, are processed and decisions are made on possible sanctions and necessary corrective measures. All notifications of violations are treated confidentially as required by data protection legislation.

Tokmanni Group’s compliance team aims to prevent the materialisation of compliance risks. For this purpose, the Compliance team shall, for example:

• prepare and maintain guidelines on key matters related to practices (Tokmanni Group Code of Conduct and principles),
• advise and train the staff in matters related to practices,
• support business units in planning development measures that promote internal control and compliance risk management,
• keep senior management and executive management informed of upcoming regulatory changes and monitor the business’s preparation for regulatory changes,
• report to the company’s CEO on issued recommendations and the results of control and other observations related to compliance risks.

Principles for related party transactions

Tokmanni Group has deemed the following people to be executives obligated to disclose their business transactions that involve Tokmanni’s financial instruments: members of the Board of Directors, CEO, Deputy CEO and CFO of Tokmanni Group. The people listed above must also determine their related parties (individuals and companies).

Tokmanni Group reports related party transactions in note to the financial statements. In addition, the Group evaluates and monitors transactions between the Group and its related parties in order to ensure that possible conflicts of interest are taken into account in decision making. The disqualification provisions of the Finnish Limited Liability Companies Act are observed in decision making.

Tokmanni Group Corporation’s insider register is maintained by the company’s financial department. The company’s Investor Relations is responsible for the timely disclosure of business transactions carried out by executives and their related parties in compliance with regulations.