Internal control

There is no separate internal auditing organization in the Raute Group. The Group's Controller function oversees the annual internal control plan, develops internal control and risk management procedures together with the organization, and monitors compliance with risk management principles, operational policies and powers. The absence of a separate internal auditing organization is taken into account in the planning of the annual internal control plan, the contents of Group reporting, audits based on quality control systems and the monitoring of subsidiaries.

Internal control and procedures related to Raute's financial reporting process have been developed to ensure that the financial reports published by the company present an essentially accurate and sufficient description of Raute's finances.

Internal control related to the financial reporting process and risk management procedures are developed and managed together by the CFO and the controller organization. The controller function monitors the efficiency of internal control and risk management during the reporting process, and reports on anomalies and insufficient control to the CFO. The CFO decides on whether corrective operative measures related to the anomalies will be taken, and also reports on the problems and development needs to the President and CEO and the Board of Directors, as well as to the manager who holds operative responsibility. The management of the operative units ensures that the Group's internal control and risk management procedures are abided by in their area of responsibility and that the information produced by the financial reporting of their organization is timely, comprehensive and correct.

Raute's financial reporting process has been described in more detail in the Corporate Governance Statement 2016.