Our approach to risk management and business control
The following section presents an overview of Philips’ approach to risk management and business controls and a description of the nature and the extent of its exposure to risks. Philips’ risk management focuses on the following risk categories: Strategic, Operational, Compliance and Financial risks. These categories are further described in Risk categories and factors. The risk overview highlights the main risks known to Philips, which could hinder it in achieving its strategic and financial business objectives. The risk overview may, however, not include all the risks that may ultimately affect Philips. Some risks not yet known to Philips, or currently believed not to be material, could ultimately have a major impact on Philips’ businesses, objectives, revenues, income, assets, liquidity or capital resources.
All oral and written forward-looking statements made on or after the date of this Annual Report and attributable to Philips are expressly qualified in their entirety by the factors described in the cautionary statement included in Forward-looking statements and other information and the overview of risk factors described in Risk categories and factors.
Risk management and controls forms an integral part of the business planning and review cycle. The company’s risk and control policy is designed to provide reasonable assurance that objectives are met by integrating management control into the daily operations, by ensuring compliance with legal requirements and by safeguarding the integrity of the company’s financial reporting and its related disclosures. It makes management responsible for identifying the critical business risks and for the implementation of fit-for-purpose risk responses. Philips’ risk management approach is embedded in the areas of corporate governance, Philips Business Control Framework and Philips General Business Principles.
Corporate governance is the system by which a company is directed and controlled. Philips believes that good corporate governance is a critical factor in achieving business success. Good corporate governance derives from, amongst other things, solid internal controls and high ethical standards.
The quality of Philips’ systems of business controls and the findings of internal and external audits are reported to and discussed by the Audit Committee of the Supervisory Board. Internal auditors monitor the quality of the business controls through risk-based operational audits, inspections of financial reporting controls and compliance audits. Audit committees at group level (Group, Finance, Innovation and IT), at Global Market level and at Business level (Healthcare, Lighting, Consumer Lifestyle) meet quarterly to address weaknesses in the business controls infrastructure as reported by internal and external auditors or revealed by self-assessment of management, and to take corrective action where necessary. These audit committees are also involved in determining the desired company-wide internal audit planning as approved by the Audit Committee of the Supervisory Board. An in-depth description of Philips’ corporate governance structure can be found in Corporate governance.
Philips Business Control Framework
The Philips Business Control Framework (BCF) sets the standard for risk management and business control in Philips. The objectives of the BCF are to maintain integrated management control of the company’s operations, in order to ensure the integrity of the financial reporting, as well as compliance with laws and regulations. Philips has designed its BCF based on the “Internal Control-Integrated Framework (2013)” established by the Committee of Sponsoring Organizations of the Treadway Commission (COSO).
As part of the BCF, Philips has implemented a global standard for internal control over financial reporting (ICS). The ICS, together with Philips’ established accounting procedures, is designed to provide reasonable assurance that assets are safeguarded, that the books and records properly reflect transactions necessary to permit preparation of financial statements, that policies and procedures are carried out by qualified personnel and that published financial statements are properly prepared and do not contain any material misstatements. ICS has been deployed in all material reporting units, where business process owners perform an extensive number of controls, document the results each quarter, and take corrective action where necessary. ICS supports business and functional management in a quarterly cycle of assessment and monitoring of its control environment. The findings of management’s evaluation are reported to the Executive Committee and the Supervisory Board quarterly.
As part of the Annual Report process, management’s accountability for business controls is enforced through the formal issuance of a Statement on Business Controls and a Letter of Representation by business and functional management to the Executive Committee. Any deficiencies noted in the design and operating effectiveness of controls over financial reporting which were not completely remediated are evaluated at year-end by the Executive Committee. The Executive Committee’s report, including its conclusions regarding the effectiveness of internal control over financial reporting, can be found in Management's report on internal control.
Philips General Business Principles
The Philips General Business Principles (GBP) set the standard for our core behavior − ‘Acting with integrity’ − and they apply to the behavior of individual employees as well as to corporate actions. They incorporate the fundamental principles adopted within Philips for conducting business. The GBP have been revised in 2014 to make the GBP more accessible to Philips employees and to reflect certain changes in the business environment.
The GBP form an integral part of virtually all labor contracts. It is the responsibility of each employee to live up to our GBP. In addition, the management of each business unit signs off on compliance with the GBP, with this confirmation forming part of the annual Statement on Business Controls.
As part of the Philips Business Control Framework, a GBP self-assessment process is fully embedded in an automated workflow application (ICS), which helps management to monitor the internal controls. With the GBP self-assessment forming part of ICS, GBP compliance necessarily forms part of management’s quarterly ICS/SOx (Sarbanes-Oxley) monitoring process. Non-compliance issues are highlighted and, if significant, they are reported to the Board of Management/Executive Committee through the Quarterly Certification Statement process.
Managers are viewed as the principal point of contact in cases where employees wish to raise a concern. To further facilitate this process, the GBP include a reporting policy, standardized complaint reporting and a formal escalation procedure. The Philips Ethics Line platform enables employees to file a complaint by telephone in their native language. Additionally, concerns can now also be raised using an online reporting form, a facility that is available as part of the Philips Ethics Line. Every country organization and all main production sites are supported by a GBP Compliance Officer. This network of Compliance Officers is supervised by the General Business Principles Review Committee. Alleged violations of the GBP, which are either filed directly through the Philips Ethics Line or raised through a GBP Compliance Officer, are registered consistently in a single database and are investigated in accordance with standardized investigation procedures.
Since 2013 it has become mandatory for all executives to sign off on the General Business Principles. To drive the practical deployment of the General Business Principles, more detailed underlying policies have been developed. Where necessary, these policies can be adapted to reflect ongoing (regulatory) developments, both internal and external. In addition, there are separate Codes of Ethics that apply to employees working in specific areas of our business, i.e. the Procurement Code of Ethics and the Financial Code of Ethics. Details can be found at www.philips.com/gbp.
The relevant employees sign off on the Financial and the Procurement Codes of Ethics each year to confirm that they are aware of, and will comply with, the respective codes.
Financial Code of Ethics
The Company recognizes that its businesses have responsibilities within the communities in which they operate. The Company has a Financial Code of Ethics which applies to the CEO (the principal executive officer) and CFO (the principal financial and principal accounting officer), and to the heads of the Group Control, Group Treasury, Group Fiscal and Group Internal Audit departments of the Company. The Company has published its Financial Code of Ethics within the investor section of its website located at www.philips.com. No changes were considered necessary and no changes have been made to the Financial Code of Ethics since its adoption and no waivers have been granted therefrom to the officers mentioned above in 2014.
For more information, please refer to Philips' General Business Principles renewed.