Our approach to risk management and business control
The following section presents an overview of Philips’ approach to risk management and business controls and a description of the nature and the extent of its exposure to risks. Philips’ risk management focuses on the following risk categories: Strategic, Operational, Compliance and Financial risks. These are further described in Risk categories and factors. The risk overview highlights the main risks known to Philips, which could hinder it in achieving its strategic and financial business objectives. The risk overview may, however, not include all the risks that may ultimately affect Philips. Some risks not yet known to Philips, or currently believed not to be material, could ultimately have a major impact on Philips’ businesses, objectives, revenues, income, assets, liquidity or capital resources.
All oral and written forward-looking statements made on or after the date of this Annual Report and attributable to Philips are expressly qualified in their entirety by the factors described in the cautionary statement included Forward-looking statements and other information and the risk factors described in Risk categories and factors.
Our business, financial condition and results of operations could suffer material adverse effects due to certain risks. We have described below the main risks known to Philips and summarized them in four categories: Strategic risks, Operational risks, Compliance risks, and Financial risks.
Risk management forms an integral part of the business planning and review cycle. The company’s risk and control policy is designed to provide reasonable assurance that objectives are met by integrating management control into the daily operations, by ensuring compliance with legal requirements and by safeguarding the integrity of the company’s financial reporting and its related disclosures. It makes management responsible for identifying the critical business risks and for the implementation of fit-for-purpose risk responses. Philips’ risk management approach is embedded in the areas of corporate governance, Philips Business Control Framework and Philips General Business Principles.
Corporate governance is the system by which a company is directed and controlled. Philips believes that good corporate governance is a critical factor in achieving business success. Good corporate governance derives from, amongst other things, solid internal controls and high ethical standards.
The quality of Philips’ systems of business controls and the findings of internal and external audits are reported to and discussed by the Audit Committee of the Supervisory Board. Internal auditors monitor the quality of the business controls through risk-based operational audits, inspections of financial reporting controls and compliance audits. Audit committees at corporate level (Group, Finance and IT) and at sector level (Healthcare, Lighting, Consumer Lifestyle, Group Management & Services) meet quarterly to address weaknesses in the business controls infrastructure as reported by internal and external auditors or revealed by self-assessment of management, and to take corrective action where necessary. These audit committees are also involved in determining the desired company-wide internal audit planning as approved by the Audit Committee of the Supervisory Board. An indepth description of Philips’ corporate governance structure can be found in Corporate governance.
Philips Business Control Framework
The Philips Business Control Framework (BCF), derived from the Committee of Sponsoring Organizations of the Treadway Commission (COSO) framework on internal control, sets the standard for risk management and business control in Philips. The objectives of the BCF are to maintain integrated management control of the company’s operations, in order to ensure the integrity of the financial reporting, as well as compliance with laws and regulations.
As part of the BCF, Philips has implemented a global standard for internal control over financial reporting (ICS). The ICS, together with Philips’ established accounting procedures, is designed to provide reasonable assurance that assets are safeguarded, that the books and records properly reflect transactions necessary to permit preparation of financial statements, that policies and procedures are carried out by qualified personnel and that published financial statements are properly prepared and do not contain any material misstatements. ICS has been deployed in all main reporting units, where business process owners perform an extensive number of controls, document the results each quarter, and take corrective action where necessary. ICS supports sector and functional management in a quarterly cycle of assessment and monitoring of its control environment. The findings of management’s evaluation are reported to the Board of Management.
As part of the Annual Report process, management’s accountability for business controls is enforced through the formal issuance of a Statement on Business Controls and a Letter of Representation by sector and functional management to the Board of Management. Any deficiencies noted in the design and operating effectiveness of controls over financial reporting which were not completely remediated are evaluated at year-end by the Board of Management. The Board of Management’s report, including its conclusions regarding the effectiveness of internal control over financial reporting, can be found in Management's report on internal control.
Philips General Business Principles
The Philips General Business Principles (GBP) govern Philips’ business decisions and actions throughout the world, applying to corporate actions and the behavior of individual employees. They incorporate the fundamental principles within Philips for doing business. The intention of the GBP is to ensure compliance with laws and regulations, as well as with Philips’ norms and values.
The GBP are available in most of the local languages and are an integral part of the labor contracts in virtually all countries where Philips has business activities. Responsibility for compliance with the principles rests primarily with the management of each business. Every country organization and each main production site has a compliance officer. Confirmation of compliance with the GBP is an integral part of the annual Statement on Business Controls that has to be issued by the management of each business unit. The GBP incorporate a whistleblower policy, standardized complaint reporting and a formal escalation procedure.
The global implementation of the One Philips Ethics hotline seeks to ensure that alleged violations are registered and dealt with consistently within a company-wide system. To drive the practical deployment of the GBP, a set of directives has been published, which are applicable to all employees. There are also separate directives which apply to specific categories of employees (e.g. the Supply Management Code of Ethics and Financial Code of Ethics, refer to www.philips.com/gbp).
In November 2011 an updated version of the GBP Directives and the Philips Whistleblower Policy came into force, reflecting the effect of recent developments in the area of business ethics (UK Bribery Act, Dodd-Frank Act, UN Guiding Principles on Human Rights). To seek to ensure compliance with the highest standards of transparency and accountability by all employees performing important financial functions, the Financial Code of Ethics contains, amongst other things, standards to promote honest and ethical conduct, as well as full, accurate and timely disclosure procedures in order to avoid conflicts of interest. Philips did not grant any waivers of the Financial Code of Ethics in 2011.
2011 saw a further tightening of the checks on compliance with the Supply Management Code of Ethics: Philips employees performing purchasing functions are now obliged to sign, on an annual basis, to confirm their awareness of, and compliance with, this code.
In order to seek to ensure 100% management commitment to the GBP, a global internal communication program addressing the 5,000 highest-ranking employees was developed to support local management in their communications about the updated GBP Directives, thereby ensuring a consistent “tone at the top”. Moreover, GBP dilemma training was provided for Philips Executives, while the 5,000 highest-ranking managers were enrolled on a dedicated GBP e-training course.
The GBP self-assessment process is fully embedded in the Philips ICS tool, a workflow application supporting sector/function management in monitoring internal controls. Management of reporting units are required to answer these questions before year-end and report their findings via a dedicated control. Embedding GBP self-assessments in ICS seeks to ensure that GBP compliance is now part of sector/function management’s quarterly ICS/SOx (Sarbanes-Oxley) monitoring process, and that GBP non-compliance issues, if significant, are reported to the Board of Management/Executive Committee via the Quarterly Certification Statement process.
In order to support management in executing the mandatory risk analysis to identify the major GBP risk areas and issues for their activities, a GBP risk-assessment tool was developed and included in all ICS self-assessment questionnaires.
In the course of 2011 significant progress was made with the roll-out of dedicated anti-corruption programs targeted at our dealers, agents and distributors:
- Implementation of a harmonized Due Diligence Process (DDP) across businesses and regions, supported by a dedicated global DDP program office, with specific focus on selected geographies such as Latin America, Eastern Europe, Asia and China
- Ongoing alignment between sectors on DDP execution through a One Philips contract management system
- Continuous training to promote an understanding – among all relevant stakeholders – of the One Philips DDP for selecting distributors and agents
For further details, please refer to the General Business Principles paragraph in Sustainability statements.
Financial Code of Ethics
The Company recognizes that its businesses have responsibilities within the communities in which they operate. The Company has a Financial Code of Ethics which applies to the CEO (the principal executive officer) and CFO (the principal financial and principal accounting officer), and to the heads of the Corporate Control, Corporate Treasury, Corporate Fiscal and Corporate Internal Audit departments of the Company. The Company has published its Financial Code of Ethics within the investor section of its website located at www.philips.com. No changes have been made to the Code of Ethics since its adoption and no waivers have been granted therefrom to the officers mentioned above in 2011.