Internal control report

Control environment

The Board has specified a set of instructions and working plans regarding the roles and responsibilities of the Chief Executive Officer and the Board committees. The Board also has a number of established basic guidelines, which are important for its work on internal control activities. This includes monitoring performance against plans and prior years. The Audit Committee assists the Board in overseeing various issues such as internal audit and accounting principles applied by the Group.

The responsibility for maintaining an effective control environment and internal control over financial reporting is delegated to the Chief Executive Officer. Other Executive Managers at various levels have respective responsibilities. The Executive Management regularly reports to the Board according to established routines and in addition to the Audit Committee’s reports. Defined responsibilities, instructions, guidelines, manuals and policies together with laws and regulations form the control environment. All employees are accountable for compliance with these guidelines.

Risk assessment and control activities

The Company has prepared a model for assessing risks in all areas in which a number of items are identified and measured. These risks are reviewed regularly by the Board of Directors and by the Audit Committee, and include both the risk of losing assets as well as irregularities and fraud. Designing control activities is of particular importance to enable the Company to prevent and identify shortcomings. The important areas are purchase-, logistics- and inventory processes, technical development and performance of the web platform as well as general IT-security. Assessing and controlling risks also involve the operational boards in each business area, where meetings are held at least four times a year. The Chief Executive Officer, the business area management and the Chief Financial Officer participate in the meetings. Minutes are kept for these meetings. The operational boards are further described under the heading “Executive Management”.

Information and communication

Guidelines and manuals used in the Company’s financial reporting are communicated to the employees concerned. There are formal as well as informal information channels to the Executive Management and to the Board of Directors for information from the employees identified as significant. Guidelines for external communication ensure that the Company applies the highest standards for providing accurate information to the financial market. In 2005, MTG established an annual procedure, followed by CDON Group, for the operating management to give their opinion of the quality of the financial reporting, disclosure and procedures and compliance with internal and external guidelines and regulations.

Follow-up

The Board of Directors regularly evaluates the information provided by Executive Management and the Audit Committee. The Board receives regular updates of the Group’s development between the meetings. The Group’s financial position, its strategies and investments are discussed at every Board meeting. The Audit Committee reviews the quarterly reports prior to publication. The Audit Committee is also responsible for the following up of the internal control activities. This work includes ensuring that measures are taken to deal with any inaccuracy and to follow up suggestions for actions emerging from the internal and external audits.

The Company has an independent internal audit function responsible for the evaluation of risk management and internal control activities. This work includes scrutinising the application of established routines and guidelines. The internal audit function plans its work in cooperation with the Audit Committee and reports the result of its reviews to the Audit Committee. The external auditors report to the Audit Committee at each ordinary meeting of the Committee.