Fortum's internal control framework supports the execution of the strategy and ensures regulatory compliance and reliability of the financial reporting. The internal control framework consists of Group-level policies and processes as well as business and support process-level controls.
Corporate Risk Management is responsible for reporting risk exposures and maintaining the company's risk management framework.
Corporate Accounting and Control is responsible for the overall control structure of the financial performance management process. The control process is based on Group policies, instructions and guidelines relating to financial reporting. The Controllers Manual contains financial reporting instructions. This manual is regularly reviewed and updated. The Core Finance Process Owner supports the finance
organisation in ensuring a uniform way of working and monitoring the performance of the processes within the Finance function.
Fortum's organisation is decentralised, and a substantial degree of authority and responsibility is delegated to the divisions in form of control responsibilities. This applies also to the financial reporting. Some areas, such as commodity market risk control are centralised.