Internal Control, Risk Management and Internal Audit

Internal control

The Board of Directors is responsible for the internal control and the Group CEO arranges the management and supervision of internal controls’ effectiveness in practice.

Ultimate responsibility for accounting, accuracy of the financial statements and supervision of asset management is carried out by Wulff Group’s Board of Directors. Business control and supervision are carried out through a group-wide reporting system. Each business area’s and subsidiary’s net sales, sales margin, main expenses and operating profit with comparison data are reported to the Board each month. Additionally the Group CEO presents an overview of the current situation and future outlook based on weekly and monthly analyses.

The segments’ financial reports and the situation of the businesses’ key development projects are on the agenda of the Group Executive Board which convenes on a quarterly basis. The subsidiaries’ own Boards of Directors and management teams discuss their own business issues which are taken also to the Group Executive Board if those issues have influence also on other group companies. The Group CEO and CFO analyse and control each subsidiary’s and business area’s operations, performance and financial status regularly.

Risks and risk management

Goals and principles of risk management

Wulff Group follows the risk management policy devised by the Board of Directors that determines the objectives and responsibilities of risk management, as well as the reporting procedures. The Company’s risk management supports the achievement of strategic objectives and ensures business continuity. The realisation of risk management policies is controlled with internal audit regularly and also external auditors supervise the adequacy and effectiveness of the risk management as a part of the audit procedures related to Group’s governance.

Risk management is part of Wulff Group’s business operations management. Wulff’s risk management is guided by legislation, business objectives set by shareholders as well as the expectations of customers, personnel and other important stakeholders. The Group’s risk management aims to systematically and extensively identify and understand any risks that may prevent the achievement of the Group’s business objectives, as well as to ensure that risks are appropriately managed when making business-related decisions. Threats to business include risks related to acquisitions, risks related to the staff and its availability, as well as factors related to the general economic development and the Company’s reputation.

Risk survey

Risks are classified into three categories: strategic, operational and market risks. The risk management process aims to identify and assess risks and then plan and implement practical measures to deal with each risk. Possible measures include, for example, avoiding the risk, reducing it in different ways or transferring it with insurance or agreements.

Wulff Group carries out annual risk surveys to determine the main risks in terms of their significance and probability. The business unit leaders are responsible for carrying out the surveys and risk monitoring on which they report to the Group Executive Board. Selected persons are responsible for the monitoring of specific issues within each risk category i.e. strategic, operative or market risks. The Group has not set up a separate organisation for risk management. Instead, risk management is arranged in compliance with the Company’s other business operations and organisation structure.

The divisions’ financial reports and the situation of the businesses’ key development projects are on the agenda of the Group Executive Board which convenes on a tertiary basis. The main risks determined in the risk survey, changes in the significance and probability of the risks, as well as the persons responsible, actions completed and results achieved are reported to the Group’s Board of Directors annually. Special attention is paid to any possible new risks that are detected.

Risks are classified into three categories: strategic, operational and market risks. The risk management process aims to identify and assess risks and then plan and implement practical measures to deal with each risk. Possible measures include, for example, avoiding the risk, reducing it in different ways or transferring it with insurance or agreements.

Wulff Group carries out annual risk surveys to determine the main risks in terms of their significance and probability. The business unit leaders are responsible for carrying out the surveys and risk monitoring on which they report to the Group Executive Board. Selected persons are responsible for the monitoring of specific issues within each risk category i.e. strategic, operative or market risks. The Group has not set up a separate organisation for risk management. Instead, risk management is arranged in compliance with the Company’s other business operations and organisation structure.

The segments’ financial reports and the situation of the businesses’ key development projects are on the agenda of the Group Executive Board which convenes on a tertiary basis. The main risks determined in the risk survey, changes in the significance and probability of the risks, as well as the persons responsible, actions completed and results achieved are reported to the Group’s Board of Directors annually. Special attention is paid to any possible new risks that are detected.

Strategic risks

The most significant strategic risks arise from the uncertainties related to business acquisitions that may expose the Group to new types of market and operating environment risks. Acquisitions involve also risks related to the integration of business, commitment of key personnel and achievement of business objectives set for the acquisition, as well as the increasing exposure to currency and interest rate risks. In accordance with the International Financial Reporting Standards (IFRS), consolidated goodwill is not amortized on a regular basis, but instead is tested for impairment at least annually or whenever there are indications of impairment.

Operative risks

Customer Base Management
The main operational threats involve the loss of customers or sales volume and risks related to customer relationship management. The Company tackles the risk of possible customer or volume losses by developing compensating sales in other customer or product groups. The risk of losing customers is reduced by the Company’s independence of individual customers. The Group has a broad customer base and the management analyses the risks related to customer concentration.

The demand for office supplies is still affected by the organizations’ personnel lay-offs and cost-saving initiatives made during the economic downturn. The general economic uncertainty may still persist, which will most likely affect the ordering behaviour of some corporate clients. During the uncertain economic periods, the corporations may also minimize attending exhibitions. Intense competition in the workplace products and services indusrty can affect the profitability of the business.

There are both risks and opportunities involved in developing the product and service portfolio to be in line with changing markets and needs. The uncertainties relating to the general economic development emphasizes the importance of monitoring the credit and default risks associated with customers and other affiliates. The credit and default risks and control measures are presented under Credit and Default Risks.

Personnel
The main operational threats involve also factors related to the personnel and the availability of workforce. Especially the development of net sales and profitability of the Expertise Sales Segment is partly dependant on the number of sales representatives and their sales know-how.

Financial Risks
The Group’s parent company finances the major subsidiaries’ operations on a centralised basis and controls the financial risks arising from them. Group companies with non-controlling minority shareholders may make more independent financial decisions but always within the limits defined by the Group’s Board. In addition to other risk management policies, the parent company’s Board of Directors determines the principles of financial risk management. The goal of risk management is to minimise the effects that price fluctuations in the financial markets, as well as other uncertainty factors may have on result, financial position and cash flow.

Financial risks include currency risks, interest rate risks, liquidity risks, and credit risks managed by each subsidiary.

Currency Risks
Approximately half of the Group’s sales are made in euros and the other half is made in Swedish, Norwegian and Danish crowns. Fluctuation of the currencies affects the Group’s net result and financial position. In terms of import, the exposure to currency risks affects especially the currency risks of the Wulff Supplies subgroup through changes between Sweden and Norway. The Group has only minor transactions in other currencies than euros and Nordic currencies. Interest-bearing liabilities by currencies are presented in Note 24 of the consolidated financial statements. The Group does not practice any speculative hedging. No separate hedging measures against currency risk are taken.

Interest Rate Risks
The Group is exposed to interest rate risk due to loans from financial institutions and bank account limit facilities tied with variable interest rates. Changes in market rates impact directly the Group’s interest payments in the future. More information on the interest rates of the Group’s interest-bearing liabilities is presented in Note 24 of the consolidated financial statements. The Group does not make any speculative interest rate agreements and to date, no interest rate swaps have been utilized for managing interest rate risks.

Liquidity Risks
Group companies operate with their own cash flows and if necessary, they are funded also with the Group’s internal financing. In order to ensure good liquidity, the Group emphasises the subsidiaries’ independence in the management of operating cash flow and working capital. Liquidity risks are managed on the group level with Group bank account arrangements in Finland and Scandinavia. Continuous supervision is used to assess and monitor the financing needed for the subsidiaries’ operations. The availability and flexibility of financing is ensured with bank account credit limits. On December 31, 2020, unused credit limits totalled EUR 3.6 (3.8) million in Finland. The maturity of loans is presented in Note 24.

Part of the Group’s loan agreements include covenants, according to which the equity ratio shall be 35% at minimum and the interest-bearing debt/EBITDA ratio shall be 3.5 at maximum at the end of each financial year. Covenant breaches lead to negotiations with the bank granting the guarantee and any possible consequences depend on the negotiations. There were no covenant breaches on 31.12.2020.

Credit and Default Risks
The uncertainties relating to the general economic development have emphasized the importance of monitoring the credit and default risks associated with customers and other affiliates. The subsidiaries manage their customers’ credit analyses and active credit control independently. Together with the subsidiaries’ management, the subsidiaries’ working capital management and related risks are monitored also on segment and group level by the Group’s finances. The Group’s trade receivables consist of an extensive customer base, and most of the annual sales volume is from well-known and solvent customers. Consequently, the Group has not considered credit guarantees or corresponding methods to be necessary.

The risk management policy of each company defines the credit risks and credit worthiness requirements, as well as the terms of delivery and payment. Credit risk monitoring is primarily the responsibility of the subsidiaries’ management, while the parent company’s financial management monitors regularly the realisation of the risk management principles, the development of the Group’s credit risk and examines the efficiency of the centralised own collection operations and the outsourced collection partner. Traditionally the group companies’ credit losses have been small in relation to their net sales. Aging analysis of sales receivables is presented in Note 20 of the consolidated financial statements.

Capital Management
Wulff Group’s capital structure management aims to ensure and improve the operating conditions of the group companies and to increase the Group’s shareholder value in a sustainable, optimal way. The Group’s capital structure is evaluated by monitoring the development in equity ratio where the long-term target is approximately 40 percent. The Group’s companies operate with their own cash flows and if necessary, they are funded also with Group’s internal financing. The Group emphasises the subsidiaries’ independence in the management of operating cash flow and working capital. The Group Finance controls the group companies’ working capital management centrally. The Group Finance takes care of the external loan financing and agrees on the loans’ repayment schedules with the financiers centrally.

IT Risks
Subsidiaries are responsible for managing the risks related to their own IT systems and the most significant IT risks are evaluated also on group level. Also external auditors pay attention to IT risks and efficiency of the Group’s IT processes, and the auditors report their findings and development recommendations to Group management and Board, if necessary.

Asset Risks
The Group’s assets are comprehensively insured against accidents and damage. Some of the subsidiaries are also insured against interruption in operations.

Environmental Risks
The Group also takes into account environmental risks and emphasizes environmental-friendliness in its operations. The Group’s subsidiary Wulff Oy Ab has been granted the ISO 14001 environmental certificate. Wulff provides customers with information about recycling solutions for office and IT supplies and sees to the recycling of its customers’ used ink cartridges. In addition, the Group promotes a positive attitude towards environmental matters and their development among its personnel. Wulff Entre Oy and Wulff Oy Ab have also been granted the ISO 9001 quality certificate.

When selecting suppliers, Wulff Oy Ab favours companies committed to sustainable development. The company chooses products that use environmentally friendly raw materials and production methods. In addition, the Wulffinkulma.fi webshop provides a wide range of green office products that are produced in an environmentally friendly way. Recycled and rapidly renewable materials are preferred in the material choices and CO2 emissions caused by the transportation of products are minimized. All of the packaging materials used in Wulff Oy Ab’s product deliveries can be recycled or used as a source of energy.

All Wulff Group companies in Finland use Posti Green deliveries that are CO2 neutral. With improved energy efficiency and use of low emission, renewable energy, carbon dioxide emissions will be reduced. From the customers’ point of view, the deliveries are completely carbon neutral because the remaining emissions are compensated by funding Posti Green climate projects.

Wulff Supplies, which operates in Sweden, Norway and Denmark, has developed a Supplies Control concept. The concept contains all environmental processes and future guidelines. The concept was introduced in 2009 and it has been developed in collaboration with customers, employees, and suppliers. With the help of the concept, Wulff Supplies is actively working to achieve overall cost reduction along the entire supply chain and minimizing environmental impacts.

Wulff Supplies makes certain that the products they offer have been developed and produced in compliance with ethical guidelines and applicable legislation and regulations. Wulff Supplies aims to reduce use of materials, which means more efficient utilization of materials and energy. More environmental friendly alternatives are used whenever they are available and hazardous substances are avoided. Wulff Supplies has been awarded with the ISO 9001:2008 and ISO 14001:2004 certificates in all of its operating countries.

The Finnish Packaging Recycling RINKI Ltd has awarded Wulff with a certificate showing that the company handles the recovery of the packages it supplies to the market in compliance with directives, acts and statutes.

Market risks

The main market risks include megatrends in the global economy, such as digitalisation and responsibilty, the effect of economic cycles and employment rates on the demand of workplace proudcts and services, as well as international customer contracts. The effects of the Coronavirus pandemic and restrictions associated with controlling the virus, have far-reaching affects on the global and local markets and customers’ needs.

Changes in consumer preferences, such as new trends in printing solutions, affect development in the sector. International pandemic or smaller epidemics, that restrict traveling may have an impact on demand of workplace products and services as well as exhibition services.

Wulff Group keeps a close eye on changes and develops and searches for products and services that meet the new needs. The Group’s broad range of products and services reduces the risks caused by changing consumer preference. The Company prepares for economic downturns by adjusting operations and expanding its customer base.

Internal audit

The goal of Wulff Group Plc’s internal audit is to ensure that the Group’s internal processes and operating methods are efficient and correct taking into consideration significant risks of the business operations. Internal audits are carried out on the basis of an annually prepared audit plan, which the Board of Directors approves at the beginning of the year. The Group’s internal auditor draws up the plan, presents it to the Board of Directors and reports on the implementation of the measures. The internal auditor reports directly to the Board of Directors.