Annual Report 2009
Did the report help you?
Take survey (7 questions, 1 minute)

Our approach to risk management and business control


Risk management forms an integral part of the business planning and review cycle. The company’s risk and control policy is designed to provide reasonable assurance that objectives are met by integrating management control into the daily operations, by ensuring compliance with legal requirements and by safeguarding the integrity of the company’s financial reporting and its related disclosures. It makes management responsible for identifying the critical business risks and for the implementation of fit-for-purpose risk responses. Philips’ risk management approach is embedded in the areas of corporate governance, Philips Business Control Framework and Philips General Business Principles.

Corporate governance

Corporate governance is the system by which a company is directed and controlled. Philips believes that good corporate governance is a critical factor in achieving business success. Good corporate governance derives from, amongst other things, solid internal controls and high ethical standards. Risk management is a well-established part of Philips’ corporate governance structure.

The quality of Philips’ systems of business controls and the findings of internal and external audits are reported to and discussed in the Audit Committee of the Supervisory Board. Internal auditors monitor the quality of the business controls through risk-based operational audits, inspections of financial reporting controls and compliance audits. Audit committees at corporate level (Finance and IT/Supply) and sector level (Healthcare, Lighting, Consumer Lifestyle, Group Management & Services) meet quarterly to address weaknesses in the business control infrastructure as reported by internal and external auditors or revealed by self-assessment of management, and to take corrective action where necessary. These audit committees are also involved in determining the desired company-wide internal audit planning as approved by the Audit Committee of the Supervisory Board. An in-depth description of Philips’ corporate governance structure can be found in Corporate governance.

Philips Business Control Framework

The Philips Business Control Framework (BCF), derived from the Committee of Sponsoring Organizations of the Treadway Commission (COSO) framework on internal control, sets the standard for risk management and business control in Philips. The objectives of the BCF are to maintain integrated management control of the company’s operations, in order to ensure integrity of the financial reporting, as well as compliance with laws and regulations.

As part of BCF, Philips implemented a global standard for internal control over financial reporting (ICS). The ICS, together with Philips’ established accounting procedures, is designed to provide reasonable assurance that assets are safeguarded, that the books and records properly reflect transactions necessary to permit preparation of financial statements, that policies and procedures are carried out by qualified personnel, and that published financial statements are properly prepared and do not contain any material misstatements. ICS has been deployed in all main reporting units, where business process owners perform an extensive number of controls, document the results each quarter, and take corrective action where necessary. ICS supports sector and functional management in a quarterly cycle of assessment and monitoring of its control environment. Findings of management’s evaluation are reported to the Board of Management.

As part of the Annual Report process, management’s accountability for business controls is enforced through the formal issuance of a Statement on Business Controls and a Letter of Representation by sector and functional management to the Board of Management. Any deficiencies noted in the design and operating effectiveness of controls over financial reporting which were not completely remediated are evaluated at year-end by the Board of Management. The Board of Management’s report, including its conclusions, regarding the effectiveness of its internal control over financial reporting, can be found in Management's report on internal control.

Philips General Business Principles

The Philips General Business Principles (GBP) govern Philips’ business decisions and actions throughout the world, applying equally to corporate actions and the behavior of individual employees. They incorporate the fundamental principles within Philips for doing business. The intention of the GBP is to ensure compliance with laws and regulations, as well as with Philips’ norms and values.

The GBP are available in most of the local languages and are an integral part of the labor contracts in virtually all countries where Philips has business activities. Responsibility for compliance with the principles rests primarily with the management of each business. Every country organization and each main production site has a compliance officer. Confirmation of compliance with the GBP is an integral part of the annual Statement on Business Controls that has to be issued by the management of each business unit. The GBP incorporate a whistleblower policy, standardized complaint reporting and a formal escalation procedure.

The global implementation of the One Philips Ethics hotline seeks to ensure that alleged violations are registered and dealt with consistently within one company-wide system.

To drive the practical deployment of the GBP, a set of directives has been published, which are applicable to all employees. There are also separate directives which apply to specific categories of employees (e.g. the Supply Management Code of Ethics and Financial Code of Ethics

At the end of 2009 an updated and extended version of the GBP directives was approved and adopted, reflecting developments in codes of conduct and business integrity legislation. The Financial Code of Ethics contains, applicable to all employees performing important financial functions amongst other things, standards to promote honest and ethical conduct, as well as full, accurate and timely disclosure procedures in order to avoid conflicts of interest. Philips did not grant any waivers of the Financial Code of Ethics in 2009.

Comprehensive Rules of Conduct containing mandatory protocols governing the investigation of GBP complaints were finalized and distributed throughout the organization worldwide in 2009. A global internal communication program tailored to the respective businesses with the aim of strengthening employee awareness of the importance of the Philips GBP and GBP Directives was rolled out in 2009.

The implementation of a clearly structured procedure for appointment of GBP compliance officers (responsibilities and authority, hierarchical structure and organizational mandate/independence) was completed in 2009. Furthermore, the functional job assessment of compliance officers is now mandatorily included in their annual ‘People Performance Management’ appraisal. An updated version of the mandatory web-based GBP training, which is designed to reinforce awareness of the need for compliance with the GBP, was rolled out in the US, the Netherlands and India in 2009. The rest of the global roll-out (a total of 23 languages) will take place in the first half of 2010. In 2009, a total of seven tailor-made regional GBP training programs were rolled out in the framework of the mandatory annual (refresher) training of compliance officers.

My Annual Report

Start creating your PDF below
Add this page
my selection: 0
Download my Report
President's message
Gerard Kleisterlee, President and CEO
This is an interactive electronic version of the Philips Annual Report 2009 and also contains certain information in summarized form. The contents of this version are qualified in their entirety by reference to the printed version of the Philips Annual Report 2009. The printed version is available as a PDF file on this website. Information about: forward-looking statements, third-party market share data, fair value information, IFRS basis of presentation, use of non-GAAP information, statutory financial statements and management report, reclassifications and analysis of 2008 compared to 2007.
debugging messages