Report on Internal Control

The Board’s description of internal control pertaining to the financial reporting for the 2016 financial year.

The Board is responsible for internal control in accordance with the Swedish Companies Act and the Code. This description has been prepared in accordance with the Code’s Rule 7.3 and 7.4, and Chapter 6, Section 6 and Chapter 7, Section 31 of the Annual Accounts Act (1995:1554), and is thus restricted to the internal control pertaining to the financial reporting.

Control environment

The purpose of the Board of Directors’ rules of procedure and instructions for the Chief Executive Officer and Board Committees is to ensure a distinct division of roles and responsibility that promotes the efficient management of operational and financial risks. The Board has also adopted a number of fundamental guidelines of significance to activities involving internal controls, which are described in Kinnevik’s Policy and Procedure Manual and include instructions governing the financial reporting of results, authorization procedures, purchasing policies, investment policies, accounting principles, financial risk management and internal audits. The Company’s management reports regularly to the Board in accordance with established procedures. In addition, the Audit Committee and the GRC Committee report on its respective work. The Company’s management is responsible for the system of internal controls required for managing risks associated with ongoing operations. This includes guidelines for the employees to ensure that they understand the importance of their particular roles in efforts to maintain efficient internal control. The Company’s operational and financial risks are reported each quarter to the Board, including an analysis of their consequences and financial impact in the event of them materializing, and how and who exercises ongoing control over each risk and how these can be mitigated in part or in full.

Risk assessment and control activities

Kinnevik has implemented a model for assessing the risk of errors in accounting and the financial reporting based on COSO’s framework for internal control. The most significant items and processes in which the risk of significant errors can typically arise encompass financial assets and instruments in the income statement and balance sheet, and the investment process. Kinnevik has established documented work routines and continuously evaluates how well the controls function in relation to these items and processes.

Internal audits

The Board of Directors evaluate the need for a separate internal audit function on a yearly basis. Kinnevik does not currently have a separate internal audit function, taking into account the size of the company’s operations. Instead Kinnevik, on instructions from the Audit Committee, engages independent internal auditors to follow up and evaluate work relating to inter alia risk management and internal control. The internal auditors continuously report the results of their examination in the form of written reports to the Audit Committee.

Information and communication

Kinnevik’s Policy and Procedure Manual and other guidelines of importance to financial reporting are updated at least once annually. Both formal and informal information channels to the Company’s management and Board of Directors are available for internal communication. For external communication, guidelines have been compiled in an Information policy ensuring the Company complies with the meticulous demands for timely and accurate information to market participants and other various constituencies, such as shareholders, Board members, employees and customers.

Follow-up

The Board of Directors continuously evaluates the information provided by management, the Audit Committee and the GRC Committee. The work to monitor the efficiency of management’s efforts in this area is of particular importance to the follow-up of internal controls. This work includes ensuring that action is taken concerning those shortcomings and proposed measures that result from external and internal audits.