Annual report 2018

62 | Galenica annual report 2018 The Board of Directors of Galenica receives an overview of the most important risks from the Corporate Executive Committee when circumstances require it but at least twice a year. The Board evaluates the overview, adding informa- tion as needed, and where required takes decisions on any preventive measures necessary, which will then be imple- mented Group-wide as part of the risk management pro- cess. Galenica defines risk as the possibility that an event or an action will lead to immediate financial loss or other negative consequences. Additional information about the management of financial risks can be found in the Notes to the consolidated financial statements 2018 on pages 120 and 121. Internal control system As part of its risk management system Galenica operates an internal control system (ICS) to provide reliable internal and external financial reporting and to prevent false infor- mation and errors about business transactions. The ICS provides the necessary processes and controls to ensure that risks relating to the quality of the company’s financial reporting can be detected and managed in a timely manner. A thorough review of the existence of the processes and controls of the Galenica ICS is carried out annually by the external auditors at the time of the interim audit. The results of these reviews are reported to the Audit and Risk Commit- tee. Appropriate measures are taken by management to continually improve the company’s processes with regard to the process areas of purchasing, procurement, invest- ments, sales, HR, general financial management and report- ing as well as IT controls. Internal Audit Internal Audit carries out audits of operational and strategic risk management and the ICS in accordance with the audit plan determined by the Audit Committee. It carries out reviews, analyses and interviews across the Group and helps the Business sectors to meet their targets by ensuring an independent assessment of the effectiveness of the internal control processes. Internal Audit regularly pro- duces reports on its audits and reports directly to the Audit and Risk Committee in writing. The activities of Internal Audit are conducted through contracts issued to external service providers. Information policy Galenica and its companies operate an active and transpar- ent information policy towards all their stakeholder groups. Consistency and credibility are two fundamental principles that are reflected in factual, comprehensive and objective communication. Ad hoc publicity Important and price-relevant events are communicated in a timely manner via electronic media and in accordance with the Directive of the SIX Swiss Exchange. Any employees affected are informed first, as long as this is possible in the specific situation and allowed by law. Periodic publications Once a year, Galenica publishes an annual report and a half- year report. The full versions of these reports are available on the Galenica website (see related links on page 64). In addition, Galenica publishes a printed short version of the annual report which is sent to the shareholders by mail upon request. The invitation to the Annual General Meeting is sent to shareholders electronically or by mail, and is additionally published in the “Schweizerisches Handelsamtsblatt”. Internet All Galenica publications, all media releases and other sup- plementary information about the Group can be found on the Galenica website (see related links on page 64). Corporate Governance Galenica