Risk management and internal control
We are committed to operating with the utmost integrity. Rigorous controls and strict adherence to business principles are essential for protecting Ahold and its stakeholders.
Our risk management and control systems are designed to provide reasonable assurance that Ahold’s objectives are achieved. We take a structured and consistent approach to risk management and internal control by aligning strategy, policies, procedures, people and technology to manage the uncertainties we face.
Enterprise risk management
Ahold’s enterprise risk management program provides senior management with an understanding of Ahold’s key business risks and practices in place to manage these risks. At each operating company, functional management identifies the principal risks risks the company faces, and the mitigating actions to manage these risks. Business risk committees comprised of senior executives at each operating company periodically review these risks and the related mitigation practices. They consolidate their findings in an enterprise risk management report that is presented to Ahold’s Corporate Executive Board and Supervisory Board. Executive management at each operating company is required to review the principal risks and risk management practices with the Corporate Executive Board as a regular part of the business planning and performance cycle. The outcome of our enterprise risk management program influences the formation of Ahold’s policies and internal controls, the scope of internal audit activities and the focus of our business planning and performance process.
Ahold Business Control Framework
We maintain the Ahold Business Control Framework (ABC Framework), which incorporates risk assessment, control activities and monitoring into our businesses. The aim of the ABC Framework is to provide reasonable assurance that risks to achieving important objectives are identified and mitigated. The framework is based on the recommendations of the Committee of Sponsoring Organizations of the Treadway Commission (COSO).
Ahold has developed uniform governance and control standards in areas such as ethical conduct, contracts and agreements, accounting policies, and the financial closing process. These, and other Corporate Executive Board-approved policies and procedures, are incorporated into the ABC Framework as mandatory guidelines for all Ahold operating companies. Within the framework, management is responsible for local business operations, including risk mitigation and compliance with laws and regulations. Authority limits have been established to ensure that all expenditures and decisions are approved by the appropriate levels of management.
Code of conduct
Our Global Code of Professional Conduct and Ethics is based on Ahold’s core values. It is intended to help each employee understand and follow relevant compliance and integrity rules, and to know when and where to ask for advice. The code applies to Ahold, its operating companies and all management-level employees, as well as to third parties hired by or acting on behalf of Ahold. It co-exists with the local codes of conduct in place at each of Ahold’s operating companies. The code is available in the corporate governance section of Ahold’s public website.
Monitoring
Ahold uses a comprehensive business planning and performance review process to forecast and monitor its performance. This process covers the adoption of strategy, budgeting, and the reporting of current and projected results. Business performance is assessed according to both financial and non-financial targets.
We have a group-wide management certification process in place to meet business needs and the requirements of the Dutch Corporate Governance Code. Each quarter, executive management at each operating company sends a letter of representation to Ahold’s Disclosure and Compliance Committee confirming compliance with Ahold’s Global Code of Professional Conduct and Ethics, policies on fraud prevention and detection, accounting and global control standards, disclosure requirements and corporate responsibility.
Our Internal Audit function helps to ensure that we continuously maintain and improve the integrity and effectiveness of our system of risk management and internal control by regular risk-based, objective and critical evaluations. It monitors Ahold’s risk management and control systems to provide the Corporate Executive Board, and the Supervisory Board through its Audit Committee, with reasonable assurance on the reliability of financial reporting, compliance with relevant laws and regulations, safeguarding of assets, and efficiency and effectiveness of operations. Internal Audit also monitors the effectiveness of corrective actions undertaken by management with specific follow-up procedures to significant audit findings.
Disclosure and Compliance Committee
Ahold’s Disclosure and Compliance Committee oversees the collection and analysis of financial and non-financial information to be publicly disclosed by Ahold. It also monitors Ahold’s compliance with applicable laws, regulations and internal governance and control standards. The Committee ensures that information to be publicly disclosed is accurate, complete and disclosed in a timely manner. It reviews all such information prior to its publication in annual reports and before it is disclosed to the public or financial community. Four sub-committees assist the Disclosure and Compliance Committee: one coordinates the preparation of the Annual Report and Corporate Responsibility Report, a second oversees Ahold’s internal and external websites, a third monitors Ahold’s information security practices, and a fourth operates the management certification process. The Committee also assists the Corporate Executive Board in ensuring that Ahold has effective governance and control policies and procedures in place.