Auditors

According to the Articles of Association, the company must have one or two auditors with or without deputy auditors. The 2024 AGM elected Öhrlings PricewaterhouseCoopers AB, with Authorised Public Accountant Camilla Samuelsson, as the company’s auditor for a period of four years. Camilla Samuelsson has not held any positions in other companies that could affect her independence as an auditor for Stockholm Exergi.

The auditors attended all meetings of the Audit Committee and, among other things, reported on the review of internal control and the year-end audit. The auditor reported to the Board on 19 and 26 March 2026.

Financial reporting, internal control and risk management

The Board is ultimately responsible for ensuring that there is good internal control within the Stockholm Exergi Group in accordance with applicable directives, laws and regulations. The Company is not subject to the requirements of the Swedish Corporate Governance Code. Internal control work is carried out within the Group which aims to ensure that operations are carried out in an appropriate, safe, and efficient manner. Internal control of financial reporting aims to ensure that the Group prepares reliable financial accounts and reports, and complies with applicable laws and regulations. Internal control is conducted in accordance with the risk policy resolved on by the Board. The risk policy is based on the principles set out by the Committee of Sponsoring Organizations of the Treadway Commission (COSO).

Risk assessment and control environment

The CEO is responsible for preparing internal control, financial reporting and sustainability reporting matters for the Board. Control work is based on the division of responsibilities between the Board and the CEO as established in the CEO’s instructions and reporting requirements set by the Board. The Board and CEO work in a structured annual cycle for strategic business planning and operational supervision. The process is based on the Group’s vision and operating concept, which in turn is based on the owners’ consortium agreement. Work within the Group is performed in accordance with Board-resolved codes of conduct and values. Risk management is an integral and ongoing part of Group business planning, development and performance management. For each risk category, risk management follows five steps: identification, assessment, management, control and monitoring. The Board resolves on risk policy and the CEO’s risk mandate. Risk management and its processes are continuously developed and adapted to evolving market conditions and changes in the business. 

Governing documents and procedures

There are policies and delegation arrangements in place for the Group’s various areas of operation. They are established and revised annually and otherwise as required by the Board. Various governing documents are also adopted and revised on an ongoing basis by the CEO and the Group management, as well as manuals and procedural descriptions that are established and revised by the respective operational manager. Overall, these internal regulations effectively cover all relevant areas of operation.

Review

The Group’s internal audit function reviews ongoing operations. The Audit Committee has a special supervisory remit and reviews the internal audit’s work, as well as risk management and internal controls.