Skip to main content

Internal Control

The Internal Control System
of ThPA S.A.

The Internal Control System of ThPA S.A. aims at:

– the consistent implementation of the business strategy

– the efficient use of available resources

– the identification and management of significant risks associated with its business and operation

– ensuring the completeness and reliability of data and information on the financial state of the Company

– the compliance with the regulatory and legislative framework, as well as the Internal Rules of Operation of the Company.

The Internal Control System sets out all the internal control mechanisms and procedures that include risk management, internal audit, and regulatory compliance, which cover every activity of the Company and contribute to its safe and effective operation.

The Internal Control System implemented by ThPA S.A. is based on the internationally recognized standard of COSO and has been designed based on:

– the nature and extend of risks the Company faces,

– the level of risks the Company’s Board is willing to accept,

– the probability the above risks may materialize,

– the capability of the Company to reduce the impact of the risks, and

– the cost of the controls necessary to mitigate the above risks, as opposed to the benefits from such mitigation.

The Board of Directors ensures the adequate and effective operation of the Company’s Internal Control System and has approved the Policy and Procedure for its periodic evaluation.

The Audit Committee assists the Board of Directors in its duties related to the systematic oversight of the governance of the Company and its subsidiaries, the risk management, the audit of financial statements and the internal control practices. Specifically, the Audit Committee:

  • is responsible for the process of selecting statutory auditors or audit firms and recommends the statutory auditors or audit firms to be appointed.
  • reviews and monitors the independence of the statutory auditors or audit firms and in particular the appropriateness of the provision of non-audit services to the Company and its subsidiaries.
  • monitors the statutory audit of the annual and consolidated financial statements and in particular the way it is conducted.
  • monitors, reviews and evaluates the financial reporting process and makes recommendations or suggestions to ensure its integrity.
  • informs the Board of Directors of the Company of the result of the statutory audit and explains how the statutory audit contributed to the quality and integrity of the financial reporting and what was the role of the Audit Committee in this process.
  • monitors, reviews and evaluates the adequacy and effectiveness of the internal control, quality assurance, regulatory compliance and risk management systems of the Company and its subsidiaries.
  • monitors, supervises, and evaluates the proper and effective functioning of the Internal Audit Department, in accordance with the professional standards, ensuring its independence.
  • monitors and evaluates Management’s measures to prevent and deter fraud.

The Internal Audit Department is an independent organizational unit that reports functionally to the Audit Committee and administratively to the Executive Chairman of the Board of Directors. The mission of the Internal Audit Department is to provide an independent, objective and risk-based assurance and consulting services, designed to enhance and protect organizational value, abiding by the International Professional Practices Framework of Internal Auditing.

The Internal Audit Department has in place and implements a Charter and a Procedures’ Manual, which were approved by the Board of Directors, following the proposal of the Audit Committee.

The Internal Audit Department is responsible indicatively for:

  • evaluating the adequacy and effectiveness of risk management and regulatory compliance processes, corporate governance, internal control and quality assurance systems, designed and implemented.

  • assessing the implementation of the Internal Rules of Operations of the Company.

  • informing the Audit Committee and Management about the results of the audits.

  • evaluating of the actions taken regarding the implementation of the recommendations to address the audit issues that have been identified.

  • providing consulting services to the Company.

The Internal Audit Department has full access to all systems, books and data, to the premises and activities of the Company.

The scope of the Compliance and Risk Management Officer of the Company is:

  • ensuring the Company’s adoption of a clearly defined position and a clearly defined risk-taking framework, which is in line with its business strategy, objectives, and values.

  • supporting the Management in making strategic decisions by identifying, evaluating, communicating and addressing related corporate risks.

  • ensuring the implementation of the applicable regulatory framework, as well as the design, formulation and implementation of appropriate policies, regulations and procedures of the Company in accordance with the above-mentioned applicable regulatory framework.

Having in place and implementing Policies and Procedures’ Manuals for Risk Management and Regulatory Compliance, approved by the Board of Directors of the Company.

The execution of the relevant duties is supervised and coordinated by the Head of Internal Audit of the Company, to ensure complete coverage of the Company’s activities from the assurance providers and to avoid repetition and waste of resources.

The Compliance and Risk Management Officer of ThPA S.A. functionally reports to the Audit Committee and administratively to the Executive Chairman of the Board.

Get to know us Better

Sign up to our newsletter, so you can be the first to find out the latest news about us throughout the year.

    By subscribing to our newsletter you agree to our Policy Terms.