The Management Board is responsible for TomTom's risk management and internal control systems. The Management Board believes that the company maintains an adequate and effective system of risk management and internal control that complies with the Dutch Code of Corporate Governance.

The internal control systems are designed to manage, rather than eliminate, the risk of failure to achieve business objectives and can provide reasonable, but not absolute, assurance against financial loss or material misstatements in the financial statements.

TomTom views the management of risk as a key management activity. The Management Board reviews the effectiveness of TomTom's systems of internal control relative to strategic, financial, operational and compliance risks and discusses risk management and internal controls with the Audit Committee on at least a quarterly basis.

TomTom embeds risk management into the periodic strategic business planning and internal control mechanisms. A top-down approach is followed, whereby the major risks that could affect the business objectives are identified by responsible management together with an assessment of the effectiveness of the processes and internal controls in place to manage and mitigate these risks. Please refer to the Business Risks section for an overview of our most important risks. Assurance on the effectiveness is obtained through management reviews, control self-assessments, internal audits and testing of certain aspects of the internal financial control systems by the external auditors during the course of their annual audit.

This, however, does not imply that TomTom can provide certainty as to the realisation of business and financial objectives, nor can the followed approach to internal control over financial reporting be expected to prevent or detect all misstatements, errors, fraud or violation of law or regulations.

The key features of the systems of internal control are as follows:

• clearly defined lines of accountability and delegation of authority are in place, together with comprehensive reporting and analysis against approved budgets
• operating risk is minimised by ensuring that the appropriate infrastructure, controls, systems and people are in place throughout the business
• an organisation design is in place that supports business objectives and enables staff to be successful in their roles.
• treasury operations manage the investment of cash balances and exposure to currency transaction risks through treasury policies, risk limits and monitoring procedures
• an Insider Information Policy and a Code of Ethics is embedded into the culture of TomTom and is accessible to all staff via the intranet.

The key controls over financial reporting policies and procedures include controls to ensure that:

• commitments and expenditures are appropriately authorized by management
• records are maintained which accurately and fairly reflect transactions
• any unauthorised acquisition, use or disposal of TomTom's assets that could have a material effect on the Financial Statements should be detected on a timely basis
• transactions are recorded as required to permit the preparation of financial statements, and
• TomTom is able to report its financial statements in compliance with IFRS.

The Management Board believes, based on the activities performed in 2011 and in accordance with best practice provision II.1.5 of the Dutch Corporate Governance Code, that the risk management and control systems, with regard to the financial reporting risks, have worked properly in 2011, and that the risk management and control systems provide reasonable assurance that the 2011 financial statements do not contain any errors of material importance.

With reference to the statement within the meaning of article 5:25C (2) (c), the Financial Markets Supervision Act, the Management Board states that, to the best of its knowledge:

• the annual financial statements give a true and fair view of the assets, liabilities, financial position and profit or loss of the company and the undertakings included in the consolidation taken as a whole, and
• the Management Report includes a fair review of the development and performance of the business and the position of the company and the undertakings included in the consolidation taken as a whole, together with a description of the principal risks and uncertainties that the company faces.

Amsterdam, 28 February 2012

The Management Board

Harold Goddijn - CEO
Marina Wyatt - CFO
Alain De Taeye

Back to Top