Annual Report 2010

Sivu: 1 Sivu: 2 Sivu: 3 Sivu: 4 Sivu: 5 Sivu: 6 Sivu: 7 Sivu: 8 Sivu: 9 Sivu: 10 Sivu: 11 Sivu: 12 Sivu: 13 Sivu: 14 Sivu: 15 Sivu: 16 Sivu: 17 Sivu: 18 Sivu: 19 Sivu: 20 Sivu: 21 Sivu: 22 Sivu: 23 Sivu: 24 Sivu: 25 Sivu: 26 Sivu: 27 Sivu: 28 Sivu: 29 Sivu: 30 Sivu: 31 Sivu: 32 Sivu: 33 Sivu: 34 Sivu: 35 Sivu: 36 Sivu: 37 Sivu: 38 Sivu: 39 Sivu: 40 Sivu: 41 Sivu: 42 Sivu: 43 Sivu: 44 Sivu: 45 Sivu: 46 Sivu: 47 Sivu: 48 Sivu: 49

Sivu: 50

CORPORATE GOVERNANCE REPORT 2010 INTERNAL CONTROL AND RISK MANAGEMENT FOR THE FINANCIAL REPORTING The responsibility of the Board of Directors for internal control is regulated by the Swedish Companies Act, the Swedish Annual Accounts Act and the Code of Governance. This report on internal control is submitted by Lundin Petroleum’s Board of Directors and has been prepared in compliance with the Swedish Annual Accounts Act and is accordingly limited to internal control and risk management regarding ﬁnancial reporting. It describes how internal control over the ﬁnancial reporting is organised, but does not comment on its eﬀectiveness. Lundin Petroleum’s Financial Reporting Internal Control System consists of ﬁve key components, as described below and is based upon the Committee of Sponsoring Organisations of the Treadway Commission (COSO) model. Internal control system for financial reporting The internal control system for ﬁnancial reporting has been created to ensure the Group’s objective for ﬁnancial reporting will be fulﬁlled. Lundin Petroleum’s objective for ﬁnancial reporting is: “The financial reporting objective of Lundin Petroleum is to provide reliable and relevant information for internal and external purposes, in compliance with existing laws and regulations, in a timely and accurate manner.” An internal control system can only provide reasonable and not absolute assurance against material misstatement or loss, and is designed to manage rather than eliminate the risk of failure to achieve the ﬁnancial reporting objectives. Improving on a continuous basis The internal control of ﬁnancial reporting is a continuous evaluation of the risks and control activities within the Group. The evaluation work involves internal as well as external benchmarking. This evaluation process and the work that follows is an ongoing process involving enhancement of control activities such as procedures and processes and information and communication within the Group. 1. Control Environment Lundin Petroleum’s Board of Directors has the overall responsibility for establishing an eﬀective internal control system. The Audit Committee assists the Board and prepares matters relating to ﬁnancial reporting, internal control and the reporting of ﬁnancial risks. The Committee also supervises the eﬃciency of the internal auditing, internal control and ﬁnancial reporting and reviews all interim and annual ﬁnancial reports before release. Lundin Petroleum has an internal audit function whose main responsibility is to ensure adherence to the internal control framework by carrying out annual tests. The internal audit function reports to the Group’s CFO and to the Audit Committee of the Board of Directors. The Board of Directors also receives on a regular basis ﬁnancial reports and matters regarding the Group’s ﬁnancial position and development are discussed at every meeting. The operational responsibility for maintaining an eﬀective control environment and for operating the system of internal control and risk management is delegated to the CEO and the responsibility is exercised in cooperation with Group management at varying levels. The development and implementation of a Group-wide framework of consistent policies, guidelines and procedures, as part of a strengthening of the management and control function of the Group, is an ongoing process. Together with laws and external regulations, these internal policies, guidelines and procedures form the control environment which is the foundation of the internal control and risk-management process. All employees are accountable for compliance with these policies, guidelines, procedures within their areas of control and risk management. 2. Risk Assessment A risk assessment is conducted annually at Lundin Petroleum. The risk assessment includes identifying, sourcing and measuring the risk of material error in the ﬁnancial reporting and accounting systems in the Group. For further details on the diﬀerent risks, see the Risk Factors section on page 56. As part of the risk assessment for 2010, Lundin Petroleum has reviewed and analysed the risks that exist within the ﬁnancial reporting process and has structured its internal control systems around the risks identiﬁed. The risks have been assessed through a standardised methodology based on likelihood and impact. The following main categories have been assessed; revenue and receivables, procurement and payables, production and inventory, capitalised expenditure and ﬁxed assets, tax, treasury and cash management, ﬁnancial reporting and information systems. When a risk is identiﬁed and evaluated, a control activity is implemented to minimise the risks in the ﬁnancial reporting process. Those risks are documented in a Group-wide risk map. Conclusions of the risk assessment are reported to management and the Board through the Audit Committee. Internal control – a continuous process 2 Control Environment Specify ﬁnancial reporting objectives 1 Risk Assessment Control Activities 3 Monitoring 5 Information and Communication 4 48 Lundin Petroleum ANNUAL REPORT 2010

Sivu: 50 Sivu: 51 Sivu: 52 Sivu: 53 Sivu: 54 Sivu: 55 Sivu: 56 Sivu: 57 Sivu: 58 Sivu: 59 Sivu: 60 Sivu: 61 Sivu: 62 Sivu: 63 Sivu: 64 Sivu: 65 Sivu: 66 Sivu: 67 Sivu: 68 Sivu: 69 Sivu: 70 Sivu: 71 Sivu: 72 Sivu: 73 Sivu: 74 Sivu: 75 Sivu: 76 Sivu: 77 Sivu: 78 Sivu: 79 Sivu: 80 Sivu: 81 Sivu: 82 Sivu: 83 Sivu: 84 Sivu: 85 Sivu: 86 Sivu: 87 Sivu: 88 Sivu: 89 Sivu: 90 Sivu: 91 Sivu: 92 Sivu: 93 Sivu: 94 Sivu: 95 Sivu: 96 Sivu: 97 Sivu: 98 Sivu: 99 Sivu: 100 Sivu: 101 Sivu: 102 Sivu: 103 Sivu: 104 Sivu: 105 Sivu: 106 Sivu: 107 Sivu: 108