Risk management and internal control and audit
CapMan has a risk management program aimed at ensuring that the risks associated with the company’s business and objectives are identified and evaluated, and that the company reacts appropriately to these risks. Major risks are published, provided that the information does not contain confidential business information.
The Board is ultimately responsible for the proper organisation of risk management and internal control. The Management is responsible for implementing risk management. The Group’s CFO coordinates the risk management program and is responsible for drafting and updating an internal control program. The CFO reports regularly to the Board on matters concerning risk management and internal control. More information on the organisation of risk management, risk categories, and the organisation of internal control and audit is presented below.
Organisation of risk management
The Management Group defines the main risks associated with business areas and other functions. The company has an action plan for the most relevant identified risks.
CapMan has Investment Committees, one for each fund. Investment Committees make investment proposals to funds’ decision making bodies and are not involved in managing the company’s operational activities. Investment proposals are always made on the basis of a consensus of opinion among the members of the Investment Committee. Investment Committees generally comprise Senior Partners and other members nominated by the CEO. The Chairman is a person nominated by the Group’s CEO.
The monitoring team is part of the back office team and is independent of investment teams and the Group’s Finances and Administration. The monitoring team is responsible for collecting the monthly reporting of the funds' portfolio companies, monitoring and forecasting the success of the Group’s funds, and preparing the models for and calculating carried interest income.
The Valuation Committee decides on the valuations of the funds managed by the CapMan Group. The Valuation Committee comprises the Chairman of each Investment Committee, the Group’s CFO and Head of each investment team. Portfolio companies are valued four times a year in conjunction with CapMan’s interim financial reporting. The investment professionals responsible for portfolio companies make proposals on the valuations of investment targets and compile background material to support their proposals. The monitoring team checks the validity of the principles applied in these proposals. The task of the Valuation Committee is to process valuations and ensure that the same valuation principles are consistently used for all portfolio companies and that the principles comply with International Private Equity and Venture Capital Valuation guidelines (IPEVG).
Audits of investment processes are conducted on a regular basis to ensure that investments are made in compliance with defined procedures. The legal team is responsible for compliance audits, and its members are independent of investment teams.
CapMan classifies risks into four main categories: external risks, operative risks, financial risks, and strategic risks.
External risks consist of prevailing or anticipated changes in the political or legal operating environment, regulations, the economy, or the competitive situation.
General market changes in share prices have an impact on the fair values of portfolio companies. Under IFRS, these valuations can be short-term in nature and do not necessarily reflect on the long-term returns of a fund. In order to even out the effects of economic cycles, it is important that investments are made on a sustainable valuation level, that fund portfolios contain companies operating in non-cyclical sectors, and that portfolio companies are constantly and actively developed.
It is typical of the private equity industry that a proportion of investments are financed with debt financing. If an investment is highly leveraged, the valuation of the fund investment can fluctuate significantly within a short period if market multiples change.
The Group’s operative risks are mainly related to possible ineffectiveness or failure of processes, personnel, and systems. Operative risks include legal and regulatory risks, and risks relating to IT systems, business disruption, or failures in internal control. The management is responsible for identifying, evaluating, controlling, and reporting operative risks. The Group’s general operating principles and standards, monitoring and control programs, and agreed division of responsibilities support the management in this area. The management is responsible for internal control and for regularly reporting on internal control.
The Group has defined procedures, principles, and methods for, among other things, investment activities, data protection, insider issues, personal performance evaluation, signatory rights, and invoice approval. These principles and procedures are available to personnel via the Group’s intranet.
Implementing the Group’s strategy depends on the company’s ability to recruit, develop, and retain the best professionals in private equity in all its teams. Performance appraisals are conducted twice a year, when an individual’s performance is assessed against agreed targets.
Unexpected changes in the pace of investments or exits have a substantial impact on the Group’s cash flow. An individual investment or exit can considerably change the cash flow situation, and the exact timing of cash flow is difficult to forecast accurately. The company’s goal is for management fees to cover the Group’s operating expenses. Carried interest is used to finance fund commitments that are not paid in or to increase dividend payment capacity. Cash flow calculations for different scenarios and for different time spans are updated regularly to ensure adequate liquidity. The Group also has a credit facility for short-term financing needs.
Financial risk management, liquidity risk, interest rate risk, credit risk, currency risk, and the price risk of fund investments are discussed in more detail in the following sections.
Financial risk management
The purpose of financial risk management is to ensure that the Group has adequate and effectively utilised financing in respect of the nature and scope of its business. The objective is to minimise the impact of negative market development on the Group with consideration for cost efficiency. Financial risk management has been centralised and the Group's CFO is responsible for financial risk management and control.
The management constantly monitors cash flow forecasts and the Group's liquidity position on behalf of all Group companies. In addition, the Group's principles for liquidity management include rolling 12-month covenant assessments. Loan covenants are related to equity ratio, the company’s net debt/fund investments ratio and level of rolling past 12 months EBITDA.
The monitoring team monitors the performance and the price risk of the investment portfolio (financial assets entered at fair value through profit and loss) independently and objectively of investment teams. The monitoring team is responsible for reviewing the monthly reporting and forecasts for portfolio companies. Valuation proposals made by the relevant investment professionals are examined by the monitoring team and subsequently approved by the Valuation Committee.
The Group’s cash flow is a mix of predictable cash flow from management fees received and highly volatile carried interest income. The third main component in liquidity management is the timing of capital calls to funds and the proceeds received from fund investments.
Management fees received from funds are based on long-term agreements and are designed to cover the Group’s operational expenses. The management fees are relatively predictable for the coming 12 months.
The timing and receipt of carried interest generated by funds is uncertain and contribute to the volatility of the Group’s result. Changes in investment and exit activity levels may have a significant impact on the Group’s cash flows. A single investment or exit may change the cash flow situation completely and the exact timing of cash flow is difficult to predict.
CapMan has made commitments to the funds it manages. Most existing commitments will typically be called in to funds within the next four years.
Interest rate risk
The Group's exposure to interest rate risk arises principally from its long-term liabilities. The Group manages cash flow-related interest rate risk by using floating-interest and floating-to-fixed interest rate swaps. The objective is that at least half of the Group’s interest rate risk is restored to fixed with regard to loan maturity date.
Long-term loan receivables from Maneq funds are fixed to five-year interest rate periods.
The Group's exposure to credit risk is limited mainly to loan receivables from Maneq funds. CapMan typically has a 30-35% stake in these companies and it finances them with senior and mezzanine loans.
The analysis of possible credit provisions and impairment of loan receivables takes into account the fact that fund solvency follows the J-curve pattern, which is common for private equity funds. The fair value of funds typically falls below acquisition cost in the early investment phase until the first exits are made. As a result, a more reliable assessment of credit risk may be performed approximately four years after the initial investment date, as repayment solvency is endangered only if the average exit multiple within the investment portfolio equals less than one. CapMan has a historical exit multiple of approximately three. In addition the assessment of credit risk incorporates the portfolio companies' expected realisation returns, which are often greater than fair value at that time. The company believes that this credit risk is small.
CapMan has subsidiaries outside the Euro zone with equity exposed to movements in foreign currency exchange rates (Sweden and Norway).
The Group does not hedge currency, however, as the impact of exposure to currency movements on equity is relatively small.
Price risk of fund investments
The Group’s investments in funds are valued using the International Private Equity and Venture Capital Valuation Guidelines. According to these guidelines, fair values are derived generally by multiplying the key performance metrics of investee companies (e.g., EBITDA) by the relevant valuation multiple (e.g., price/equity ratio) tracked for comparable publicly traded companies or transactions. Changes in valuation multiples can lead to significant changes in fair values depending on the leverage ratio of the investee company.
One of the major risks associated with CapMan’s business is the potential failure of fundraising. Successful fundraising provides a firm basis for management fees and creates opportunities for carried interest over a number of years into the future. CapMan is exposed to investors’ decisions to spread their investments over different asset classes. CapMan has endeavoured to minimise this risk by spreading its operations over six investment areas in five countries. The sensitivity of CapMan’s business to fluctuations in investor demand and to market volatility is reduced because typically a new fund is always in an active fundraising phase in one of CapMan’s investment areas. Success in CapMan’s investment teams’ investment operations is a requirement for successful fundraising.
Organisation of internal control and audit
The Group’s CFO is responsible for drafting and updating an internal control program and he/she reports to the Board regularly on internal control matters. The internal control program also covers monitoring the legal compliance of funds and their activities, and its purpose is to ensure that:
- authorisations concerning payments by the Group and by funds are clearly defined
- authorisations concerning investment commitments made in the Group’s name are clearly defined, and that
- the Group and funds abide by the commitments applying to them.
The Group’s General Counsel is responsible for drafting and updating the fund compliance program. The aim of the program is to ensure that the activities of funds managed by the Group comply with contracts, agreements, and other commitments.
The Group does not have its own separate internal audit organisation, which is taken in account when defining the scope and content of external audit.
Internal control and risk management pertaining to the financial reporting
The internal control and risk management pertaining to the financial reporting process is part of CapMan’s overall internal control framework. The key roles and responsibilities for internal control and risk management have been defined in the Group’s internal guidelines which are approved and updated by the management of the company.
CapMan’s internal control and risk management concerning financial reporting is designed to provide reasonable assurance concerning the reliability, comprehensiveness and timeliness of the financial reporting and the preparation of financial statements in accordance with applicable laws and regulations, generally accepted accounting principles and other requirements for listed companies.
The aim of CapMan’s internal control is to:
- focus on the most relevant risks from a strategic and operational effectiveness point of view
- promote ethical values and good corporate governance and risk management practices
- ensure compliance with laws, regulation, and CapMan’s internal policies
- ensure the production of reliable financial reporting to support internal decision-making and service the needs of shareholders
General description of the financial reporting process
CapMan’s business model is based on having a local presence in the Finland, Sweden, Norway and Russia, and operating the organisation across national borders. CapMan’s subsidiaries in six countries report their results on a monthly basis to the parent company. The accounting function is outsourced except for Finland and Sweden.
Financial information is assembled, captured, analysed, and distributed in accordance with existing processes and procedures. The Group has a common reporting and consolidation system that facilitates compliance with a set of common control requirements. The group accounting maintains a common chart of accounts that is applied in all units. Subsidiaries submit their figures monthly to the group accounting where the figures are inserted to the group reporting system for consolidation. The reported figures are reviewed in subsidiaries as well as in group accounting. The group accounting also monitors the balance sheet and income statement items by analytically reviewing the figures. The consolidated accounts of CapMan are prepared in compliance with International Financial Reporting Standards (IFRS).
Financial reporting process control
The Board has the overall responsibility for the proper arrangement of internal control and risk management over financial reporting. The Board has appointed the Audit Committee to undertake the more specific tasks in relation to financial reporting process control such as monitoring the financial statements reporting process, the supervision of the financial reporting process and monitoring the efficiency of the company’s internal control. The Audit Committee also reviews regularly the main features of the internal control and risk management systems pertaining to the financial reporting process.
The management of the Group is responsible for the implementation of internal control and risk management processes and for ascertaining their operational effectiveness. The management is also responsible for ensuring that the company’s accounting practices comply with laws and regulations and that the company’s financial matters are managed in a reliable and consistent manner.
The CEO leads the risk management process by defining and allocating responsibility areas. The CEO has nominated the Group’s CFO as risk manager to be in charge of coordinating the overall risk management process. The risk manager reports regularly to the Audit Committee on matters concerning internal control and risk management. The management has allocated responsibility for establishing more specific internal control policies and procedures to personnel in charge of different functions. Management and accounting department possess appropriate levels of authority and responsibility to facilitate effective internal control over financial reporting.
Risk assessment and control activities
CapMan has defined financial reporting objectives in order to identify risks related to the financial reporting process. The risk assessment process is designed to identify financial reporting risks and to determine how these risks should be managed.
The control activities are linked to risk assessment and specific actions are taken to address risks and achieve financial reporting objectives. Financial reporting risks are managed through control activities performed at all levels of the organisation. These activities include guidelines and instructions, approvals, authorisations, verifications, reconciliations, analytical reviews, and segregation of duties.
As part of the risk management process the company conducted an extensive risk mapping project during 2011. As a consequence of the project, CapMan’s risks are better indentified, documented and classified. In 2012, CapMan continued the project carried out preceding year in order to ensure comprehensiveness of the risk management systems. In the annual strategy process, the identified risks are reviewed, the risk management control activities are audited and effects of potential new indentified risks on the strategy are evaluated.
Information and communication pertaining to the financial reporting
CapMan has defined the roles and responsibilities pertaining to financial reporting as an essential part of Group’s information and communication systems.
In terms of internal control and financial reporting information, CapMan’s external and internal information is obtained systematically, and the management is provided with relevant information on the Group’s activities. Timely, current and accessible information relevant for financial reporting purposes is provided to the appropriate functions, such as the Board, the Management Group, and the monitoring team. All external communications is handled in accordance with the Group disclosure policy, which is available here.
To ensure the effectiveness of internal control pertaining to financial reporting, monitoring activities are conducted at all levels of the organisation. Monitoring is performed through ongoing follow-up activities, separate evaluations or a combination of the two. Separate internal audit assignments may be initiated by the Board or management. The scope and frequency of separate evaluations depend primarily on the assessment of risks and the effectiveness of ongoing monitoring procedures. Internal control deficiencies are reported to the management, and serious matters to the Board.
The Board regularly reviews group-level financial reports, including comparison of actual figures with prior periods and budgets, other forecasts, monthly cash flow estimates and covenant levels. The group accounting performs monthly consistency checks of income statement and balance sheet for subsidiaries and business areas. The group accounting team also conducts management fee and cost analysis, quarterly fair value change checks, impairment and cash flow checks as well as control of IFRS changes.
The monitoring team is responsible for collecting the monthly reporting of the funds’ portfolio companies, monitoring and forecasting fair value movements and preparing the models for and calculating carried interest income.