Internal control framework
Bouwinvest has an effective internal control framework based on the COSO framework. The internal control framework provides reasonable assurance that the management company and the funds it manages will achieve their financial and operational objectives, the effectiveness and efﬁciency of the business, the reliability of its ﬁnancial reporting and compliance with applicable laws and regulations. In the ﬁrst quarter of 2015, Bouwinvest was awarded ISAE 3402 type II certiﬁcation for the year 2014.
Four lines of defence
Bouwinvest has a monitoring and control framework based on the four lines of defence principle. The compliance, risk management, control and internal audit functions at Bouwinvest are aligned in accordance with that principle. This is an integrated approach to compliance and risk management, with policies designed to meet the demands of both regulatory supervision and public opinion, while enabling the oversight functions to operate in a focused, efﬁcient and cost-effective manner.
The four lines of defence are as follows:
- Board of Directors - responsible for embedding the risk and control environment in the organisation’s day-to-day operations.
- The Compliance, Risk Management and Control functions – responsible for risk-related, compliance and control policies, efﬁcient and cost-effective implementation of the policies and continuous improvements.
- Bouwinvest’s internal auditor – operates independently and responsible for the execution of required control measures.
- Supervisory Board and external auditor - the Supervisory Board supervises the Board of Directors and provides advice. Also supervises internal risk management and control systems, ﬁnancial reporting and assesses the internal and external auditors.
Bouwinvest's four lines of defense