Slide 1 Risk Management and Internal Control in the EU Alternative approaches Robert Hodgkinson 25 October 2005

Slide 2 Evolutionary path Manage risk Disclose process Disclose management of risks Disclose effectiveness conclusion Risk management and internal control Financial reporting Compliance Operational and strategic Increasing difficulty Requirements Best practice

Slide 3 Matrix for analysing requirements Types of activity Disclose Manage risks Respond Conclude Identify and evaluate Management of specific risks Effectiveness conclusion Overall process Types of risk Financial reporting Operational and strategic Compliance

Slide 4 Issues for consideration Types of activity Disclose Manage risks Respond Conclude Identify and evaluate Management of specific risks Effectiveness conclusion Overall process Types of risk Financial reporting Operational and strategic Compliance

Slide 5 EU Proposed Directives Types of activity Disclose Manage risks Respond Conclude Identify and evaluate Management of specific risks Effectiveness conclusion Overall process Types of risk Financial reporting Operational and strategic Compliance

Slide 6 Sarbanes-Oxley Section 404 Types of activity Disclose Manage risks Respond Conclude Identify and evaluate Management of specific risks Effectiveness conclusion Overall process Types of risk Financial reporting Operational and strategic Compliance

Slide 7 Dutch requirements Types of activity Disclose Manage risks Respond Conclude Identify and evaluate Management of specific risks Effectiveness conclusion Overall process Types of risk Financial reporting Operational and strategic Compliance

Slide 8 French requirements Types of activity Disclose Manage risks Respond Conclude Identify and evaluate Management of specific risks Effectiveness conclusion Overall process Types of risk Financial reporting Operational and strategic Compliance

Slide 9 Swedish requirements Types of activity Disclose Manage risks Respond Conclude Identify and evaluate Management of specific risks Effectiveness conclusion Overall process Types of risk Financial reporting Operational and strategic Compliance

Slide 10 UK requirements Types of activity Disclose Manage risks Respond Conclude Identify and evaluate Management of specific risks Effectiveness conclusion Overall process Types of risk Financial reporting Operational and strategic Compliance

Slide 11 Risk Management and Internal Control in the EU Alternative approaches Robert Hodgkinson 25 October 2005