We believe that a robust infrastructure supported by the right culture, values and behaviours, both at the top and throughout the entire organisation, is an imperative. A well-defined and well-structured corporate governance structure ensures good long-term relationships within the organisation, with internal and external stakeholders and with society at large.
LeasePlan is incorporated under the laws of the Netherlands. Its head office is in Amsterdam, the Netherlands as well as its statutory seat. LeasePlan operates in over 30 countries across the globe. These operations are conducted through various local LeasePlan companies.
In addition to an effective global corporate governance infrastructure, LeasePlan is subject to supervision by competent supervisory authorities worldwide. In the Netherlands, we are supervised by, among others, the Dutch Authority for the Financial Markets (AFM) and the Dutch Central Bank (DNB). LeasePlan has recently surpassed a balance sheet total of EUR 30 billion at the regulatory consolidated level. By exceeding this threshold, LeasePlan will most likely qualify as a ‘significant institution’ in the foreseeable future and our supervision may consequently be transferred from the DNB to the ECB. As of the date of this Annual Report, the exact timing of such transfer is unknown and it is subject to the relevant assessments and decisions to be made by the ECB and the DNB. In Ireland, where LeasePlan Insurance is located, the Central Bank of Ireland (CBI) supervises the insurance activities of the company. Several other LeasePlan companies are supervised by relevant local supervisory authorities.
Applicable laws and codes
As of 21 March 2016, LeasePlan applies the provisions of the full large company regime (volledig structuurregime). Additionally, we are subject to certain EU legislation (including, amongst others, CRR/ CRD IV), which has an impact on the regulation of our businesses in the European Union, and the regulations and supervision by local supervisory authorities of the various countries in which we do business.
As LeasePlan is not a listed entity, we are not subject to the Dutch Corporate Governance Code (Code). However, we view the Code as a reference point for good corporate governance practices and therefore apply certain principles and best practice provisions of the Code, placing more emphasis on long-term value creation and risk management as a benchmark for assessing any further improvements to our governance framework and policies.
As part of our diversified funding strategy, we obtain funds from savings deposits in the Netherlands and Germany through LeasePlan Bank. We have a banking licence pursuant to which we are obliged to comply with banking regulations such as the Banking Code. This covers areas such as governance, remuneration, audit and risk management. On an annual basis, we are obliged to disclose information on how we have complied with the Banking Code in practice.
More information about our corporate governance, e.g. on our Code of Conduct, Supplier Code of Conduct, compliance with the Banking Code and our Articles of Association, can be found on our website: www.leaseplan.com/corporate
LP Group B.V. is the sole shareholder of LeasePlan Corporation N.V., with TDR Capital, sovereign wealth funds ADIA and GIC and pension funds PGGM and ATP amongst the indirect shareholders of LeasePlan Corporation N.V. None of these investors alone has a direct or indirect controlling interest in LeasePlan. There are no shares without voting rights or shares that give no or limited entitlement to profits or reserves of the company.
LeasePlan is governed by a two-tier board comprising a Supervisory Board and a Managing Board. Both boards perform their duties and powers as laid down in the relevant laws, rules, regulations and our Articles of Association.
The Supervisory Board is responsible for supervising the Managing Board and the general course of affairs of LeasePlan and its Group companies. In addition, the Supervisory Board advises the Managing Board in determining the strategic direction. It also is responsible for the appointment, and the yearly assessments of the remuneration and other conditions of employment, of the Managing Board members. As of 31 December 2019, the Supervisory Board consisted of seven members. More detailed information with respect to the members of the Supervisory Board can be found in the Supervisory Board report. LeasePlan believes that the Supervisory Board has sufficient diversity in the background, knowledge and expertise of the individual members to warrant proper supervision of the overall management of the Group by the Managing Board.
The Managing Board’s responsibility is, inter alia, setting the overall strategy, the resulting business approach and policies for LeasePlan and its Group companies. It is well aware of the importance of the right tone at the top and the positive effects thereof for the rest of the organisation. Moreover, the Managing Board is responsible for maintaining proper accounting records, for safeguarding assets and for taking reasonable steps to prevent and detect fraud and other irregularities.
It is responsible for selecting suitable accounting policies and applying them on a consistent basis and making judgements and estimates that are prudent and responsible. It is also responsible for establishing and maintaining internal procedures to ensure it is informed of all major information, to ensure the timeliness, completeness and accuracy of external financial reporting. This means the Managing Board is responsible for the system of internal control that is designed to safeguard controlled and sound business operations and ensure the quality of internal and external reporting and compliance with applicable laws, regulations and codes of conduct.
In devising internal controls, LeasePlan has taken into account the nature and extent of the risks that may affect the soundness of the entire enterprise, the likelihood of risks occurring and the cost of control.
In 2019, the Managing Board consisted of Mr L.W. (Tex) Gunning as Chief Executive Officer, Ms Y.J.M.A. (Yolanda) Paulissen as Chief Strategic Finance and Investor Relations Officer (until 6 December), Mr J (Jochen) Sutor Chief Financial Officer (appointed 31 July) and Ms F.P.C.G. (Franca) Vossen as Chief Risk Officer (until 6 December).
More detailed information about the current members of the Managing Board can be found in Leadership team.
The division of tasks within the Managing Board is determined by the Board itself and has been approved by the Supervisory Board. The members of the Managing Board are fully supported in performing their duties by the advice and services provided by a mixed and diverse management team.
LeasePlan operates a lifelong learning programme for the members of the Managing Board and the Supervisory Board. The various training sessions are conducted by internal and external experts.
LeasePlan is committed to attracting and retaining the finest talent as this ensures top business performance and delivers a competitive advantage. We recruit from all cultural, linguistic and national backgrounds as this allows us to meet the needs of our customers, while providing us with valuable knowledge for understanding complex markets. Taking into account the above, LeasePlan aims to obtain an equal division of gender in the Managing Board and Supervisory Board and operates a formal policy to this end. This means that every time a position within either a Managing Board or a Supervisory Board becomes vacant, the gender diversity aspect will be taken into account during the procedure of selection and appointment of the candidates.
During 2019, 29% of LeasePlan’s Supervisory Board was female. Going forward, LeasePlan will continue to strive for an equal division of gender, among others by considering and taking into account this aim when appointing persons or nominating persons for appointment to the Managing Board and Supervisory Board respectively.
In Control Statement
The Managing Board is responsible for designing, implementing and maintaining the internal risk management and control systems. The purpose of these systems is to adequately and effectively manage the risks associated with the strategy and activities of the company. In this respect the Managing Board has made an assessment of the design and effectiveness of the internal control and risk management systems, which is described in more detail below.
On the basis of this assessment and in accordance with best practice provision 1.4.3 of the Dutch Corporate Governance Code and Article 5:25c of the Financial Supervision Act, the Managing Board believes, to the best of its knowledge, that:
- 1. the annual report provides sufficient insights into any failings in the effectiveness of the internal risk management and control systems during the financial year 2019;
- 2. the internal risk management and control systems provide reasonable assurance that the financial statements do not contain any material inaccuracies;
- 3. based on the current state of affairs, it is justified that the financial statements are prepared on a going concern basis; and
- 4. the annual report states those material risks and uncertainties that are relevant to the expectations of the company's continuity for the period of 12 months after the preparation of this report.
It should be noted that the above does not imply that these internal risk management and control systems provide absolute assurance as to the realisation of the business objectives, or that they can prevent all misstatements, inaccuracies, errors, fraud and non-compliance with legislation, rules and regulations. Nor can they provide certainty that LeasePlan will achieve its objectives. It is also the case that evaluations of the effectiveness of internal control over financial reporting to future periods are subject to the risk that the controls may become inadequate because of changes in conditions, or that the degree of compliance with the policies or procedures may deteriorate.
In view of all the above the Managing Board confirms that to the best of its knowledge the LeasePlan financial statements give a true and fair view of the position at the balance sheet date, the development and performance of the business during the financial year 2019 and the subsidiaries included in the financial statements, together with a description of the principal risks that LeasePlan is being confronted with.
Amsterdam, the Netherlands, 2020
Background and explanation
The Managing Board is accountable for the management of all risks associated with the company's strategy and activities. To this end, appropriate risk management and internal control systems are in place.
The responsibility for identifying and managing risks lies with LeasePlan's entities. These entities are supported by the Group Risk Management department and the Group Privacy & Compliance department and are periodically assessed by the Group Audit Department (GAD). Group Risk Management and Group Privacy & Compliance report directly to the CRO, and GAD has direct access to the CEO as well as to the Audit Committee of the Supervisory Board.
LeasePlan entities are responsible for setting up, maintaining, operating and monitoring an appropriate risk management and internal control system within their area of responsibility.
This responsibility includes the management, monitoring, reporting and controlling of risks. The entities are supported in this by local risk functions (headed by the Entity Risk Director). GAD, in its role as third line of defence, closes the control cycle through regular assessments of the design and operational effectiveness of the risk management and internal control system.
An In Control Statement (ICS) provides sufficient insights into any failings in the effectiveness of internal risk management and control systems, based on the results of several Risk Management Instruments like identification, registration, assessments and reporting of risks, controls and losses.
The aforementioned systems furthermore provide reasonable assurance that the financial reporting does not contain any material inaccuracies.
The risk management and internal control system within LeasePlan covers a broad set of risk types, primarily:
- Strategic Risks;
- Operational risk (incl. business continuity, financial reporting, model & HR risks)
- Financial risks, which covers: asset risk, credit risk, treasury risk and insurance risk;
- Other risks, which covers: information risk, compliance, legal and reputation risk.
The Group has a framework in place which is continuously being improved and enhanced.
Important instruments for the ICS within the Group Include:
- Internal Audit: In the LeasePlan Group, internal audits are performed by GAD through a risk-based audit methodology. The objective of the risk-based audit is to reach opinions on the internal control quality of the company. The quality review of the design and effectiveness of internal control procedures has to be planned in such a way that all major entities and processes in these organisations will be analysed periodically. Group Audit Department executes on a yearly basis the internal audit plan, as approved by the Managing Board and the Audit Committee.
- Business Control Reviews (BCRs): Due to the international network of subsidiaries, the Risk Management practices in all subsidiaries need to be consolidated at Corporate level to have a total overview of the risks in the Group. The objective of the BCRs is to check and monitor whether all LeasePlan subsidiaries are acting according to the policies (Control) as well as advising them where necessary and pro-actively engaging with them (Consultancy). Group Risk Management executes on a yearly basis the BCR plan. All subsidiaries need to be visited once every two years or when there is a signal that a specific risk area within an entity needs to be reviewed.
- LeasePlan has a uniform set of accounting and reporting principles applied throughout the Group based on its application of International Financial Reporting Standards. As part of our monitoring activities related to the Financial Control Framework, control deficiencies were identified, specifically related to the limitations of legacy IT systems and control documentation. Control deficiencies are remediated as part of the ongoing finance improvement processes.
- Letter of Representation: Managers of the entities submit a letter of representation emphasising the compliance with the uniform set of accounting and reporting principles. The group of entities that is included in the consolidated financial statements is comprised of subsidiaries acting as separate entities selling LeasePlan’s core products.
- Risk Performance evaluation: The ambition to manage and monitor risk on an integrated and holistic basis, has been a key driver in the set-up of an independent risk function at entity level, with oversight by Group Risk Management. In order to have good insight in the performance of the local Risk Function, entities are monitored on a regular basis with regard to different aspects. The main objectives of the performance evaluation (which consist of KPI’s the local Risk Function can influence) are: 1) Gain insight in the maturity of local risk management practices and 2) assess regulatory compliance by adherence to global policies. Entities are challenged where necessary.
- Entity Oversight: In order to determine whether risk is taken in a controlled way, an entity oversight governance structure is in place. The different Risk Types LeasePlan is facing are in scope of this instrument. Group Risk Management actively monitors the performance of the entities with regard to these risk types, whereas oversight activities like Business Control Reviews are carried out as well. Alignment meetings will take place to make sure that the local second line functions are aligned with the Group’s second line functions. All these activities will contribute in obtaining insight in the local risk management practices.
- Strategic Risk Assessment (SRA): As part of the risk strategy process, LeasePlan identifies and assesses the risks it is exposed to on an annual basis via a SRA, to ensure that we actively manage and mitigate the impact of these risks on our strategic goals, reputation and financial results. The SRA considers the current business, external trends and emerging development and includes a heatmap of the environment (in terms of probability and impact), concludes which risks are part of the risk universe and as such under active management, and defines the taxonomy.