6.4.2 Risk management system
The risk management system comprises the following components:
- Identifying and assessing the risks associated with the various strategic alternatives and formulating realistic objectives and associated control mechanisms.
- Identifying and evaluating the main strategic, operational and financial risks and the potential impact of same on the company.
- Developing a coherent system of measures to control, limit, avoid or transfer risks. The risk management system is tailored to the size and decentralised structure
- of the company.
Despite the risk management and control system, material errors, fraud or violations of the regulations may occur. The system therefore provides no absolute certainty that objectives will be realised, but was developed to achieve a reasonable level of assurance with regard to the effectiveness of internal controls pertaining to financial and operational risks that may affect the organisation’s objectives.
Organisation
The Board of Directors is responsible for the set-up and operation of the internal risk management and control system. Market and operational risk management is, in principle, organised at operating company level. Management and control measures relating to acquisitions, treasury, financial reporting, tax and legal issues are centralised at group level. Accell Group has a decentralised management philosophy, in which the local targets are determined in consultation between the Board of Directors and management of the subsidiaries. Progress is monitored through the financial planning cycle and management information, the risk analysis and regular visits by the Board of Directors and other employees of the Group to the subsidiaries. The Supervisory Board is responsible for supervising the performance of the Board of Directors, and specifically monitors the strategic risks and the set-up and operation of the risk management and internal control systems.
Taiwan incident
In order to investigate the nature, cause and impact of the detected theft, Accell Group assigned an international forensic accountancy firm. Accell Group immediately asked for legal support and reported the theft to the local police. After careful analysis, the investigation concluded that the theft has to be considered as an isolated case, which only occurred at AAT in Taiwan. Additionally, it can be concluded that the theft could occur because of an unfortunate combination of events, in which the employee involved has been able to circumvent and misuse the availability of certain payment facilities by misappropriation of systems, processes and trust. The investigation also resulted in a recovery plan in which Accell Group explains the measures taken to undo the effects of the theft and to tighten the system of internal controls and includes systems, procedures and organization. The recovery plan also comprises a project plan in which further measures are worked out. The findings from the investigation are analyzed numerically as well as qualitatively.
Risk analysis
The Board of Directors and the management of the subsidiaries draw up periodical analyses of the strategic, operational and financial risks. For the purpose of the risk analysis an extended inventory was conducted of internal and external risks which are reviewed by the members of the Board of Directors and management of the subsidiaries individually on possible effects on the company. The control measures of the main risks are also assessed. The Board of Directors aims to constantly assess the system and improve them where necessary. The outcome relating to the risk analysis and the main risks are discussed periodically with the Supervisory Board.
Financial planning cycle and management information
The various subsidiaries draw up a strategic plan each year based on the main development in the company’s operating environment. Once harmonised and approved, these plans are translated into annual budgets. The consolidated strategic plan and budget are discussed with the Supervisory Board. Management information reports are compiled on a daily, weekly and monthly basis. Latest estimates are drawn up at least three times a year. The budgets and latest estimates are reviewed against the actual results on a monthly basis and the outcome is reported to the Board of Directors.
Internal risk management and control system
To ensure the quality of the company’s financial reporting and operational audits, Accell Group uses an extensive system of administrative organisation and internal controls. The internal control system is largely anchored in the company’s information systems.
Financial administration guidelines
The personnel of the financial departments are provided with directives and instructions pertaining to the set-up and maintenance of the financial administration and reporting systems. Details of these are provided in a reference document. The directives and instructions comply with the prevailing IFRS standards.
Internal audit
The Internal Auditor carries out his tasks on the basis of a detailed internal audit plan, a predetermined assessment framework and the Accell Group Internal Control Framework. The Accell Group Internal Control Framework outlines the inherent risks for each process and the related internal control measures. The findings and recommendations of the Internal Audit are used to strengthen the internal controls. The findings and recommendation are then shared with the members of the Board of Directors and are subject to fixed follow-up deadlines. The findings with high priority are reported directly to the Audit Committee. This also applies to the follow-up on previous high-priority findings.
In recent years, internal audits were conducted at various Accell Group subsidiaries and attention was devoted to group-wide control measures. The subject of fraud is discussed with the local management and in regular consultations with the CFO, as part of the internal audits. This also draws attention to the responsibility for the prevention and detection of fraud risk and shares same with the local management.
In 2016, the company will continue to develop the Accell Group Internal Control Framework and the group-wide control measures. The responsibility for maintaining the Accell Group Internal Control Framework will be vested in the Accell Group subsidiaries. In addition, the internal auditor will review the risk management system and facilitate the 2016 risk analysis.
In addition to the previously mentioned regular internal audits, the Board of Directors or the audit committee may request specific ad hoc audits.
External auditor
An annual audit plan is drawn up by the external auditor. In the context of the audit of the annual financial statements by the external auditor an assessment is carried out regarding the set-up and presence of the most important internal controls of the business processes. This is reported in a formal letter to the management. The most important findings are discussed with the plenary Board of Directors and also with the Audit Committee of the Supervisory Board.
Letter of Representation
he directors of subsidiaries each year sign a Letter of Representation, which is a detailed declaration, related to financial annual reports and the presence and functioning of the internal control systems. For this detailed statement, the company has drawn up a checklist of subjects that is signed annually by other members of the management of the Accell Group subsidiaries as well.
Other risk management measures :
- Accell has a Code of Conduct that has been updated by the Board of Directors of Accell Group and approved by the Supervisory Board in 2013. The Code of Conduct applies to all personnel of Accell Group and its subsidiaries and is published on the Accell Group corporate website;
- The basic premises for the directors of Accell Group’s operating companies are provided by management regulations. These include detailed regulations on the subjects of internal decision making and communications;
- Accell has a Whistle blower procedure that has been updated by the Board of Directors of Accell Group and approved by the Supervisory Board in 2013. The Whistleblower procedure has been published on the corporate website of Accell Group and ensures that possible violations of existing policy and procedures can be reported without any negative consequences for the person reporting the violation;
- In 2013 it was decided to coordinate the inventory management on a central level in such a way to gain more control on the effects of the decentralized structure of the logistics organisation with regard to the level of inventories.