Accounting-related internal control system
The internal control system is an integral part of the risk management system. Whereas risk management focuses on the identification, analysis, assessment, communication and management of strategic risk, the internal control system (ICS) brings together activities aimed at avoiding or limiting risk at operational level through use of control instruments.
The Board of Management is responsible for setting up, monitoring, refining and ensuring the effectiveness of the ICS. Even a properly structured ICS is unable to provide absolute security; it can only provide a relative amount of security in helping to achieve targets and/or avoid material misstatements.
The aim of the internal accounting-related control system is to ensure that accounting is carried out consistently and in accordance with statutory requirements, generally accepted accounting principles and internal guidelines. The accounting process itself includes those operating processes that provide the value flows for financial reporting, the process for preparing the consolidated financial statements, and all information sources and processes from which the significant disclosures in the consolidated financial statements are derived.
In order to ensure that the consolidated financial statements are properly and consistently prepared, the Group adheres to the fundamental principles of separation of functions, having work checked by a second member of staff and IT access restrictions to prevent unauthorised access to relevant data. There are written procedural instructions and, in particular, Group accounting guidelines that are regularly updated at head office and communicated throughout the Group. Each reporting entity is responsible for compliance with the guidelines, and the data reported to DEUTZ’s Group accounting department is validated on an ongoing basis during the preparation of monthly financial statements. Data is reported to the Group head office using a standard reporting tool that has been implemented throughout the Group. Additional control mechanisms covering the risks in the main processes, thereby guaranteeing a reliable accounting and reporting system, are normally set up locally at departmental level. Where necessary, we also use external service providers, such as independent assessors of pension liabilities. The Group accounting department ensures that these requirements are adhered to across the Group.
Information relevant to accounting is shared on an ongoing basis with the Head of Finance, Accounting and Compliance and passed on to the Chief Financial Officer in regular meetings.
Besides discussing the single-entity and consolidated financial statements, the Audit Committee set up by the Supervisory Board regularly discusses the quarterly financial reporting. In addition, the Audit Committee’s monitoring function includes the ICS set up by the Board of Management as well as the accounting process itself.
The internal audit department prepares a risk-based audit plan and verifies whether the statutory regulations and the DEUTZ Group’s internal guidelines for its entire control and risk management system are being complied with. As part of its monitoring function it reviews whether the defined controls are functioning effectively. The findings of these reviews are reported directly to the Board of Management and allow us to eliminate any deficiencies that have been identified and ensure that the ICS is continually refined.