nextprevious
Annual Report

Control and risk management

INTEGRATED INTERNAL CONTROL AND RISK MANAGEMENT SYSTEM RELEVANT FOR THE FINANCIAL REPORTING PROCESS

The accounting-related internal control and risk management system that is relevant for the financial statements of Volkswagen AG and the Volkswagen Group comprises measures that are intended to ensure the complete, accurate and timely transmission of the information required for the preparation of the financial statements of Volkswagen AG, the consolidated financial statements and the Group management report, and to minimize the risk of material misstatement in the accounts and in the external reporting.

Main features of the integrated internal control and risk management system relevant for the financial reporting process

The Volkswagen Group’s accounting is organized along decentralized lines. For the most part, accounting duties are performed by the companies themselves or transferred to the Group’s centralized shared-service centers. The single-entity financial statements of Volkswagen AG and the subsidiaries are prepared in accordance with the applicable national laws, reconciled to IFRSs and transmitted to the Group in encrypted form. A standard market product is used for encryption.

The Group accounting manual ensures the application of uniform accounting policies based on the requirements applicable to the parent. This manual and other Group-wide accounting regulations contain rules applicable to the financial statements of Volkswagen AG prepared in accordance with the Handelsgesetzbuch (HGB – German Commercial Code) and stipulate precisely defined formal requirements to be met by the consolidated financial statements prepared in accordance with IFRSs. In particular, these include more detailed guidance on the application of legal requirements and the determination of the entities to be included in the consolidated financial statements. Components of the reporting packages required to be prepared by the Group companies are also set out in detail and requirements established regarding the presentation and settlement of intra-Group transactions and the balance reconciliation process that builds on that.

Control activities at Group level include analyzing and, if necessary, adjusting the data reported in the single-entity financial statements presented by the subsidiaries, taking into account the reports submitted by the auditors and the outcome of the meetings on the financial statements with representatives of the individual companies, at which both the reasonableness of the single-entity financial statements and specific critical issues at the subsidiaries are discussed. Alongside reasonableness reviews, the clear delineation of areas of responsibility and the application of the dual control principle are further control mechanisms applied during the preparation of the financial statements of Volkswagen AG.

In addition, the financial reporting-related internal control system is independently reviewed by Group Internal Audit in Germany and abroad.

Integrated consolidation and planning system

The consolidation and corporate management system (VoKUs) employed in the Volkswagen Group can be used to consolidate and analyze both Financial Reporting’s backward-looking data and Controlling’s forward-looking data. The system offers centralized master data management, uniform reporting and maximum flexibility with regard to changes to the legal environment, thus providing a future-proof technical platform that benefits Group Financial Reporting and Group Controlling in equal measure. To verify data consistency, VoKUs has a multi-level validation system that primarily checks the completeness of the data delivered and carries out content plausibility checks between the balance sheet and the income statement. VoKUs supports further plausibility checks through materiality analyses and data screening for anomalies.

RISK MANAGEMENT IN LINE WITH THE KONTRAG

The Company’s risk situation is documented annually in accordance with the requirements of the Gesetz zur Kontrolle und Transparenz im Unternehmensbereich (KonTraG – German Act on Control and Transparency in Business). The auditors check the adequacy of this documentation. Risk management, which forms an operational component of our business processes, is designed to identify risks in a timely manner, assess their extent and, where appropriate, take countermeasures. The Scania brand, which has been consolidated in the Group since July 22, 2008, has not yet been incorporated into the Volkswagen Group’s risk management system due to various provisions of Swedish company law. According to Scania’s Corporate Governance Report, risk management and risk assessment are integral parts of corporate management. Risk areas are evaluated by the Controlling department and reflected in the financial reporting.

Updating the risk documentation

Standardized risk position surveys of both the risk managers of the individual divisions and the members of the Boards of Management and managing directors of investees are performed annually. Their responses are used to update the overall picture of the potential risk situation. In the process, the qualitative likelihood of occurrence and the relative extent of any loss are assigned to each risk identified and appropriate measures are specified for each risk category in the shape of guidelines and organizational instructions, so as to counter the risks concerned. The continuous updating of the risk documentation is coordinated centrally by the Governance, Risk and Compliance function set up in 2010, working in conjunction with Group Internal Audit. Under the guidance of the auditors, the plausibility and adequacy of the risk reports are examined on a test basis in detailed interviews with the divisions and companies concerned. The auditors assessed the effectiveness of our risk early warning system based on this information and established both that the risks identified were presented in a suitable manner and that measures and rules have been assigned to the risks adequately and in full. We therefore meet the requirements of the KonTraG. In addition, the Financial Services Division is subject to regular special audits by the Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin – the German Federal Financial Supervisory Authority) in accordance with section 44 of the Kreditwesengesetz (KWG – German Banking Act) and controls by association auditors.

Workflow rules, guidelines, instructions and descriptions are systematically recorded and can for the most part be accessed online. Adherence to these rules is assured by internal controls performed by the heads of the Group Internal Audit, Quality Assurance, Group Treasury, Brand Controlling and Group Controlling organizational units.

The risk management system - goals and operation

The Group’s risk management system is designed to identify potential risks at any early stage so that suitable counter-measures can be taken to avert the threat of loss to the Company, and any risks that might jeopardize its continued existence can be ruled out.

The risk management system is an integral part of the Volkswagen Group’s structure and workflows and is embedded in its daily business processes. Events that entail a risk are identified and assessed on a decentralized basis in the divisions and at the investees. Countermeasures are introduced immediately, their effects are assessed and the information is incorporated into the planning in a timely manner. The results of the risk management process are used to support budget planning and controlling on an ongoing basis. The targets agreed in the budget planning rounds are continually verified in revolving planning reviews.

At the same time, the results of risk mitigation measures that have already been taken are incorporated into the monthly forecasts on further business development in a timely manner. This means that the Board of Management always has access to an overall picture of the current risk situation through the documented reporting channels.

We are prepared to enter into transparent risks that are proportionate to the benefits expected from the business.

Continuous enhancement

We constantly optimize the internal control system and the risk management system as part of our continuous improvement processes. In doing so, equal consideration is given to both internal and external requirements – such as the provisions of the Bilanzrechtsmodernisierungsgesetz (BilMoG – German Accounting Law Modernization Act). The objective of the improvements made to the systems is to ensure continuous monitoring of the relevant risk areas, including the organizational units responsible. The focus is on reviewing the effectiveness of the management and monitoring instruments identified. This concept culminates in both regular and event-driven reporting to the Board of Management and Supervisory Board of Volkswagen AG, into which the reporting in accordance with the KonTraG is now being gradually integrated.

INTEGRATED INTERNAL CONTROL AND RISK MANAGEMENT SYSTEM RELEVANT FOR THE FINANCIAL REPORTING PROCESS

The accounting-related internal control and risk management system that is relevant for the financial statements of Volkswagen AG and the Volkswagen Group comprises measures that are intended to ensure the complete, accurate and timely transmission of the information required for the preparation of the financial statements of Volkswagen AG, the consolidated financial statements and the Group management report, and to minimize the risk of material misstatement in the accounts and in the external reporting.

Main features of the integrated internal control and risk management system relevant for the financial reporting process

The Volkswagen Group’s accounting is organized along decentralized lines. For the most part, accounting duties are performed by the companies themselves or transferred to the Group’s centralized shared-service centers. The single-entity financial statements of Volkswagen AG and the subsidiaries are prepared in accordance with the applicable national laws, reconciled to IFRSs and transmitted to the Group in encrypted form. A standard market product is used for encryption.

The Group accounting manual ensures the application of uniform accounting policies based on the requirements applicable to the parent. This manual and other Group-wide accounting regulations contain rules applicable to the financial statements of Volkswagen AG prepared in accordance with the Handelsgesetzbuch (HGB – German Commercial Code) and stipulate precisely defined formal requirements to be met by the consolidated financial statements prepared in accordance with IFRSs. In particular, these include more detailed guidance on the application of legal requirements and the determination of the entities to be included in the consolidated financial statements. Components of the reporting packages required to be prepared by the Group companies are also set out in detail and requirements established regarding the presentation and settlement of intra-Group transactions and the balance reconciliation process that builds on that.

Control activities at Group level include analyzing and, if necessary, adjusting the data reported in the single-entity financial statements presented by the subsidiaries, taking into account the reports submitted by the auditors and the outcome of the meetings on the financial statements with representatives of the individual companies, at which both the reasonableness of the single-entity financial statements and specific critical issues at the subsidiaries are discussed. Alongside reasonableness reviews, the clear delineation of areas of responsibility and the application of the dual control principle are further control mechanisms applied during the preparation of the financial statements of Volkswagen AG.

In addition, the financial reporting-related internal control system is independently reviewed by Group Internal Audit in Germany and abroad.

Integrated consolidation and planning system

The consolidation and corporate management system (VoKUs) employed in the Volkswagen Group can be used to consolidate and analyze both Financial Reporting’s backward-looking data and Controlling’s forward-looking data. The system offers centralized master data management, uniform reporting and maximum flexibility with regard to changes to the legal environment, thus providing a future-proof technical platform that benefits Group Financial Reporting and Group Controlling in equal measure. To verify data consistency, VoKUs has a multi-level validation system that primarily checks the completeness of the data delivered and carries out content plausibility checks between the balance sheet and the income statement. VoKUs supports further plausibility checks through materiality analyses and data screening for anomalies.

RISK MANAGEMENT IN LINE WITH THE KONTRAG

The Company’s risk situation is documented annually in accordance with the requirements of the Gesetz zur Kontrolle und Transparenz im Unternehmensbereich (KonTraG – German Act on Control and Transparency in Business). The auditors check the adequacy of this documentation. Risk management, which forms an operational component of our business processes, is designed to identify risks in a timely manner, assess their extent and, where appropriate, take countermeasures. The Scania brand, which has been consolidated in the Group since July 22, 2008, has not yet been incorporated into the Volkswagen Group’s risk management system due to various provisions of Swedish company law. According to Scania’s Corporate Governance Report, risk management and risk assessment are integral parts of corporate management. Risk areas are evaluated by the Controlling department and reflected in the financial reporting.

Updating the risk documentation

Standardized risk position surveys of both the risk managers of the individual divisions and the members of the Boards of Management and managing directors of investees are performed annually. Their responses are used to update the overall picture of the potential risk situation. In the process, the qualitative likelihood of occurrence and the relative extent of any loss are assigned to each risk identified and appropriate measures are specified for each risk category in the shape of guidelines and organizational instructions, so as to counter the risks concerned. The continuous updating of the risk documentation is coordinated centrally by the Governance, Risk and Compliance function set up in 2010, working in conjunction with Group Internal Audit. Under the guidance of the auditors, the plausibility and adequacy of the risk reports are examined on a test basis in detailed interviews with the divisions and companies concerned. The auditors assessed the effectiveness of our risk early warning system based on this information and established both that the risks identified were presented in a suitable manner and that measures and rules have been assigned to the risks adequately and in full. We therefore meet the requirements of the KonTraG. In addition, the Financial Services Division is subject to regular special audits by the Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin – the German Federal Financial Supervisory Authority) in accordance with section 44 of the Kreditwesengesetz (KWG – German Banking Act) and controls by association auditors.

Workflow rules, guidelines, instructions and descriptions are systematically recorded and can for the most part be accessed online. Adherence to these rules is assured by internal controls performed by the heads of the Group Internal Audit, Quality Assurance, Group Treasury, Brand Controlling and Group Controlling organizational units.

The risk management system - goals and operation

The Group’s risk management system is designed to identify potential risks at any early stage so that suitable counter-measures can be taken to avert the threat of loss to the Company, and any risks that might jeopardize its continued existence can be ruled out.

The risk management system is an integral part of the Volkswagen Group’s structure and workflows and is embedded in its daily business processes. Events that entail a risk are identified and assessed on a decentralized basis in the divisions and at the investees. Countermeasures are introduced immediately, their effects are assessed and the information is incorporated into the planning in a timely manner. The results of the risk management process are used to support budget planning and controlling on an ongoing basis. The targets agreed in the budget planning rounds are continually verified in revolving planning reviews.

At the same time, the results of risk mitigation measures that have already been taken are incorporated into the monthly forecasts on further business development in a timely manner. This means that the Board of Management always has access to an overall picture of the current risk situation through the documented reporting channels.

We are prepared to enter into transparent risks that are proportionate to the benefits expected from the business.

Continuous enhancement

We constantly optimize the internal control system and the risk management system as part of our continuous improvement processes. In doing so, equal consideration is given to both internal and external requirements – such as the provisions of the Bilanzrechtsmodernisierungsgesetz (BilMoG – German Accounting Law Modernization Act). The objective of the improvements made to the systems is to ensure continuous monitoring of the relevant risk areas, including the organizational units responsible. The focus is on reviewing the effectiveness of the management and monitoring instruments identified. This concept culminates in both regular and event-driven reporting to the Board of Management and Supervisory Board of Volkswagen AG, into which the reporting in accordance with the KonTraG is now being gradually integrated.

top
nextprevious
Deutsch | English
Download Manager
Collect files for a combined download.
Compare Key Figures
Create your personal overview of important key figures.