Corporate Governance / Our Guiding Principles

The PVA TePla Group’s policy on risks and opportunities reflects the Group’s commitment to achieving sustainable growth and increasing shareholder value while simultaneously managing appropriate risks and opportunities and avoiding inappropriate risks. Risk management is an integral part of planning and implementing the business strategy.

The divisions of the PVA TePla Group are exposed to an array of risks that are inextricably linked to corporate activities. Risk is understood to be the possibility of the PVA TePla Group’s events or activities jeopardizing the ability of the Group or one of its divisions to reach its targets. At the same time, it is also important for the PVA TePla Group to identify opportunities for the company, take advantage of these opportunities and reinforce the Group's competitive position. Risks and opportunities are not offset against one another. The main risks and opportunities are described below.

Risk and Opportunity Management

The risk and opportunity strategy is embedded in the corporate strategy and is designed to secure the continuation of the company as a going concern and guarantee its further development. The resulting strategy assesses the risks and opportunities of business activities. In the core activities of the company/the Group, we make a conscious decision to enter into limited and containable risks, if they make appropriate compensation likely or are inevitable. In some cases, we allocate the risks to other parties. This mainly includes concluding suitable insurance policies. This process is conducted in close cooperation with an experienced and specialized insurance broker. It is regularly reviewed for efficiency and optimized where necessary.

Other risks that are not linked to core or support processes, on the other hand, are avoided where possible. To ensure this, managing directors and employees have access to a “risk manual” that sets out procedures for proper, forward-looking risk management. The manual covers specific risk management processes. It is aimed at all risk-related activities and measures, i.e. identifying, measuring, managing, reporting and monitoring risks. As part of this, risks facing the divisions, the operating units and central areas are identified using defined risk categories and assessed in terms of how likely they are to occur and their potential damage.

Risk and Opportunity Management

The scope of risk management includes the same companies as those included in the PVA TePla Group. Due to the organizational structure, risk management is carried out locally in the PVA TePla AG, in the subsidiaries and business processes. The Management Board members and Managing Directors are therefore responsible for central processes of the risk management system. The early recognition of risks is a key element of the risk management system and is intended to regularly provide Management Board members with up to date information on the current risk situation within the PVA TePla Group. The duties of those in charge include developing and, where necessary, installing measures to prevent, mitigate and hedge against risks. Those responsible regularly monitor the main risks and the countermeasures implemented. The risk reports are regularly compiled and analyzed by central risk management and checked and discussed by the Management Board and Supervisory Board. In addition to regular reporting, a reporting system has been installed within the Group to immediately report the occurrence of unexpected risks. Public reporting is done on a quarterly basis, but the ad-hoc reports can also be used in addition to the regular reporting process if necessary to address relevant topics in a timely manner.

The risk management system also includes an annual risk inventory, in which all of the risks relevant to the PVA TePla Group are reported and their relevance and possible effects are assessed. Measures to reduce identified risks are defined and their implementation is monitored. The risk management system which also includes the compliance management system enables the Management Board to identify material risks at an early stage and to implement countermeasures. The key features of the risk management system described above are applied throughout the Group. As far as processes in financial disclosure are concerned, this means that identified risks are reviewed and assessed, particularly for their potential impact on disclosures in the respective financial reports. The idea is to provide important information at an early stage about potential changes in the fair value of assets and liabilities, possible impairments and important information to assess the necessity of forming and reversing provisions. The adequacy and efficiency of the risk management system is reviewed on a regular basis at Management Board level and adjusted where necessary. The Management Board and the Supervisory Board regularly determine the areas where the PVA TePla Group is to be subject to an internal audit. Where necessary, external companies are engaged for these audits.

Opportunity management is also an integral part of Group management. The strategy process identifies and assesses the individual areas for opportunity. Just like risks, opportunities are reported and managed locally. Frequent reporting is carried out in order to identify at an early stage whether the market or the competition has developed in such a way or whether there have been occurrences within the Group that make reassessment necessary. As for risks, public reporting for opportunity management is also done on a quarterly basis, but the ad-hoc reports can also be used in addition to the regular reporting process if necessary to make relevant topics public in a timely manner.

Accounting-Related Internal Control and Risk Management System

The objective of the methods and measures in place is to secure the assets of the company and enhance operating efficiency. The internal control system that has been implemented is intended to ensure the reliability of accounting and reporting and to ensure compliance with internal rules as well as legal regulations and the Articles of Association. The adequate separation of functions is ensured and appropriate spans of control have been implemented. Furthermore, it is ensured that responsibilities do not overlap and that tasks, expertise and responsibilities are pooled. Controls have also been integrated into the workflows. Key components of these structures and controls include strict compliance with the system of checks and balances for all essential accounting processes, effective and precisely defined access rights for IT systems, spot checks of employees at all levels by the respective superior, and control over the structural and process organization including the key operational company processes within the scope of the certified quality management system. The essential features of the internal control system described above apply to all functional areas. In the accounting process, the implementation of the structural and process organization controls within the internal control system assures data integrity for the information that flows into financial reporting.

In addition to these controls implemented in the organization, the individual functional areas are also monitored by superiors and, if applicable, the internal audit department. In this case, the internal audit department is responsible for reviewing the functioning and effectiveness of the internal control system. In order to conduct the audit, the internal audit department has comprehensive information and review rights.

Consolidation and the Group accounting process are based on the decentralized preparation of financial statements by each of the Group companies. These financial statements are prepared and submitted according to uniform Group-wide standards and data formats. The central accounting system is connected with the ERP system through numerous interfaces.

The entire process is controlled and verified by the central Group Accounting and Controlling department. Here, the data is also verified with regard to form and content. All of the employees involved in the process receive training at regular intervals. The parts of the internal control system relevant to financial reporting are reviewed in terms of effectiveness by the auditor as part of a risk-oriented approach.

In conclusion, we would like to point out that neither an ICS nor a risk management system can ensure with absolute certainty that the related objectives will be achieved. Like all discretionary decisions, resolutions to implement suitable systems can also be incorrect in principle. Controls may not be adequate on a case by case basis due to simple errors or mistakes, or changes to environment variables may be recognized too late in spite of corresponding monitoring.