Internal control and risk management system in the accounting process
Preparation of the consolidated financial statements includes all activities required for presentation and disclosure of the net assets, financial position and results of operations of the Group in accordance with the provisions of the law and the IFRS. The consolidated financial statements consist of the balance sheet, income statement, statement of comprehensive income, statement of changes in equity, cash flow statement, segment report and the notes to the consolidated financial statements, which disclose significant accounting policies and explanatory notes. The financial statement process includes the aggregation of all data from accounting and upstream processes for the annual financial statements.
Risk management is implemented in the Group accounting process in accordance with the five elementary components of the COSO (Committee of Sponsoring Organisations of the Treadway Commission) framework model for internal risk management.
Control environment
The organisational structure consists of the local accounting departments of the individual companies and the Group accounting department at the VIG Holding headquarters in Vienna. The accounting departments of the VIG companies prepare both local GAAP and IFRS financial statements and then send the IFRS figures to the Group accounting department.
The IFRS financial statements are prepared in accordance with uniform Group accounting policies. The Group fully applies the rules of IFRS 4 with respect to the valuation of insurance policies. Accordingly, the values recognised under applicable national law are carried over to the IFRS consolidated financial statements.
Standardised software is used to prepare the consolidated financial reports. VIG companies mainly use this software to report their data, most of which is imported into the system as an upload or directly entered on site. The Group accounting department consolidates the data and prepares the consolidated financial statements.
Risk assessment
The annual financial statement process has been documented in order to identify risks in the accounting process and eliminate them as far as possible. The documentation covers the entire process all the way from data entry by the employees of VIG companies and automatic and manual controls and analyses during the consolidation process, to publication of the final annual report.
Control measures
Internal Group IFRS accounting policies are set down in an accounting manual (IFRS interpretation). The manual is aimed at ensuring uniform and correct implementation of the International Financial Reporting Standards across the Group. It is regularly reviewed and updated when necessary, and is sent to the responsible people in the local accounting departments together with detailed information on Group-wide reporting requirements each time before the financial statements are prepared. The subsidiaries are responsible for compliance with Group-wide accounting policies.
Both automatic (using validations) and manual checks (performance analyses and plausibility checks by employees in the Group accounting department) are performed for the financial statement data that is received. Additional checks in the form of control calculations and reconciliation of intragroup transactions – in particular reinsurance and financing balances – are performed to identify and, if necessary, eliminate potential errors.
In addition, an earnings reconciliation statement is prepared, the accuracy of individual parts of the consolidated financial statements is checked, and a plausibility check is performed for the consolidated financial statements as a whole to ensure that the presentation is complete and correct.
The accounting employees also work together closely with the Controlling department (e.g. variance analyses) when the financial statements are prepared. The data are also regularly provided to the Managing Board for review and checking.
In order to ensure that the annual report is completed correctly and on time by the publication deadline, strict deadlines are set for the quarterly and annual financial statements and the VIG companies are already informed of these deadlines at the beginning of the 4th quarter for the coming reporting year. In this way, the employees in the Group accounting department ensure in advance that the VIG companies can send their data on time.
Information and communication
The intensive collaboration with other areas of the Company, in particular Controlling, generates a lively exchange of information and communications.
In addition to the annual report at the end of each financial year, a half-year report was published in accordance with IAS 34 and statutory provisions.
The Investor Relations department is responsible for reporting to VIG Holding shareholders. This takes place both in personal meetings and via the Company website. Shareholders and other interested parties are provided with access to annual and interim reports, and to regularly updated information on key figures, share prices, the financial calendar, ad hoc news and other relevant topics.
Monitoring
The Group accounting department is responsible for preparing the Group annual report. Quarterly reports are provided to the Managing Board and Supervisory Board to ensure regular monitoring of the internal control system. Risks are continuously monitored by internal cross-departmental Group controls (e.g. Group accounting department, Controlling).
The internal audit department also performs quality assurance. It performs independent, objective audit procedures to examine the structure and effectiveness of internal control systems and the value and optimisation potential of operational processes. The activities of the internal audit department are therefore aimed at helping the Companyboth reduce risks and strengthen processes and structures.
Group-wide guidelines exist in order to standardise the handling of significant risks throughout the Group, and also provide a tool for risk monitoring. Local management is responsible for implementing these guidelines in the individual VIG companies.
The auditor takes the internal control system into account during the financial statement audit to the extent that it is relevant to preparation of the consolidated financial statements. The auditor also assesses the effectiveness of the risk management system in accordance with Rule 83 of the Austrian Corporate Governance Code.