Internal control and risk management system in the accounting process

Preparation of the consolidated financial statements includes all activities required for presentation and disclosure of the net assets, financial position and results of operations of the Group in accordance with the provisions of the law and the IFRS. The consolidated financial statements consist of the balance sheet, income statement, statement of comprehensive income, statement of changes in equity, cash flow statement, segment report and the notes to the consolidated financial statements, which disclose significant accounting policies and explanatory notes. The financial statement process includes the aggregation of all data from accounting and upstream processes for the annual financial statements.

The internal control system is implemented in the Group accounting process in accordance with the five elementary components of the COSO (Committee of Sponsoring Organisations of the Treadway Commission) framework model for internal control.

Control environment

The organisational structure consists of the local accounting departments of the individual companies and the Group accounting department at the VIG Holding headquarters in Vienna. The accounting departments of the VIG companies prepare both local GAAP and IFRS financial statements and then send the IFRS figures to the Group accounting department.

The IFRS financial statements are prepared in accordance with uniform Group accounting policies. The Group fully applies the rules of IFRS 4 with respect to the valuation of insurance policies. Accordingly, the values recognised under applicable national law are carried over to the IFRS consolidated financial statements.

Standardised software is used to prepare the consolidated financial statements. VIG companies mainly use this software to report their data, most of which is imported into the system as an upload or directly entered on site. The Group accounting department consolidates the data and prepares the consolidated financial statements.

Risk assessment

The annual financial statement process has been documented in order to identify risks in the accounting process and eliminate them as far as possible. The documentation covers the entire process all the way from data entry by the employees of VIG companies and automatic and manual controls and analyses during the consolidation process, to publication of the final annual report.

Control measures

IFRS accounting policies that apply across the Group were set down in a Group accounting manual (IFRS application) that is to be applied by all companies included in the consolidated financial statements. The goal is to ensure uniform implementation of the IFRS across the Group. The manual is reviewed each year and updated or amended when necessary, and is sent to the responsible people in the local reporting departments together with additional information on Group-wide reporting requirements each time before the financial statements are prepared. The subsidiaries are responsible in the control system for compliance with the Group-wide accounting policies and for proper and timely performance of their accounting-related processes.

The Finance department of VIG Holding performs both automatic (using validations) and manual checks (performance analyses and plausibility checks) of the financial statement data that is received. Additional checks in the form of control calculations and reconciliation of intragroup transactions – in particular reinsurance and financing balances – are performed to identify and, if necessary, correct or eliminate any differences.

In addition, an earnings reconciliation statement is prepared, the accuracy of individual parts of the consolidated financial statements is checked, and a plausibility check is performed for the consolidated financial statements as a whole to ensure that the presentation is complete and correct.

The accounting employees also work closely with the Planning and Controlling department (e.g. variance analyses), primarily with respect to performance analyses, when the financial statements are prepared. The data are also regularly provided to the Managing Board for review and checking.

In order to ensure that the annual report is completed correctly and on time by the publication deadline, strict deadlines are set for the quarterly and annual financial statements and the VIG companies are informed of these deadlines at the end of the 3rd quarter at the latest for the coming financial year. In this way, the department preparing the consolidated financial statements ensures in advance that the VIG companies align their processes with the deadlines and can therefore send their data on time.

Information and communication

The intensive collaboration with other areas of the Company, in particular Controlling, generates a lively exchange of information and communications.

In addition to the annual report at the end of each financial year, a half-year report was published in accordance with IAS 34 and statutory provisions.

The Investor Relations department is responsible for reporting to VIG Holding shareholders. This takes place both in personal meetings and via the Company website. Shareholders and other interested parties are provided with access to annual and interim reports, and to regularly updated information on key figures, share prices, the financial calendar, ad hoc news and other relevant topics.

Monitoring

The Finance department is responsible for preparing the Group annual report. Quarterly reports are provided to the Managing Board and Supervisory Board to ensure regular monitoring of the internal control system. Risks are continuously monitored by internal cross-departmental Group controls (e.g. Finance department – Planning and Controlling).

The Internal Audit department also performs quality assurance. It performs independent, objective audit procedures to examine the structure and effectiveness of internal control systems and the value and optimisation potential of operational processes. The Internal Audit department helps the organisation achieve its objectives by systematically evaluating the effectiveness of risk management, the control system and the governance process, including all relevant key functions within the Company, and providing appropriate recommendations for improvement.

Group-wide guidelines exist in order to standardise the handling of significant risks throughout the Group, and also provide a tool for risk monitoring. Local management is responsible for implementing these guidelines in the individual VIG companies.

The auditor takes the internal control system into account during the financial statement audit to the extent that it is relevant to preparation of the consolidated financial statements. The auditor also assesses the effectiveness of the risk management system in accordance with Rule 83 of the Austrian Code of Corporate Governance.