Internal Control System and Risk Management with Regard to the Accounting Process

As an international postal and logistics services provider, Austrian Post Group is subject to a variety of operational risks in carrying out its business operations. The company deals with these risks proactively. The focus on its core business activities along with decades of experience in the business have enabled the Austrian Post Group to identify risks at an early stage, evaluate them and quickly implement suitable precautionary measures.
A standardised risk management system has been set up for the entire Austrian Post Group, encompassing all organisational units and important Group companies as well as an internal control system for all important processes. The internal control system serves as part of the risk management system and encompasses risk-oriented procedures integrated into business operations. The accounting, financial and sustainability reporting processes, in particular, as well as the upstream business processes are considered here. The particular business unit is responsible for carrying out controls.

The standardised methods of accounting and valuation applied throughout the Group are contained in the Group manual. Revisions to IFRS are monitored by Group Accounting on an ongoing basis and are regularly published on a Group-wide basis. In addition to the Group manual, there are guidelines and specialised concepts on selected Group processes, particularly changes in the scope of consolidation.

Group companies compile comprehensive and appropriate IFRS Reporting Packages in a timely manner on the basis of the standardised accounting and valuation rules in force. The IFRS Reporting Packages serve as the starting point for further processing within the context of the system-supported Group consolidation. Group Accounting is responsible for preparing the consolidated financial statements. Its duties and responsibilities mainly focus on the structured transfer of the reported data stemming from Group companies, the carrying out of consolidation and elimination measures, the analytical processing of the data compiled in the consolidated accounts and the corresponding preparation of internal and external financial reports. The process governing the preparation of the consolidated financial statements is based upon a schedule requiring strict adherence.

The internal control system is set up in a risk-oriented manner. The existing interface between the internal control system and the compliance and risk management system ensures a coordinated approach between the two areas.

The effectiveness of the internal control system is also regularly evaluated by Group Auditing.

The consolidated financial statements of Austrian Post are compiled on a monthly basis and use a simultaneous consolidation method carried out in SAP SEMBCS. The compilation of the notes to the accounts and the calculation of deferred taxes are also performed in SAP SEM-BCS. Centralised processes for data entry and data changes have been defined for the master data area (comprising SAP SEM positions, SAP Group account charts and customer data). SAP R/3 is predominantly used to compile the monthly accounts. The transition to IFRS is accomplished employing parallel (dual) SAP accounting. The transfer of reporting data to SAP SEMBCS is undertaken using an automated upload. For monitoring and control purposes, the consolidated financial statements are subject to an EBIT-based reconciliation. In this process, reconciliation from individual financial statements to Group financial statements is carried out, taking into account bookings as well as eliminations in the Group.

Multitiered quality assurance measures are implemented to avoid the incorrect presentation of transactions with the objective of accurately compiling IFRS Reporting Packages for consolidation purposes. In turn, Group Accounting takes the financial accounts compiled by the Group companies and subjects them to several levels of comprehensive plausibility and data quality checks. The carrying out of quality checks at all levels is a prerequisite for the authorisation to publish the Group’s consolidated financial statements.

Preliminary data from the consolidated financial statements are provided to top management levels to enable them to fulfil their monitoring and control duties.
The following reports are issued in the context of preparing the consolidated financial statements:

  • Report to the Supervisory Board
  • Monthly report
  • Report on the performance of subsidiaries
  • Data analysis and evaluation

The quarterly reports to the Supervisory Board are primarily provided for the Management Board and Supervisory Board of Österreichische Post AG. Other internal reports are also prepared containing detailed comments on selected financial statement items, earnings reconciliations and performance indicators in addition to the reports for the Supervisory Board and the legally stipulated notes, annual report, interim financial reports and non-financial reporting. These are made available to the relevant management levels so that they can perform their monitoring and control functions in addition to strategic and operational management, particularly with regard to due and proper accounting and reporting. The monthly report provides an overview of key financial and performance indicators of the company, also at segment level. Group Controlling prepares a monthly report which contains information on the business development of Austrian Post’s Group companies. In addition to the reporting on key financial indicators, the Audit Committee also receives a report every six months regarding the current status of the internal control system and the audits carried out. 

Communications with shareholders of Österreichische Post AG take place in accordance with the stipulations contained in the Austrian Corporate Governance Code. Communications are conveyed through the Investor Relations website (post.at/investor) as well as through direct discussions with investors. Published information is made available to all investors simultaneously. In addition to these publications, investors are also provided with extensive additional information on the Austrian Post Investor Relations website, including investor presentations, information on the Austrian Post share, published inside information and the financial calendar.

The key focus of Austrian Post’s operational risk management is the identification, evaluation and control of major risks which arise from the company’s core business. This process is coordinated by key managers of the divisions. 

The Austrian Post Group is structured into the divisions operating on the market, the Mail Division, the Parcel & Logistics Division and the Retail & Bank Division, as well as the Corporate Division, which additionally provides Group administration services. The Group companies within the Austrian Post Group are assigned to the various divisions in accordance with the particular focus of their business activities. The major business risks in these operational units are continuously identified and monitored, serving as the basis for determining appropriate risk management measures.

Additional key instruments to control and counteract risks include Group-wide guidelines on risk management and the internal control system for dealing with major risks, planning and control processes as well as ongoing reporting. These guidelines encompass, for example, definition and monitoring of limits and procedures designed to limit financial risks and strict adherence to the principle of having dual control to oversee all business transactions. In addition, regular reviews of the reliability, regularity and legality of the accounting process and reporting system are carried out by Group Auditing. The planning and control processes serve as an early warning system, and simultaneously as the basis to evaluate the effectiveness of the controlling measures being implemented. In addition to the Report to the Entire Management Board containing the main indicators, there are also monthly performance reviews on operating units, which continue on a hierarchical manner in line with the integrated planning and reporting processes.