Integrated Approach to Risk and Compliance Management
Risk and compliance management is an integral part of corporate management at WACKER. As a globally active company, WACKER is exposed to numerous risks directly attributable to our operational activities. Starting from an acceptable level of overall risk, the Executive Board decides which risks we should take to utilize opportunities available to the company. The goal of risk management at WACKER is to identify risks as early as possible, evaluate them adequately, and take appropriate steps to reduce them. We define risks as internal and external events that may have a negative effect on the attainment of our targets and forecasts. Compared with the previous year, we made no fundamental changes to the existing risk management system in 2016. The scope of consolidation for risk reporting purposes comprises all WACKER majority shareholdings.
As a specialty-chemical and semiconductor company, we have a particular responsibility to ensure plant safety and to protect health and the environment. All our production sites have coordinators who manage plant and workplace safety, alongside health and environmental protection. Our risk management complies with legal requirements and is a component in all our decisions and business processes. The Executive and Supervisory Boards are regularly informed about the current risk status in the Group and at each business division.
WACKER follows the “Three Lines of Defense” model to effectively manage corporate risks and ensure compliance with legal provisions and the ethical principles of corporate management.
The first line of defense is centered on operational management, which involves coordinating, monitoring and managing the risks that arise.
It also includes the establishment of functioning internal control systems within the individual operational units.
The second line of defense is formed by risk and compliance management. Risk management systematically tracks the main risks associated with the operational units and provides the Executive Board with corresponding reports. Compliance management ensures that the ethical principles of corporate management are observed. It identifies the relevant legal requirements and amendments, forwards them to all affected corporate units and holds courses on compliance for employees.
The third line of defense is provided by the internal auditing department, which acts as an independent monitoring body for the Executive Board. This department conducts audits at regular intervals to review the risk management in place at the various corporate units and to check whether the internal control systems run by the operational units are effective. Auditing also liaises with Compliance Management, for example if anti-corruption investigations are held or related measures are taken.
“Three Lines of Defense” Model
WACKER focuses on identifying, evaluating, managing and monitoring risks as part of a transparent risk management and control system for all company processes. The system is based on a defined risk strategy and an efficient reporting procedure. It involves the Executive Board regularly reviewing and enhancing our risk strategy, particularly with regard to our groupwide processes for strategic planning and reporting. The Supervisory Board’s Audit Committee receives regular briefings on existing risks from the Executive Board.
All corporate areas are integrated into the risk management system, which consists of three intermeshed aspects:
- Division-specific risk management and early-warning systems
- Groupwide risk coverage
- Groupwide risk mapping
The CFO has overall responsibility for the effectiveness and appropriateness of the risk management systems.