The online trainings for risk management provide you with the necessary tools for setting up and further developing the risk management system in your company.
A well-functioning risk management system includes the following three elements:
Pursuant to § 91 para. 2 German Stock Corporation Act (AktG), you as the executive board of a stock corporation must take suitable measures, in particular set up a monitoring system, with which you can recognise developments that endanger the continued existence of the company at an early stage.
In the case of a listed company, your auditor has to assess within the framework of the audit of the annual financial statements pursuant to § 317 para. 4 HGB whether you, as the executive board, have taken the measures required under § 91 para. 2 German Stock Corporation Act (AktG) (“early risk detection system”) in a suitable form. It must also be assessed whether the monitoring system to be set up in accordance with this can fulfil its tasks. Your auditor must report on the results of his audit in the audit report in accordance with section 321 (4) HGB.
The subject matter of IDW PS 340 (revised), starting with a description of the measures pursuant to section 91 (2) of the German Stock Corporation Act (AktG) as the subject matter of the audit, are the audit requirements to be observed in the audit pursuant to section 317 (4) of the German Commercial Code (HGB) and the reporting on this audit required pursuant to section 321 (4) of the German Commercial Code (HGB).
Compared to the previous IDW PS 340, the auditing standard was fundamentally revised. The material revision became necessary in order to take into account the further development of corporate practice in the area of setting up and auditing corporate governance systems since the introduction of Section 91 (2) of the German Stock Corporation Act (AktG).
In addition to the concretisation of the basic elements of the measures under § 91 para. 2 German Stock Corporation Act (AktG), the following changes in risk management must now be observed:
a) It is clarified that the duty of the board of directors to detect developments that could jeopardise the company’s existence at an early stage includes the assessment of the company’s risk-bearing capacity. This is intended to ensure that the measures pursuant to section 91 (2) German Stock Corporation Act (AktG) focus on developments that actually pose a threat to the company’s existence.
b) The importance of risk aggregation in the context of risk assessment by the executive board is emphasised. Frequently, not only individual risks, but the combination and interactions of several risks lead to a development that endangers the existence of the company.
c) It is clarified that the measures according to § 91 para. 2 German Stock Corporation Act (AktG) are based on a consideration of “net risks”. This means that the risk management measures taken are already taken into account.
d) In the case of parent companies within the meaning of § 290 HGB, the organisational obligations are to be understood as group-wide within the framework of the existing possibilities under company law. Particularly if developments could emanate from subsidiary companies that could endanger the continued existence of the parent company, these must be taken into account.
e) A lack of documentation of the early risk detection system by the company constitutes a violation of § 91 para. 2 German Stock Corporation Act (AktG).
We need your consent before you can continue on our website. If you are under 16 and wish to give consent to optional services, you must ask your legal guardians for permission. We use cookies and other technologies on our website. Some of them are essential, while others help us to improve this website and your experience. Personal data may be processed (e.g. IP addresses), for example for personalized ads and content or ad and content measurement. You can find more information about the use of your data in our privacy policy. You can revoke or adjust your selection at any time under Settings. Some services process personal data in the USA. With your consent to use these services, you also consent to the processing of your data in the USA pursuant to Art. 49 (1) lit. a GDPR. The ECJ classifies the USA as a country with insufficient data protection according to EU standards. For example, there is a risk that U.S. authorities will process personal data in surveillance programs without any existing possibility of legal action for Europeans.
If you are under 16 and wish to give consent to optional services, you must ask your legal guardians for permission. We use cookies and other technologies on our website. Some of them are essential, while others help us to improve this website and your experience. Personal data may be processed (e.g. IP addresses), for example for personalized ads and content or ad and content measurement. You can find more information about the use of your data in our privacy policy. Some services process personal data in the USA. With your consent to use these services, you also consent to the processing of your data in the USA pursuant to Art. 49 (1) lit. a GDPR. The ECJ classifies the USA as a country with insufficient data protection according to EU standards. For example, there is a risk that U.S. authorities will process personal data in surveillance programs without any existing possibility of legal action for Europeans. Here you will find an overview of all cookies used. You can give your consent to whole categories or display further information and select certain cookies.