Opportunity and risk management processes
Excerpts from Deutsche Post AG's 2013 Group Annual Report.
Uniform reporting standards for opportunity and risk management
As an internationally operating logistics company, we are faced with numerous changes. Our aim is to identify the resulting opportunities and risks at an early stage and take the necessary measures in the specific areas affected in due time to ensure that we achieve a sustained increase in enterprise value. Our Group-wide opportunity and risk management system facilitates this aim. Each quarter, managers estimate the impact of future scenarios, evaluate opportunities and risks in their departments and present planned measures as well as those already taken. Queries are made and approvals given on a hierarchical basis to ensure that different managerial levels are involved in the process. Opportunities and risks can also be reported at any time on an ad hoc basis.
Our early identification process links the Group’s opportunity and risk management with uniform reporting standards. We continuously improve the IT application used for this purpose. Furthermore, we use a Monte Carlo simulation for the purpose of aggregating opportunities and risks in standard evaluations.
This stochastic model takes the probability of occurrence of the underlying risks and opportunities into consideration and is based on the law of large numbers. From the distribution function of each individual opportunity and risk one million randomly selected scenarios – one for each opportunity and risk – are combined. The resulting totals are shown in a graph of frequency of occurrence. The following graph shows an example of such a simulation:
The most important steps in our opportunity and risk management process are:
- Identify and assess: Opportunities and risks are defined as potential deviations from projected earnings. Managers in all divisions and regions provide an estimate of our opportunities and risks on a quarterly basis and document respective actions. They use scenarios to assess best, expected and worst cases. Each identified risk is assigned to one or more managers, who assess it, monitor it, specify possible procedures for going forwards and then file a report. The same applies to opportunities. The results are compiled in a database.
- Aggregate and report: The controlling units responsible collect the results, evaluate them and review them for plausibility. If individual financial effects overlap, they are noted in our database and taken into account when compiling them. After being approved by the department head, all results are passed on to the next level in the hierarchy. The last step is complete when Corporate Controlling reports to the Group’s Board of Management on significant opportunities and risks as well as on the potential overall impact each division might experience. For this purpose, opportunities and risks are aggregated for key organisational levels. We use two methods for this. In the first method, we calculate a possible spectrum of results for the divisions and add the respective scenarios together. The totals for “worst case” and “best case” indicate the total spectrum of results for the respective division. Within these extremes, the total “expected cases” shows current expectations. The second method makes use of a Monte Carlo simulation, the divisional results of which are regularly included in the opportunity and risk reports to the Board of Management.
- Overall strategy: The Group Board of Management decides on the methodology that will be used to analyse and report on opportunities and risks. The reports created by Corporate Controlling provide an additional regular source of information to the Board of Management for the overall steering of the Group.
- Operating measures: The measures to be used to take advantage of opportunities and manage risks are determined within the individual organisational units. They use cost-benefit analyses to assess whether risks can be avoided, mitigated or transferred to third parties.
- Control: For key opportunities and risks, early warning indicators have been defined that are monitored constantly by those responsible. Corporate Internal Audit has the task of ensuring that the Board of Management’s specifications are adhered to. It also reviews the quality of the entire opportunity and risk management operation. The control units regularly analyse all parts of the process as well as the reports from Internal Audit and the independent auditors with the goal of identifying potential for improvement and making adjustments where necessary.
Internal accounting control and risk management system
(Disclosures required under section 315 (2), number 5 of the Handelsgesetzbuch (HGB – German Commercial Code) and explanatory report)
Deutsche Post DHL uses an internal accounting control system to ensure that Group accounting adheres to generally accepted accounting principles. This system is intended to make sure that statutory provisions are complied with and that both internal and external accounting provide a valid depiction of business processes in figures. All figures are to be entered and processed accurately and completely. Accounting mistakes are to be avoided in principle and significant assessment errors uncovered promptly.
The control system design comprises organisational and technical measures that extend to all companies in the Group. Centrally standardised accounting guidelines govern the reconciliation of the single-entity financial statements and ensure that international financial reporting standards (EU IFRSs) are applied in a uniform manner throughout the Group. All Group companies are required to use a standard chart of accounts. We immediately assess new developments in international accounting for relevance and announce their implementation in a timely manner, for example, in monthly newsletters. Often, accounting processes are pooled in a shared services centre in order to centralise and standardise them. The IFRS financial statements of the separate Group companies are recorded in a standard, SAP-based system and then processed at a central location where one-step consolidation is performed. Other components of our control system include automatic plausibility reviews and system validations of the accounting data. In addition, manual checks are carried out regularly at a decentralised level by those responsible locally (by a chief financial officer, for example) and at a central level by Corporate Accounting and Reporting, Taxes and Corporate Finance at the Corporate Center.
Over and above the aforementioned internal accounting control system and risk management structures, Corporate Internal Audit is an essential component of the Group’s controlling and monitoring system. Using risk-based auditing procedures, Corporate Internal Audit regularly examines the processes related to financial reporting and reports its results to the Board of Management. Upstream and downstream checks and analyses of the reported data are performed under chronological aspects. If necessary, we call in outside experts, for instance in the case of pension provisions. Finally, the Group’s standardised process for preparing financial statements using a centrally administered financial statements calendar guarantees a structured and efficient accounting process.
Reporting opportunities and risks
Identifying opportunities and risks – and swiftly capitalising upon or counteracting them – is a key objective for our Group. This is why we account for the anticipated impact of potential events and developments in our current business plan as well as in our revenue and earnings projection. In the following we primarily report those risks and opportunities which, from the current standpoint, could have an additional significant, potentially positive or negative, impact during the current forecast period.
We assess opportunities and risks based on their probability of occurrence and impact. Subsequently, we distinguish between opportunities and risks of low, medium and high relevance. We characterise opportunities and risks of medium and high relevance as significant.
The opportunities and risks described here are not necessarily the only ones the Group faces or is exposed to. Our business activities could also be influenced by additional factors of which we are currently unaware or which we do not yet consider to be material.
Opportunities and risks are identified and assessed decentrally at Deutsche Post DHL. Reporting on possible deviations from projections, including latent opportunities and risks, occurs primarily at the country or regional level. In view of the degree of detail provided in the internal reports, decentrally reported opportunities and risks are combined into categories below for the purposes of this report. It should be noted that the underlying individual reports – with the exception of those on the world economy and global economic output – usually exhibit a zero to minimal correlation. It is rather unlikely that a number of major risks in one category or across categories would occur at the same time.
Unless otherwise specified, within the current forecast period a low relevance is attached to individual opportunities and risks and a medium relevance to the respective categories. The opportunities and risks generally apply for all divisions, unless indicated otherwise.