Risk management and risk policy
Risk management provides important support in protecting and securing future potential. The general risk awareness of the management team and employees is increased by annual risk assessments. The HOCHDORF Group has implemented a risk management system for all Group companies.
HOCHDORF carries out a risk assessment of all business activities and balance sheet items at annual meetings based on a standardised process. Each identified risk is evaluated in terms of the possible level of damage that could be expected should the loss event occur. As a result we set objectives and take effective measures from this to counteract the respective risks. The results from the risk process are summarised in a report to the Board of Directors and the Group Management. The risk management of the Group is documented continuously and reviewed to ensure its suitability for purpose.
Major projects of a strategic nature are managed within the HOCHDORF Group within the scope of project management. Part of the project management involves the ongoing recognition, monitoring and proactive correction of risks. Responsibility for strategic projects and therefore also for risk management always lies with a member of Group Management.
Regulatory and political environment: The HOCHDORF Group is dependent upon the regulatory and political environment. Changes could have a negative impact on business activities, the financial situation and/or the profitability of the HOCHDORF Group (e.g. negotiations with the World Trade Organization or negotiations with the European Union in connection with the agricultural free trade agreement). They could result in high price and volume volatility on the procurement and sales markets. HOCHDORF monitors economic and political developments in the individual countries to keep the procurement and sales risks to a minimum.
Quality monitoring: The continuously rising demands of our customers and the increasing regulation are creating more and more new challenges for quality assurance, which is why HOCHDORF has developed appropriate systems and testing standards. Quality assurance is carried out in close cooperation with customers, suppliers and our in-house procurement and production departments. Deviations and defects detected during quality checks are regularly analysed, documented and discussed with the parties concerned. These measures serve to minimise quality-related risks from the outset.
IT protection: Unauthorised access to data, misuse of data or system, failures can cause considerable disruption to the operational process. To prevent this, technical measures such as access authorisation, virus scanners and firewall and backup systems are used. Moreover, the operation of systems has been outsourced to an external data centre, enabling our systems to be continuously assessed and adjusted to current requirements. There is a contingency concept involving daily backup copies and mirroring of data. Internal guidelines regulate the handling of hardware and software.
Financial risks: The HOCHDORF Group is exposed to various financial risks in the course of its international activities. These include exchange rate and interest rate risks as well as credit, liquidity and capital risks. The individual risks are minimised by means of continuous checks and controls. Coordinating and managing financial needs as well as ensuring financial independence are a top priority for reducing financial risks. The objective is optimal capital procurement as well as a liquidity position oriented towards payment obligations.
Ultimately the risk policy of the HOCHDORF Group includes hedging risks by means of comprehensive and efficient insurance cover. An international insurance programme in the area of liability, property insurance and transport serves to achieve this.
Internal control system
The internal control system (ICS) is expanded and improved continuously. It is intended for ongoing optimisation of the business activities and has the goal of ensuring the necessary processes and instruments for identifying and controlling risks. The system complies with the statutory requirements in Switzerland and is satisfactory for the needs of a company the size of HOCHDORF. The ICS for the HOCHDORF Group was developed on the basis of the COSO framework. Besides the controls related to complying with the strategic and operating objectives and compliance with the rules, the ICS was primarily designed for risks related to financial reporting in all Group companies. The compliance and effectiveness of the ICS is usually checked in the internal audit. Furthermore, the external auditors undertake adequate audit procedures in order to assess whether there is an ICS. They confirm this in their audit report.
The Internal Audit of the HOCHDORF Group is outsourced and is carried out by PricewaterhouseCoopers with the support of experts from the finance and accounting departments. The Internal Audit supports the Board of Directors in the handling of its monitoring and controlling tasks, particularly at the subsidiaries. Internal Audit provides an independent and objective audit and advisory service that is focused on generating added value and improving business processes. It helps the company to achieve its goals by assessing the effectiveness of the risk management, the controls and the management and monitoring processes with a systematic and targeted approach and by improving them.
Internal Audit works with the Audit Committee to prepare a strategic audit plan at regular intervals, which is presented to the Board of Directors for approval in each case. On the basis of the multi-year plan, Internal Audit develops an operating audit plan that details the planned audits over the next year. This plan is presented to the Audit Committee for approval. Furthermore, the Board of Directors can give special orders to Internal Audit.
After completing each audit, Internal Audit prepares a written audit report. It contains the findings and recommendations made by Internal Audit as well as the statement by Management containing the planned measures and the time required for the completion of these measures. Group Management checks the implementation of the defined measures and continuously provides orientation for the Audit Committee.
Internal Auditors did not take part in any meetings of the Board of Directors and did take part in three meetings of the Audit Committee in the reporting year. External Audit receives information about the audit plan and the audit activities of Internal Audit as well as the audit reports. Internal Audit may view the reports of External Audit.