We organise our business activities in such a way that they are always in conformity with all legal requirements. The internal control system (ICS) is an important subsystem that serves, among other things, to secure and protect existing assets, prevent and reveal errors and irregularities and comply with laws and regulations. The core elements of Hannover Re’s ICS are documented in a Framework Guideline that establishes a common understanding of the differentiated execution of the necessary controls. In the final analysis, it is designed to systematically steer and monitor the implementation of our corporate strategy. The Framework Guideline defines concepts, stipulates responsibilities and provides a guide for the description of controls. In addition, it forms the basis for the accomplishment of internal objectives and the fulfilment of external requirements imposed on Hannover Re. The ICS consists of systematically structured organisational and technical measures and controls within the enterprise. This includes, among other things:
- the principle of dual control,
- separation of functions,
- documentation of the controls within processes,
- and technical plausibility checks and access privileges in the IT systems.
The proper functioning of the ICS necessitates the involvement of management, executive staff and employees on all levels. The financial reporting of the parent company and the Group must satisfy international and national financial reporting standards as well as regulatory requirements. This is safeguarded in the area of accounting and financial reporting by processes with integrated controls which ensure the completeness and accuracy of the annual and consolidated financial statements. A structure made up of differentiated criteria, control points and materiality thresholds assures our ability to identify and minimise the risk of material errors in the annual and consolidated financial statements at an early stage.
We use a central IT solution with standardised accounting and consolidation processes, posting rules and interfaces for data delivery in order to draw up the consolidated financial statement. Access rights for the reporting systems are assigned through an approval process. All components of the accounting- related internal control system, the processes for the organisation and implementation of consolidation tasks and for the preparation of the consolidated financial statement as well as the accompanying controls are consistently documented. In order to safeguard and continuously improve the adequacy of the control system it is subject to regular review and evaluation. In this regard, the internal audit function ensures that the quality of the control system is constantly monitored. All relevant accounting principles are collated in a Group Accounting Manual that sets out uniform Group-wide rules for the recognition, measurement and reporting of items in the consolidated financial statement. The process for updating and, if necessary, adjusting these rules is clearly regulated with respect to information channels, responsibilities and period of validity. Not only that, we provide prompt Group-wide notification of significant developments and modified requirements in Group financial reporting.
Within the scope of our control system the Group companies are responsible for Group-wide adherence to the accounting policies and the internal control guidelines. The managing directors and chief financial officers of the Group companies defined as material in our control system affirm to the Executive Board of Hannover Rück SE at each closing date the completeness, correctness and reliability of the financial data that they pass on to Group Accounting. Data for the preparation of the consolidated financial statement is delivered using a Web-based IT application. The relevant data for Group financial reporting is collected in a database and processed via automatic interfaces in a consolidation system. As part of the financial reporting process we perform preventive and detective checks on the reported figures in order to minimise the probability and reduce the impacts of a potentially incorrect disclosure. Depending upon the results of our checks, these figures can be corrected if necessary. Given that our Group financial reporting is heavily dependent on IT systems, these systems also need to be subject to controls. Authorisation concepts regulate system access and for each step content-based as well as system-side checks have been implemented, by means of which errors are analysed and promptly eliminated.