Accounting-related internal control system.
Deutsche Telekom AG’s internal control system (ICS) is based on the internationally recognized COSO (Committee of Sponsoring Organizations of the Treadway Commission) Internal Control – Integrated Framework, COSO I.
The Audit Committee of Deutsche Telekom AG monitors the effectiveness of the ICS as required by § 107 (3) sentence 2 AktG. The Board of Management has the responsibility to define the scope and structure of the ICS at its discretion. Internal Audit is responsible for independently reviewing the functionality and effectiveness of the ICS in the Group and at Deutsche Telekom AG, and, to comply with this task, has comprehensive information, audit, and access rights. In addition, the external auditors conduct a risk-oriented audit to verify the effectiveness of those parts of the ICS that are relevant to financial reporting.
The accounting-related ICS comprises the principles, methods, and measures used to ensure appropriate accounting. It is continuously being refined and aims to ensure the consolidated financial statements of Deutsche Telekom are prepared in accordance with the International Financial Reporting Standards (IFRS) as adopted by the European Union, as well as with the regulations under commercial law as set forth in § 315a (1) HGB. Another objective of the accounting-related ICS is the preparation of the annual financial statements of Deutsche Telekom AG and the combined management report in accordance with German GAAP.
It is generally true of any ICS that regardless of how it is specifically structured there can be no absolute guarantee that it will achieve its objectives. Regarding the accounting-related ICS, there can therefore only ever be relative, but no absolute certainty, that material accounting misstatements can be prevented or detected.
Group Accounting manages the processes of Group accounting and management reporting. Laws, accounting standards, and other pronouncements are continuously analyzed as to whether and to what extent they are relevant and how they impact on financial reporting. The relevant requirements are defined in the Group Accounting Manual, for example, communicated to the relevant units and, together with the financial reporting calendar that is binding throughout the Group, forms the basis of the financial reporting process. In addition, supplementary process directives such as the Intercompany Policy, standardized reporting formats, IT systems, as well as IT-based reporting and consolidation processes support the process of uniform and compliant Group accounting. Where necessary, we also draw on the services of external service providers, for example, for measuring pension obligations. Group Accounting ensures that these requirements are complied with consistently throughout the Group. The staff involved in the accounting process receive regular training. Deutsche Telekom AG and the Group companies are responsible for ensuring that Group-wide policies and procedures are complied with. The Group companies ensure the compliance and timeliness of their accounting-related processes and systems and in doing so, are supported and monitored by Group Accounting.
Operational accounting processes at the national and international level are increasingly managed by our shared service centers. Harmonizing the processes enhances their efficiency and quality and in turn, improves the reliability of the internal ICS. In this context, the ICS safeguards the quality of internal processes as well as of the interfaces to our customer by means of adequate controls and an internal certification process.
Internal controls are embedded in the accounting process depending on risk levels. The accounting-related ICS comprises both preventive and detective controls, which include:
- IT-based and manual data matching
- The segregation of functions
- The dual checking principle
- General IT checks such as access management in IT systems, and change management
We have implemented a standardized process throughout the Group for monitoring the effectiveness of the accounting-related ICS. This process systematically focuses on risks of possible misstatements in the consolidated financial statements. At the beginning of the year, specific accounts and accounting-related process steps are selected based on risk factors. They are then reviewed for effectiveness in the course of the year, generally by way of external audits. If control weaknesses are found, they are analyzed and assessed, particularly in terms of their impact on the consolidated financial statements and the combined management report. Material control weaknesses, the action plans for eradicating them, and ongoing progress are reported to the Board of Management and additionally to the Audit Committee. In order to ensure a high-quality accounting-related ICS, Internal Audit is closely involved in all stages of the process.