Internal control system

GEA Group’s internal control system (ICS) is based on the COSO framework and comprises the risk management system (RMS) as well as other principles, measures, and rules (other components of the ICS). While the RMS aims at identifying and classifying risks, the components comprising the rest of the ICS serve primarily to prevent or mitigate risk using control measures. The Internal Audit function is another component of the ICS.

The RMS comprises principles, measures, and rules relating to the early risk recognition system in accordance with section 91(2) of the Aktiengesetz (AktG – German Stock Corporation Act) as well as those relating to other components of the risk management system. In the other components of the ICS, a distinction is made between principles, measures, and rules that are related or unrelated to financial reporting.

GEA Group’s ICS relevant for financial reporting encompasses all principles, measures, and rules that ensure the proper approval and recording of business transactions for monthly, quarterly, and annual financial statements. The goal of the implemented ICS is to ensure reliable financial reporting, compliance with the relevant laws and standards, and the cost-effectiveness of business workflows.

In addition to GEA Group Aktiengesellschaft, all group companies are integrated into the ICS.

The following key principles of GEA Group’s ICS must be applied in all business functions: clearly defined areas of responsibility, the separation of functions in all areas of activity, dual signature policies, compliance with guidelines, instructions, and procedural requirements (manuals), the obligation to obtain comparative offers before awarding contracts, protection of data from unauthorized access, and the holding of training sessions to ensure uniform procedures within the group.

Key measures and rules that are relevant for financial reporting and are designed to ensure uniform accounting at all subsidiaries are: accounting and account allocation manuals, a uniform chart of accounts, consolidation and calculation manuals, the approval of entries using the dual control principle, and the fact that certain entries can only be made by selected persons. To prevent errors, standardized IT systems are used in GEA Group’s accounting, financial control, and finance functions in all group companies. All guidelines and IT systems are updated on a continuous basis to reflect legal
and business requirements.

Compliance with the principles, measures, and rules set out in the ICS as described above is monitored systematically; this takes the form of regular reviews by GEA Group’s Internal Audit function, which reports directly to the Executive Board and regularly submits reports to the Audit Committee. The results enable the elimination of defects identified at the companies reviewed and the ongoing enhancement of the ICS in the group.

Overall, the ICS aims to ensure the early identification, assessment, and management of those risks and opportunities that could materially influence the Company’s ability to achieve its strategic, operating, financial, and compliance-related objectives.