At Wincor Nixdorf AG, risk management is seen as a key element of its overall management system and therefore plays a central role in all decisions and business processes. It is incorporated into operating processes by means of specifically defined management structures and Group-wide risk management standards as well as reporting and information systems. This allows us to identify potential risks at an early stage. In this context, the role of risk management is to identify and limit these risks. The associated control procedures implemented at Wincor Nixdorf enable us to promptly identify, isolate and limit both general and specific risks.
However, the purpose of risk management at Wincor Nixdorf is not only to avoid risk, but also to highlight opportunities that may arise. We see risk management as a means of evaluating and taking advantage of opportunities that may arise, with due regard for any heightened risk potential. Accordingly, new areas of business such as Professional Services (Glossary) or decisions to open up new markets are approached with the issue of risk in mind. Group-wide policies and checklists provide the basis for this approach and contain descriptions of procedures, such as the identification of quantitative thresholds for approval processes, that provide a structured analysis at all levels and enable us to highlight potential risks and opportunities alike.
Corporate Risk Management is responsible for defining Group-wide risk standards and methods of control. Organizationally, it forms part of Group Controlling and is implemented on two levels. At subsidiary and division level, local risks are identified by evaluating key business performance indicators or through analysis of our projects. At the same time, by means of the Investment and Group Controlling we identify risks that may affect the entire Group and develop short-, medium- and long-term strategic approaches to manage those risks.
Risk management is also integrated into our controlling and financial reporting systems. It includes an annual risk management report, monthly forecast reporting and diviation analyses as well as project- and business-specific variance analyses.
Compliance, Operational Efficiency and Security.
The Group internal audit function regularly reviews the internal control systems and business processes, both of subsidiaries and head office functions, for compliance, operational efficiency and security. Internal audit checks the respect of regulations, organizational security measures, profit-and-loss data, balance sheet indicators and contracts. Furthermore, internal audit draws up proposals for the optimization of process efficiency. The Group internal audit function reports as an independent body directly to the Board of Directors and the Audit Committee of the Supervisory Board.
