BMW 2013 Annual Report Download - page 81

Download and view the complete annual report

Please find page 81 of the 2013 BMW annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 208

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208

81 COMBINED MANAGEMENT REPORT
The internal control system in place throughout the
BMW Group is aimed at ensuring the effectiveness of
operations. It makes an important contribution towards
ensuring compliance with the laws that apply to the
BMW Group as well as providing assurance on the pro-
priety and reliability of internal and external financial
reporting. The internal control system is therefore a
sig-
nificant factor in the management of process risks. The
principal features of the internal control system and the
risk management system, as far as they relate to individ-
ual entity and Group financial reporting processes, are
described below.
Information and communication
One component of the internal control system is that of
“Information and Communication”. It ensures that all
the information needed to achieve the objectives set for
the internal control system is made available to those
responsible in an appropriate and timely manner. The
requirements relating to the provision of information
relevant for financial reporting at the level of BMW AG,
other consolidated Group entities and the BMW Group
are primarily set out in organisational manuals, in guide-
lines covering internal and external financial reporting
issues, in accounting manuals and through training.
These instructions, which can be accessed at all levels
via the BMW Group’s intranet system, provide the
frame-
work
for ensuring that the relevant rules are applied
consistently throughout the Group. The quality and
relevance of these instructions are ensured by regular
review as well as by continuous communication between
the relevant departments.
Organisational measures
All financial reporting processes (including Group finan-
cial
reporting processes) are structured in organisational
terms in accordance with the principle of segregation
of duties. These structures allow errors
to be identified at
an early stage and prevent potential
wrongdoing. Regu-
lar comparison of internal forecasts and
external financial
reports improves the quality of financial reporting. The
internal audit department serves as a process-inde-
pendent
function, testing and assessing the effectiveness
of the internal control system and proposing improve-
ments when appropriate.
Controls
Extensive controls are carried out by management in all
financial reporting processes at an individual entity and
Group level, thus ensuring that legal requirements and
internal guidelines are complied with and that all busi-
ness transactions are properly executed. Controls are
also carried out with the aid of IT applications, thus re-
ducing the incidence of process risks.
IT authorisations
All IT applications used in financial reporting processes
throughout the BMW Group are subject to access restric-
tions, allowing only authorised persons to gain access
to systems and data in a controlled environment. Access
authorisations are allocated on the basis of the nature
of the duties to be performed. In addition, IT processes
are designed and authorisations allocated using the dual
control principle, as a result of which, for instance, re-
quests cannot be submitted and approved by the same
person.
Internal control training for employees
All employees are appropriately trained to carry out
their
duties and kept informed of any changes in regu-
lations or processes that affect them. Managers and
staff also have access to detailed best-practice descrip-
tions
relating
to risks and controls in the various pro-
cesses, thus increasing risk awareness at all levels.
As a consequence,
the internal control system can be
evaluated regularly and
further improved as necessary.
Employees can, at any time and independently, deepen
their understanding of control methods and design
using an information platform that is accessible through-
out
the entire Group.
Evaluating the effectiveness of the internal
control system
Responsibilities for ensuring the effectiveness of the
internal control system in relation to individual entity
and Group financial reporting processes are clearly de-
fined and allocated to the relevant managers and pro-
cess owners. The BMW Group assesses the design and
effectiveness of the internal control system on the basis
of internal review procedures (e. g. management self-
audits, internal audit findings). Continuous revision
and further
development of the internal control system
ensures its continued
effectiveness. Group entities are
required to confirm regularly as part of their reporting
duties that the internal control system is functioning
properly. Effective measures are implemented when-
ever weaknesses are
identified and reported.
Internal Control System* and Risk Management System Relevant for the
Consolidated Financial Reporting Process
* Disclosures pursuant to § 289 (5) HGB and § 315 (2) no. 5 HGB.