The principles that dictate our approach to risk management are stipulated by the Executive Management. Risk management is directed at safeguarding the going-concern status of group entities and increasing the value of the business; for this reason it plays a crucial role in all decision-making and business processes. The existing management structure and the reporting processes which are in place ensure that not only developments that could jeopardize its going-concern status are reported regularly and in good time to the relevant levels, but also that other developments which pose a threat to the achievement of short-term performance targets (such as EBITDA or cash flow) are reported. This allows management to initiate measures at an early stage to mitigate any business and/or financial risks. Risk managers have been designated at each of the subsidiaries with responsibility for ensuring the proper functioning of local reporting systems. Working together with local risk managers, the group risk manager prepares a risk report for the Messer Group as a whole at the start of each year which is discussed by the Executive Management and communicated to the Supervisory Board of the Messer Group in good time. The risks recorded in the risk report are categorized by nature and classified by probability of occurrence. Risk perception in the current selling environment has exacerbated the risk profile of Messer Group entities in the fiscal year 2017 compared to the previous year.
Messer is adequately insured against potential claims or liability risks, to which it is exposed; these policies ensure that the financial impact can be kept within defined limits or completely avoided. The scale of insurance coverage is continuously optimized in response to the specific situation of group companies.
The Messer Group’s internal audit department carried out twelve status audits (all follow-up audits) at European Messer Group companies during 2017. In China, the local central organization carried out internal audits during the year (most of them relating to tax matters) and some status audits. The regular follow-up audits (in total eleven audits), which check at appropriate intervals that the previous findings and recommendations have been implemented effectively, are still considered to be a core aspect of the internal audit department‘s activities. The audits by the internal audit department at the same time include advisory activities in the sense that information on best practice is passed on and cross-border assistance is organized; this takes account of the respective current standards of the entities in the various countries. In addition, a regular exchange of information takes place with the external auditors in order to make the best use of available know-how, on a results-oriented basis, during the respective audits. Where necessary, other central functions are also called upon in an advisory capacity (including SHEQ, Corporate Logistics, Central Sales Functions). Compliance with corporate guidelines is tested and sample testing of voucher/document controls performed within the various business processes, in order to check the effectiveness and commercial sense of processes as well as the accuracy and reliability of financial reporting. Findings were clarified and recommendations made to improve the transparency of business processes. The Supervisory Board of the Messer Group regularly reviews the quality and appropriate intensity of the audits.
The Group’s Safety, Health, Environment, Quality (SHEQ) department continues to carry out audits and risk analyses in order to reduce the accident ratio even further.
State-of-the-art technologies are employed in the IT area in order to keep the risk from electronic data processing to a minimum. Unauthorized access to data and systems and a significant loss of data are ruled out to the greatest extent possible. The efficiency, operational availability and reliability of systems are constantly being monitored and improved. Messer’s security concept also includes a detailed emergency plan. In order to minimize risks, the various technologies employed by the Messer Group are regularly tested to ensure that IT-based business processes are safe.
Tax laws and competition regulations can also give rise to business risks. In order to mitigate these risks, the Company relies upon the advice of both in-house and external experts.
Income and operating cash flows are, to a large extent, unrelated to market interest rates, since the Group does not hold any significant interest-bearing assets. Loans or credits subject to variable interest rates are hedged partly with the aid of interest rate swaps (cash flow hedges of future interest payments). Under these arrangements, loans with variable interest rates are converted in substance to ones with fixed or maximum rates. In conjunction with the interest rate swaps, the difference between fixed contract interest rates and variable interest rates is settled at specified intervals (computed by reference to an agreed amount). At the balance sheet date, derivative financial instruments had only been entered into with renowned international financial institutions.
Corporate Governance within the Messer Group includes a whole range of in-house rules and measures aimed at preventing the occurrence of risks. The first stage of the risk management system is to assess risks throughout the organization. This risk assessment is conducted by the Group‘s corporate departments for the respective areas of responsibility and by each consolidated subsidiary for its own business. The assessment of risks is updated each year. All information relating to risks is collated centrally by the Corporate Compliance Officer (CCO). Training is organized and carried out as appropriate to cover identified risk areas and to highlight best practice for avoiding the occurrence of a risk as far as possible. Mandatory compliance guidelines are in place for all Messer Group entities, including in particular the „Code of Conduct“ and „Group Guidelines“. All first and second-tier managers of the Messer Group and its consolidated subsidiaries have confirmed that they have received these guidelines, examined their content and comply with the regulations contained therein. Furthermore, all employees have been informed of the content of compliance guidelines of relevance to them and have also confirmed compliance with them. Management and staff are regularly informed about, and receive training on, the content of these guidelines, other policies and code of conduct rules.
On the basis of a matrix structure, the Compliance department cooperates closely with the SHEQ, Medical, IT, Audit, Legal and Insurance departments. Internal audits are carried out to check that compliance guidelines – in particular the Group Guidelines – have been appropriately implemented, thus ensuring good risk management procedures throughout the organization, including conduct and reporting rules, the requirement for approval at the appropriate level as well as application of the dual control principle for legally binding agreements with third parties. Incidences of non-compliance are followed up and the appropriate actions taken where necessary. At the same time, any such incidences are used to reflect on how additional preventive measures could reduce the risk of non-compliance in the future.
Bad Soden am Taunus, March 1, 2018
Messer Group GmbH