The Lenzing Group’s internal control system is designed to safeguard the reliability of financial reporting, ensure compliance with legal regulations and corporate guidelines, and present the risks not reported on the consolidated statement of financial position or in the consolidated income statement.
The Lenzing Group’s organizational structure and processes form the main basis for the control environment and the internal control system. The organizational structure includes the assignment of specific authorities and responsibilities to the various management and hierarchy levels at the Austrian sites and at all international subsidiaries. Key Group functions are centralized in corporate centers which reflect Lenzing’s global market presence as well as its decentralized business and site structure. The respective management teams are responsible for coordinating and monitoring business operations at national level.
Lenzing’s process organization is characterized by a well-developed and comprehensive set of guidelines which provide an effective foundation for a strong controlling environment and control system. Important Group-wide approval processes and responsibilities are defined in the Lenzing Group Mandates. The management of each business area or department is responsible for monitoring compliance with the respective regulations and controls.
The Corporate Accounting & Tax Department has central responsibility for financial reporting, the accounting-related internal control system, and tax issues within the Lenzing Group.
The goal of the accounting-related control system is to ensure the uniform application of legal standards, generally accepted accounting principles, and the accounting regulations specified in the Austrian Commercial Code. This system also covers the consolidated accounting process and thereby ensures compliance with the rules defined by International Financial Reporting Standards (IFRS) and internal accounting guidelines, in particular the Group accounting manual and schedules. The accounting-related internal control system is designed to safeguard the timely, uniform and accurate recording of all business processes and transactions. It thereby supports the preparation of reliable data and reports on the Lenzing Group’s financial position and financial performance. The subsidiaries included in the consolidated financial statements prepare financial statements in accordance with both local laws and IFRS standards at the company level on a timely basis. The subsidiaries are responsible for the decentralized implementation of existing rules and are supported and monitored in these activities by the Corporate Accounting & Tax function. The Supervisory Board’s Audit Committee is integrated in the accounting-related control system. In addition, the annual financial statements are audited by external certified public accountants and the half-year financial statements are reviewed on a voluntary basis.
The Global Treasury Department, and above all the payments unit, is classified as a highly sensitive area due to its direct access to the company’s assets. The accompanying increased need for security is reflected in comprehensive regulations and instructions for all relevant processes. The entire process, from procurement through to payment, is subject to stringent corporate guidelines. These guidelines are largely supported by a Group-wide IT system which requires stringent functional separation, a clear authorization concept to prevent authorization conflicts as well as a stringent dual control principle for transaction settlement, in particular for payments, as well as regular reporting, among other measures.
The Internal Audit Department is responsible for monitoring the application of, and compliance with, controls in business operations.
Compliance with legal regulations and internal guidelines
The Lenzing Group’s Legal, Intellectual Property & Compliance Department is responsible for legal management. This centralized function handles legal matters within the Lenzing Group and is also responsible for the Compliance Management System (CMS). Together with the Managing Board, it oversees Group-wide compliance with legal regulations and internal guidelines as well as the prevention of legal violations and improper behavior. The Legal, Intellectual Property & Compliance Department reports directly to the Lenzing Group CEO. The CMS evaluates compliance-relevant risks, analyzes deviations from standards and, if necessary, takes measures to reduce them (“prevent, detect, respond”). This department also draws up compliance-relevant guidelines and supports employee training activities worldwide. The Managing Board and the Supervisory Board (or the Audit Committee) receive regular reports on compliance measures.
The Lenzing Group complies with the rules defined by the Austrian Corporate Governance Code (ACGC) and prepares a Corporate Governance Report which is published as part of the Annual Report. The Corporate Governance Report requires the participation of the Supervisory Board, which delegates the responsibility for monitoring compliance with the related obligations to the Audit Committee.
The Corporate Audit Department is independent of all other organizational units and business processes and reports directly to the CFO. It evaluates whether the Group’s resources are deployed legally, economically, efficiently and correctly in the interests of sustainable development. The Corporate Audit Department’s activities are based on the international standards published by the Institute of Internal Auditors (IIA). Regular reporting to the Managing Board and the Audit Committee ensure the proper functioning of the internal control system.
Reporting of risks outside the statement of financial position and income statement
The Risk Management Department is responsible for the reporting of risks that are not reported on the statement of financial position or in the income statement, and prepares a semi-annual risk report for this purpose. The major risks are also discussed in the Annual Report. The risk report is based on the international COSO® standards (Committee of Sponsoring Organizations of the Treadway Commission).
Enterprise Risk Management adopts a holistic approach in this context. In addition to corporate and project risks included in medium-term planning, the focus is increasingly on the long-term consideration and evaluation of ESG criteria and the associated opportunities and risks for the sustainable development of the Lenzing Group’s performance and profitability.