Internal Control System (ICS) in Germany

Economic crises and compliance violations have increasingly focused public attention on the importance of internal control systems (ICS) as well as compliance management systems (CMS) in Germany. At the same time, voices have become louder and case law increasingly strict when it comes to holding corporate officers more accountable for misorganization, mismanagement and any misconduct on the part of employees. This trend will continue with the draft Corporate Liability Act and the obligation to implement whistleblower systems starting at the end of 2021.

• Increasing internationalization,
• dynamic competition and
• major changes in corporate structures

are leading to rapid shifts in processes, systems and responsibilities, with the result that risks are becoming more acute in day-to-day business.

Simultaneously, various regulatory requirements are forcing companies to continuously document, review and adapt their business process controls and internal control and monitoring systems.

An effective internal control system consists of five major components:

1. Internal control environment

2. Risk assessment

3. Internal control activities

4. Information and communication

5. Monitoring

The challenge is to install an efficient and lean internal control system that adequately addresses all requirements and supports, not hinders, key processes. The operational business of a company must not be disrupted as a result.

Unlike in standardized accounting, there are few concrete specifications from the standard setters for the configuration of a company's internal control system.

To build an internal control system with a sense of proportion, experience is needed above all. Why? Because only with extensive experience can the complex interplay between corporate strategy and organization, business processes, IT systems and the internal control system be fully grasped. This exactly is our core business. We take you by the hand and guide you through the thicket of current requirements for the company, its employees and executive officers and avert liability risks before things can get really serious.

We, for example,

• support companies and nonprofit organizations in risk analysis to determine the necessary measures,
• provide comprehensive advice on liability risks and their defense/prevention in the context of the Business Judgement Rule,
• develope and establish customized ICS in your company,
• produce appropriate (anonymous) whistleblowing systems according to individual standards,
• continuously stay at your side and accompany you in your daily business decisions,
• adapt existing structures to new and evolving situations,
• accompany the internal audit department during regular or event-related measures.