Internal control system

The internal control system (ICS) is a process embedded in the work and operating procedures of the Energie AG Group which is being implemented by senior executives and employees in order to identify and control existing risks and to ensure with sufficient certainty that the following general objectives are achieved in the course of fulfilling the tasks of the Group:

  • Effectiveness and efficiency of business activities;
  • Regularity and reliability of internal and external reporting;
  • Compliance with the internal regulations applicable to the Company and the pertinent legal provisions, in particular for the accounting process.

In the Energie AG Group, the roles “Group Treasury”, “Group Accounting” and “Controlling and Risk Management” have been established as company holding roles. The “Accounting” department acts as a service provider for the Group and is established in scope of Energie AG Oberösterreich Business Services GmbH (Business Services GmbH). The basis for the valid financial reporting is a strongly IT-supported process as well as a high degree of standardisation in data acquisition and processing, starting with commercial services, through the preparation of the companies' annual reports, to consolidation in the consolidated financial statements. The above-mentioned functions thus form the core of the ICS control environment with regard to the accounting process.

The core processes of the above-mentioned divisions, and the process-inherent material risks along with the appropriate controls, are documented and recorded using a Governance, Risk & Compliance (GRC) Management system. The IT tool used links the areas of ICS, Quality assurance and environmental protection (QSE), risk management, information and communication technology (ICT) risks, data protection, and compliance and has established itself as a valuable information system for senior executives and employees.

The concrete design of the controls is adapted to individual requirements which adequately consider risks and can include both manual and automated components. The dual control principle is strictly applied to approval processes. Conflicts of functional separation are avoided and monitored by compensatory controls.

Continuous monitoring and a cyclical audit of the design and effectiveness of the controls by Group Internal Audit form the basis of quality validation and monitoring for these systems throughout the Group.

Structured, standardised reporting to the Management Board and supervisory bodies ensures that the legally prescribed monitoring tasks are performed.

Control awareness is well anchored in the operating units and is sustainably implemented in the business processes. In addition, maintaining and strengthening risk awareness and awareness of the importance of the ethical values laid down in the vision and mission statement is an essential component of the corporate governance culture. The legal obligation to equal treatment in accordance with ElWOG and GWG are subject to appropriate ICS controls and are monitored by the Equal Treatment Officer.

The ICS thus satisfied the statutory requirements in the year under review.