“The Management Board ensures appropriate risk management and risk controlling in the enterprise.”
Section 4.14 of the German Governance Code
Corporate Governance is one of the management’s main responsibilities and means putting codes of conduct and disclosure requirement into practice. It thus is closely connected to detecting and mitigating risks at an early stage, creating a necessary level of transparency and helping avoid major and possibly threatening crises at your company.
Every compliance management system (CMS) is based on a company-specific risk analysis process. You are only able to monitor and mitigate those legal risks that have come to your attention.
We support and consult you in designing, putting into practice and evaluating a risk analysis process as well as in implementing any measures deemed necessary.
“Good compliance is a competitive advantage for any company.”
Hans Jürgen Stephan
Nobody knows your business as well as you do. This means that any analysis begins with insight into your risk strategy and so-called risk appetite at your company.
With our structured, risk-based approach, we then together evaluate the risks to your business model, taking into account strategic, operative and tactical aspects (areas such as foreign trade law, corruption, cartel and internal fraud cases, money laundering, political and financial risks, or force majeure, for example). This is achieved by:
The last step, creating a risk register, involves putting down detailed information on single existing risks. This forms the basis for any further analysis or assessment.
Next, the risk analysis plots the risks on a risk matrix, which shows:
The risk assessment is usually carried out by a group of experts working in an interdisciplinary team.
The values it generates helps you prioritise the risks and decide which need to be dealt with promptly. Adding the values helps you keep an inventory of the risks and lets you monitor the level of risk at your company over time.
Once the risks your company faces have been identified and assessed, the logical next step is to devise and put into place appropriate mitigation measures.
We first categorize each risk and assess an ideal approach using one of these four possibly actions:
Managing the risk then occurs on two levels:
This approach forms the basis of a consistent and pragmatic policy management, which guides any measures taken.
Also in this context we formulate any necessary guidelines, assess and possibly amend existing contracts, train employees, and create legally admissible instructions, assessments and reports for management and supervisory boards.
Creating a tailored compliance structure fosters transparency, shows commitment, reduces legal risks and increases your enterprise’s efficiency.
Good compliance sets an example and is a central component of a healthy and open corporate culture.
Compliance is more than adhering to rules and regulations. Good consultancy thus looks at more aspects than merely the legal. Together, we can systematically set up an optimal and sustainable compliance system made to match your requirements. This can include educational measures and training for employees. In doing so, you have set up a system that monitors company processes and guidelines and lets you quickly take action should any malfeasance occur.
Data protection is not only an integral part of a company’s compliance measures. Moreover, the compliance system itself must meet all legal requirements. Taking data protection must be taken into account at the earliest stage, including the following measures:
Our approach to compliance takes these aspects into account and makes sure any compliance system itself complies with them full at all times.