The IDW (Institute of Public Auditors in Germany) recently published the new version of the auditing standard IDW PS 340 n.F.. This is used for auditing the early risk detection system according to §91 para. 2 Companies Act. and, according to experience, also has a spill-over effect on companies of other legal forms (e.g. limited gompany) depending on the size and complexity of the company structure. The new standard will be applied to all audits of financial statements for reporting periods beginning after 31 December 2020. In addition to definitions and descriptions of the measures, the new auditing standard contains application notes and explanations for conducting the audit.
1) The determination of the F (RTF) by the Board of Management is particularly emphasized. The RBC is the "maximum amount of risk that the company can bear without endangering its continued existence. Only after determining the risk-bearing capacity and comparing it with the overall risk position can it be assessed whether there is a threat to the company as a going concern. In addition, it should be borne in mind that the loss of the operating license may also jeopardize the company's continued existence.
2) In the course of the Group-wide risk assessment, particular attention must be paid to risks which, when viewed in isolation, do not pose a threat to the company as a going concern, but which, when aggregated with other risks, pose a threat to the company as a going concern. The assessment of whether and to what extent a risk poses a threat to the company as a going concern must be carried out from the perspective of the parent company. Subsidiaries, commercial agencies and shareholdings are to be included in the risk identification process. The identified risks are aggregated in a holistic overall risk inventory . The currently accepted method for risk aggregation is the Monte Carlo simulation. Here, dependencies between opportunities and risks(correlations) must be taken into account.
3) Appropriate measures are to be taken at an early stage to counteract developments that could jeopardize the continued existence of the Company as a going concern. The term "early" also includes the immediate forwarding of urgent risks (ad hoc risks).
4) The risk assessment shall be documented in such a comprehensive manner that the gross value, the effect of the measures and the resulting net value of the risk are presented accordingly. In addition, so-called black swan risks, i.e. risks with a very high impact and a very low probability of occurrence, should also be considered.
5) Furthermore, sufficient resources should be made available for the implementation of measures. Measures include the early identification, assessment, control and monitoring of developments that pose a threat to the company as a going concern. Risk management (risk avoidance, risk reduction, risk sharing or risk transfer) is emphasized here.
Identify risks at an early stage and counteract them effectively - with our GRC software solution antares RiMIS®. Further features and functions can be found in our product brochure.