Risk Management

We have implemented and coordinated a set of risk management and control systems which support us in the early recognition of developments jeopardizing the continuity of our business. The most important of these systems include our enterprise-wide processes for strategic planning and management reporting. Strategic planning is intended to support us in considering potential risks well in advance of major business decisions, while management reporting is intended to enable us to monitor such risks more closely as our business progresses. Our internal auditors regularly review the adequacy and effectiveness of our risk management system. Accordingly, if deficits are detected, it is possible to adopt appropriate measures for their elimination. This coordination of processes and procedures is intended to help ensure that the Managing Board and the Supervisory Board are fully informed about significant risks in a timely manner.

Risk management at Siemens is based on a comprehensive, interactive and management-oriented Enterprise Risk Management (ERM) approach that is integrated into the organization and that addresses both risks and opportunities. Our ERM approach is based on the worldwide accepted "Enterprise Risk Management – Integrated Framework" developed by the "Committee of Sponsoring Organizations of the Treadway Commission" (COSO). The framework connects the ERM process with our financial reporting process and is closely integrated in our internal control system. It considers a company 's strategy, the efficiency and effectiveness of its business operations, the reliability of its financial reporting as well as compliance with relevant laws and regulations to be equally important.

The ERM process aims for early identification and evaluation of, and response regarding risks and opportunities that could materially affect the achievement of our strategic, operational, financial and compliance objectives. Our ERM is based on a net risk approach, covering risks and opportunities remaining after the execution of existing control measures. In order to provide a comprehensive view on our business activities, risks and opportunities are identified in a structured way combining elements of a top-down and bottom-up approach. Risks and opportunities are generally reported on a quarterly basis. This regular reporting process is complemented by an ad-hoc reporting process that aims to escalate critical issues in a timely manner. Relevant risks and opportunities are prioritized in terms of impact and likelihood, considering quantitative and / or qualitative perspectives. The bottom-up identification and prioritization process is supported by workshops with the respective management of the Sector, SFS, SRE, regional Cluster and Corporate Unit organizations. This topdown element ensures that potential new risks and opportunities are discussed at the management level and are included in the subsequent reporting process, if found to be relevant. Reported risks and opportunities are analyzed regarding potential cumulative effects and are aggregated at Sector, SFS, SRE, regional Cluster and corporate level.

Responsibilities are assigned for all relevant risks and opportunities with the hierarchical level of responsibility depending on the significance of the respective risk or opportunity. In a first step, assuming responsibility for a specific risk or opportunity involves deciding upon one of our general response strategies, or a combination of them. Our general response strategies with respect to risks are avoidance, transfer, reduction or acceptance of the relevant risk. Our general response strategies with respect to opportunities are non-realization, transfer and partial or complete realization of the relevant opportunity. In a second step, responsibility for a risk or opportunity also involves the development, initiation and monitoring of appropriate response measures corresponding to the chosen response strategy. These response measures have to be specifically tailored to allow for effective risk management. Accordingly, we have developed a variety of response measures with different characteristics: For example, we mitigate the risk of fluctuations in currency and interest rates by engaging in hedging activities. Regarding our long-term projects, systematic and comprehensive project management with standardized project milestones, including provisional acceptances during project execution, and complemented by clearly defined approval processes assists us in identifying and responding to project risks at an early stage, even before entering the bidding phase. Furthermore, we maintain appropriate insurance levels for potential cases of damage and lia bility risks in order to reduce our exposure to such risks and to avoid or minimize potential losses. Among others, we address the risk of fluctuations in economic activity and customer demand by closely monitoring the macroeconomic conditions and developments in relevant industries, and by adjusting capacity and implementing cost-reduction measures in a timely and consistent manner, if deemed necessary.

To oversee the ERM process and to further drive the integration and harmonization of existing control activities in alignment with legal and operational requirements, the Managing Board established a Corporate Risk and Internal Control Department, headed by the Chief Risk & Internal Control Officer, and a Corporate Risk and Internal Control Committee (CRIC). The CRIC obtains risk and opportunity information from the Risk Committees established at the Sector, SFS, SRE and regional Cluster level as well as from the Heads of Corporate Units, which then forms the basis for the evaluation of the company-wide risk and opportunity situation. The CRIC reports to and supports the Managing Board on matters relating to the implementation, operation and oversight of the risk and internal control system and assists the Managing Board in reporting to the Audit Committee of the Supervisory Board. The CRIC is composed of the Chief Risk & Internal Control Officer, as the chairperson, and members of senior management such as the Sector and SFS CEOs, the CFO of Siemens, and selected Heads of Corporate Units.