Financial reporting

The following disclosure of the financial reporting process is made in accordance with § 315 (2) of the German Commercial Code (HGB) as revised by the German Accounting Modernization Act (BilMoG) at 29 May 2009.

The main features of the internal control system and the risk management system in relation to the (group) financial reporting process can be described as follows:

• Within the CompuGROUP Holding AG Group, a clear management structure and enterprise structure is implemented. The control of regional-covering and sector-covering key functions occurs centrally through the CompuGROUP Holding AG. Operational active subsidiaries have a high level of own responsibility. A clear separation of the functionalities of the areas Group "Accounting", "Controlling", " Business Services", "Risk management", " Procurement" and "Investor Relations" which are involved in the financial reporting process, is implemented with clearly defined responsibilities.
• To ensure a Group-wide analysis and control of income relevant risk factors and risks that endanger the continuing operations of the company, the Group uses standardized planning, reporting, control and early warning systems and processes.
• The departments which are involved in the financial reporting process are in line with the quantitative and qualitative requirements defined by the group.
• The used financial systems are protected against unauthorized accesses by adequate security mechanisms. The financial systems used are essentially standard software. If required, software certificates for the used software solutions are available.
• An internal written directive according to company requirements is implemented (amongst others a group-wide risk management directive and research and development directive).
• For all financial reporting processes, a 'four-eye principle' is applied.
• A review of the financial reporting process is performed in the form of revisions. An internal revision department has not been established so far.
• Required financial reporting processes are subject to regulated analytical tests. The group-wide risk management system is regularly updated to current developments and reviewed on adequacy in terms of quantity and quality. The risk management system is subject to the group year-end audit through our chartered accountants from PricewaterhouseCoopers AG, Frankfurt.
• For key issues in accounting, risk management and the audit mandate of the auditor, the Supervisory Board has established an Audit Committee.

The internal control and risk management system described above ensures that corporate balance-sheet issues are properly recorded, processed, assessed and incorporated in the external accounts. A strict organization-, company-, control- and monitoring structure forms the basis for efficient work processes. The staffing and equipment of the financial reporting process involved areas ensure effective and accurate work; both personnel and material. Legal and corporate directives and guidelines providing, that within the areas involved in the financial reporting, a common and proper financial reporting process is ensured. The clear delineation of responsibilities and various control and verification mechanisms ensure correct accounting and a reliable dealing with potential company risks. Here, the task of the group-wide risk management system, which is in accordance with the statutory requirements, is to identify risks at an early stage, to asses and communicate them appropriately.

The internal control system of CompuGROUP ensures that a consistent financial reporting through CompuGROUP in accordance with the legal and regulatory requirements and internal policies can be provided. The same is to be said for all companies which have to be included in the consolidated financial statements. Therefore, all relevant information are appropriately and dependable available for the addressees of report.