Your success is our benchmark


Layout_grüne Wiese


JKU intends to present you each month actual issues regarding Corporate Governance, Risk Management und Internal Control.

Therefore you are informed earlier than others what is going around in national and international developments.

August 2011


Joachim Kregel is Co-Author of the new Euroforum Seminar in written form "Compliance in Bying/ Sales". This seminar is expected to start mid of September 2011. Name of his lesson is Control Systems, preventing and disclosuring, with the following topics:

  • Risk analysis: red Flags
  • Analysis of weakness: Comparision Plan-Actual
  • Edge of the market Buying: processes of procurements
  • Edge of the market Sales: payed sales instead of order provisioning
  • Process-embedded controls: High Level and IT
  • Controls independent of processes: Internal Audit

Internal Audit

Joachim Kregel will participate as a speaker at Euroforum-seminar from Prof. Dr. Freidank that will take place in Hamburg on 24/25.November 2011. He will speak about audit strategy and audit planning in Internal Audit. Topics are answers to the following questions:

  • Which kind of tools do simplify daily work, make it more transparent and understandable just as we demand from the auditees?
  • Should one plan risk-oriented boldly close the gap or do not leave any field in an enterprise unaudited?
  • Should one integrate own staff, colleagues, and top management in planning purposes or will one be seen as uninspired and less initiative?

July 2011

King III and The New Companies Act in South Africa

It is astonishing that a developing country like South Africa claims to be leading in Corporate Governance. The third amendment to the so-called King report, the King III, was issued 2009. The New Companies Act refers to it and demands compliance to a number of new procedures. It came into practise on 1 of May 2011 and demands for its catalogue of recommendations a "comply" or "explain" in the company report like it is in Germany with DCGK (German Corporate Governance Codex).

Companies must include sustainability regarding nature and society in their yearly document.

All important decision must be discuss with their implications to nature and society, compliance to all legal issues must be stated.

It demands accountability for all managers with respect to defaults. They could refer to "Business Judgement Rule" only in the case when they had implemented all necessary management processes esp. for risk assessment and risk disclosures. Furthermore they must document that they have checked these processes by their selves or by Internal or External Audit. Any wrong decision may be stated as not committed only when they selves haven got any benefit in case the company struggles damage.

Internal Audit directly reports to Audit Committee that leads Internal Audit and decides upon hiring and firing of the chief audit executive.

Risk management has been enlarged according COSO ERM und includes the issue risk appetite in a company to be defined by Audit Committee.

IT has also be a new issue for the Board. Governance over all IT projects as well as the IT budget, the implications of IT with respect to strategy and risk management is a new task for the board; implementation is the task of the executives further. CobiT will be increase as the leading framework for this issue.

Insofar King III and the New Companies Act can be envisaged as a milestone in Anglo-American environment coming from a shareholder perspective and getting to a stakeholder one.

See the Links for King III and New Companies Act:

King III: https://www.saica.co.za

New Companies Act: http://www.phfirms.co.za/kc/Data/CDH-The-New-Companies-Act-2010_3991.pdf

June 2011

Summary of the Responses to the Greenbook: Audit Policy

EU-Commisssion has recently published answers to the Greenbook: Auditpolicy: Lessons from the crises:

Link to the pdf

There was no surprise that the following issues induced no enthusiastically welcome by the Big4, i.e. rotation, limitation of additional fees, "Too big to fail", ordering through official authorities. From the companies and the investors were stated there still exist an expectation gap between assuring of the compliance of the financial statements and financial health of the company. Some argued that regulation would force an audit approach form over substance. Although the vast majority see that as a task of the rating agency instead of the external auditors bearing in mind the big failure of the rating agency in the last financial crise. It is further unadressed how the agencies get their information (Early Warning System) from the companies to judge over the financial status . Germany with over 40% of all statements stated that the so-called "Lagebericht" encomprises forward looking statements over the financial status and that this report is part of the year-end audit. The vast majority argued in favour for a Supranational European Body whereas the Big4 voted against. Some demanded that such a Body should have access to the audit companies compared with the BaFin or the DPR (Deutsche Prfstelle fr Rechnungslegung e.V.) which have such access. Hopefully EU Commission will present an innovative and future-orientated solution instead of one, which tries to please everybody.

April 2011

Additional Greenbook of the EU Commission: Corporate Governance Framework

On 5.4.2011 the EU Commission published their new Greenbook" European Framework for Corporate Governance". Until the 22.7.2011 all member states, the EU parliament, the European Economic and Social Council, and all interest parties get the opportunity to comment on the proposal.

The Greenbook addresses its issues to two different bodies of the Corporate Governance, the shareholder and the board. Within the body of the shareholder the group of minority interests should be strengthen, e.g. by a specific chair in the board (see Italy) and through regulations for investment companies to control their engagements in the companies on behalf of their shareholder. The board should be obliged to define the risk strategy and the risk appetite in the company. Further it should be certified after external assessment. Internal assessment should no longer be sufficient. Transparency of the fees and income of the board member should be published as well as possible businesses of board members with the company controlled (in Germany often common practise).

You find the link to the greenbook here.

Top of page

March 2011

Richard Chambers, CEO and President of the IIA interviewed by CNBC at 25.01.2011

In his interview with CNBC, Richard Chambers, CEO and President of the IIA, the leading worldwide acting organization of Internal Audit with over 177.000 members in 165 countries, made his statement about the role of Internal Audit in an enterprise.

Mentioning the courageous role of Cynthia Cooper at Worldcom who brought back the IA from the backroom to the boardroom he declared that only a well-informed board can build trust and establish good relationship with its investors.

In this trust building process IA plays an important role with its reporting about the status of Corporate Governance, Risk Management and Internal Control in his enterprise.

He further declared that trust is also established by an own position of the board for the maximum of risk appetite it tolerates for the company and its management. IA contributes to transparency through its reporting of the real risk positions within its company.

The difference between external and internal audit consists in the targets and the clients of assurance: the target for an external auditor assurance lies in financial reporting whereas the target for the internal auditor comprises in assurance that corporate governance, risk management , and internal control are functioning well. External auditor reports to the board and the investors, internal audit to the board and the executives suites.

Compensation was also an item for Richard Chambers. He stated that there should be a link between targeting and enterprise risk management so that compensation

Top of page

February 2011

Bear explains the economic world

The american Omid Maleka draw the attention with his hilarious animated video "Quantitative Easing Explained" two month ago. It was viewed on youtube more than 4 Million times. His latest video focuses on the bank bailouts.

Original source under http://omidamelkam.com

Top of page

December 2010

Risk Appetite Framework (RAF): A brandnew analysis about a well-known subject

At the 23. 12. 2010 the Senior Supervisor Group delivered its report to the Financial Stability Board (FSB) about risk appetite frameworks and IT infrastructure.

Artikel als pdf

Risk appetite is known among experts as a concept since COSO ERM (ommittee of Sponsering Organisations of the Treadway Commission Enterprise Risk Management). The founder of COSO will be proud to see developing a framework RAF starting just from a term.

The following is so far as I know essential for the Board and the Chiefs and requires close attention:

  • There are financial institutions that had implemented a RAR before the financial crises started and were better of.
  • RAR is not weird, but the next step in professional proficiency to deal with decisions in strategic planning as well as in tactical situations to get adopted an enterprise to a changing environment.
  • RAR can be integrated in the corporate governance concept as well as in the concept of corporate values. It can be quantified as an target (Top-down-approach) and controlled on a yearly basis (Bottom-up-Approach).
  • RAR issues can also be cumulated beyond national and business silos using an identical taxonomy e.g. XBRL, see News last month JKU GmbH.
  • RAR gets its special significance when be tested in new situations, mergers& acquisitions, international activities, new products and services, and new business areas. It mirrows actual against plan which is the formalized will of the top executives.
  • RAR is also a tool to systematize event identification, i.e. to evaluate normal businesses with its contribution not only to earnings, but also to risk. It can be seen as a tool which identifies business areas that had to be sold because of its intolerable high contribution to the risk portfolio.

RAR needs initialization and monitoring from the board and the chiefs similar to all governance, control and risk frameworks. To stand for the defined threshold will be influence the culture in an enterprise very positively and build trust. Management by objectives will also be backed by RAR as well as defining thresholds for the business leader.

Changes to risk appetite, strategic or tactical born, can also be made. One have to bear in mind that too often changes will disavow the whole concept. Chief Internal Auditor, Chief Risk Officer, strategic department as well as controlling get with RAR a tool although initiated and committed by the board with that business judgements can be prepared and presented more sustainable and transparent. RAR is an issue that deals not only with financial institutions, but also with all the other enterprises. All Executives should use RAR in the near future!

COSO Progress Report about the supervision of the risk process in enterprises

In parallel to the FSB Protiviti authorized by COSO has published an progress report in December 2010 which embraces interrogation of more than 200 board member, objective was to get information about the satisfaction the members had with their own risk processes. Results were no surprises: satisfaction lessens with the size of the company and with the detailed questioning.

Artikel als pdf

    Surprisingly indeed, 44% of the questioned member stated that they are not informed on a regular basis (at least within one year) when risk factors changed later after being presented to them.
  • 51 % were not informed on a regular basis about any deviations from the agreed upon risk map.
  • Further 51 % were not informed about the effects from main risk factors, i.e. how the change of one factor influence the whole business plan via using scenario techniques with worst and best cases.
  • Main hindrances to deal more with the risk process are other priorities, less knowledge about the framework and the practical outcome of ERM (Enterprise Risk Management). Some saw the risk process as a part of compliance.
  • Interesting that almost 50% of that study found that RAR needs lots of improvements. These people are missing the connection between detailed risks and the agreed upon risk policy. As many people are missing connection between strategic issues and inherent risks.

Satisfaction increases with the size of the company, in public companies the call for improvements was stated more often.

For all I know there is also a lot to do in Germany and Europe - the study was carried in the US - to establish ERM and RAR in the companies.

Top of page

December 2010

XBRL (EXtensible Business Reporting Language) - The new standard in financial reporting data

Automation is in further progress; meanwhile it covers wide areas of accounting and finance. One could have wrote this sentence in the mid-seventies when the first big hosts emperor the companies and revolutionised accounting and administration of personnel.

However, what´s new with that today?

Intercompany data exchange could encompass the whole supply chain since 1988, the year of the UN-Standard EDIFACT¹ (Electronic Data Interface For Administration, Commerce and Transport). At first hosts only could communicate via the troublesome elaborated standard (EDIFACT using VAN (Value Added Networks)). Later on this opportunity EDI was taken in B2B via special platforms in Internet and via extranet (partly public features of intranets) using simple tools (converters which transform data from and in XML).

In the meantime this development is further increasing. The SEC (Security Exchange Commission)² calls for XBRL as reporting language for foreign filer in the mid 2011. In Germany the ministry of finance³ calls for that standard, too, beginning with the year 2011. It hopes to facilitate processing and to accomplishing its tasks.

Private companies could capitalize on this, especially multinationals and branched one´s. Different data formats could be used from country systems of different kind. IFRS has established by the IASB its taxonomy in financial reporting for balance sheet, cash flow, P&L, development of own capital and assets and the appendices.

So why not using XBRL in your company?


1 See UNECE from 19.1.1988.
2 See SEC Rule vom 30.1.2009.
3 See BMF-Ruling from 19.1.2010.

Top of page

November 2010

News from the IIA

The IIA has published the changes to the "International Standards for the Professional Practice of Internal Auditing". to the article

They come into effect at the 1th January 2010. The changes between the versions of 2009 and 2010 are to been found here.

A brief commentary from Joachim Kregel is available here.

Top of page

October 2010

Green book of EU commission about Audit Policy

The EU commission put a green book about Audit Policy to discussion. Joachim Kregel respond to the questions. His answers are to be seen here.

The topics discussed are:

  • role of auditor
  • governance and independence of audit firms
  • supervision of auditors
  • configuration of the audit market
  • creation of a single market for the provision of audit services
  • simplification of rules for Small and Medium Sized Enterprises (SMEs) and Practitioners (SMPs)
  • international co-operation for the supervision of global audit networks.

Top of page

September 2010

Book publication

The guide "Grundlagen der Internen Revision Standards, Aufbau und Führung" from Prof. Dr. Volker H. Peemöller and Joachim Kregel

is available at Erich Schmidt Verlag.

available at Erich Schmidt Verlag

available at Amazon

Top of page