The Schaeffler Group considers maintaining the corporate culture of a global family business essential and intends to play a leading role as a listed family business. In doing so, its focus is on customer relationships and acting with integrity. Its corporate values drive the nature of its transactions. Transactions and business relationships inconsistent with the group’s corporate values are rejected. The governance structure promotes transparency and supports the values “Sustainable”, “Innovative”, “Excellent”, and “Passionate”.
The components of the governance structure support the operating business units in effectively identifying and managing risk.
The Schaeffler Group has continued to improve the processes within its governance structure with a view to meeting the needs of its customers while at the same time protecting the company. The governance structure is aimed at promoting the coordinated operation of the subsystems and, hence, the early identification of risks to the continued existence and development of the Schaeffler Group. Clearly assigned responsibilities and a robust internal control system are in place to manage significant risks.
The Group Compliance and Risk Committee (GCRC) represents a key governance component in this regard, increasing transparency in internal structures, the organization, and in responsibilities. The GCRC is chaired by the Schaeffler Group’s Group Chief Compliance Officer. It consists of the heads of the relevant governance functions (including Compliance, Legal, Internal Control System, and Controlling). The GCRC is responsible for assisting the Board of Managing Directors with its organizational responsibilities with respect to compliance and risk management. Among the key objectives of the GCRC are defining and delineating responsibilities and interfaces and preventing redundancies in the process. In addition, it is expected to create a consistent and complete view of the risk situation in the divisions, functions, and regions based on a uniform measurement and prioritization methodology. A further objective is developing and monitoring risk mitigation activities. The Compliance & Risk Working Group consisting of staff representatives from the functions represented on the GCRC provides operational support to the GCRC.
The activities of the subsystems within the governance structure are coordinated based on the internationally recognized three lines of defense model. It assigns clear responsibility for dealing with risks to the company’s continued existence and development and is based on the principle that primary responsibility for a risk lies with its originator.
First line of defense: At the first tier, operating business units are responsible for performing controls within all business processes to prevent risk. If prevention is not feasible, risks have to be identified and reduced to an appropriate level. Hence, the Schaeffler Group’s employees represent the first line of defense against potential risks. The Schaeffler Code of Conduct encourages them to turn to their supervisor or the corresponding control function with any questions or concerns they might have regarding dealing with risks and inappropriate business practices. For this purpose, an anonymous whistleblowing system for reporting severe violations of the Schaeffler Code of Conduct, especially regarding illegal business practices, is available where necessary.
Second line of defense: At the second tier, risk functions (including Internal Control System, Controlling, Risk Management, Compliance, and Legal) define global standards and controls, regularly monitor compliance with them, and report on their effectiveness. The Risk Management function is also responsible for regular and independent risk assessment.
Third line of defense: The third tier is the audit by Internal Audit. Independent and objective audits are designed to ensure process efficiency in risk management, internal controls, and corporate governance.
With its corporate governance structure and its “three lines of defense model”, the Schaeffler Group fulfils its obligation to manage the company responsibly and to maintain effective controls.