Adequacy and Effectiveness of the Internal Control and Risk Management Systems¹

In addition to the accounting-related processes, risk early warning and monitoring systems, and related controls, all of which are continuously and systematically audited by Internal Audit, both centrally and locally, Beiersdorf also has extensive internal rules, regulations, and processes (including interdepartmental processes) in all areas material to ensuring proper and legally compliant operations (e.g., in R&D, Production and Logistics, Quality Management, and Marketing and Sales, and especially in the innovation process, which involves practically all corporate functions). The rules and regulations are regularly communicated and updated as appropriate. Compliance with them is monitored and training continuously provided. We have developed data collection and control mechanisms for sustainability aspects, too. Internal Audit regularly checks that these are being adhered to. Risk management makes use of a globally available IT system established throughout the Group to record and assess the entire risk inventory. The Executive Board deals with the monitoring and control of these systems on an ongoing basis, also in close consultation with Internal Auditing. The Executive Board is regularly advised and monitored by the Audit Committee of the Supervisory Board on issues relating to the appropriateness and effectiveness of the internal control system, the risk management system, and the internal auditing system. This has not resulted in any significant need for adjustment or improvement with regard to these systems. Beiersdorf therefore has no reason to believe that there are inadequate or ineffective internal control and risk management systems in the relevant business areas or in relation to the relevant topics.

¹ This section is an unaudited part of the combined management report.