Internal Control

We place strong emphasis on our internal control and administrative organization.

The responsibilities for our internal control and administrative organization are based on the three lines of defense management model. This management model divides functions and responsibilities into different organizational layers around internal control within DPS. A proper design and operation of the three lines of defense contributes to our ability to effectively manage our strategic and operational risks.

Three lines of defense

The statutory directors are ultimately responsible for the design, existence and operation of our internal control and administrative organization.

We have implemented the most recent Committee of Sponsoring Organizations of the Treadway Commission (COSO) 2017 model. The COSO 2017 model emphasizes achievement of strategic and operational objectives, effectiveness and efficiency of processes, and compliance with laws and regulations.

three-lines-of-defense.png (322 KB)

The statutory directors, in consultation with our Management Team, determine our strategy, risk tolerance and risk posture under guidance of our owner. Our internal control and risk management cycle derived from the COSO 2017 model ensures that risks are proactively and systematically identified and analyzed and, where possible and appropriate, management actions are taken to mitigate the risks.Our internal controls and risk management consist of a multitude of system controls, authorizations, procedures, process descriptions and checks and balances.

Assurance

Audit function

We have an audit function that independently reports to our Supervisory Board. The audit function has been outsourced. On the basis of a risk-driven audit program, business processes and project management are tested annually. The findings of the audit function are shared with our clients in outline form.

The findings of the audit function provide an opportunity to improve business processes and increase insight into operational and strategic areas for improvement. Because the audit function provides transparency, the outsourcing chain becomes more transparent for our pension fund clients. The audit function underscores that we are working on an ongoing basis to test and improve business processes and quality standards. Regular audits provide a structural control mechanism and broaden the view of operational efficiency.

ISAE 3402 Type II

We have an independent assurance report in accordance with the International Standard on Assurance Engagements (ISAE). This report provides our clients with assurance that the management measures of effective working as designed to achieve our control objectives. The scope of the ISAE 3402 Type II report is broad and includes controls focused on pension and asset management as well as key IT controls.The scope of the ISAE 3402 Type II report is determined in close cooperation with our pension fund clients.

GIPS verification

We adhere to the Global Investment Performance Standards (GIPS®). GIPS® comprises a set of voluntary guidelines aimed at promoting the highest standards of investment performance reporting.GIPS® requires investment firms to adhere to a set of principles, including disclosure of investment return calculation methods and policies, periodic benchmarking, and independent verification of the above principles. Annually, we have the calculation and reporting of investment returns independently verified by an external auditor. This audit ensures that our investment performance reporting is accurate, transparent and comparable to that of other investment firms, and our clients have assurance that our reporting and return figures are accurate and complete.