The German Supervisory Board on Its Way to Professionalism
The new law has an impact not only on the management board, but also on the supervisory board and the auditor.21 Under German Commercial Code (GCC) Section 317(4)22, the auditor is obligated to monitor and assess the efficiency of the established risk management system. Under GCC Section 321(4), they are required to report on the efficiency of the risk management system in the auditor’s report, in fact, in a separate part of that report. Furthermore, the auditor’s report has to address the issue whether the established risk management system can be developed further. These provisions focus on the company’s auditor, but they also show indirectly that the supervisory board has the duty to monitor the risk management system.23
Accordingly, the German system provides three layers of risk management.24 The management board is responsible for creating a risk management system on the first level. On the second level, the supervisory board is required to monitor and assess the established system. On the third level, auditors support the supervisory board with its monitoring duty and they report on the efficiency and possible improvements of the risk management system. As a result, the members of the supervisory board have become more sensitive and more conscious for the monitoring of risky business decisions, and the supervisory board, thereby, makes a contribution to risk precaution.25 This weakens the predominant position of the management board with regard to matters of risk management, and strengthens the supervisory board’s responsibility on that issue. 26
II. Improved Flow of Information from the Management Board to the Supervisory Board
In addition, the law of 1998 improved the flow of information from the management board to the supervisory board. Under the amended Section 90(1), the management board is required to inform the supervisory board on all issues important to the company with
21 Manuel René Theisen, Risikomanagement als Herausforderung für die Corporate Governance, 58 BETRIEBS‐ BERATER (BB) 1426, 1427 (2003); Bruno Kropff, Zur Information des Aufsichtsrats über das interne Überwachungssystem, 6 NEUE ZEITSCHRIFT FÜR GESELLSCHAFTSRECHT (NZG) 346 (2003).
Handelsgesetzbuch, Reichsgesetzblatt 1897, 219.
23 Anne‐Kathrin Pahlke, Risikomanagement nach KonTraG – Überwachungspflichten und Haftungsrisiken für den Aufsichtsrat, 55 NEUE JURISTISCHE WOCHENSCHRIFT (NJW) 1680, 1684‐1685 (2002); Peter Hommelhoff & Daniela Mattheus, Corporate Governance nach dem KonTraG, 43 AG 249, 251 (1998); Peter Hommelhoff, Die neue Position des Abschlussprüfers im Kraftfeld der aktienrechtlichen Organisationsverfassung (Teil II), 53 BB 2625, 2626 (1998).
See, generally, LIEDER (note 2), 519‐520.
ALEXANDER LENZ, WERTORIENTIERTE RISIKOFRÜHERKENNUNG UND IHRE ÜBERWACHUNG DURCH DEN AUFSICHTSRAT 48 (2004).
26 THIES LENTFER, DIE ÜBERWACHUNG DES RISIKOMANAGEMENTSYSTEMS GEMÄß §91 ABS. 2 AKTG DURCH DEN AUFSICHTSRAT 62 (2005).