Escenario de estudio

uniform reporting standards for opportunity and risk management

As an internationally operating logistics company, we are facing numerous changes. Our aim is to identify the resulting opportunities and risks at an early stage and take the necessary measures in the specific areas affected in due time to ensure that we achieve a sustained increase in enterprise value. Our Group-wide opportunity and risk manage- ment system facilitates this aim. Each quarter, managers estimate the impact of future scenarios, evaluate opportunities and risks in their departments and present planned measures as well as those already taken. Queries are made and approvals given on a hierarchical basis to ensure that different managerial levels are involved in the process. Opportunities and risks can also be reported at any time on an ad hoc basis.

Our early identification process links the Group’s opportunity and risk management with uniform reporting standards. We continuously improve the IT application used for this purpose. Furthermore, we use a Monte Carlo simulation for the purpose of aggre- gating opportunities and risks in standard evaluations.

The simulation is a stochastic model that takes the probability of occurrence of the underlying risks and opportunities into consideration and is based upon the law of large numbers. One million randomly selected scenarios – one for each opportunity and risk – are combined on the basis of the distribution function of each individual oppor- tunity and risk. The resulting totals are shown in a graph of frequency of occurrence. The following graph shows an example of such a simulation:

monte Carlo simulation _A.77

Frequency of occurrence

in one million simulation steps (incidence density)

Bandwidth with 95 % probability

– aa € m + bb € m + zz € m

Deviation from planned EBIT

Planned EBIT Most common value in one million simulation steps (“mode”) “Worse than expected” “Better than expected”

Opportunity and risk management process _A.78

1 Identify and assess

Assess Define measures Analyse Identify 5 Control Review results Review measures

Monitor early warning indicators

2 _{aggregate and report}

Review

Supplement and change Aggregate

Report

3 Overall strategy / risk

management / compliance Determine Manage 4 Operating measures Plan Implement Internal auditors review processes

Divisions Opportunity and risk-controlling processes Board of Management Internal auditors

The most important steps in our opportunity and risk management process are:

1 _{Identify and assess:} Managers in all divisions and regions evaluate the opportunity

and risk situation on a quarterly basis and document the action taken. They use scenarios to assess best, expected and worst cases. Each identified risk is assigned to one or more managers who assess and monitor the risk, specify possible proced- ures for going forwards and then file a report. The same applies to opportunities. The results are compiled in a database.

2 _{aggregate and report:} The controlling units collect the results, evaluate them and

review them for plausibility. If individual financial effects overlap, they are noted in our database and taken into account when compiling them. After being approved by the department head, all results are passed on to the next level in the hierarchy. The last step is complete when Corporate Controlling reports to the Group Board

of Management on significant opportunities and risks as well as on the potential overall impact each division might experience. For this purpose, opportunities and risks are aggregated for key organisational levels. We use two methods for this. In the first method, we calculate a possible spectrum of results for the divisions and combine the respective scenarios. The totals for “worst case” and “best case” indicate the total spectrum of results for the respective division. Within these extremes, the total “expected cases” shows current expectations. The second method makes use of a Monte Carlo simulation, the divisional results of which are regularly included in the opportunity and risk reports to the Board of Management.

3 _{Overall strategy:} The Group Board of Management decides on the methodology that

will be used to analyse and report on opportunities and risks. The reports created by Corporate Controlling provide an additional, regular source of information to the Board of Management for the overall steering of the Group.

4 _{Operating measures:} The measures to be used to take advantage of opportunities and

manage risks are determined within the individual organisational units. They use cost-benefit analyses to assess whether risks can be avoided, mitigated or transferred to third parties.

85

Group Management Report — OPPORtunItIES anD RISKS — Overall Board of Management assessment of opportunity and risk situation — Opportunity and risk management

5 _Control: For key opportunities and risks, early warning indicators have been defined

that are monitored constantly by those responsible. Corporate Internal Audit has the task of ensuring that the Board of Management’s specifications are adhered to. It also reviews the quality of the entire opportunity and risk management operation. The control units regularly analyse all parts of the process as well as the reports from Internal Audit and the independent auditors with the goal of identifying potential for improvement and making adjustments where necessary.

Internal accounting control and risk management system

(Disclosures required under section 315 (2), No. 5 of the Handelsgesetzbuch (HGB – German Commercial Code) and explanatory report)

Deutsche Post DHL Group uses an internal control system (ICS) to ensure that Group accounting adheres to generally accepted accounting principles. The system is intended to make sure that statutory provisions are complied with and that both internal and external accounting provide a valid depiction of business processes in figures. All figures must be entered and processed accurately and completely. Accounting mistakes are to be avoided in principle and significant assessment errors uncovered promptly.

The ICS design comprises organisational and technical measures that extend to all companies in the Group. Centrally standardised accounting guidelines govern the recon- ciliation of the single-entity financial statements and ensure that international financial reporting standards (EU IFRS s) are applied in a uniform manner throughout the Group. All Group companies are required to use a standard chart of accounts. We immediately

assess new developments in international accounting for relevance and announce their implementation in a timely manner, for example, in monthly newsletters. Often, ac- counting processes are pooled in a shared service centre in order to centralise and standardise them. The IFRS financial statements of the separate Group companies are recorded in a standard, SAP-based system and then processed at a central location where one-step consolidation is performed. Other ICS components include automatic plausi- bility reviews and system validations of the accounting data. In addition, regular, manual checks are carried out decentrally by those responsible at the local level (a chief finan cial officer, for example), and centrally by Corporate Accounting & Controlling, Taxes and Corporate Finance at the Corporate Center.

Over and above ICS and risk management, Corporate Internal Audit is an essential component of the Group’s control and monitoring system. Using risk-based auditing procedures, Corporate Internal Audit regularly examines the processes related to finan- cial reporting and reports its results to the Board of Management. The data reported are checked and analysed chronologically, both upstream and downstream. If necessary, we call in outside experts. Finally, the Group’s standardised process for preparing financial statements using a centrally administered financial statements calendar guarantees a structured and efficient accounting process.

Reporting and assessing opportunities and risks

In the following, we have reported mainly on those risks and opportunities which, from the current standpoint, could have a significant impact upon the Group during the forecast period beyond the impact already accounted for in the business plan. The risks and opportunities have been assessed in terms of their probability of occurrence and

their impact. The assessment is used to classify the opportunities and risks into those of low, medium or high relevance. We characterise opportunities and risks of medium or high relevance as significant. The following assessment scale is used:

Classification of risks and opportunities _A.79

Risks Opportunities

Effects (€ m) Probability of occurrence (%) Planned Group EBIT

≤ 15 > 15 to ≤ 50 > 50 < – 500 – 500 to – 151 – 150 to 0 0 to 150 151 to 500 > 500

Low Medium High

The opportunities and risks described here are not necessarily the only ones the Group faces or is exposed to. Our business activities could also be influenced by additional factors of which we are currently unaware or which we do not yet consider to be material. Opportunities and risks are identified and assessed decentrally at Deutsche Post DHL Group. Reporting on possible deviations from projections, including latent opportun- ities and risks, occurs primarily at the country or regional level. In view of the degree of detail provided in the internal reports, we have combined the decentrally reported opportunities and risks into the categories shown below for the purposes of this report. It should be noted that the underlying individual reports – with the exception of those on the world economy and global economic output – usually exhibit a zero to minimal correlation. It is unlikely that several major opportunities or risks would occur system- atically at the same time in a single category or across categories.

Unless otherwise specified, a low relevance is attached to individual opportunities and risks within the respective categories and in the forecast period under observation (2016). With respect to opportunities and risks arising from potential or on-going legal proceedings, we generally refrain from making an assessment to avoid affecting our position in the proceedings. The opportunities and risks generally apply for all divisions, unless indicated otherwise.