Deutsche Telekom AG - The 2009 financial year

Accounting-related internal control system. Deutsche Telekom AG’s internal control system (ICS) is based on the inter- nationally recognized COSO framework (The Committee of Sponsoring Organizations of the Treadway Commission) Internal Control – Integrated Framework. The effectiveness of the ICS is monitored by the Audit Commit- tee of Deutsche Telekom AG in accordance with the provisions of the German Accounting Law Modernization Act (Bilanzrechtsmodernisierungs- gesetz – BilMoG), which entered into force in May 2009. The Board of Management determines and assumes responsibility for the scope and form of the specific requirements for Deutsche Telekom. Internal Audit is responsible for independently reviewing the effectiveness of the Group’s ICS and to this end has comprehensive information, audit and access rights. It is generally true of any ICS that regardless of its specific structure there can be no absolute guarantee that it will achieve its objectives. Regarding the accounting-related ICS, there can only ever be relative certainty, rather than absolute certainty, that material accounting misstate- ments can be prevented or detected. The accounting-related ICS, which is continuously refined, comprises the principles, methods, and measures used to ensure compliant Group accounting. At Deutsche Telekom AG, the Group Accounting department is responsible for managing the processes of Group accounting and the preparation of the management report. Laws, accounting standards, and other pronounce- ments are continuously analyzed for their relevance to and impact on the consolidated financial statements. The relevant requirements are defined in the Group Accounting Manual, for example, communicated to the relevant units and, together with the financial reporting calendar that is binding throughout the Group, forms the basis of the financial reporting process. In addition, supplementary process directives, standardized reporting formats, IT systems, as well as IT-based reporting and consolidation pro- cesses support the process of uniform and compliant Group accounting. Deutsche Telekom AG draws on the services of external service providers as needed, e.g., for measuring pension obligations. Group Accounting establishes appropriate processes to ensure that these requirements are implemented uniformly in all areas of the Group. The staff involved in the Group accounting process receive regular training. The individual Group companies are responsible for complying with the Group policies and procedures and for the compliant, timely execution of their accounting- related processes and systems, and are supported and monitored in these activities by Group Accounting. Internal controls are embedded in the accounting process depending on risk levels. The accounting-related ICS comprises both preventive and detective controls, which include IT-based and manual agreements, the segregation of functions, double-checking, general IT controls such as access regulations in IT systems or change management, and the monitor- ing of such controls. In 2006 Deutsche Telekom introduced a standardized process across the Group for monitoring the effectiveness of the accounting-related ICS. The process systematically addresses the risks of possible misstatements in the consolidated financial statements and meets the strict capital market requirements of Section 404 of the Sarbanes-Oxley Act in the United States. In order to ensure a high-quality accounting-related ICS, Internal Audit is closely involved in all stages of the process. The effectiveness of the account- ing-related ICS is measured by analyzing selected high-risk elements in cascaded self-assessments that are performed by all parties involved in the process, including those with lead responsibility for the accounting process through to the Group Board of Management. Internal Audit performs independent spot-checks on the self-assessments. 61Group management report Group organization