Consequences of the Wirecard scandal: new corporate governance and auditing requirements for German listed companies

June 7, 2021

Click for PDF

In reaction to the dramatic collapse of Wirecard, a financial services provider then listed on the DAX, in June 2020, a law on strengthening the integrity of financial markets (Finanzmarktintegritätsstärkungsgesetz – FISG) has now been adopted after several months of intense discussion. It comes into force on July 1, 2021 with a transitional period for certain provisions. The law establishes new requirements for corporate governance and auditing of listed companies as well as other public interest entities.

Corporate governance

  • Mandatory audit committee composed of at least two financial experts

Although German law already addresses the composition, role and functions of audit committees in several regulations and the recommendations of the German Code on Corporate Governance (see D.3 German Code on Corporate Governance), this until now was left to the discretion of the supervisory board whether an audit committee should be set up. The FISG now requires all listed companies and other public interest entities (PIEs), including in particular certain financial institutions and insurance companies as defined in the new § 316a of the German Commercial Code (Handelsgesetzbuch – HGB), establish a mandatory audit committee no later than January 1, 2022 (§ 107 (4) Joint Stock Companies Act (Aktiengesetz -AktG) (new version), § 324 HGB (new version)). In order to ensure compliance with the obligation to set up an audit committee, a (periodic) penalty of up to € 5,000 may be imposed on each individual member of the supervisory board (§ 407 AktG (new version)) . Since the formation of audit committees is already a good practice for listed companies, the implications of this for the vast majority of listed companies will be limited.

The FISG further requires that the audit committee (or, if the supervisory board has only three members, the supervisory board itself) be composed of at least two financial experts, one member with expertise in financial matters. areas of accounting and another member in areas of audit (§ 100 (5) AktG (new version), 107 (4) AktG (new version)). Previously, the law only required that at least one member of the supervisory board (who, if an audit committee has been set up, must have also been a member of the audit committee) must be qualified as a financial expert with expertise in the fields of auditing or (alternatively) accounting. The new qualification requirements must ensure that both types of expertise are represented, and with different members of the board. The consequences in the event of non-compliance with the new qualification requirements are not specified by law and therefore remain unclear. According to the dominant opinion in the legal literature, the election of a member of the supervisory board which results in a violation of this particular composition requirement can be challenged in court within the usual period of one month after the election; if no legal action is taken within this period, the election is definitively valid.

The new qualifying conditions must be met for elections taking place from July 1, 2021, but do not apply retroactively.

  • Extended rights and information functions for members of the audit committee

Each member of the audit committee has the right to request information from the heads of the central departments of the company under the jurisdiction of the audit committee, for example the head of risk management, the head of internal audit or the head of the compliance department. Any such request should be directed through the chairman of the audit committee, who must then provide the requested information to all other members of the audit committee and must also inform the board of directors of the request. information without undue delay) (§ 107 (4) AktG (new version)). In addition, the law now explicitly underlines that the responsibilities of the audit committee with regard to the audit also include the quality of the audit (§ 107 (3) AktG (new version)). The new rights and information functions apply from 1 January 2022.

  • Separate meetings with the auditor without the management board

In order to promote the confidentiality of communications between the auditor and the supervisory board or the audit committee, respectively, the law expressly provides that if the auditor is consulted as an expert by the supervisory board or a Supervisory Board Committee, from July 1, 2021, the Management Board will only participate in such a meeting if the Supervisory Board or its committees deem its participation necessary (§ 109 (1) AktG (new version)).

  • Legal obligation to set up an internal control system and a risk management system

The new law explicitly requires the board of directors of a listed company to put in place an effective internal control system and a risk management system suited to the size and risk position of its activity (§ 91 (3) AktG (new version)). The implications of this new legal obligation, which will be applicable immediately from July 1, 2021, will be limited since most listed companies already have such systems (see also principle 4 of the German Corporate Governance Code).


  • Mandatory rotation of external auditors after ten (10) years and rotation of internal auditors after five (5) years

The maximum duration of an audit mission of public interest entities is ten (10) years. The currently existing option to extend this period by virtue of the exemption of the Member States’ option from Regulation (EU) / No 537/2014 (hereinafter the EU Regulation) will be deleted (deletion of § 318 (1a) HGB). The abolition of this exemption also resynchronizes the maximum duration of listed companies with the maximum duration of ten years applicable to CRR institutes and insurance companies.

During a transition period, audit assignments may still be renewed after the expiration of the ten (10) year term for the fiscal year beginning after June 30, 2021 and the following fiscal year, provided that the conditions required for a renewal of the mission have been fulfilled before June 30, 2021. If the financial year corresponds to the calendar year, this means that the auditor must be changed for the financial year 2024 at the latest.

In addition, the maximum duration of the internal rotation of the Key Audit Associate will be reduced from seven (7) to five (5) years currently (§ 43 (6) Public Accountant Act (Wirtschaftsprüferordnung – WPO) (New version)). In the absence of a transitional period, the shortened duration will be immediately applicable from July 1, 2021.

  • Strengthening of the ban on non-audit services

In order to further strengthen the independence of auditors, the option of Member States of the EU Regulation to allow certain tax and valuation services where these services are unimportant or have no direct effect on the states. audited financial statements (see § 319a HGB) will be canceled. As a result, all non-audit services that are blacklisted in Article 5 (1) (2) of the EU Regulation will now be prohibited. In addition, the fee ceiling exemption (§ 319a (1a) HGB) will also be abolished. In the event of non-compliance with the prohibition on services other than audit, shareholders holding five percent (5%) percent of the voting rights or of the share capital or of shares with a market value of at least € 500,000 can ask the court to replace the auditor (§ 318 (3) HGB (new version)). The new rules will apply to the audit of financial years beginning on or after January 1, 2022.

  • Increase in auditors’ liability ceilings and increase in criminal liability

Previously, the civil liability of the statutory auditors was capped at one (1) million euros for companies listed at four (4) million euros, respectively, for fault (including gross negligence), and damages. higher could only be recovered by the company or its group. companies in the event of an intention on the part of the auditors. In the future, the civil liability of statutory auditors for negligence will be capped at sixteen (16) million euros for the control of listed companies and other market companies, to four (4) million euros for other PIEs. and one point five (1.5) million euros for all other companies. In addition, in the event of intent or gross negligence, no limit of liability will apply to listed companies and other companies oriented towards the capital market. With regard to other PIEs and other companies, the ceiling for serious misconduct will be respectively thirty-two (32) million euros or twelve (12) million euros (§ 323 (2) HGB new version)) . The new rules will apply for the audit of financial years beginning on or after January 1, 2022.

It should be noted, however, that under German law, shareholders, in the absence of any tort, do not normally have any recourse for liability against the auditors of companies. Thus, except in exceptional circumstances, only the company can raise such claims. It remains to be seen if that will change as a result of the Wirecard accounting fraud.

In addition, the FISG also provides for a significant increase in criminal liability for offenses relating to accounting and auditing.

  • Election of auditors of insurance companies by shareholders

Insurance company auditors will now be elected by shareholders and not by the supervisory board (deletion of § 341k (2) HGB). This applies to fiscal years beginning on or after January 1, 2022.

Application of financial reports

The current two-tiered execution system will be fundamentally changed. With effect from January 1, 2022, the College of Financial Information Application (FREP) of private law (Deutsche Prüfstelle für Rechnungslegung – DPR) will be abolished and the application of financial reports will be consolidated within the Federal Financial Supervisory Authority (Bundesanstalt für Finanzdienstleistungsaufsicht – BaFin) (§§ 106 et seq. Law on Securities Trading (Wertpapierhandelsgesetz – WpHG) (New version)). In addition, BaFin’s powers will be extended and will include, among other things, the BaFin’s right to search commercial and residential premises as well as to confiscate documents and other evidence. The competent court to issue the required search warrant and confiscation order will be the local court in Frankfurt am Main.

Gibson Dunn attorneys are available to answer any questions you have regarding the issues discussed in this update. For more information, please feel free to contact the attorney Gibson Dunn you usually work with, any team member in Frankfurt or Munich, or the following authors:

Silke Beiter – Munich (+49 89 33371, [email protected])
Ferdinand Fromholzer – Munich (+ 49 89 33270, [email protected])
Johanna Hauser – Munich (+49 89 33272, [email protected])
Finn Zeidler – Frankfurt (+49 69 247411530, [email protected])

© 2021 Gibson, Dunn & Crutcher srl

Lawyer Advertising: The accompanying documents have been prepared for general information purposes only and are not intended to provide legal advice.

Source link

Previous EU's new unified corporate tax regime likely derailed for lack of unanimity
Next Why we need better corporate governance data