Control, risk management and compliance system


The Company’s system of internal control and risk management in the preparation of financial statements is implemented through:

  • verification whether uniform accounting policies are applied by the ORLEN Group companies as regards recognition, measurement and disclosures in accordance with the International Financial Reporting Standards (IFRSs) as endorsed by the European Union,
  • following the procedures for registering economic events in the financial and accounting system and monitoring compliance with the procedures,
  • internal controls, including separation of duties, multi-stage data verification, accuracy reviews of data received and independent checks,
  • applying uniform templates of separate and consolidated accounts and periodic verification whether they are properly applied by the ORLEN Group companies,
  • verification of the consistency of the ORLEN Group companies’ financial statements with data entered into the integrated IT system used to prepare the ORLEN Group’s consolidated financial statements,
  • auditor’s review of Q1, H1 and Q3 financial statements and audit of full-year financial statements of PKN ORLEN and the ORLEN Group,
  • procedures to authorise, approve and issue opinions on financial statements before they are issued,
  • independent and objective evaluation of the risk management and internal control systems.

Economic events at PKN ORLEN are recorded in an integrated financial and accounting system. Security and availability of information contained in the financial and accounting system are controlled at all levels of the database, applications and presentations, as well as at the operating system level. System integration is ensured by data entry control systems (validation, authorisation, a list of values) and logs of changes. PKN ORLEN keeps its IT system up to date with the changing accounting policies and other legal requirements. PKN ORLEN’s solutions are implemented into systems of the ORLEN Group companies.

In order to ensure that uniform accounting policies are applied, the ORLEN Group companies have to follow, for the purpose of preparing consolidated financial statements, the accounting policy adopted by PKN ORLEN and approved by the ORLEN Group companies.

The accounting policy is periodically updated to ensure compliance with any new legislation. Consolidated financial statements are prepared based on the integrated IT system where the process of consolidating data sourced from reporting packages provided by each ORLEN Group company is performed. Designed for financial management and reporting purposes, the system enables the unification of financial information. Performance and budget-related data, forecasts and statistics are gathered in one place, which ensures direct control and data compatibility.

The data is reviewed for cohesion, completeness and consistency, which is achieved thanks to embedded controls checking the compatibility of data entered by the respective companies.

In order to keep mitigating risks associated with the preparation of financial statements, they are reviewed by an auditor quarterly, i.e. more often than required by applicable laws. Q1, H1 and Q3 financial statements are reviewed by the auditor, whereas full-year financial statements are subject to an audit.

As per the relevant procedure in place at PKN ORLEN (meeting all applicable requirements), the auditor of the Company’s financial statements is appointed by the Supervisory Board based on a recommendation from the Audit Committee and a report on the tender process held by the Audit Committee. Deloitte Audyt Spółka z ograniczoną odpowiedzialnością, Spółka komandytowa has been appointed as a qualified auditor of PKN ORLEN’s financial statements for 2019–2021. During audit work, the auditor makes an independent assessment of the reliability and accuracy of separate and consolidated financial statements and confirms that the internal control and risk management system is effective. The auditor presents the audit and review findings to the Management Board and the Audit Committee of the Supervisory Board.

The Audit Committee, appointed by the Supervisory Board in the exercise of its powers, is a supervisory body with some of its powers and responsibilities defined in the Act on Statutory Auditors, Audit Firms, and Public Oversight of May 11th 2017, including the following:

  • monitoring the preparation of the ORLEN Group’s financial statements to ensure compliance with the Group’s Accounting Policy and applicable laws,
  • monitoring the independence of the qualified auditor and the auditing firm,
  • monitoring the effectiveness of the internal control, internal audit and risk management systems.

The Company has in place certain procedures to authorise financial statements, under which periodic reports are submitted to the Management Board and then to the Supervisory Board’s Audit Committee for its opinion. Once the Audit Committee’s opinion is received and the auditor completes its review or audit of the financial statements, they are authorised for issue by the PKN ORLEN Management Board by means of a qualified electronic signature and then released to the public by the Investor Relations Office.

Full-year financial statements are also presented to the Supervisory Board for final assessment and control of the financial reporting process. The Supervisory Board is an independent body ensuring the reliability and accuracy of information disclosed in the financial statements of PKN ORLEN and the ORLEN Group.

The Financial Control, Risk and Compliance Management Office operates within the Management Board Member for Corporate Affairs function, with a primary responsibility for the implementation of financial control, risk and compliance management processes. The performance of financial control tasks is supervised by the Chief Executive Officer, President of the Management Board. The Office is divided into:

  • Financial Control Department, responsible for detecting any irregularities and business misconduct, verifying compliance of conduct of PKN ORLEN and ORLEN Group employees with applicable laws, internal organisational rules and professional standards, estimating the impact of any potential irregularities or misconduct, defining corrective measures and designating responsible persons, as well as assessing internal organisational documents. An area subject to review is assessed primarily in terms of legal compliance, relevance, good management, reliability, organisational efficiency and correct operation. Such assessments are made with due regard for the interests of PKN ORLEN and the ORLEN Group companies. The Department’s staff carry out inspections in accordance with an annual inspection schedule (scheduled financial inspections) as well as ad hoc and preliminary inspections. Reports on scheduled and ad hoc inspections provide post-inspection orders/recommendations designed to mitigate the identified irregularities and misconduct, whereas preliminary inspections lead to the issuance of proposals of recommended actions based on the inspection findings to the extent necessary to identify any irregularities. Twice a year the Financial Control, Risk and Compliance Management Office prepares a report for the Company’s Management Board on the completed financial inspections and progress in the implementation of post-inspection orders/recommendations,
  • The Management Systems and Enterprise Risk Department in which the Enterprise Risk Management Team and the Management Systems Team operate. The employees of the Enterprise Risk Management Team coordinate, in line with the applicable policy and procedure, the enterprise risk management process by providing tools and methodological support to participants of the risk self-assessment process and testing of controls deployed at PKN ORLEN. and the ORLEN Group companies. Their tasks are to support business areas in risk management during the implementation of project objectives by carrying out regular training sessions in risk identification, description and assessment, as well as workshops and consultations for project managers and persons involved in project work, thus helping minimise the amount of work and optimise the project value. As part of corporate risk management, the Company regularly defines and measures risks related to the achievement of strategic objectives. The Enterprise Risk Management Team prepares regular reports on risk management at PKN ORLEN and the ORLEN Group companies, which are then presented to the relevant Management Boards. Members of the Management Systems Team ensure maintenance and improvement of the Integrated Management System – compliance with ISO 9001, AQAP 2110, ISO 14001, PN-N-18001, ISO/IEC 27001, ZKP, ISCC, KZR INiG, ISO 50001 and HACCP. The systemic activities include supervision of documentation (documented information), supervision of equipment, supervision of products (process outputs), and development of a process approach based on risk and opportunity analysis. As part of the Integrated Management System, management reviews are conducted and reported to the PKN ORLEN Management Board, which take into account compliance assessment, among other factors. An internal audit system is in place to verify the correctness of operation of the Group’s organisational units, suppliers, contractors, etc.
  • The Regulatory Risk Management Department is responsible for monitoring legal regulations that may have an impact on the ORLEN Group and for undertaking lawful lobbying activities. It is also responsible for dialogue with market regulators and managing fuel licences issued by the President of the Energy Regulatory Office under the Energy Law. The Department also participates in the implementation of measures aimed at ensuring compliance with regulatory requirements (legal and regulatory advice) at the ORLEN Group.
  • Compliance Management Department, which supervises compliance by the ORLEN Group companies with applicable laws, internal regulations, voluntary standards of conduct and ethical standards. The key objective of the ORLEN Group’s compliance system is to proactively monitor the regulatory environment of all corporate business processes and to ensure a uniform approach to implementing and reporting compliance requirements across the Group. At PKN ORLEN, the compliance system is a dispersed function, where compliance risk is managed by Directors reporting directly to a Management Board Member under the supervision of the Head of the Financial Control, Risk and Compliance Management Office. The compliance management process is regularly reported to the Company’s Management and Supervisory Boards.

Search results