2022 Universal Registration Document

The procedures and standards governing the activities

Each Support Department defines, in its own specific field, the principles and standards applicable to the entities it manages. These principles and standards are summarised in the“Fundamentals of Internal Control”, a guide which is regularly updated under the responsibility of the Ethics, Risk and Compliance Department, so that employees can adopt them more easily. This document provides a reference framework for the Group. It covers operational activities in the form of an information sheet for each area of activity. Each information sheet refers to the detailed charters, codes and standards of the Group. The sheets are regularly updated, expanded and validated by the Support Departments.

A management segregation of duties standard is regularly updated and distributed to all entities. It defines the main rules for sales, purchasing, logistics, finance, human resources and information systems management. The application of these rules prevents the risks of fraud and reduces the probability that errors (whether intentional or not) may remain undetected.

Communication of information inside the Group

The “Fundamentals of Internal Control” are circulated to the Managing Directors, Finance Directors, and Internal Control Managers of all the consolidated subsidiaries, including manufacturing entities. The Fundamentals, codes, charters, standards, and information related to the organisation, changes and instructions from the Support Departments are made permanently available to the subsidiaries on the Group’s Intranet sites. A Group digital standard provides all employees with guides, charters and expert contacts organised by function and by subject.

The Support Departments also hold seminars and training sessions for their networks of experts. News published on the Intranet gives employees news updates and meaningful messages on Internal Control.

Within the Group, two tools promote communication on the priorities of Internal Control:

1.  the “Internal Control Awards”, which take place every two years and reward the best global initiatives; and
2.  the Internal Control Department’s Intranet site, which disseminates Internal Control’s initiatives, tools and events all over the world.

3.2.2. Control and supervision activities: those involved and their roles

Risk management and Internal Control is the business of everyone, from governance bodies to all employees. This system is continually monitored to ensure it is relevant, meets the Group’s objectives and addresses its issues. The main players in the monitoring of Internal Control and risk management are:

• the General Management and its Management Committee (Executive Committee);
• the Board of Directors and the Audit Committee in particular;
• the Ethics, Risk and Compliance Department, the Internal Control Department and the Internal Audit Department;
• the Support Departments; and
• the Operational Divisions and Geographic Zones.

The General Management and its Management Committee (Executive Committee)

The General Management defines the general principles of Internal Control and ensures their proper implementation. In order to fulfil their global Internal Control responsibilities, the members of the Executive Committee rely on operational and functional managers, according to their areas of expertise. These managers must ensure these general principles are implemented and the procedures correctly applied to achieve the level of Internal Control required by General Management.

The Board of Directors and Audit Committee

The Board of Directors has always asserted the importance of Internal Control and its main areas of application⁽¹⁾. The Internal Rules of the Board of Directors define the Audit

Committee’s duties:

• it monitors the action taken by Internal Control and reports this to the Board of Directors;
• it oversees the preparation of financial and non-financial information; and
• each year, it reviews the Internal Audit plan, its objectives and the general conclusions of Internal Audit assignments, as well as the initiatives and major projects that relate to Internal Control. The Committee uses this information to prepare a report on its remarks for the Board of Directors.

Operational Divisions and Geographic Zones

The Group is organised into Divisions and Zones. Alongside the Management of each country, business or manufacturing entity, the Divisions and Zones are fully responsible for achieving the Internal Control objectives defined by General Management.

A system of delegating authorities is in place and continues to be reinforced. The powers of the legal representatives of Group companies and of those to whom they delegate are limited and controlled in accordance with the provisions of the Legal Charter. Specialists in management, information systems, Human Resources, digital, retail, purchasing, logistics, production and legal affairs provide support to operations at all levels and help to ensure the Internal Control objectives are achieved.

The Support Departments

Each member of the Executive Committee is entrusted with worldwide responsibility for the Internal Control of the activities that fall within their remit. The Support Departments define, in their own areas, the strategies, policies and procedures which they communicate to the countries and entities. They bring their expertise to the operational divisions and review the proper functioning of their respective areas of responsibility. They rely on their network of specialists or on regular audits.