The main Departments concerned are:
Indicators and reporting procedures facilitate the regular monitoring of the local activities of these Support Departments.
The department assists and monitors operational employees in their administrative, financial and legal activities, as well as in terms of information processing. It sets the operating rules for all entities, defines and deploys tools, procedures and best practices, particularly in terms of management, accounting and consolidation, M&A, investments (BOLD corporate venture fund) and holdings, financing and cash, taxation, legal issues and data governance (including personal data), financial communication, strategic planning and insurance.
An Internal Control Committee has the task of taking all measures to promote the proper understanding and the proper application of the Group’s Internal Control rules and also to monitor progress on important Internal Control projects.It is composed of the Chief Financial Officer, and the Directors of Ethics, Risk and Compliance, Internal Control, Operational Finance, Internal Audit and Information Systems (Global IT).
In particular, this Department coordinates the procedures for identifying, assessing and prioritising risks with all those concerned. It keeps the Group’s risk mapping up to date. Its aim is to promote optimal use of resources in order to minimise and control the impact of negative events, as well as maximise opportunities. The Chief Ethics, Risk & Compliance Officer reports directly to the Chief Executive Officer.
This Department, which is separate from Internal Audit, is under the responsibility of the Ethics, Risk and Compliance Department. In collaboration with the experts in each business line, it defines and updates the internal control framework relating to their area of activity. This framework is summarised in the “Fundamentals of Internal Control” reference document and detailed in standards and procedures that are listed in the Group’s “digital referential”.
The Internal Control Department also manages and develops a network of around 170 regional and local internal control managers covering all Group entities. Their role is to apply the internal control framework and support employees in this respect. Frequent participation in seminars, training cycles or webinars with business lines, and the publication of notes of engagement help to strengthen knowledge of the internal control framework within the Group.
Within a continuous improvement process, the Internal Control Department develops, disseminates and coordinates self‑evaluation campaigns focusing on the main risks and issues identified. These campaigns are gradually being rolled out in each of the business lines. The self-evaluation of Internal Control makes it possible for the Group’s entities to ensure the due and proper functioning of the system and reinforces it with operational actions.
The Internal Control Committee is driven by the Internal Control Department, which validates directions and priorities with regard to improving the internal control framework, developing the network of internal control managers and the tools used to perform internal control tasks. This Department monitors changes related to Internal Control relating to expectations and market practices.
The Internal Audit Department audits major processes and checks on the application of Group principles and standards. It’s work is carried out by a central team that reports directly to the Chief Executive Officer.
Internal Audit assignments are submitted to the General Management and the Audit Committee. With the approval of those committees, they result in an annual audit plan that takes account of the Group’s risk mapping, the entities’contributions to the Group’s key economic indicators, and the historical precedence and results of previous audits.
The risk level assessment carried out by the Area Departments and experts in the different business lines is also a determining factor in the elaboration of the annual audit plan.
