Chapter 1 : Presentation of the Group – Integrated Report
1.5. Internal Control and risk management system1.5. Internal Control and risk management system
The Group operates in a constantly changing environment. Like any company, L’Oréal is necessarily exposed to risks which, if they were to materialise, could have a negative impact on its business activities, its financial position and its assets, particularly in terms of reputation and image.
In order to ensure the sustainability of its development and the achievement of its objectives, the Group strives to anticipate and manage the risks to which it is exposed in its different areas of activity.
L’Oréal’s risk management consists of identifying, assessing and controlling risks that may affect the smooth running of the Company. It also participates in the Group’s development by promoting the good use of resources to minimise the impact of negative events and maximise the realisation of opportunities.
By contributing to preventing and managing the risks to which the Group is exposed, the purpose of the Internal Control system is to enable the Group’s manufacturing and economic development to take place in a steady and sustainable manner in a control environment appropriate for the Group’s businesses.
Internal Control is a system that applies to the Company and its consolidated subsidiaries and aims at ensuring that:
- economic and financial targets are achieved in compliance with the laws and regulations in force and the Group’s Ethical Principles and standards;
- the orientations set by General Management are followed;
- the Group’s assets and reputation are valued and protected; and
- the Group’s financial and accounting information is reliable and provides true and fair statements.
The control environment, which is critical to the Internal Control system, good risk management and the application of procedures, is based on behaviour, the organisational structure and employees. At L’Oréal, it forms part of a culture of rigour and commitment communicated by senior management and in line with the Group’s strategic choices.
Risk management and Internal Control is everyone’s business, from the governance bodies to all employees.
The Internal Control system is the subject of ongoing supervision in order to verify whether it is relevant and meets the Group’s objectives and addresses its issues.
Chapter 3 provides detailed information on identifying and managing the most significant risks from the point of view of investment decision-making, within the meaning of the regulations. These risks are listed in the table below.
Major risks to which the Group believes it is exposed
| Residual importance | ||
|---|---|---|
| Business risks | Business risks
Sanitary crisis* |
 |
Information and cybersecurity systems* |
|
|
Geographic presence and economic and political environment* |
|
|
Crisis management |
 |
|
Data |
|
|
Market and Innovation |
|
|
Business ethics |
|
|
Evolution of sales channels |
|
|
Human Resources risk |
 |
|
Product quality and safety |
|
|
Safety of people and property |
|
|
| Industrial and environmental risks | Industrial and environmental risks
Product availability* |
|
Climate change |
|
|
Environment and safety |
|
|
| Legal and regulatory risks | Legal and regulatory risks
Risk of non-conformity* |
|
Intellectual property: trademarks, designs & models, domain names, patents |
|
|
Product claims |
|
|
| Financial and market risks | Financial and market risks
Inflation and currency risk* |
|
Risk on financial equity interests |
|
|
Risk relating to the impairment of intangible assets |
|
* Most material risks in each category.
Residual importance: Low Moderate Significant