Cap Gemini - Registration Document 2016

2

CORPORATE GOVERNANCE AND INTERNAL CONTROL

2.5 Internal control and risk management procedures

procedures Internal control and risk management 2.5

This section is based on the contributions of several departments as well as ethics, compliance and internal audit. and, in particular, the Group departments responsible for sales, production, IT, finance, insurance, legal affairs, human resources,

In accordance with the Law of July 3, 2008, it was reviewed and following a review by the Audit & Risk Committee. approved by the Board of Directors on February 15, 2017,

Definition of the internal control and risk management systems 2.5.1 Framework

the smooth functioning of the Group’s internal control processes safeguarding assets; and the reliability of accounting and financial information. ◗

July 22, 2010 by the AMF. guidance published initially in January 2007 and updated on The Group builds on the reference framework and the application complementary manner to controlling the activities of the Group and satisfy objectives that are also complementary. The risk management and internal control systems contribute in a

management systems Scope of the internal control and risk

businesses. and internal control systems within its subsidiaries. In 2016, such systems covered all consolidated subsidiaries and Group Capgemini Group ensures the implementation of risk management Acquired companies are integrated progressively into the internal presented in this report. control and risk management system. All material Group subsidiaries are currently integrated into the general system presented in the notes to the consolidated financial statements. A list of the main companies concerned by this system is irrespective of the skills of the employees performing the controls - guarantee alone the attainment by the Group of all objectives set. While contributing to the improved efficiency of its operational support functions, the optimal use of resources and good risk control, this system does not however offer an absolute guarantee of the control of all possible risks imaginable, no more than it can - Limitations raise awareness of compliance with international and national ◗ laws and regulations; and avoid infractions, non-compliance and negligence in these areas. highlight initiatives aimed at strengthening the system to prevent principles General internal control and risk management known as the Blue Book. Compliance with the Blue Book is mandatory for all Group employees. The Blue Book sets out and Group Management has distributed a set of rules and procedures comments Capgemini’s seven core values, sketches out the overall security framework within which the Group’s activities must be conducted, and, finally, describes the desired behaviors and specify the interdictions to be followed in each of the Group’s

Objectives of the internal control and risk management systems

implement risk prevention and transfer measures. The Group’s internal control and risk management systems seek to create and protect the Group’s value, assets and reputation, and identify and measure the major risks to which the Group is exposed, anticipate and foresee changes in these risks and finally In this context, Capgemini Group has defined and implemented a control system that seeks to ensure: compliance of all management acts with relevant laws and ◗ regulations; Management; compliance with the Group’s seven core values and guidelines set by the Board of Directors and/or Group application by the subsidiaries of instructions communicated; ◗ its actions and, in particular, our business practices. These seven core values, defined by the Group’s founder Serge Kampf, are honesty, boldness, trust, freedom, team spirit, modesty and fun. They represent the Group’s fundamental DNA and justify its Since its creation, Capgemini has placed significant importance on compliance with the values and principles which guide and inspire reputation as an ethical and responsible company. In this respect, Capgemini has, for several years, been rated one of the “World’s of Business Ethics has been supplemented by several policies. This system seeks to: The ethics system founded on the Group’s values and the Code of behavior; develop within new recruits an ethical culture promoting integrity ◗ 2.5.2 Group values Most Ethical companies” by the Ethisphere Institute.

of the internal control and risk management systems

main functions.

96

Registration Document 2016 — Capgemini