HERMÈS - 2018 Registration document

Overview of the group

Risk factors

Internal control system monitoring Regular reviews are carried out by internal control at a local level and are completed by the A&RMD depending on the stakes of each entity. The network of internal control managers is responsible for ensuring that the principal risks related to distribution and production operations, as well as to support functions, are covered by suitable controls, notably regar- ding the security and traceability of assets. This network has become more dense and now provides fine-meshed internal control within the main entities. As part of its role as coordinator for the network of inter- nal control managers, the A&RMD is involved in their appointment; it reviews the subsidiaries’ annual plans, disseminates best practices, notably through a collaborative, company information sharing platform, communicates internal control priorities, and encourages experience sharing between all network members.

Theaudit assignments represent the third control level. Thereare several types of audits including: s s audit of distribution subsidiaries including the audit of stores, s s audit of production sites, s s audit of upstream or downstream support departments, etc. s s special audit conducted with the help of external firms, in particular on information systems s s support to investments in the setting up of the internal control system Upon completion of the audits, reports are prepared containing the audit findings, identifying risks and recommending solutions to remedy any problems. Proper implementation of the recommendations is verified during follow-up audits. The audit reports are sent to the managers of the audited subsidiaries or departments and to Group management.

1

2018 REGISTRATION DOCUMENT HERMÈS INTERNATIONAL

47