HERMES_REGISTRATION_DOCUMENT_2017

OVERVIEW OF THE GROUP

RISK FACTORS

Parties responsible for risk management and internal control systems

1.8.5.4

1

HERMÈS GROUP GENERAL MANAGEMENT

THE SUPERVISORY BOARD

AUDIT AND RISK MANAGEMENT DEPARTMENT

SPECIALISED COMMITTEES

AUDIT COMMITTEE

THE GROUP’S OPERATIONAL STAFF

NETWORK OF INTERNAL CONTROL MANAGERS

Group management The Group management designs risk management and internal control procedures commensurate with the Company’s size, business opera- tions, geographical footprint and organisation. In addition to establishing procedures for delegating authority established at different hierarchical levels, Group management has ultimate responsibility for guaranteeing the effectiveness of the risk management system and its adequacy for meeting the Group’s strategy objectives. To this end, it is provided with audit reports and regularly meets with the audit and risk management department (A&RMD). It therefore oversees the system as a whole to safeguard its integrity and, where applicable, initiate any correctivemea- sures needed to remedy any failures. Audit Committee The Audit Committee was established in 2005 within the Supervisory Board pursuant to Article L. 823-19 of the French Commercial Code (Code de commerce) , and without prejudice to the powers of the Supervisory Board, which it does not supersede. The roles and duties of the Audit Committeewere formally documented in rules of procedure drawn up by the Supervisory Board in 2010 and regu- larly updated. The latest version appears on page 169. In 2017, the rules of procedure were amended, in order to incorporate the procedure for approving services other than the certification of financial statements, and submitted for the approval of Audit Committee.

Each meeting of the Audit Committee gives rise to written minutes that must be approved. At each meeting of the Supervisory Board, the Chairman of the Audit Committee gives the Board a report of the work of the Audit Committee. A list of the work carried by the Audit Committee in 2017 is provided on page 154. In 2016, the Audit Committee also conducted a self-assessment as part of the triennial formal self-assessment of the Supervisory Board. It was also decided in 2017 that the updated IT risk mapping be shared with the Audit Committee on an annual basis. Audit and risk management department (A&RMD) The department reports to the Group’s Executive Vice-President of Governance and Organisational Development, which guarantees its independence, and has unlimited authority to review any matter at their discretion. The A&RMD consists of a core team of experienced auditors, and runs a decentralised network of internal controllers. It performs three main roles for the Group: s it performs internal audits and monitors the implementation of the recommendations;

it identifies and analyses risks;

s

s it ensures the deployment of internal controls suited to Group ventures.

2017 REGISTRATION DOCUMENT HERMÈS INTERNATIONAL

41