4.4 Internal control and risk management procedures
4.4.1 Internal control definition and objectives
The Edenred group observes the highest standards in terms of internal control and financial information. Internal control is a process defined and implemented by the Board of Directors, management and employees to provide reasonable assurance regarding the achievement of objectives in the following areas:
- application of the instructions and directional guidelines fixed by Executive Management;
- compliance with the applicable laws and regulations, and adherence to the Group’s corporate values;
- prevention and control of risks, particularly operational and financial risks;
- optimization of internal processes to guarantee operational efficiency and efficient use of resources;
- production of high quality, fairly stated accounting, financial and management information.
To fulfil each of these objectives, the Group has defined and implemented the main principles of internal control, based to a large extent on the Internal Control Framework defined in the report of the Committee of Sponsoring Organizations of the Treadway Commission (COSO), as last updated in 2013, and on the Internal Control Reference Framework of the French financial markets authority (Autorité des marchés financiers – AMF) and related recommendations, as last updated in 2010.
These principles are underpinned by:
- management policies that foster the development of an internal control culture and promote integrity;
- the identification and analysis of risk factors that may prevent the Group from meeting its objectives;
- an organization and procedures designed to ensure that the strategies defined by Executive Management are implemented;
- periodic reviews of control activities to seek out potential areas of improvement;
- procedures for the communication of information about internal control.
By helping to anticipate and control the risks involved in not meeting the objectives the Company has set for itself, the internal control system plays a key role in conducting and monitoring its various activities. However, internal control cannot provide absolute assurance that the Company’s objectives will be met.
One of the objectives of the internal control system is therefore to anticipate and control the risks arising in the course of the Company’s business, as well as the risk of errors or fraud, particularly in the areas of accounting and finance. However, as stated in the AMF’s Internal Control Reference Framework, internal control procedures cannot provide absolute assurance that the Company’s objectives will be met, no matter how well the system is designed or how well the procedures are applied.
The following description of the Company’s internal control systems was prepared based on the AMF’s Internal Control Reference Framework and its application guide.
4.4.2 Summary description of internal control procedures
The internal control system described below covers the parent company and all of its consolidated subsidiaries, which are responsible for implementing the instructions and directional guidelines fixed by Executive Management, including internal control objectives. Each subsidiary’s internal control system includes both the procedures defined at the Group level and business-specific procedures that take account of the subsidiary’s organization, culture, risk factors and specific operating environment. As the parent company, Edenred S.A. is responsible for ensuring that adequate internal controls exist and are applied, in particular to the accounting, financial and operating procedures of fully consolidated subsidiaries.
4.4.3 Main participants in the system of internal control
Internal control procedures are part of the policies defined by the Board of Directors and are implemented under the direct responsibility of the heads of the operating divisions and corporate functions. Internal control is everyone’s responsibility, from corporate officers to front-line employees.
The main structures responsible for overseeing the internal control system are as follows:
188.8.131.52 Executive Management
In accordance with the law and the Company’s bylaws, the Chairman and Chief Executive Officer represents the Company in its dealings with third parties and has the broadest powers to act on behalf of the Company in all circumstances. The situations where exercise of the Chairman and Chief Executive Officer’s powers is subject to the prior approval of the Board of Directors are described in the report on corporate governance in section 6.