100 2014 Registration Document
Corporate governance
3
Internal control
3.6
Internal control
3.6.1
Risk management and internal control system
INTRODUCTION
Responsibility for the set-up, maintenance and steering of internal control
across the Group lies with general management, which has submitted this
section of the report to the Statutory Auditors, the Accounts Committee
and the Board of Directors, which approved it on March 4, 2015 on the
recommendation of its Committee.
APPLICABLE REFERENCE FRAMEWORK
The Carrefour group’s internal-control and risk-management system is
based on the reference framework of the Autorité des Marchés Financiers
(AMF), updated on July 22, 2010. This section has been drawn up in
accordance with Article L. 225-37 par. 5 of the French Commercial Code.
DEFINITION OF THE INTERNAL-CONTROL
SYSTEM AND RISK MANAGEMENT
The internal-control system, which comprises a set of resources,
patterns of conduct, procedures and actions adapted to the individual
characteristics of each Group company:
■
contributes to the control of its activities, the efficiency of its operations
and the efficient utilization of its resources;
■
enables it to take into consideration, in an appropriate manner, all
major risks of an operational, financial or compliance-related nature.
More specifically, the internal-control system is designed to ensure:
■
that the Group’s economic and financial objectives are achieved in
accordance with laws and regulations;
■
that instructions and directional guidelines fixed by general management
in respect of internal control and risk management are applied;
■
that the internal processes are functioning correctly, particularly those
contributing to the security of assets;
■
that financial information is reliable.
By helping to prevent and control the risks that may prevent the Group
from achieving its objectives, the internal-control system plays a key role
in the management and oversight of its activities. However, as the AMF
reference framework underscores, no matter how well designed and
properly applied, an internal-control system cannot fully guarantee that
the Group’s objectives will be achieved. There are inherent limitations in
all internal-control systems, which arise, in particular, from uncertainties
in the outside world, the exercise of judgement or problems that may
occur due to technical or human failure, or simple error.
SCOPE
The internal-control and risk-management system presented in this
section is implemented in the Company and at all its fully consolidated
subsidiaries, and is not limited to a set of procedures or merely to
accounting and financial processes.
3.6.1.1
Components of internal control and
risk management
◗
A. Organisation
Customers and consumers lie at the heart of everything the Carrefour
group undertakes. The Company is organized geographically to
ensure that the specific needs and interests of local customers
and consumers are addressed most effectively and its operations
are optimally responsive. Each country serves as a basic link in the
Group’s organization. The internal-control and risk-management
system is based on this organizational principle:
■
General Management sets the reference framework for the Group’s
internal-control and risk-management system. Its role is to coordinate,
lead, and continuously supervise internal-control and risk-management
systems;
■
at country level, each country executive director adopts and implements
the internal-control and risk-management principles.
Using various procedures and control measures, with a system of
Group rules, the Group has set up a formal control environment
with a Code of Professional Conduct and determination of the
powers, responsibilities and objectives assigned at each level of the
organization, according to the principle of the separation of tasks:
■
at country level, the Group rule system is reflected in precise operating
procedures; it is the tool with which each country conducts its internal
controls, which are, in turn, audited by the Group;
■
the Code of Professional Conduct is provided to every Group employee.
The Code establishes the ethical framework within which all Carrefour
employees must conduct their activities on a day-to-day basis;
■
the Group has established rules of governance limiting the powers
of the corporate officers of each legal entity have limited powers in
some areas that require prior approval by the Board of Directors or
the equivalent body in each entity concerned;
■
the powers and responsibilities of key employees are defined in
delegations of powers and responsibilities established in accordance
with hierarchical and functional organizational charts. This structure
complies with the principle of the separation of tasks;