124 / 302
Corporate governance
Internal control
Internal control
3.6
Internal control and risk management system
3.6.1
Introduction
Scope
Responsibility for the set-up, maintenance and steering of internal
The internal control and risk-management system presented in this
control and risk management processes across the Group lies with report is implemented in the Company and at all its fully consolidated
general management, which has submitted this section of the report
subsidiaries, and is not limited to a set of procedures or merely to
to the Statutory Auditors and the Board of Directors, which approved it
accounting and financial processes.
on March
9, 2016 on the recommendation of the Accounts
Components of internal control
3.6.1.1
Committee.
and risk management system
Applicable reference framework
A. Organisation
The Carrefour group’s internal-control and risk-management system is
based on the reference framework of the
Autorité des marchés
Customers and consumers lie at the heart of everything the Carrefour
financiers
(AMF), updated on July
22, 2010. This section has been
group undertakes. The Company is organised geographically to ensure
drawn up in accordance with article
L.
225-37 par.
5 of the French
that the specific needs and interests of local customers and consumers
commercial code.
are addressed most effectively and its operations are optimally
Definition of the internal control system
responsive. Each country serves as a basic link in the Group’s
organisation. The internal control and risk management system is
and risk management
based on this organisational principle:
general Management sets the reference framework for the Group’s
●
The internal control and risk management system comprises a set of
internal control and risk management system. Its role is to
resources, patterns of conduct, procedures and actions adapted to the
coordinate, lead, and continuously supervise internal-control and
individual characteristics of the Company and its subsidiaries, which:
risk-management systems;
contribute to the control of its activities, the efficiency of its
●
at country level, each country executive director adopts and
●
operations and the efficient utilisation of its resources;
and
implements the internal-control and risk-management principles.
enable it to take into consideration, in an appropriate manner, all
●
Using various procedures and control measures, with a system of
major risks of an operational, financial or compliance-related Group rules, the Group has set up a formal control environment with a
nature.
Code of professional conduct and determination of the powers,
More specifically, the internal control and risk management system is
responsibilities and objectives assigned at each level of the
designed to ensure:
organisation, according to the principle of the separation of tasks:
that the Group’s economic and financial objectives are achieved in
●
at country level, the Group rule system is reflected in precise
●
accordance with laws and regulations;
operating procedures; it is the tool with which each country
conducts its internal controls, which are, in turn, audited by the
that instructions and directional guidelines fixed by general
●
Group;
management in respect of internal control and risk management
are applied;
the Code of professional conduct is provided to every Group
●
employee. The Code establishes the ethical framework within which
that the internal processes are functioning correctly, particularly
●
all Carrefour employees must conduct their activities on a
those contributing to the security of assets;
day-to-day basis;
that financial information is reliable.
●
By helping to prevent and control the risks that may prevent the Group
from achieving its objectives, the internal control and risk
management system plays a key role in the management and oversight
of its activities. However, as the AMF reference framework underscores,
no matter how well designed and properly applied, an internal control
and risk management system cannot fully guarantee that the Group’s
objectives will be achieved. There are inherent limitations in all
internal control and risk management system, which arise, in
particular, from uncertainties in the outside world, the exercise of
judgement or problems that may occur due to technical or human
failure, or simple error.
124
2015 REGISTRATION DOCUMENT