Assystem - 2018 Register document

2

RISK GOVERNANCE AND MANAGEMENT RISK GOVERNANCE AND MANAGEMENT

Objective

Reasonable assurance

Finance

That the financial information produced and published is reliable.

Compliance Operations

That the applicable laws, regulations, standards and all other obligations are respected.

That operations, activities and processes work effectively and efficiently. That assets (human, tangible and intangible) are secure and protected.

Integrity Strategy

That the Group’s strategy and the resources put in place to implement it contribute to achieving the objectives of growth, profitability and business sustainability.

2.1.2

OPERATIONAL RISK MANAGEMENT

OPERATING PROCEDURES Business operating procedures

In France, the Group has put in place a quality management system (QMS) which is available on its Intranet. The QMS – which is a key repository of information on quality for the Group’s operations – is also applicable in other countries that are significant for the Group’s business. It includes a map of business processes and a set of related procedures and instructions. The quality managers use this system to carry out periodic audits aimed at assessing whether the applicable quality standards are being respected. Pre-sales and client contracts Pre-sales and client contract processes are defined in the QMS. Before any bid is submitted, an internal decision-making process takes place on whether or not to actually respond to the client’s invitation to tender. If the decision is positive, a technical and commercial bid is drawn up and is then subject to validations concerning its technical, financial, legal and compliance aspects. Performing services and reviewing ongoing projects The performance of contracts is overseen by project managers. Monthly reviews are organised, at an operational level, for major fixed-fee projects, involving an examination of the project’s technical stage of completion, current costs and revenues, cash flow curve, and profit and costs to completion. The corresponding analyses are presented at the business units’ regular business reviews, which are attended by the Group’s Chief Operating Officer, Chief Financial Officer & Deputy CEO, Chief Financial Controller and Chief Legal & Compliance Officer. Human resources, recruitment, and payroll management Human resource requirements are determined and conveyed by line management, and the corresponding recruitment procedures are defined and managed by each country’s Human Resources Department. Overall budgets for pay increases are managed at the level of each operating entity and each country and are reviewed and validated by In France, investigations are carried out before any client account is opened in order to ensure the client’s solvency (supported by a monitoring process to alert the Company to any major changes in solvency). All client accounts are covered by a debt recovery procedure based on tailored reminder scenarios. For this purpose, the Group uses client account and debt recovery management software. This software is used at various stages of the billing processes as from when the invoice is issued: pre-reminders before the due date, reminders, identification of late payments, identification of disputes and monitoring of their the management team. Administrative procedures Sales

2.1.2.1 Organisation, responsibilities, operating procedures and tools ORGANISATION The Group’s organisational structure is largely decentralised, which by definition results in a high degree of delegation of operational, functional and legal responsibilities to company officers and managers. Its internal control system and information systems therefore need to be adapted to this structure in order to effectively contribute to monitoring its operations. Delegations of authority and responsibilities are drawn up in writing after approval by executive management. A document called the “Management Philosophy Rules & Requirements” describes the basic procedures that operations staff are required to respect. The provisions of this document apply to the whole Group and it is accessible to all employees. RESPONSIBILITIES The responsibilities assigned to employees are set out in writing in job descriptions which are validated by their line managers and supplemented, where applicable, by delegations of authority. Job descriptions help to clarify the nature of the work and transactions for which the employees are responsible by clearly describing the type and method of supervision applicable and by integrating, where required, the internal control dimension by setting out their responsibilities related to complying with and updating procedures, etc. The delegations of authority describe the permanent or temporary transfer of responsibilities and chiefly relate to financial transactions (incurring and authorising capital expenditure, ceilings set regarding procurement, supplier payments, etc.). The bank signing powers put in place at local level must reflect these delegations of authority as closely as possible. Having suitable resources to achieve its objectives is essential for the Group, notably due to the level of staff turnover. The Human Resources Departments play a key role in guaranteeing this suitability. In conjunction with the operations departments, they draw up staff training plans and coordinate annual performance appraisals during which the achievements for the past year are reviewed, targets for the following year are set and the skills that need to be acquired or consolidated are identified.

20

ASSYSTEM

REGISTRATION DOCUMENT 2018