Assystem - Registration Document 2016

First page Previous page 171 Next page Last page

REPORTS OF THE BOARD OF DIRECTORS

REPORT BY THE CHAIRMAN OF THE BOARD OF DIRECTORS

categories of authorised signatories. The secure bank messaging system, “swaps”, is used to ensure that the policy is respected. In order to reinforce the supervision and control of certain geographically distanced subsidiaries, the Group Treasury Department receives details of monthly expenses incurred and carries out ex-post controls on these expenses; ● budget and budget adjustments: each subsidiary presents the budget that it has drawn up for the current financial year to the members of the executive management team who authorise budgets. The same procedure applies to budget adjustments that are made during the year; ● periodic results and reporting: periodic results are reported every month via the reporting and consolidation application (LINK). The Group Finance Department conducts a critical review of these results and obtains any further information that it may require from the relevant subsidiaries. The Group also places particular importance on the appropriate segregation of tasks in order to strengthen the controls undertaken in relation to critical transactions, particularly payments. In small-sized entities, the appropriate segregation of tasks is sometimes difficult to achieve owing to the entity’s organisational structure. In such cases, specific controls are put in place, essentially in the form of increased supervision by management, which conducts an independent review of critical transactions for control and authorisation purposes. 8.1.3.3.5 ONGOING MONITORING OF THE INTERNAL CONTROL PROCESS Overseeing the internal control process is one of the primary duties of the Board of Directors and the Audit Committee as well as of the Group’s support and Operations Departments. The Group’s executive management team defines the Group’s overall internal control principles and ensures that they are correctly applied. The Audit Committee examines the main reports related to the accounts as well as those concerning internal control. The internal control process is also assessed by local management (managing directors and finance directors) by way of letters issued by these executives certifying compliance with the applicable procedures for preparing the financial statements and other information provided in connection with the preparation of the annual accounts. 8.1.3.3.6 2017 ACTION PLAN The Group has made internal control part of a continuous improvement plan with the aim of enhancing the operational effectiveness of its processes. In line with this, the action plan drawn up for 2017 notably includes carrying out a priority review of recently-acquired subsidiaries, covering financial and legal issues as well as IT systems.

The various risks thus assessed are positioned on a map with two axes (impact and probability), which is then used to rank them as follows: ● high probability/significant impact: priority risks which require attention and monitoring by the Board of Directors. These risks are placed under the direct responsibility of one or more members of the Board of Directors, who are tasked with ensuring that a related action plan is in place and that the resulting measures taken effectively reduce the level of risk; ● high probability/low to medium impact: risks requiring that the Board of Directors is regularly informed in order to provide it with a reasonable assurance of the proper functioning of controls aimed at reducing the possibility of the risks occurring; ● low to medium probability/low to medium impact: risks requiring that the Board of Directors is regularly informed in order to provide it with reasonable assurance of the proper functioning of controls aimed at mitigating the impact in the event that the risks occur; ● low probability/low impact: non-priority risks requiring that the Board of Directors is periodically informed in order to provide it with reasonable assurance of the proper functioning of controls aimed at containing the risks in this category or completely eliminating them. 8.1.3.3.4 CONTROL ACTIVITIES IN LINE WITH OBJECTIVES In view of the Group’s high degree of decentralisation and its policy of delegating powers and responsibilities, the scope of the controls implemented is defined by each subsidiary’s management team based on the Group’s underlying internal control framework. The main purpose of the controls performed is to reduce the major risks to which the Group is exposed. The principal categories of control activities cover the following areas: ● contract authorisation: the Group has established delegation principles which give the appropriate managers the necessary powers to authorise contracts. The controls performed cover each contract phase: ● contract review: the Legal Affairs Department conducts an independent review of major contracts before they enter into force. In particular, the Legal Affairs Department is responsible for defining the general terms and conditions of services, which are stated on client invoices; ● time management and billing: each subsidiary verifies the time entered into the applications used for this purpose. The controls carried out ensure that time is correctly allocated to ongoing projects and also trigger client invoicing; ● payments: the Group has introduced a dual signature policy for means of payment. In line with this policy, the Company defines thresholds for the authorisation of subsidiaries’ expenses based on ● selection of invitations to tender, ● submission of bids, ● definition of billing rates and pricing, ● contract riders;

8

Paris, 7 March 2017 Dominique Louis Chairman of the Board of Directors

171

ASSYSTEM

REGISTRATION DOCUMENT 2016

Made with