GECINA - REFERENCE DOCUMENT 2017

RISKS

Information regarding certain control activities

6.2.2

INTERNAL AUDIT DEPARTMENT

The Internal Audit Department, which reports to Executive Management, combines the Internal Audit and Risks and Compliance functions. It takes part in supervising internal control and risk management.

INTERNAL AUDIT DEPARTMENT 6 people

INTERNAL AUDIT

RISK AND COMPLIANCE

ROLE

Audit missions defined in the Group Audit Charter;

Risk management;

Implementation of the annual audit program and of audit assignments and monitoring of the implementation of recommendations. Internal Audit's annual work plan is approved by Executive Management and includes:

Monitoring of the risk management policy and mapping operational risks; Permanent control through continuous verification of the application of the main activities of the internal control mechanisms;

Periodic audits of specific areas; Recurring assignments related to the control of the production and processing of accounting and financial information; One-off assignments requested by Executive Management or the Audit and Risk Committee;

Monitoring of the implementation of recommendations;

06

Compliance through oversight of regulatory intelligence mechanisms;

The Annual Audit Plan and mission reports are distributed to the Chairman, Executive Management and the Audit and Risk Committee; Internal Audit reviews fees and monitors the independence of the Statutory Auditors and reports to the Audit and Risk Committee.

Monitoring and coordination of the ethics charter and the whistle-blowing mechanism;

Anti-fraud and anti-corruption measures;

Monitoring of the “anti-money laundering and terrorism financing” system.

207

GECINA - REFERENCE DOCUMENT 2017