HERMÈS - 2020 Universal registration document

4

RISKS AND CONTROL RISK FACTORS

FINANCIAL RISKS

4.1.5

The Group has put in place an organisational structure which allows financial risks related to its business to be managed centrally. As the Group has a positive cash position, it is not exposed to liquidity risk and applies a conservative policy in managing interest rate risks.

FRAUD ●

4.1.5.1

DESCRIPTION OF THE RISK s

RISK MANAGEMENT s

The Group’s exposure to the risk of fraud is due in particular to its growing visibility in many countries and its increasing digital presence. The inventiveness and adaptability of external fraud attempts on defence systems seen on the market also represent threats. POTENTIAL IMPACTS ON THE GROUP s Any case of fraud could cause financial losses to the Group and tarnish its reputation.

The management of payment transactions is centralised by the Group’s treasury department and governed by precise validation and control rules. Administrative management and operational control are ensured by the middle & back office department, notably via the use of integrated cash flow software. The Treasury Security Committee regularly checks that these procedures have been applied and that any risks identified have been addressed. The audit and risk management department oversees proper compliance with risk monitoring and management procedures. As part of the coordination of internal control, it regularly creates awareness among the network of internal controllers about the risk of fraud and restates the specific fraud prevention procedures, in particular as regards the purchase and payment process (“CEO fraud”). External audits are also conducted on this process to identify and address potential weaknesses. Audits in subsidiaries to verify the proper application of procedures complement this system. The Group’s risk mapping, as well as the risk mapping applied to the métiers and the main subsidiaries, address this risk and the corresponding action plans. Accordingly, awareness-raising campaigns in the functions most at risk of fraud are conducted on a regular basis. Awareness-raising, identified as an effective fraud prevention tool, is rolled out and adapted to the types of fraud (risk of system intrusion, “CEO fraud”, etc.). In addition, an ad hoc security system has been put in place and is monitored by the Group safety department. Furthermore, a corruption risk mapping has been drawn up with the help of a specialist external firm and with the collaboration of the Director of Legal Compliance, who is responsible for its management, as described in section 2.8.2.3.1. With regard to the system put in place by the Group to protect itself against IT intrusion, it is also the subject of dedicated risk mapping, as described in section 4.1.1.3.

340 2020 UNIVERSAL REGISTRATION DOCUMENT HERMÈS INTERNATIONAL