Hermès // 2021 Universal Registration Document
RISK FACTORS AND MANAGEMENT RISK MANAGEMENT, INTERNAL CONTROL AND INTERNAL AUDIT
A CONTROLLED RISK MANAGEMENT
A mapping monitoring tool is being developed at Group level with the help of an external firm. It will make it possible to formalise, on a continuous and shared basis, the monitoring of the action plans identified. Each company periodically updates its risk mapping, under the supervision of the audit and risk management department. Each year, between 5 and 10 risk mappings are carried out at the level of the distribution subsidiaries, métiers or cross-functional areas in the Group. The internal control officers within the entities are the local relays for the mapping initiative. They participate in the initial risk analysis, while updating and monitoring the action plans. The consolidated Group risk mapping is prepared every three years and was updated in 2020. The risk mappings of subsidiaries, métiers and cross-functional areas, as well as individual assessments by Executive Committee members, feed into it. This mapping is the subject of a specific Executive Committee workshop. It is also shared with the Audit and Risk Committee. The Group risk mapping is also used as a starting point for the audit and risk management department’s audit plan. In the areas of fraud and corruption: awareness-raising campaigns for the functions most exposed to the s risk of fraud are conducted on a regular basis. Awareness-raising, identified as an effective fraud prevention tool, is rolled out and adapted to the types of fraud (risk of system intrusion, “CEO fraud”, etc.). Information on safety is regularly reported to the Group Safety Committee, as well as to the Audit and Risk Committee. An ad hoc security system has also been introduced and is monitored by the Group safety department; the corruption risk mapping was updated in 2020 with the help of a s specialist external firm and with the collaboration of the legal compliance department, which is responsible for its management, as described in chapter 2 "Corporate social responsibility", § 2.8.2.3.1. The audit and risk management department can modify its audit programme and carry out ad hoc assignments in order to deal with new risks, particularly in the event of an alert issued by a Group division. Cross-functional audits can thus be carried out. Finally, an IT platform for the sharing of incidents enables assessment of changes in certain risks and early detection of any signs of potential weakness. This prevention tool contributes to the continuous improvement of the control system, as closely as possible to reality. Several times a year an analysis of the incidents reported by the subsidiaries and métiers is carried out by the audit and risk management department. It is communicated to the Group’s internal control officers and internal control departments, including incident statistics for the period and a reminder of the Group’s procedures and related best practices.
4.3.3
SYSTEM
Major risk identification
Risk re- assessment
Risk ranking
Risk management system at Hermès International
Definition of a risk control strategy
Management of main risks
4
The Group’s risk management process is based upon the preparation of risk mappings as well as a range of complementary tools that facilitate identification of risks and definition of actions to better control them. In order to better anticipate changes in issues relating to companies, technologies, the environment, the economy and governance, the audit and risk management department actively monitors emerging risks externally and has initiated prospective studies since 2019. Set up in 2004, the mapping initiative has been rolled out to the main entities, and also to cross-functional areas, under the supervision of the audit and risk management department. The methodology applied is regularly updated and enables a precise assessment of the risks specific to the Group. These mappings serve to identify, evaluate and systematically rank the main risks. They are an operational awareness-raising and management tool and are a lever for improving performance. They contribute to effective management by providing a summary and shared vision of risks and defining operational action plans and the responsibilities of each person.
2021 UNIVERSAL REGISTRATION DOCUMENT HERMÈS INTERNATIONAL
351
Made with FlippingBook flipbook maker