LEGRAND / 2018 Registration document

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

INTERNAL CONTROL AND RISK MANAGEMENT

ENVIRONMENT AND ORGANIZATION OF INTERNAL CONTROL AND RISK MANAGEMENT

3.1.4 – Resources allocated to internal control and risk management

The Group’s Audit, Internal Control and RiskManagement Department coordinates and organizes monitoring of the risk management and internal control system. The main tools it uses include risk mapping, the internal control framework, the self-assessment process, audits and action plan monitoring. Assigning these tasks to a single department ensures a consistent methodology and the continual adjustment of audit procedures to internal control risk areas, as well as rapid adjustment of the internal control framework to address weaknesses detected during audits. For roughly ten Group countries, including the largest contributors in terms of business (United States, France, Italy, India, China, Brazil, Russia, Mexico, Colombia, etc.), the Group’s Internal Control Department relies on local internal controllers who coordinate the process in their respective units. In smaller subsidiaries, internal control is the direct responsibility of the entity’s Chief Financial Officer. In the Group as a whole, around 33 staff members were fully dedicated to internal controls at the end of 2018. The manager in charge of this function at Group level has direct access to the Chair of the Audit Committee with whom he/she confers independently when preparing for Audit Committee meetings. The manager in charge of this function at Group level reports directly to the Chief Executive Officer, ensuring that he/she enjoys the required authority at the internal level. Aside from the Internal Control Department, other key contributors include: W General Management, in connection with the overall design and management of the Group’s internal control system;

W the Company’s governance bodies, particularly the Audit Committee, whose tasks include monitoring the effectiveness of the system; W the Risk Committee, in connection with managing the Group’s risk-mapping exercises; W the Group’s various departments, some of which coordinate the internal control and risk management approach within the various operational committees; W the Finance Department in general, and especially the finance managers of the Company’s various subsidiaries, who play an ongoing role in organizing the control environment and ensuring compliance with procedures; W managers at all levels of the organization, who are responsible for managing the internal control system in their particular area. The integrated report contains a summary diagram presenting the existing governance structure for internal risk management and control. R LIMITATIONS It should be noted that the internal control system, outlined above and detailed below, though well designed and implemented, cannot provide an absolute guarantee that the Group’s targets will be met and that every risk, particularly those relating to error, fraud or failure, will be completely controlled or eliminated.

3

55

LEGRAND

REGISTRATION DOCUMENT 2018