LEGRAND / 2018 Registration document

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

INTERNAL CONTROL AND RISK MANAGEMENT

INTERNAL CONTROL SYSTEM

3.2 – INTERNAL CONTROL SYSTEM

3.2.1 – Definition and purposes of internal control

The Group’s internal control system consists of a set of resources, behaviors, policies, procedures, tools and actions tailored specifically for Legrand, that: W enable it to take appropriate account of significant risks, whether strategic, operational, reputational, financial or compliance- related; and W contribute to the control of its business activities, the efficiency of its operations and the efficient use of resources. The internal control system is wide-ranging and not limited solely to procedures for making accounting and financial reporting data

W ensure that instructions are applied and that the objectives set by General Management are achieved; W guarantee the proper functioning of the internal procedures, especially those that contribute to the protection and safeguarding of assets; W provide assurance regarding the reliability of financial and accounting information; W support both organic and external growth; W contribute to the optimization of procedures and operations. The risk management process continually feeds into the internal control process, which, as a result, adapts in response to developments in the Group’s risk environment.

more reliable. More generally, its objectives are to: W ensure compliance with laws and regulations;

3.2.2 – Procedures, controls and assessments

The Group’s internal control activities (procedures and controls) are defined in internal control standards, which are regularly updated. These internal control standards, as well as all the legal, financial, management and accounting rules applied by the Group, can be accessed on the Group’s website. Internal control activities, and particularly the controls in place, are reviewed annually using a self-assessment mechanism that is mandatory for all entities and supported by a dedicated tool. The self-assessment process covers matters concerning the internal control environment and controls over the Group’s main processes (e.g. Purchasing, Sales, Inventory management, Payroll, Fixed assets, etc.). The questionnaire evolves each year as part of a continuous improvement process. The questionnaire is adapted to take account of strengths and weaknesses identified during audits and self-assessments, and of changes in risks and in the control environment. The size of the questionnaire varies according to the size of the respondent entities. The results of these self-assessment questionnaires and tests are systematically reviewed, consolidated and analyzed by the Internal Control Department.

The 2018 self-assessment campaign showed that the Group’s entities achieved an overall compliance rate of 89% in respect of the internal control system’s minimum requirements, as opposed to 90% in 2017. The Group considers that this is a satisfactory compliance rate. Targeted support is provided to help all entities reach this level, and cross-functional initiatives are launched as and when required. In 2018, specific actions were carried out to strengthen the management rules for IT access, to support the roll-out of new procedures as part of the compliance program, and to prevent fraud. The IT system used to support the internal control process includes a module for overseeing the action plans defined by the subsidiaries. The Group’s internal control system, and any changes it may undergo, are presented annually to the Audit Committee. The tools, procedures and results of internal control reviews are available to the Company’s Statutory Auditors, and there are regular consultations to optimize the internal control framework and coverage of risk areas, which reinforce the internal control system and risk controls.

56

LEGRAND

REGISTRATION DOCUMENT 2018