SCH2017_DRF_EN_Livre.indb

1

Overview of the Group’s strategy, markets and businesses Internal control and risk management

The regional Internal Control team consists of 27 regional internal controllers in 5 regions, who: E perform the duties defined under the section “Organization and management: key participants of internal control – Internal Control Department” for the units in their geographical scope, covering all Operational Departments; E establish standardized procedures ( e.g. , for internal control assignments, such as control cycles, documentation, scope definition, work programs, etc.); E completed more than 100 on-site inspection missions in 2017 to assess the level of internal control and issuing the necessary recommendations when needed. Internal Audit Department The Internal Audit Department contributes to the analysis and to strengthening the internal control system by: E mapping general risks; E verifying the effective application of Key Internal Controls during audit assignments; E reviewing the audited unit’s Internal Control self-assessment and related action plans. The audit assignments go beyond the Key Internal Controls, and include an in-depth review of processes and their effectiveness. Internal Audit also reviews newly acquired units to assess their level of integration into the Group, the level of internal control and the effectiveness of operational processes, as well as ensuring Group rules and guidelines are properly applied, and more generally compliance with the law. A summary overview of the department’s audits makes it possible to identify any emerging or recurring risks that require new risk management tools and methodologies or adjustments to existing resources. In 2017, Internal Audit performed 39 audits, including: E audits of units;

E audits of a number of risks or operating processes; E post-acquisition audits for newly acquired companies; E analyses of internal control self-assessments by the audited units; E follow-up audits to ensure recommendations are applied; E assistance assignments. The most common findings and observations derived from these audits relate to the following topics: awareness on the Principle of Responsibilities and on the Responsibility & Ethics Dynamic program, segregation of duties and access rights to the IT systems, management of price conditions, alignment with the Chart of Approval, solutions and projects bid management and margin control at execution phase, security of payments, etc. Fraud Committee The Fraud Committee defines the policy against fraud and the process of reporting and treating fraud and suspected fraud, including changes in procedures or practices to avoid recurrence. The limited Fraud Committee is composed of the Group General Counsel & Chief Compliance Officer, Head of Global Security and the Head of Internal Audit & Internal Controls; it meets on a monthly basis as well as on ad hoc basis. It deals with cases of fraud, corruption, conflict of interest, breach of procedure, theft and related matters. All reported cases of fraud are reported to the Fraud Committee. The Fraud Committee decides on investigations that are managed either locally by the Compliance Officer, or centrally by a member of the Fraud Committee depending on the seriousness of the incident and the level of management potentially involved. The Fraud Committee ensures the implementation of the action plan, the appropriate sanction as well as feedback for each proven case of fraud. A report is written and updated regularly for this purpose. The Fraud Committee presents an annual summary report to the Audit Committee.

Internal control procedures governing the production and processing of consolidated and individual company accounting and financial information

8.6

In addition to: E its regulatory tasks; E its responsibility for overseeing the close of accounts across the Group; E its audits of the Group’s results with respect to set targets (see “Internal Control Organization and Management: Finance and Control – Legal Affairs Department”). The Management Control and Accounting unit is tasked with overseeing: E the quality of reporting packages submitted monthly by subsidiaries; E the results of programmed procedures; E the integrity of the consolidation system database.

In addition, the Management Control and Accounting unit ensures that: E given that the Group consolidated financial statements are finalized a few weeks after the annual and half-year balance sheet date, subsidiaries perform a hard close at May 31, and November 30, of each year so that most closing adjustments for the period can be calculated in advance; E the scope of consolidation as well as the Group’s interest and the type of control (exclusive control, joint control, significant influence, etc.) in each subsidiary, from which the consolidation method results are determined in cooperation with the Legal Affairs Department; E the Management Control and Accounting unit issues instructions to the units on the closing process, including reporting deadlines, required data and any necessary adjustments;

2017 REGISTRATION DOCUMENT SCHNEIDER ELECTRIC

62