SOLOCAL_Registration Document_2017

6

FINANCIAL STATEMENTS 6.2 Annual financial statements for the financial years ended 31 December 2016 and 2017

The internal control system involves all SoLocal Group governance bodies and employees. The organisation of internal control requires centralised supervision and leadership that is supported by a network of correspondents within the various Group departments and entities. The Internal Control Charter, approved by SoLocal Group’s Chief Executive Officer, sets forth the guidelines that all entities must observe with respect to internal control. This charter: specifies the scope, objectives and limits of SoLocal Group’s l internal control system; indicates the people who are responsible for the system; l specifies the internal control standards and guidelines to be l observed throughout SoLocal Group. 4.3 Contribution of the Statutory Auditors The work of the Statutory Auditors includes a limited interim Group level review and, toward the end of the year, a pre-closing review followed by a full audit of the financial statements at 31 December. The Statutory Auditors also perform limited reviews on the internal control systems of the Group’s main subsidiaries, in accordance with an audit plan submitted to the Audit Committee’s Internal Audit unit. The main recommendations are presented to the Financial departments and to the Audit Committee. Generally speaking, efforts to continuously improve processes and standards serve to enhance operational control, effectiveness and efficiency. 5 Internal control procedures relating to the preparation and processing of accounting and financial information SoLocal Group’s Finance department is responsible for preparing the accounting and financial information. To increase the reliability of published accounting and financial information, a series of Committees, rules, procedures, controls, a skills management policy, and a continuous process to improve procedures have been implemented. Specific internal control procedures for accounting and financial

4 Internal audit and control The first level of control is the one exercised by the functional and operational departments using standard procedures and processes. The SoLocal Group has put in place the following three lines of control: operational management/risk management and internal control/internal audit. The objective of these systems is to harmoniously combine regulatory measures (instructions and directives), organisational measures (organisational charts and processes) and technical measures (mostly IT and communication) based on certain basic principles: these systems provide the Group’s management and its Board of l Directors with reasonable and not absolute assurance; these systems are not simply a collection of manuals and l procedures but are implemented by employees at all levels of the organisation. 4.1 Internal audit The Internal Audit team ensures that the internal control system is mature and appropriate by evaluating its effectiveness and efficiency, while promoting continuous improvement. On the basis of a risks assessment, the Internal Audit team evaluates the internal control system’s relevance and effectiveness by assessing the quality of the Group’s control environment, the work of internal governance bodies, the reliability and integrity of financial and operational information, operational effectiveness and efficiency, asset protection, and legal, regulatory and contractual compliance. SoLocal Group’s Internal Audit team is responsible for performing the tasks set out in the audit plan at the beginning of the year. It reports directly to the Group’s senior management and since 11 November 2017 to the General Secretariat, but is supervised by the Audit Committee. Internal Audit staff perform three types of audits: audits on the compliance and effectiveness of processes and l activities; audits on the maturity of internal control; l audits on the compliance or performance of specific themes l selected by the Audit Committee. Scheduled operational security compliance audits are also conducted and followed up. 4.2 Internal control The internal control system is composed of the various policies and procedures implemented by an entity’s department to provide the greatest possible assurance that its business activities are being managed effectively. By performing controls, identifying any corrective actions that may be necessary and making sure that recommendations are followed, the internal control system ensures that these policies and procedures are effective and properly implemented.

information have thus been set up via: the Financial Information Committee; l

the Group’s financial accounting and management organisation; l a unified financial and management accounting reporting l process;

Group-wide accounting methods and standards; l the scheduling of year-end work on Group accounts; l financial communication. l

218 2017 Registration Document SOLOCAL