2021 UNIVERSAL REGISTRATION DOCUMENT

3. Risk factors and control environment

 
Human Resources policy

The quality and skills of male and female employees are key components of the Internal Control system.

L’Oréal’s Human Resources (HR) Department has always had the mission of supporting the Group’s growth and supporting its transformation initiatives. In order to be sustainable, L’Oréal’s growth relies first and foremost on the men and women in the Company, who are the key drivers of the Group’s success. Built on this conviction, the Group’s human and social project is based on highly individualised management of employees and on collective strength.

L’Oréal’s HR policy focuses on the identification, recruitment and development of employees throughout their career, and on the rewarding and commitment of all, as well as on an active policy on diversity and inclusion. Dedicated policies are developed within the Group in each of these areas (see section 4.3.2. “Human Resources policy” of this document).

Information systems

The information systems, chosen in accordance with the strategic orientations given by the Group’s Global IT Department, integrate, in particular, implementation of a single “ERP” (Enterprise Resource Planning) management software application used by the vast majority of commercial subsidiaries, and which issues instructions regarding systems security. The worldwide roll-out of this integrated software package also contributes to strengthening the reliability and security of the process of producing information, notably accounting and financial information. In pursuit of the same objective, the deployment of an integrated production and management solution in the Group’s manufacturing entities is continuing.

The procedures and standards governing the activities

Each Support Department is responsible, in its own specific field, for defining the principles and standards applicable to all the entities. In order to make it easier for employees to make these principles and standards their own, the key principles are summarised in the “Fundamentals of Internal Control”, which are regularly updated under the responsibility of the Ethics, Risk and Compliance Department.

This guide is a reference framework for the Group’s operational activities, and is presented in the form of an information sheet for each area. Each information sheet refers to the detailed charters, codes and standards of the Group. The sheets are regularly updated, expanded and validated by the Support Departments.

A management segregation of duties standard is regularly updated and distributed to all entities. It defines the main rules to be observed in the fields of sales, purchasing, logistics, finance, human resources and information systems management. The application of these rules is aimed at better preventing of the risks of fraud and reducing the probability that errors (whether intentional or not) may remain undetected.

Communication of information inside the Group

The “Fundamentals of Internal Control” guide is circulated to the Managing Directors, Finance Directors, and Internal Control managers of all the consolidated subsidiaries, including manufacturing entities. Furthermore, the Fundamentals, codes, charters and standards, together with the information related to the organisation, changes and instructions from the Support Departments are made permanently available to the subsidiaries on the Group’s Intranet sites.

A Group digital standard provides all employees with guides, charters and expert contacts organised by function and by subject.

Meetings are regularly organised aimed at passing on information about orientations of the General Management to managers of the subsidiaries. The Support Departments also coordinate their networks of experts through seminars and training sessions. News published on the Intranet gives employees news updates and meaningful messages on Internal Control.

Lastly, communication within the Group on the main priorities of Internal Control is promoted by the “Internal Control Awards”, which every two years reward the best global initiatives, and through the Internal Control Department’s intranet, which makes it possible to communicate all over the world on Internal Control initiatives, tools and events.

3.2.2. Control and supervision activities: those involved and their roles

Risk management and Internal Control is the business of everyone, from governance bodies to all employees.

This system is the subject of ongoing supervision in order to verify its relevance and meets the Group’s objectives and addresses its issues.

The main players involved in monitoring Internal Control and risk management are:

  • the General Management and its Management Committee (Executive Committee);
  • the Board of Directors and the Audit Committee in particular;
  • the Ethics, Risk and Compliance Department, the Internal Control Department and the Internal Audit Department;
  • the Support Departments; and
  • the Operational Divisions and Geographic Zones.