L'Oréal's HR policy spans from identifying talent to recruiting employees and helping them develop throughout their career. It focuses on rewarding and empowering everyone and integrates a proactive policy on diversity, equity and inclusion. Dedicated policies are developed within the Group in each of these areas (see section 4.7)(1).
A framework for the separation of tasks is regularly updated and distributed to all entities. It defines the main rules for sales, purchasing, logistics, finance, human resources and information systems management. The application of these rules prevents the risks of fraud and reduces the probability that errors (whether intentional or not) remain undetected.
Each Functional Department defines, in its own specific field, the principles and standards applicable to the entities it manages. These are summarised in the Fundamentals of Internal Control, which set out guidelines that are regularly updated under the responsibility of the Ethics, Risk and Internal Control Department and are designed to facilitate adoption by employees. This document provides a reference framework for the Group. It covers operational activities in the form of an information sheet for each area of activity. Each information sheet refers to the detailed charters, codes and standards of the Group. The sheets are regularly updated, expanded and validated by the Functional Departments.
The Fundamentals of Internal Control Guidelines are sent to the Chief Executive Officers, Chief Financial Officers and Internal Control Managers of all the consolidated subsidiaries, including manufacturing entities. The Fundamentals, charters, standards, and information related to the organisation, updates and instructions from the Functional Departments are made permanently available to the subsidiaries on the Group's intranet. A digital reference framework provides all Group employees with guidelines, charters and expert contacts organised by business line and by subject.
The Functional Departments also hold seminars and training sessions for their networks of experts. News published on the Intranet gives employees updates and important messages on Internal Control.
Within the Group, two tools promote communication on the priorities of Internal Control:
The Group's Global IT Department issues strategic priorities for its information systems and cybersecurity guidelines. The systems incorporate Enterprise Resource Planning (ERP), a management software application used by the vast majority of commercial subsidiaries. The worldwide roll-out of this integrated software package reinforces the reliability and security of producing information, including accounting and financial information. In pursuit of the same objective, an integrated production and management solution in the Group's manufacturing entities continues to be rolled out.
Risk management and Internal Control involves everyone, from governance bodies to all employees. This system is continually monitored to ensure it is relevant and addresses the Group's objectives and challenges. The main participants in the monitoring of Internal Control and risk management are set out below.
General Management sets the overarching principles of Internal Control and ensures that they are properly implemented. In order to fulfil their global Internal Control responsibilities, the members of the Executive Committee call on operational and functional managers, according to their areas of expertise. These managers must ensure that the overarching principles are implemented and the procedures correctly applied to achieve the level of Internal Control required by General Management.
The Board of Directors has always emphasised the importance of Internal Control and its main areas of application(2). The Internal Rules of the Board of Directors define the Audit Committee's duties:
