2025 Universal Registration Document

3.4 Preparation and processing of sustainability information

3. Risk factors and risk management

3.4 Preparation and processing of sustainability information

3.4 Preparation and processing of sustainability information

L'Oréal has had a system in place for many years for reporting, monitoring and controlling sustainability data. This system has been adapted to meet the new requirements(1) of the Corporate Sustainability Reporting Directive (CSRD, see section 4.1.3). Due to the standardised framework introduced by the CSRD through the European Sustainability Reporting Standards (ESRS), the Group has adapted the definitions it previously used for its sustainability reporting to align them with the ESRS.

This entailed formally documenting, in a single document (the “Book of Norms for Sustainability Reporting”), the definition, scope and controls for each metric required by the new regulations. This document is a constant work in progress, inasmuch as it is intended to be continually enriched by the findings of risk assessments and internal control points identified in both internal reviews and external reviews carried out by the Sustainability Auditors.

The Chief Financial Officer is responsible for preparing the Group's sustainability information, with the support of the Sustainable Finance and Legal & Compliance departments. This information is reported to the Audit Committee, which is responsible for monitoring issues relating to sustainability information and the related risk management system on behalf of the Board of Directors (see section 2.3.3.). The reporting and consolidation of sustainability data enable the Corporate Social Responsibility Department to steer the Group's non-financial performance and pursue its CSR strategy, particularly in connection with the L'Oréal for the Future programme.

The quality and reliability of sustainability reporting is based on a three-level system:

  • the first level corresponds to the Group's experts producing, collecting and reporting sustainability information in their respective fields. Each of the Group's functions (Operations, Purchasing, Research & Innovation, Human Relations, etc.) therefore contributes to ensuring that the data reported complies with the applicable standards;
  • the second level is a control level, whereby the Sustainable Finance function:
    • puts in place the reporting framework and information systems required to ensure the consistency, relevance and reliability of the information flows, and
    • supervises and monitors the reliability of the reporting by the entities in the Countries and Regions and at Group level.

The Sustainable Finance function ensures consistency by carrying out a critical review of variations as well as consistency controls between the different domains. At Country level, each finance team member identified as the Sustainable Finance contact point assists the function's specialist with reviewing their reporting. Dedicated Sustainable Finance coordinators at Region level consolidate and review the consistency of information between the various countries. The corporate support functions are responsible for performing controls on the consolidation of the information reported and aligning processes and working methods with the framework defined by the Group;

  • the third level corresponds to the Internal Audit Department and Sustainability Auditors assessing that the sustainability reporting system operates effectively and issuing recommendations for its continuous improvement.

    Information on sustainability reporting is relayed to the Group's teams through:

  • training courses for the finance community (Country and Region Chief Financial Officers);
  • internal communication measures, such as fortnightly newsletters; and
  • regular meetings with the Internal Control teams.

3.5 Risk factors and risk management

3.5.1 Definitions and general framework

Risk management (events or situations, the occurrence of which is uncertain, could have a financial, non-financial, or reputational impact) is a process that applies to the Company and its consolidated subsidiaries (the "Group"). Risk management consists of identifying, assessing and controlling risks that may affect the smooth running of the Company. It also participates in the Group's development by promoting the effective use of resources to minimise the impact of negative events and maximise the realisation of opportunities.

In order to ensure the sustainability of its development and the achievement of its objectives, the Group strives to anticipate and manage the risks to which it is exposed in its different areas of activity. In addition, the Internal Rules of the Board of Directors specify that the role of the Audit Committee is to "ensure that General Management has the means to enable it to identify and manage the economic, financial, legal and sustainability risks the Group faces both within and outside France in the conduct of its normal or exceptional operations".

On the basis of the work performed by the Internal Audit Department, the analysis of major risks, in conjunction with the processes used by subsidiaries, makes it possible to identify Internal Control improvements and update the Group's standards.