RISK FACTORS AND INTERNAL CONTROL These policies are regularly analyzed (based on Rexel out in countries where such insurance is available Group’s experiences, exchanges with the market, and where the Rexel Group can obtain favorable industry practices, and the advice of brokers) in order conditions. The contractual terms of this insurance to check the adequacy of coverage with regards to are negotiated at the Rexel Group level through potential risks. Coverage limits significantly exceed credit insurance companies of international renown. the amount of losses experienced in the past. Resulting coverage is obtained subject to certain In addition, risks of payment default for receivables conditions on an individual basis for each customer. are covered by local credit insurance policies taken 2.3 INTERNAL CONTROL AND RISK MANAGEMENT PROCEDURES 2 The methods adopted by the Rexel Group are •The Group’s internal control processes are based on the COSO (Committee of Sponsoring functioning correctly, particularly those related to Organizations of the Treadway Commission) the security of its assets; and standard as well as on the reference framework set Financial information is reliable. forth by the Autorité des marchés financiers (AMF) • and the accompanying guidelines. As such, internal control contributes to risk management, fraud prevention and monitoring, Risk management is a lever for managing the Rexel operations efficiency and efficient use of Rexel Group that helps: Group’s resources. However, as well conceived and Create and preserve the Rexel Group’s value, appl ied as they may be, these measures cannot • absolutely guarantee the achievement of the Rexel assets and reputation; Group’s objectives and strategy. •Secure the decision-making and the Rexel Group’s The Group is organized around geographic regions processes to achieve its strategy and meet its (the Regions) regrouping one or several countries objectives; or entities (the entities, which do not always match Promote the consistency of the Rexel Group’s a country). • actions with its values; and At the headquarters level, the functional departments participate in defining and updating the internal •Bring the Rexel Group’s employees together control standards as wel l as in documenting and behind a shared vision of the main risks. managing identified risks. The implementation of The risk management process aims at identifying efficient and adequate internal controls is one of and analyzing the main risks that the Rexel Group their objectives. may face. The risks that are beyond the acceptable The internal control system described below limits set by Rexel are dealt with and, when necessary, constitutes a common standard which must be action plans are drawn up to address them. These implemented by the Management of each of the action plans may include the implementation of entities. They are responsible for supplementing it controls, the transfer of financial consequences by setting up local procedures. This internal control (through the setting up of an insurance coverage system applies to all consolidated entities. or an equivalent mechanism) or changes in the organization. Controls to be implemented are part 2.3.1 Control environment of the internal control system. The control environment is the keystone of the internal The Rexel Group considers internal control as an control system. Responsibility and empowerment ongoing process, aiming to ensure that: are thus key principles in the definition of the roles and duties of everyone. •Laws and regulations are complied with; Management’s role in promoting ethical conduct •The instructions and directional guidelines set by within the Rexel Group is essential to the control the Executive Management are implemented; environment. Since 2007, managers have relied on REXEL 2017 – REGISTRATION DOCUMENT 47