The Groupe’s senior management is responsible for the Groupe’s internal control system. The Secretary General and the Internal Audit & Risk Management VP regularly report to the
Audit Committee and to the Management Board on the quality of the Groupe’s internal control system.
The Internal Audit Department helps the Groupe achieve its objectives by assessing, with a methodical and systematic approach, the correct implementation and effectiveness of all internal control, risk management and corporate governance procedures and processes.
The auditors’ missions, powers and responsibilities as well as the rights and duties of the audited entity are described in the “Internal Audit Charter” which is included in Janus.
They recall the independence of the internal audit function and stipulate the missions and commitments of internal audit, and the duties and prerogatives of the auditors and audited entities.
The audit teams are comprised of approximately fifteen qualified auditors and carry out internal control assessments that encompass the various financial and operational processes within the Groupe’s entities, based on an annual audit plan. This audit plan is developed based on risk analysis (including corruption risk), past events and specific requests from senior management. Once agreement has been reached with country/regional management, it is approved each year by the Management Board and validated by the Audit Committee.
The Internal Audit Department conducted approximately 70 assignments in 2020, mainly audits on the entities, but also special assignments focusing on specific, Groupe-wide issues at various levels within the Groupe, as well as investigations of cases of suspected fraud or alerts reported through the Groupe’s internal whistleblowing system. It should be noted that since March 2020 and given the health situation (Covid-19), internal audit assignments have been carried out remotely. This system functions well, even though on-site checks cannot be carried out and the practical difficulties are greater.
To carry out their assignments, the internal audit teams use a dedicated IT tool (“TeamMate”). The work programs used are, of course, based on the ERP systems used by the Groupe, with the use of extracts and dedicated exception reports.
Internal audit findings are systematically communicated in a report from the Internal Audit & Risk Management VP communicated to the Chairman of the Groupe’s Management Board.
A summary of all audit assignments completed, including special assignments, is presented during each Audit Committee meeting.
The action plans stemming from the audit recommendations are monitored centrally with the help of a dedicated computer application (“TeamCentral”). Additionally, specific “in-the-field” follow-up assignments are launched for the most critical reports or when action plan indicators are not in line with the commitments made by the audited entities. A report on the status of the implementation of audit recommendations is regularly presented to country/regional management as well as to the Audit Committee.
Internal (particularly in terms of HR investigations) or external assistance is called in when needed to support internal audits where special skills or techniques are necessary to conduct investigations.
The Internal Audit Department of Publicis Groupe works in accordance with the international professional standards issued by the IIA (The lnstitute of Internal Auditors) and, in March 2017, obtained the certification of its quality assurance and certification process by the IFACI (Institut français de l’audit et du contrôle interne). This certification confirms the ability of the Publicis Groupe Internal Audit Department to carry out its duties. It was renewed in March 2020 and confirmed in March 2021 after an annual follow-up audit.
Publicis Groupe also established a program entitled “Financial Monitoring Controls” (FMC) consisting of a series of key controls set out by process (including in relation to CSR) and implemented across all Groupe entities.
Follow-up of the roll-out and implementation of key controls is performed at two levels using a specific IT tool (“PICT/RVR”):
Furthermore, a review of the key checks and controls of the corporate processes relating to financial reporting (Consolidation, Tax, M&A, etc.) is conducted on an annual basis by the Internal Audit Department.
The Groupe’s Legal Department regularly monitors litigation-related risks within the Groupe. A summary of any significant legal disputes, as well as an estimate of their potential impacts, is presented to the Groupe’s senior management every quarter. The main legal disputes and current investigations, where relevant, are also discussed in each Audit Committee meeting.