The control environment is also strengthened through a network of shared service centers (Re:Sources) systematically implemented by Publicis Groupe since 1996 in order to overcome the challenges faced by a business that relies on a large number of agencies. This network is managed by Publicis Re: Sources CEO and the Groupe Chief Information Officer (CIO), reporting to the Chairman and Chief Executive Officer. The legal, financial and personnel management functions of the shared service centers are respectively under the functional responsibility at Groupe level of the Legal, Compliance, Finance and Human Resources Departments. The network of shared service centers covers more than 99% of Groupe revenue as of December 31, 2024.
The use of the same management application (ERP) in the large majority of the Groupe’s agencies, as well as a single financial consolidation system for all entities, also ensures good internal control quality through standardized processes and the sharing of best practices.
For companies acquired by the Groupe, the deployment of the internal control framework is rapidly launched and is generally completed within 12 months of the acquisition date. In addition, acquisitions are given particular attention when establishing the annual internal audit plan.
The Groupe’s Executive Management is responsible for the Groupe’s internal control framework. The Secretary General and the Groupe Internal Audit, Investigation & Risk Management Officer report regularly to the Audit and Financial Risks Committee and to the Executive Management regarding the quality of the Groupe’s internal control system. The Groupe Internal, Investigation & Risk Management Officer meets the Chair of the Audit and Financial Risks Committee one-on-one at least once a year, which guarantees its independence.
The Internal Audit Department helps the Groupe to achieve its objectives by assessing, with a methodical and systematic approach, the effective implementation and relevance of a set of internal control, risk management and corporate governance procedures and processes.
The missions and responsibilities of the auditors are described in the internal audit charter, which is included in Janus. This charter highlights the independence of the internal audit function and stipulates the duties and prerogatives of the auditors and audited entities.
The internal audit team is composed of around twenty experienced auditors, including, since 2021, auditors dedicated to information systems audits. They all carry out internal control assessments that encompass various financial and operational processes within the Groupe’s entities based on an annual audit plan which, since 2022, has progressively included IT controls. This audit plan is based on an assessment of the risks impacting the various entities (including corruption risk), as well as past events, specific requests from Executive Management and consultation interviews with management of the countries and regions. This annual plan is approved by the Executive Management and validated by the Audit and Financial Risks Committee.
Internal audit carried out 61 assignments in 2024, mainly audits of entities, but also special assignments covering specific and cross-cutting topics at various levels within the Groupe. The strengthening of integrated audits that include IT controls and data analysis continued in 2024.
In addition, 61 internal investigations into cases of suspected fraud and alerts reported via the Groupe’s internal whistleblowing system were conducted or supervised by the internal audit in 2024.
To carry out their assignments, the internal audit teams use a specific IT tool. The internal auditors’ work programs are aligned with the Groupe’s main ERP systems and use specific extracts and reports, in addition to the contribution of a dedicated tool for data analytics.
Internal audit assignments are systematically reported to, among others, the Groupe’s Chairman and Chief Executive Officer. A summary of all reports issued is presented at each Audit and Financial Risks Committee meeting.
The action plans proposed by the auditees based on the audit recommendations are monitored systematically by the internal audit team using an IT application. Additionally, specific on-site follow-up assignments are launched for the most critical reports or when action plan indicators clearly contradict the commitments made by the audited entities. A report on the implementation status of audit recommendations is regularly presented to country/regional management as well as to the Audit Committee.
Internal (particularly in terms of HR investigations) or external assistance is requested when needed to support the Internal Audit Department when special skills or techniques are necessary to conduct internal investigations.
The Internal Audit Department of Publicis Groupe works in accordance with the international professional standards issued by the IIA (The Institute of Internal Auditors) and first obtained the certification of its activities from the IFACI (French Institute for Audit and Internal Control) in March 2017. This certification confirms the ability of the Publicis Groupe Internal Audit Department to fully carry out its duties. It was renewed in March 2020, then in March 2023, and confirmed in March 2024 after annual follow-up audits.
