SFIL Annual financial report 2018

Management report I 1 17 Annual Financial Report 2018 SFIL Management report Report on corporate governance Consolidated financial statements in accordance with IFRS Annual financial statements in accordance with French GAAP Shareholders’ Meeting of May 29, 2019 General information The annual audit plan must be implemented from February 1 of the reference year to January 31 of the following year. For 2018, the implementation rate of the audit plan at the end of this period was 91%. This rate is higher than the 80% target ini‑ tially set. All outstanding missions as of January 31 were com‑ pleted by March 2019. The findings of each of these missions, as well as the recommendations made, have been submitted to the Executive Committee for discussion and decision, as well as to the Risks and Internal Control Committee. Follow-up on recommendations made after the missions con‑ ducted by the Internal Audit and Inspection division, regula‑ tory authorities or Statutory Auditors, as applicable, is carried out in a continuous and automated process to monitor the deployment of action plans resulting from these recommen‑ dations. Responsibility for the appropriate implementation of the recommendations lies with the identified managers. The follow-up of this implementation is the responsibility of the auditors and audit managers, based on their area of compe‑ tence. The validation of the progress status or completion of these action plans is the responsibility of the Supervisor and the General Auditor. All of these recommendations prompted continuous monitoring in 2018 and official reports based on their status as of May 31 and October 31, 2018, as well as pres‑ entations to the Executive Committee (in July 2018 and Jan‑ uary 2019) and the Risks and Internal Control Committee on September 4, 2018, and January 24, 2019. The Internal Audit and Inspection division is also in charge of the preparation, organization and follow-up of regulatory authority assignments carried out at the SFIL Group. It also coordinates the preparation of responses to reports and the monitoring of action plans subsequent to the recommenda‑ tions made. In addition, under the supervision of the Chairman of the Financial Statements Committee and the Risks and Internal Control Committee, the Internal Audit and Inspection division handles the organization of all the meetings of these commit‑ tees. It oversees compliance with the timely transmission and communication of information and files required for meetings and decision-making. It monitors the annual program of works set out by the chairmen of these committees. It also drafts the minutes of each of their meetings in close cooperation with the relevant chairman. Furthermore, it is responsible for the safe storage of discussion minutes. In 2018, it organized five meetings for the Risks and Internal Control Committee and four for the Financial Statements Committee. Lastly, the Internal Audit and Inspection division is also in charge of inspection at the SFIL Group. The purpose of this function is to play a role in fraud prevention, detection and investigation, and to propose corrective measures in the event of dysfunctions. This unit may also respond, in support of SFIL’s legal departments, to particular requests from its Legal division to provide information and facts that may serve the Company’s interests. SFIL’s General Management may also call upon the inspection function to carry out missions or address specific issues. In 2018, inspection function controls focused on compliance with the rules governing the staff’s use of SFIL’s resources, on access to sensitive computer directories and on compliance with the expenses spread sheet employees and travel expenses. is based on the IFACI (1) reference framework of professional internal audit practices. Furthermore, internal audit activi‑ ties have been mapped in the process dedicated to major risks management as part of the structuring and transver‑ sal mapping project of the SFIL Group’s activities. As an extension of this mapping, indicators have been reviewed in order to regularly monitor the effectiveness and perfor‑ mance of Internal Audit and Inspection division activities. Optimization tracks have also been identified and will be implemented in 2019. In line with the recommendations of the Institute of Inter‑ nal Auditors, the Internal Audit and Inspection division has adopted a top down approach for the annual risk assess‑ ment based on the identification of SFIL’s objectives fol‑ lowed by a study of risks critical to the success of those objectives. An annual risk assessment was carried out in the second half of 2018, giving rise to an update of the mapping of SFIL’s major risks. This mapping was compared to that of 2017. The results of this update and the aim of covering all the SFIL Group’s activities on a three-year cycle form the basis for the 2019 and multi-year audit and inspection plan proposed by the Internal Audit and Inspection division. This plan was approved by the Risks and Internal Control Com‑ mittee on January 24, 2019. The risk mapping is also pre‑ sented to the Board of Directors every year. SFIL’s multi-year audit plan, which is reviewed every year, is broken down into audit missions that are conducted through‑ out the year on the basis of a pre-established schedule and budget, dependent on audit resources. These various mis‑ sions include four main stages (preparation, accomplish‑ ment, conclusion and finalization). The audit methodology, which is based on IFACI methods, was reviewed in terms of operating efficiency and in particular to focus on the signifi‑ cant risks identified within the audited scope. Audit missions are carried out using this methodology, which is described in a regularly updated Company internal audit methodolog‑ ical manual. The audit missions are summarized in a report that is presented to the Executive Committee, which com‑ pares a general assessment of the mission’s theme with an evaluation of residual risks, enabling the Executive Commit‑ tee to validate their appropriateness to SFIL’s risk profile and make recommendations to improve the effectiveness of the processes and internal controls. In 2018, the internal audit missions focused on themes relat‑ ing to: •  The SFIL Group’s core business (management of export credit operations): •  Key operational processes (SFIL and CAFFIL bond issues and management of critical activities following the IT sim‑ plification program): •  Support processes (regulatory reporting, recruitments, external and internal communication, archiving prac‑ tices and management of outsourced physical and digital archiving services): •  Risk monitoring and internal models (annual and global risk assessment of the internal credit models and manage‑ ment of local government entity credit risk – calculation of limits and level of consumption, internal process for assessing liquidity adequacy and internal “market” valida‑ tion function). (1) Institut Français de l’Audit et du Contrôle Interne (IFACI).