Orano - Annual Activity Report 2024 63 RISKS, CONTROL AND DUTY OF VIGILANCE PLAN 3 Internal control system 3.1.3 Organization of the internal control system Orano’s internal control system is based on the three lines of defense model. THE THREE LINES OF DEFENSE OF ORANO’S INTERNAL CONTROL Audit and Ethics Committee End-of-Lifecycle Obligations Monitoring Committee Executive Management External Audit Regulator Controls led by the management of each entity/function 1st line of defense Financial Control Internal Control and Compliance Human Resources Department Protection Department Quality Department General Inspectorate Insurance Department Export Control and International Sanctions Department Project Industrialization Department End-of-Lifecycle Obligations Control Department 2nd line of defense Internal Audit 3rd line of defense First line of defense By definition, control is specific to each organization. It involves the mobilization of human, material and financial resources, the organization of these assets, the deployment of specific objectives within the organizations and the implementation of prevention or detection controls. These activities are carried out by the employees and managers of each group entity, representing the first line of defense against the risks facing the Company. The preventive controls are carried out according to specific manual or automated procedures, involving, among other things, validations at appropriate levels of the organization. The controls for detection consist of a posteriori check carried out as part of specific oversight of performance, variances and anomalies (and facilitated by the existence of information systems, indicators, etc.). Second line of defense The “internal control” function, led by the Finance Department and the Risk, Compliance and Internal Audit Department within the Internal Control Committee (COCI), relies on a network of internal control coordinators appointed by each Business Unit and central department, whose main objectives are to: ● foster a culture of internal control and to follow up on the action plans; and ● feed back specific points requiring attention from the entities to the Internal Control Committee. The Corporate functions also act as a second line of defense due to their governing role and the oversight they have over the processes. These functions include in particular the General Inspectorate for the Safety and Security of Nuclear Facilities and the Protection of the Environment, the Quality, Protection, Compliance, Insurance, Financial Control, Human Resources and Export Control and International Sanctions Departments, as well as the Project Industrialization Department. The End-of-Lifecycle Obligations Control Department oversees the assessment of nuclear expenses as defined in Article D. 594-8 of the French Environmental Code. This department reports to the Chief Financial Officer of Orano and maintains a direct relationship with the Chairman of the End-of-Lifecycle Obligations Monitoring Committee (EoLOMC), to which it reports on its activities. Third line of defense Orano’s Internal Audit division within the Risk, Compliance and Internal Audit Department is active group-wide and in each business sector. This division is responsible among other things for reporting to the management bodies on its assessment of compliance and the effectiveness of the internal control systems deployed throughout the group. It conducts its activities completely independently, in accordance with the Audit Charter and international professional standards, under the supervision of the Head of Internal Audit. The Director reports directly to the Chief Executive Officer and maintains a direct relationship with the Chairman of the Audit and Ethics Committee, to which he or she reports on his or her activities.
RkJQdWJsaXNoZXIy NzMxNTcx