1

2010 EDITION
An adventure of enterprise
GROUP
INTERNAL
CONTROL CHARTER
2
2 3
TABLE OF CONTENTS
Introduction
FIRST PART
Overview of internal control
Defnition
Te mechanisms of internal control
Te limitations of internal control
SECOND PART
Internal control at PPR
Roles and responsabilities
A proactive approach at all levels
Internal control and risk evaluation tools

4
5
6
7
5
8
12
13
9
4
INTRODUCTION
Internal control management must more than ever be at the
heart of our priorities
Franois-Henri Pinault
PPR Group Chief Executive Ofcer
Internal control plays an essential role in corporate governance.
It enables the directors and managers to ensure the efcient
and economical deployment of the resources that are needed
to achieve their objectives.
Internal control operates from a preventative and organisatio-
nal perspective. Te aim is to set up measures to prevent fraud,
but also to minimise the risk of errors and failures in order to
strengthen company performance.
It forms part of a system for controlling the risks to which the
company is exposed, risks which could prevent the company
from reaching its targets.
As such, internal control needs to be understood and taken on
board by all the people in the organisation.
In a context of business development, particularly at the in-
ternational level, and the stepping up of regulations in general
and of corporate governance requirements in particular, this
Charter aims to reiterate the guiding principles of internal
control and to underline the role and the responsibilities of the
management within this framework.

5 4
OVERVIEW OF INTERNAL CONTROL

Defnition
Internal control is a system which is defned and implemen-
ted under the responsibility of the company. It consists of
a set of measures, practices, procedures and actions which
allow the company to control:
its activities, operational efectiveness and the efcient use of
its resources; and
signifcant risks, whether they be strategic, operational, f-
nancial or compliance-related.
In particular the system aims to ensure:
compliance with laws and regulations;
application of guidelines and instructions set by Executive
Management;
the smooth running of internal processes, particularly
those contributing to the protection of its assets;
the reliability of fnancial information.
As such internal control extends beyond a set of procedures or
fnancial and accounting processes.
FIRST PART
6
Te quality of the internal control system depends on the fol-
lowing mechanisms:
the control environment based on the code of conduct and
integrity set by management and communicated to all em-
ployees;
an organisational framework which clearly defnes responsi-
bilities, provides adequate skills and resources and is suppor-
ted by the appropriate procedures, information systems, tools
and practices;
the internal communication of relevant and reliable informa-
tion so as to provide each employee with the knowledge nee-
ded to exercise his/her responsibilities;
a system for identifying, analysing and managing the key
risks;
control activities that are scaled and adapted to the specifc
issues of each process;
constant surveillance and regular testing of the internal
control system.
Te internal control framework needs to be monitored and
modifed where necessary, so that the system can respond
quickly in any given context.

Te mechanisms of internal control

FIRST PART
6 7

Te limitations of internal control

FIRST PART
Internal control cannot provide any absolute guarantees as to
the realisation of the companys objectives due to the inherent
limitations to any internal control system. Tese limitations re-
fect a number of factors, notably uncertainties relating to the
outside world and failures that can arise due to human error or
simple error.
Additionally, when controls are being set up it is necessary to
take into account cost-to-beneft ratios and, in some cases, to
accept a certain level of risk rather than develop unnecessarily
costly internal control systems.
8
SECOND PART
INTERNAL CONTROL AT PPR
It is the responsibility of each Branch to set up an appropriate
internal control system that corresponds to its specifc situa-
tion (environment, tools, resources, procedures, practices,
etc.). Each Branch must ensure that internal control measures
are in place and that these measures are adapted to the specifc
characteristics of its activities.
Te centralising role of the holding company consists of provi-
ding a general framework that sets out the respective responsi-
bilities of the Branches and the holding company through the
Group Charter, as well as granting access to internal control
and risk evaluation tools. Te functional divisions also contri-
bute to the Group internal control efort by controlling and ad-
vising the Branches.
8 9
SECOND PART

Roles and responsabilities

Internal control is the concern of everyone: the Executive Ma-
nagement and all company employees.
Te key players are :
Te Executive Management of the holding company and of
the Branch, who are responsible for defning, coordinating and
overseeing the internal control system in their business. Te
Executive Management must set out the main structure of the
internal control framework.
Te Executive Management also sets out a risk management
policy to enable risk identifcation, the evaluation of the level
of risk and the defnition of an appropriate strategy for moni-
toring and managing risks.
It should regularly check that the internal control system is
capable of managing signifcant risks by taking into account
any breakdowns, failures or even excesses that are reported and
then ensuring that appropriate corrective action is taken.
Each CEO is responsible for the smooth running of the in-
ternal control system implemented for his/her business and
should report back to the Board of Directors in the Report
by the Chairman of the Board of Directors ... on the internal
control and risk management procedures implemented by the
Company.
10
SECOND PART
Management is the operating arm of the internal control sys-
tem upon which it relies to carry out its mandate and achieve
its objectives; as such it implements the internal control pro-
cedures associated with its feld of responsibility and ensures
that an appropriate internal control framework is in place.
Te employees must have the necessary knowledge and infor-
mation to implement, operate and monitor the internal control
system, depending on the targets that are assigned to them. As
part of their daily activities, they must respect the control prin-
ciples and rules and can help to improve and detect problems
with the system.
Te supervisory and assessment bodies are:
Te Audit Committee and the Board of Directors: the Audit
Committee, under the collegial responsibility of the Board of
Directors, must ensure that the internal control and risk ma-
nagement procedures are efectively monitored in compliance
with the 8
th
European Directive. Te Committee has a super-
visory role; it is not responsible for the daily monitoring of
the system which forms part of the Executive Managements
duties. Te reason for the existence of an Audit Committee wi-
thin each Branch is to ensure that responsibility is taken by the
Executive Management of each Branch and to ensure consis-
tency throughout the Group.
10 11
SECOND PART
Te Internal Audit and Risk Management Departments help
as part of their duties to assess the internal control system; they
must make recommendations in order to improve its functio-
ning.
Te Internal Audit and Risk Management Departments are
also responsible for managing and coordinating risk manage-
ment activities, notably through risk mapping and action plan
follow-ups.
Te Internal Audit Department reports to the Executive Ma-
nagement and the Audit Committee on the main results of its
evaluations.
Te statutory auditors examine the internal control processes
or the purposes of certifying the fnancial statements, by iden-
tifying strengths and weaknesses and assessing the risk of any
material misstatement and, if necessary, making recommenda-
tions. Tey must in no way substitute the role of the company
in the implementation of the internal control system.
12

A proactive approach at all levels

SECOND PART
A clear awareness of responsibilities, knowledge of the risks
and the measures needed to manage them is not enough to
create or develop a satisfactory control environment. Hence it
is down to each manager to adopt a proactive approach to the
tasks and controls that he/she is responsible for or which he/
she delegates to others.
In this perspective, it is important that each manager:
is exemplary in the strict application of the rules of conduct
and ethics and the principles of internal control in compliance
with the Code of Business Practices,
is personally active in improving and reinforcing the internal
control processes and in detecting any malfunctioning of the
system,
raises awareness as to the importance of internal control wi-
thin his/her teams, notably through training exercises,
ensures the correct application of the control principles and
rules within his/her scope of responsibility,
applies penalties for any breach of the rules,
encourages employees in their eforts to improve controls
and resolve any malfunctioning of the system,
calls upon employees to act with integrity in all circumstances
and to handle company property and resources in a way that is
in keeping with the Groups interests,
passes on experience of internal control incidents in order to
better anticipate and develop.
12 13
SECOND PART
Internal control and risk evaluation tools
In addition to the existing strategic planning and fnancial
control processes, PPR organises and provides the Branches
with self-assessment exercises relating to internal control
and risk mapping.
Self-assessment of internal control
Within each Branch and for each process identifed, the assi-
gned personnel are responsible for assessing internal control
levels as part of the key controls that are carried out to ensure
the correct running of their activities, in order to identify
weaknesses and implement corrective measures.
Self-assessment is not simply a reporting tool for the purposes
of the Internal Audit Department or the Audit Committee, it
is also designed to enable the Executive Management of each
Branch to obtain reasonable assurance of the strength of the
internal control framework. Te process allows the overall
level of the internal control system to be reinforced through
operational action plans.

14
Risk mapping
By identifying and prioritising risks, mapping provides the
Executive Management of the various Branches and the Group
with added reassurance as to the efectiveness of the controls
implemented and the decisions taken in respect of risks that
could impact the value of the companys assets and prevent it
from achieving its targets.
Te purpose of mapping is to implement appropriate mea-
sures to control risks and, where necessary, to allow for a de-
cision not to cover a risk if the cost of the measures needed is
deemed to exceed the potential cost relating to the impact of
the risk were it to arise.
SECOND PART
14 15
Published by the Internal audit department of the PPR group in June 2010
PPR SA (commercial company) with a share capital of 506 314 352 - 552 075 020 RCS Paris
10, avenue Hoche - 75381 Paris Cedex 08 - France
Tel. : +33 (0)1 45 64 61 00 Fax : +33 (0)1 45 64 60 00
ppr.com
Tis document is for internal use only by the employees
designated by the relevant entities of the PPR group.
Tis document is printed on fbre-based paper from forests managed in accordance
with sustainable development.
16
An adventure of enterprise