2020

INTERNAL
CONTROL
MANUAL
ARaymond
INTERNAL CONTROL
MANUAL

Presidency note
Our Enterprise evolves  in a world of increasing changes
and disruptions offering numerous promising new oppor-
tunities along with many new risks and obligations.

Our internal growing complexity is accompanied and

nourished by the external increasing world risks and com-
pliance intricacy.

In order to maintain the integrity and reputation of our

Network, keep our values and commitments alive,  insure
the integrity and safety of our  organization and of our
personnel, we need to maintain and reinforce the nature
and quality of our internal controls.

For this important matter, we count on you for your full

support and contribution.

Antoine RAYMOND C.E.O

2
TABLE OF CONTENTS

WHAT IS INTERNAL CONTROL? p4

HOW TO READ THIS MANUAL ? p6

PROCESSES
1 . PURCHASE p8

2 . CAPEX AND LT LEASE p 10

3 . FINANCE p 11

4 . SALES & ENGINEERING p 13

5 . HR p 15

6 . HSE p 16

7 . QUALITY p 17

8 . LEGAL p 18

9 . RISK & COMPLIANCE p 19

10 . IT p 21

11 . LOGISTIC p 22

12 . CUSTOMS p 23

13 . MANUFACTURING p 25

14 . SUMMARY OF SAPIN II KEY CONTROLS p 26

3
WHAT IS INTERNAL
CONTROL?

What is internal control?

The ARaymond internal control system aims at proactively mitigating risks in all our bu-
siness areas, improving our efficiency and ensuring our long-lasting success. It covers:

• Compliance with laws and regulations.

• Application of NCG’s (read and share the latest version up-to-date).

• Efficiency of internal processes.

• Reliability of financial and non-financial information.

What is not internal control?

• Internal control is not limited to a set of procedures dedicated to financial and accounting
processes… it gathers for all domains (operations, sales, HR, legal…), behaviours and
values applicable at every level of the organisation.

• Internal control does not take time away from our core activities… but are built into
business processes.

• Internal control is not only internal auditors’ concerns… but it is everyone’s business.

4
To clarify and support Internal Control within
AR Network, a set of tools are available:

THIS INTERNAL CONTROL HANDBOOK PRESENTS FOR KEY PROCESSES.

• Compliance with the Law SAPIN II (French anti-corruption law applicable in all our
network companies)
• the major risks incurred;
• the related internal procedures;
• the top Internal Control principles.

3 LINES OF DEFENCE:

• Level 1 = Management control - daily & operational controls

• Level 2 = Controller review - test sheet and analytical review
• Level 3 = Internal or external audit report
All certifications (ISO, IATF, QS,…) do not substitute for the completion of Level
1 and Level 2 controls or an internal audit review. This will, however, make these
controls easier to perform.

AR NETWORK NORMS AND PROCEDURES: NCG’S, EXECUTIVE HANDBOOK,…

TRAINING AND DEDICATED COMMUNICATION.

AN ANNUAL UPDATE OF SELF-ASSESSMENT CAMPAIGN WITH THE LATEST

VERSION AVAILABLE BEFORE EACH ON-SITE INTERNAL AUDIT ICARE AIMING TO:

• provide a set of best practices;

• have a clear vision of your Internal Control quality level;
• be better prepared for internal audits;
• perform a follow-up of action plans.

5
 HOW TO READ
THIS MANUAL ?

The following chapters present a mapping of ARaymond’s processes. For each of them,
a reminder of the key internal control principles is spelled out.
You will come across the icons displayed below. They help you to quickly identify inter-
nal control principles applicable to your level within ARaymond organization.

PLANT SSC

PLANT SHARED SERVICES CENTER /

Addressed to HUB REGION
the plant daily works.
Addressed to the AR’s Shared
Services Center.

COMPANY NETWORK

COMPANY NETWORK / CORPORATE

Addressed to local Senior Addressed to AR Network HQ as a consolidating
or Executive Management. company. IC principles are managed by network Process
Officer and aim at implementing network procedures,
norms, transversal activities…

6
PROCESSES

7
 1 PURCHASE
AR NETWORK NORMS / PROCEDURES:
• NCG’s note 6
• Procedure related to new supplier registration and Master
• file change (supplier ID form)
• ARaymond Network Accounting Manual
• ARaymond Code of Conduct & Ethics
• Anti-corruption Guideline
• Conflict of Interest Guideline
• ATOMS
1 - PURCHASE PROCEDURE
Purchasing is the formal process of buying
goods and services. It usually starts with a
demand or requirements. In general, the pro-
cess includes 7 main steps:
ALL 1. The definition of the specifications (RFD/RFI);
2. Sourcing and analysis of the supplier market;
3. The definition of the purchasing strategy;
4. The selection of suppliers: check the
supplier financial aspect and sign the NDA
agreement if needed;
5. Due diligence checks on conflicts of interests
and integrity of the business partner;
6. The negotiation;
7. The contract deployment, PO and supplier
development.
SAP entities:
Specific procedure with Purchase Request (PR)
and Purchase Order (PO). One time vendor to
be used only exceptionally, refers to a specific
procedure.
ATOMS principles should be the base of
Business Support organisation (transversal flow
orientation, value creation, autonomous team).
2 - ENGAGEMENT DELEGATION PROCESS
Ensure that Delegation matrix has been imple-
mented with threshold for PR and PO.
NETWORK
COMPANY
3 - GENERAL PURCHASE CONDITIONS
The current general purchasing terms and
conditions have to be reviewed and approved
by both the Finance and Legal departments.
NETWORK
COMPANY
8
KEY RISKS / CONCERNS:
• Inadequacy of terms of local or international purchase
contracts with AR Network requirements
• Inappropriate / unauthorized PO are placed due to a lack
of monitoring
• Misappropriation of funds (unauthorized change to
the suppliers master file)
• Infringements with respect to Personal & Company
data protection
4 - SPECIFIC ETHICAL RULES FOR PURCHASES
We believe being compliant with all applicable
laws and regulations and having high ethical
standards is the way to secure the long-term
success of ARaymond.
These standards are detailed in the Code of
ALL
Conduct & Ethics.
ARaymond understands that its Employees
know instinctively what is right and what is not.
Our general rule is, if something doesn’t feel
right, don’t do it.
5 - PURCHASE FORM
Ensure that all purchases comply with the
ARaymond Network Collaboration guidelines
PLANT and reviewed by direct management.
COMPANY
Procedure of PR has to be applied for all pur-
chase forms.
6 - QUOTATION FOR CAPEX
All CAPEX has to have 3 different quotations
with a minimum of 2 to be compliant with
NETWORK
ARaymond Network guidelines. The country or
COMPANY BU will have to adapt it according to the sub-
category and the amount defined locally with
a procedure.
7 - MOLD & TOOLS PURCHASE
All moulds & tools purchases must have 3
different quotations with a minimum of 2 to be
COMPANY
compliant with ARaymond Network guidelines.
For M&T the Customer PO is required before
PO. The country or BU will have to adapt it
according to the sub-category and the amount
defined locally with a procedure.
8 - OVERHEAD & SERVICES PURCHASE
All overheads must have 3 different quotations
with a minimum of 2 to be compliant with
ARaymond Network guidelines. The country or
NETWORK
COMPANY BU will have to adapt it according to the sub-
category and the amount defined locally with
a procedure.
9 - SUPPLIERS PAYMENT IN ADVANCE
Mostly applied for CAPEX, all payments made
in advance have to respect the SAP down
payment process.
NETWORK
COMPANY
10 - CREATION OF A SUPPLIER ACCOUNT
Creation of a new supplier account, we must
have a formal authorization with an approval
by the purchasing department and with credit
COMPANY
analysis and integrity evaluation.
11 - SUPPLIERS COMPETITION AND RATING
At least once a year, your relevant suppliers
must be evaluated (audit / rating check list,
internal evaluation, credit & integrity analy-
COMPANY
sis…).
Always promote competition (negotiation,
contracting, risk and control on cost) to have
the best TCO (price, quality, service).
12 - SUPPLIER BANK DETAILS MODIFICATIONS
Ensure that you check with your regular
contact of your supplier before ALL bank details
modifications. The SAP double checks have
COMPANY
to be done after this control (phone / email /
confirmation letter).
13 - PURCHASE COSTS VARIATION
The purchasing department have the possibility
to provide all the information, documents, files,
graphics etc. in order to explain the RM prices
COMPANY
evolution that impact our P&L.
14 - SECURING PLAN FOR SUPPLIER
It is highly recommended to deal with several
suppliers to avoid mono-sourcing.
The world wide double source initiative should
COMPANY
allow us to better secure our business ; (to be
check locally)
9
15 - SUPPLIER INSURANCE
Ensure that we obtain all the supplier insurance
certificates, and control their level of coverage
annually.
COMPANY
16 - GIFTS & INVITATIONS OFFERED OR RECEIVED
The current threshold for gifts, business meals,
invitations and other Benefits is 50 € / per
person. No gift or invitation should be received
COMPANY
or offered regularly.
In the event of any gifts or invitations payed
for with an expense note, the information
provided must be sufficiently detailed to ensure
transparency and appropriate controls may be
operated correctly.
Any gift or invitation > 50€ should be declared
on the Safecall Gift & Invitation Platform.
SAPIN 2 – LEVEL 2
17 - CONSULTING FEES
Testing of a selection of consulting fees based
on location of the services, nature and value of
services rendered is required.
COMPANY
18 - GIFTS OR INVITATIONS OFFERED
OR RECEIVED
We expect that our Employees or anyone
acting on our behalf, do not offer, grant or
accept any benefits that could be considered
as inappropriate or could result in improper
performance of the person’s professional duties.
COMPANY
Not recommended & must declare via the
SAFECALL gift & invitation platform when the
amount per person if > 50 €
www.safecall.co.uk/gift
Id : Araymond
Password : Araymond
Please refer to anti-corruption guideline.
 2 CAPEX AND LT LEASE
AR NETWORK NORMS / PROCEDURES: KEY RISKS / CONCERNS:
• NCG’s note 6 • Error on depreciation method
• ARaymond Network Accounting Manual • Investment not approved
• Capital expenditure process in ARaymond • Intellectual Property
• Standard specifications for CAPEX 

1 - CAPEX PROCEDURE 5 - AMORTIZATION RULES

The primary objective of the procedure Capital
expenditure process in ARaymond and ARay-
mond Network Accounting Manual is to esta-
blish and maintain a framework for evaluating,
selecting and funding Capital Projects but also
ALL to establish uniform depreciation methods and
estimated useful lives.
All CAPEX have to be requested and validated
by local management. If >50k€, validation is
mandatory by Finance, Operations and Purcha-
sing Officers (except M&T).
Any equipment installed in the factory free of
charge for testing purposes with the intention
to buy has to follow the same CAPEX approval
process.
2 - CAPEX MONITORING
Useful life is the period over which an asset is
expected to be available for use by an entity.
PLANT For start of depreciation and useful life duration
COMPANY
please follow the ARaymond Network Accoun-
ting Manual.
Any unused asset not fully amortized or if a
shorter useful life is identified then an impair-
ment should be calculated and booked accor-
dingly. Network CFO must be informed when
the amount is over 50K€.
6 - MOLDS & TOOLS PROTECTION
Access to molds and tools must be limited, pro-
tected against flood and fire and the ownership
PLANT is easily identifiable.

All CAPEX have to be monitored in the ERP

accounting system individually (with all CAPEX
related costs).
NETWORK
COMPANY
7 - ASSETS DISPOSAL
The Finance department approves the asset
disposal and updates the accounting asset
3 - MOLDS & TOOLS ACCOUNTING PROCESS ledger with proper documentation.
PLANT
COMPANY
All M&T investment costs include all direct costs
including internal costs such as time spent by
tooling department to create the asset.
NETWORK
COMPANY
Accounting process is based on the M&T 8 - ASSET MAINTENANCE
ownership: asset or inventory. All strategic assets must have a maintenance
Please refer to the ARaymond Network Accoun- plan and/or contracts.
ting Manual. PLANT
COMPANY

4 - ASSET INVENTORY
The asset inventory has to be carried out at
least every 5 years. This inventory has to be
reconciled with the asset accounting ledger.
Any corrections have to be validated by the
local Finance and Operations managers.
ALL
9 - LONG TERM LEASE
Any long term lease over 12 months where the
original amount is above 50 K€ must follow the
same treatment for authorization as a regular
capital expenditure.
ALL

10
 3 FINANCE
AR NETWORK NORMS / PROCEDURES:
• ARaymond Network Accounting Manual
• NCCP
• NCG’s
• Procedures related to Reporting/Consolidation
• Code of Conduct & Ethics
• Anti-corruption Guideline
1 - NETWORK ACCOUNTING MANUAL
The Manual defines all ARaymond accoun-
ting principles and reporting rules. It is then
considered as the reference for all AR Network
accounting matters. These policies are appli-
cable to all ARaymond Network’s entities.
ALL
Any deviation to these policies should be dis-
closed and approved by the Network CFO and
coordinated by Network Accounting Manager.
It is the responsibility of local controllers to en-
sure the accuracy of their respective reporting
and financial statements in accordance with
the ARaymond Network Accounting Manual.
2 - PAYABLES, RECEIVABLES & LOANS
REEVALUATION
All your payables, receivables and loans in
foreign currency have to be evaluated monthly
at the closing rate sent by the Network accoun-
NETWORK
COMPANY ting manager.
3 - GRANT, INCENTIVE
Any request for a grant or incentive shall be first
authorized by the Network CFO. If any commit-
ment has been taken, please report status every
NETWORK
COMPANY
year to the Network Accounting Manager.
4 - CREDIT CARD
A procedure that defines who, what and how
(uses / thresholds etc. ...) must be in place.
COMPANY Credit cards should be linked to the personal
bank account and must only be used for profes-
sional expenses. A temporary card verification
code (CVC) is recommended.
11
KEY RISKS / CONCERNS:
• Inadequacy of terms of local or international law / norms
with AR Network requirements
• SOD conflicts
• Frauds / corruption / errors
5 - ERP AND REPORTING MATCH
Ensure the accounts are comprehensive
between ERP and BOARD and follow Network
accounting rules.
ALL
6 - STATUTORY CONSOLIDATION PROCESS
The consolidation perimeter has to be known
by all the people involved in the process.
PLANT Reconciliation between local accounting rules
COMPANY
and consolidation must be documented.
Intercompany account balances should be
declared in the BFC system using the ARay-
mond Network reporting package line items.
Intercompany accounts should be reconciled
at least twice a year (October month-end
and December month-end) and any invoice
received by a sister company must be booked
during the same period for all.
7 - SEGREGATION OF DUTIES
All entities should implement SAP SOD
SUSAND and must reach and maintain silver
certification.
COMPANY
Any company not using SAP must respect SOD
standards.
8 - OFF-BALANCE SHEET COMMITMENTS
Any off balance sheet commitments such as
guarantees from/to bank, long term lease,
mortgage, swap, exchange rates hedging, pen-
NETWORK
COMPANY sion… must be approved by Network CFO.
9 - BANK RECONCILIATIONS
The bank reconciliation has to be done regu-
larly, verified and approved by the Finance
manager or MD (if Finance manager is alone)
COMPANY
for all banks and all accounts.
10 - PAYMENT >1500€
For all payment file/run/campaign > 1500€ or
currency equivalence, a double signature is
mandatory to release payment to the bank.
COMPANY
11 - BANK ACCOUNTS OPENING AND CLOSING
Only the Network CFO may authorize a new
bank partner.
COMPANY Obligation to inform the Network Accounting
Manager before opening an new account in an
existing bank or closing an account.
12 - PETTY CASH
It is not recommended to have petty cash in
place in local entity. If one exists, all operations
have to be justified, limited in terms of amounts
COMPANY
/ nature and a petty cash inventory has to be
operated and approved at least quarterly.
13 - STATUTORY AUDITORS
All network companies are required to provide
to the Network CFO and the Network Accoun-
ting Manager the external audit report.
COMPANY
Any change of auditors must be approved by
Network CFO.
All comments or observations have to be
reported to the Network CFO and the Network
Accounting Manager.
14 - TAX AUDIT
Any new audit from Tax must be reported to
Network accounting manager and Network
CFO when announcement is received.
COMPANY
12
15 - FRAUD
In the event of an attempted fraud, inform both
the Internal Audit & Control Department and
the Risk & Compliance Department.
In the event of evidence of fraud, inform both
the Internal Audit & Control Department and
ALL
the Risk & Compliance Department and the
Network CFO.
16 - ATOMS
ATOMS principles should be the base of
Business Support organisation (transversal flow
orientation, value creation, autonomous team).
ALL
SAPIN 2 – LEVEL 2
17 - TAX FINE
A testing on a selection of the tax fine have to
be performed on the same period and country
where payment occurred.
COMPANY
18 - LOCAL ANALYTICAL REVIEW
All key variations are explained and docu-
mented on a periodic basis as an analytical
review of BS and P&L of your activity and valida-
COMPANY
ted by the MD.
On a quarter basis, the Finance Manager for-
malizes the review of Gifts offered / Consulting
fees / Customs duties / Tax fine, commercial
intermediaries and donations and sponsoring
accounts (political contributions are strictly
forbidden by AR Anti-corruption Guidelines).
19 - REPORTING REVIEW
A quarterly periodic review must be performed
by the corporate finance department inclu-
ding an analytical review then reporting P&L
NETWORK
and BS and other KPIs are by finance manager,
reviewed by MD and presented to the corpo-
rate. This review must be formalized.
 4 SALES & ENGINEERING
AR NETWORK NORMS / PROCEDURES:
• NCG’s note 2 and 3
• Procedure related to new customer registration/Master
file change (client ID form).
• Code of Conduct & Ethics
• Anti-corruption Guideline
• Conflict of Interest Guideline
• Automotive Pricing Tool
1 - BASIC PRINCIPLES
All deals have to have a contract.
All contracts generate an invoice and all
deliveries generate an invoice (a review of
delivery or services without invoice should
ALL be performed).
Always use the current sales terms and
conditions validated by the Legal depart-
ment.
All sales agreements have to be validated by
the legal department.
All business is to be conducted in an ethical
and legal manner.
GAM instructions have to be validated by
the legal department and correctly imple-
mented.
ATOMS principles should be the basis of
Business Development organisation (flow
orientation, value creation, autonomous
team).
2 - TRANSFER PRICING RULES
Calculation of AR Network Intercompany
prices has to respect the process defined in
the current ARaymond NCG’s.
ALL
13
KEY RISKS / CONCERNS:
• Inadequacy of terms of local or international sales
contracts with AR Network’s clients
• Quality
• Negative margin
• Fraud / Corruption
• Infringements with respect to Personal & Company
data protection
3 - MASTER DATA
CLIENT MASTER DATA:
The access to the client master data file
has to be limited to a restricted number of
PLANT
COMPANY employees, secured and only with authori-
zation from Sales manager or MD.
A process has to exist for the creation of a
client in the database. All client database
modifications have to be validated by the
Sales manager or MD.
PRODUCT MASTER DATA
CAD DATA Management :
CAD Data creation and management (3D
models and Drawings and CAD related
documents) should be done following
Guidelines mentioned in P08
(https://araymond.jiveon.com/docs/
DOC-9501)
Product Creation process:
Product creation process should be done
following guidelines mentioned in NP09
(https://araymond.jiveon.com/docs/
DOC-8899)
The Data Premium Classification Code pro-
cess has to be respected (Catia/Creo).
Engineering Resources sharing:
When required, Engineering resources
needs should be addressed using PSP tool
and following the procedure embedded
into the tool.
http://psp.ar.ray.group/psp.html
4 - ADVANCED PAYMENT
Any advanced payment for obtaining a custo-
mer contract is forbidden (except where valida-
tion has been provided and contract signed by
NETWORK
COMPANY MD, Network BDO and Network CFO).
5 - CLIENT OVERDUE PAYMENTS
Client overdue payments are managed in the
client database and followed at a local level and
reminders sent on a monthly basis.
NETWORK
COMPANY
6 - CLIENT OUTSTANDING
The client outstanding has to be followed on
daily basis and a process exists in case of client
outstanding excess, taking into account the
NETWORK
credit limit of that client.
COMPANY
7 - CASH COLLECTION
A cash collection procedure has to be in place,
with specific client review by the Sales manager
and his/her team.
NETWORK
COMPANY
8 - PRICE SETTING
Automotive direct customer pricing should be
set by using the Pricing Tool and in line with the
local Pricing Guideline agreed margin levels.
NETWORK
COMPANY
(http://pricingtool.ar.ray.group/pricingtool.
html)
For other markets, margin level must be vali-
dated locally by Sales Manager and by MD if
under defined threshold.
9 - CREDIT NOTE
A credit note procedure has to be in place.
All credit notes have to be documented and
justified.
NETWORK
COMPANY • Quality issue: Quality manager approval
• Price variance: Sales manager approval
• Rebates: contract approved and signed by
Sales manager and MD.
10 - COMMERCIAL INTERMEDIARIES
& DISTRIBUTORS
In case of use, a Commercial Intermediaries or
Distributors contract has to be implemented
including:
NETWORK
COMPANY
• Definition of services and associated revenue;
• Limits on commissions paid;
• Agreement with anti-corruption clauses;
• Specific control regarding payments.
The selection & evaluation process for new or
existing partners must include screening with
respect to AR Code of Conduct & Ethics.
See refer to Risk & Compliance requirements.
14
11 - GIFTS OFFERED OR RECEIVED
Employees should not offer or accept gifts that
are not in line with the restrictions as defined in
the Anti-corruption Guideline.
COMPANY
The current Netowkr threshold for gifts, busi-
ness meals, invitations and other Benefits is
50 € / per person. No gift or invitation should
be received or offered regularly.
In the event of any gifts or invitations payed
for with an expense note, the information
provided must be sufficiently detailed to ensure
transparency and appropriate controls may be
operated correctly.
Any gift or invitation > 50€ should be declared
on the Safecall Gift & Invitation Platform.
Any local procedure must contain the following
points: Dedicated thresholds, People authorized
to offer gifts, Nature of gifts, Approval workflow
& Restricted periods and frequency.
ARaymond only permits Benefits in the form of
gifts or invitations to cultural or sports events.
No Benefit should represent a significant per-
sonal value for the person receiving or offering
the gift or benefit.
All gifts have to be declared and recorded in a
dedicated account with accurate and detailed
wording.
SAPIN 2 – LEVEL 2
12 - MARGIN LEVEL AND PROFITABILITY
On a monthly basis, the Finance manager for-
malizes the profit level by reference/client and
carries out a review with the MD.
COMPANY
13 - GIFTS OR INVITATIONS OFFERED OR RECEIVED
Referring to point 11, a Testing on a selection of
gifts based on risky population, specific periods
(e.g. tender process), nature and value of the
COMPANY
gift offered has to be performed quarterly.
We expect that our Employees or anyone
acting on our behalf, do not offer, grant or
accept any benefits that could be considered
as inappropriate or could result in improper
performance of the person’s professional duties.
Not recommended & must declare via the
SAFECALL gift & invitation platform when the
amount per person if > 50 €
www.safecall.co.uk/gift
Id : Araymond
Password : Araymond
Please refer to anti-corruption guideline.
14 - COMMERCIAL INTERMEDIARIES
Referring to point 10, a testing on a selection of
commercial intermediaries based on : location,
nature of services, fees and percentage of
NETWORK
remuneration has to be performed quarterly.
 5 HUMAN RESOURCES
AR NETWORK NORMS / PROCEDURES:
• HR Global Reporting Handbook
• AR Network Travel Policy
• International SOS training
• Code of Conduct & Ethics
• Anti-corruption Guideline
• Conflict of Interest Guideline
• ATOMS
1 - HR PROCEDURE
HR procedures must define the following topics :
• Recruitment
• Training & development with respect to opera-
tional, legal or regulatory requirements
• Departure
ALL • Local regulation monitoring
• The minimum documentation expected for a
new employee
• HR data management in compliance Network
standards (ex. GDPR)
• Key people back up / continuity plan
ATOMS principles should be the base of
Business Support organisation (transversal flow
orientation, value creation, autonomous team)
2 - TEMPORARY AND PERMANENT RESOURCES
A procedure has to be in place to validate the
requirements and qualifications of staff recruit-
ments.
NETWORK
COMPANY All recruitment requests have to be approved
by local HR (for temporary) and corporate HR
(for permanent positions).
All employment contract templates have to be
reviewed and approved by a labor law lawyer.
Fixed and variable remuneration have to be
approved by Local HR.
MD Compensation and Benefits package is
managed by corporate HR.
3 - PAYSLIPS
All payslips have to be produced at least once a
month and according to local regulation.
NETWORK The different payroll topics such as shift pre-
COMPANY mium , days off, sickness, salary
increase are handled by HR under local mana-
gement accountability and local controller
control
15
KEY RISKS / CONCERNS:
• Inappropriate / unauthorized
recruitment or compensation and benefit
• Payroll system modifications
• Inappropriate expense reimbursement
• Fraud / Corruption
• Infringements with respect to Personal
& Company data protection
4 - PAYROLL IT SYSTEM
The access to the payroll system has to be secu-
red with a restricted access according segrega-
tion of duties rules.
Any changes to Payroll outsourcing has to be
declared to Finance & HR corporate.
ALL
5 - PAYROLL FRAMEWORK
On a monthly basis, Finance department
match : calculated pay / uploaded pay / paid
amount and perform a pay analytical review.
PLANT
COMPANY
6 - TRAVEL POLICY AND EXPENSE
Travel Policy and Expense process are under the
responsibility of HR department, the control is
performed by Finance department.
Expense claims must be subject to hierarchical
validation and documented justification.
ALL
In the event of any gifts or invitations, the infor-
mation provided must be sufficiently detailed
to ensure transparency and appropriate
controls may be operated correctly according
compliance rules.
They must be reviewed and approved by
manager (including for MD).
The highest level of management must pay
expenses for events or invitations where a num-
ber of ARaymond personal are present.
Automatic blocking controls have to be in
place in the Expense management software
(e.g.: expense greater than authorized amount).
All these topics has to be checked by local
Controller.
7 - ANNUAL REVIEW
A formalized annual review has to be realized
with each employee once a year to debrief the
achievements and discuss new objectives.
ALL
 6 HEALTH, SAFETY, ENVIRONMENT

AR NETWORK NORMS / PROCEDURES: KEY RISKS / CONCERNS:

• Procedure related to new supplier registration • Lack of efficiency
and Master file change (supplier ID form) • Business relationship
• Internal Environmental Guidelines • Human
• Internal Health & Safety Guidelines • Continuity of activity
• Code of Conduct & Ethics • Fraud / Corruption
• Anti-corruption Guideline • Infringements with respect to Personal
& Company data protection
• Conflict of Interest Guideline
• ATOMS

1 - INTERNAL ENVIRONMENTAL GUIDELINES / 4 - FIRE AND SECURITY

INTERNAL HEALTH & SAFETY GUIDELINES
Internal environmental guidelines and internal
health & safety guidelines have to be in place,
known and applied by every AR employee in
their daily work.  fighting equipment is easily identifiable and
Leadership in Energy and Environmental Design
ALL
is known and applied.
Management of dangerous products starts with
a secure storage area.
PLANT Fire detection systems must be in place, opera-
COMPANY
tional and verified by an external company. Fire
accessible.
Furthermore, ensure that a fire alert procedure
is implemented and an evacuation exercise is
carried out at least once a year.

2 - HEALTH, SAFETY & ENVIRONMENT PROGRAM
A local correspondent must be identified.
In case of certification, an HSE program exists
PLANT and is audited independently.
COMPANY
A yearly report has to be produced and provi-
ded to the local management.
ATOMS principles should be the basis of busi-
ness organisation (transversal flow orientation,
value creation, autonomous team).
3 - HEALTH AND SAFETY
M&T have to be stored in a dedicated fired
secured area.
5 - ENVIRONMENT
In an approach to reduce the environmental
impact, HSE people have to implement indica-
tors to follow water & energy consumption and
PLANT
COMPANY savings.
An environmental impact study relative to the
company’s activities on the neighborhood
should be carried out.

Safety rules have to be explained, shared, LEED Silver certification is required for new
displayed and reminded frequently to mitigate buildings.
professional risk and health exposures.
PLANT
COMPANY Individual protective equipment has to be worn
by all employees and visitors on site.
Machines have to be correctly protected and
verified frequently.
Safety figures have to be reported on a monthly
basis through the global tool, available in the
SHARE group “Environmental and Safety team”.
Incidents have to be shared among the team
upon occurrence.

16
 7 QUALITY
AR NETWORK NORMS / PROCEDURES:
• NCG’s note 4
• Procedure related to new supplier registration
and Master file change (supplier ID form)
• Red Alert Form
• Code of Conduct & Ethics
• Anti-corruption Guideline
• Conflict of Interest Guideline
• ATOMS
1 - INTERNAL ENVIRONMENTAL GUIDELINES /
INTERNAL HEALTH & SAFETY GUIDELINES
High quality delivery starts with :
• Supplier selection follows a formalized decision
process (criteria);
NETWORK
COMPANY • Control of the incoming product quality;
• Quality controls performed during and at the
end of the manufacturing process;
• Specifications have to be defined by dedicated
& qualified people;
• Certification audits are performed by inde-
pendent agencies;
• Quality program is in place;
• Process exist for items that fail quality criteria;
• Supplier audits;
• Serial deliveries are conditioned by the formal
approval of the PPAP by the partner/customer;
• AQP status is given after 3 consecutive and
different successful batches.
2 - SUPPLIER SELECTION
All suppliers should be selected through a
robust selection process.
NETWORK AR entities (partners) are treated as Supplier/
COMPANY Customer (serial deliveries conditioned by PPAP
approval between entities).
3 - SUBCONTRACTING SERVICE QUALITY
There must be a robust selection process for
subcontractors based on commonly agreed
criteria by dedicated and skilled personnel.
NETWORK
COMPANY Organization and processes have to be in place
to ensure a high quality of service.
17
KEY RISKS / CONCERNS:
• Lack of efficiency
• Business relationship
• Continuity of activity
• Fraud / Corruption
• Infringements with respect to Personal
& Company data protection
4 - QUALITY SYSTEM / QUALITY CULTURE
The organization must be formalized and
enables ARaymond to meet the business
purpose.
COMPANY
The implementation of a quality system must
be considered.
When the company has a quality system, it
is based on the latest version of the market’s
referential.
The quality system must be owned by the MD.
Quality culture principle is based on “Bien Faire”
Quality Mindset.
ATOMS principles should be the base of busi-
ness organization (transversal flow orientation,
value creation, autonomous team).
5 - CLIENT INCIDENTS
In the event of a major incident, a Red Alert
Form has to be formalized by the entity
involved and communicated to all the mana-
PLANT
COMPANY gement team (Raygroup Officers + Quality
Coordinator + Risk & Compliance Manager).
At Network level specific insurance contracts
have to cover the potential first and third party
financial exposures.
6 - NON QUALITY
The entity has a structured problem solving
activity (based on QRQC). The entity shares its
lesson-learned (LLC) with sisters companies.
PLANT
COMPANY
The Local Management has to follow monthly
KPI (e.g. number of incident, cost of non qua-
lity, …)
Quality improvement plan related to this Qua-
lity KPIs must be in place.
 8 LEGAL
AR NETWORK NORMS / PROCEDURES:
• NCG’s note 2
• Anti-corruption guidelines
• Code of Conduct & Ethics
• Anti-corruption Guideline
• Conflict of Interest Guideline
• ARaymond Network accounting manual
• ATOMS
1 - EXTERNAL LEGAL ADVISOR
The external legal advisor and the standard daily
fees for Commercial, Corporate and IP have to be
approved by the Corporate Legal department.
The HR legal matters (Labor law) are covered by
the HR department with external legal support.
ALL The Fiscal legal matters (Tax) are covered by the
Finance department with external legal support.
2 - CLAIMS
All the Commercial, Corporate and IP claims
must be managed according to the Claims
Management Procedure (in progress) as defi-
ned by the Corporate Legal department.
ALL
3 - DISCLOSURE
A non disclosure agreement (NDA) has to be
systematically used in your business relation-
ships.
The standard AR NDA and confidentially
contracts should preferably be used.
ALL Any deviation from this practice should be
validated by Legal department.
4 - CONTRACTS
All contracts should be managed according
to the Contract Management Procedure using
the Enterprise Content Management (ECM)
platform (replacing LYS).
ALL
5 - IP AND LICENSES
Ensure that all Intellectual property or license
transfers are approved by Corporate Legal
department.
All patents are filed by the Corporate Legal
department.
ALL Any local filing must be approved by the Legal/
IP Department.
18
KEY RISKS / CONCERNS:
• Continuity of activity
• Business relationship
• Fraud / Corruption
• Infringements with respect to Personal
& Company data protection
6 - NETWORK COMPANY
Articles of association may only be produced
and held by the Corporate Legal department.
Certified or standard copies may also be held
NETWORK
locally.
COMPANY
Companies may only be created following the
validation of Corporate Legal department &
Presidency.
Any changes/modifications related to the
Companies (corporate matters: change of HQ
address, etc.) need to be notified to the Corpo-
rate Legal department
All other Network companies’ legal documen-
tation related to Corporate law are held by the
Corporate Legal department in the Headquar-
ter in Grenoble.
7 - ATOMS
ATOMS principles should be the base of
Business Support organization (transversal flow
orientation, value creation, autonomous team).
ALL
SAPIN 2 – LEVEL 2
8 - LEGAL AND ADVISORY FEES
Testing of a selection of consulting fees based
on location of the services, nature and value of
services rendered is required.
COMPANY
 9 RISK & COMPLIANCE
AR NETWORK NORMS / PROCEDURES:
• NCG’s
• Code of Conduct & Ethics
• Anti-corruption guidelines
• Conflict of Interest Guidelines
• Whistleblower procedure
• ARaymond Network Accounting Manual
1 - CODE OF CONDUCT & ETHICS
The Code of Conduct & Ethics should be disse-
minated with the organization and incorporated
into the training provided to the organization’s
employees.
Insofar as the Code of Conduct & Ethics is used
ALL
to define the compliance required of employees,
it should be incorporated into the employment
regulations.
The Code of Conduct & Ethics should be made
available to the employees in paper and digital
format and easily accessible via the ARaymond
intranet platform.
2 - WHISTLEBLOWING
The internal whistleblowing system is the
procedure that enables ARaymond employees
to disclose potentially non-compliant behaviors
and situations to the Risk & Compliance Mana-
ger. The Objective is to eliminate such beha-
ALL viors and situations and to impose sanctions
where appropriate.
Information concerning the Whistleblower
system should be made available to the em-
ployees in paper and digital format and easily
accessible via the ARaymond intranet platform.
3 - GLOBAL & CORRUPTION RISK MAPPING
Each ARaymond entity should have an updated
Global Risk Map and also a Corruption Risk Map.
Risk Mapping helps ensure a more secure busi-
ness model, insofar as:
It provides knowledge of the organizations
ALL
specific internal & external risks and of the
managerial, operational and support processes
for its activities;
Risk mapping requires identifying the roles and
responsibilities of the players involved at every
level of the organization.
Each Risk Map should have an associated
Action Plan the defines the risk owner, actions,
deadlines and appropriate KPIs.
The Risk Maps & Actions plans are reviewed
regularly by the Management team.
19
KEY RISKS / CONCERNS:
• Fraud / Corruption
• Infringements with respect to Personal
& Company data protection
• Continuity of activity
• Business relationship
4 - FIRE AND SECURITY
Due diligence serves two purposes:
1. It informs the decision to start, continue
or end a business relationship;
2. It enhances the effectiveness of measures to
prevent and detect corruption implemented
ALL on the basis of the risk map & third party due
diligence.
Due diligence focuses on the third parties with
which the organization has or is about to start
a relationship.
This includes suppliers, service providers,
clients, joint ventures and acquisitions.
5 - TRAINING
A robust, appropriately designed internal
training system is an effective way to embed a
culture of integrity and compliance across an
organization.
While compliance related training should be
ALL geared towards managers and employees with
the greatest exposure, it is nevertheless useful
to raise awareness of the issues throughout an
organization’s workforce.
A training oversight process can help organiza-
tions maintain high standards and ensure that
training provision is effective.
A training plan should be defined and imple-
mented to ensure that all staff members have
completed the necessary compliance related
training and understood the content.
6 - PERSONAL & COMPANY DATA PROTECTION
ARaymond is responsible for ensuring the pri-
vacy and protection of personal and company
data.
Registers and procedures must be in place and
regularly updated to identify and detail :
1. The data treatments and their finalities;
ALL
2. The data subjects information requests;
3. The data breaches that have been detected.
Data Protection Impact Assessments should
be carried out when necessary and updated
as required upon a change in an aspect of the
data treatment.
7 - COMMUNICATION & AWARENESS
A compliance communication & awareness
plan should be defined annually and its delivery
monitored.
ALL
8 - CHARITIES CONTRIBUTIONS - LEVEL1
A donation and sponsorship practices including
content agreement, contractual formalization,
authorization and validation levels are defined
in the Anti-corruption guideline.
Where possible the validation workflow for
ALL
donations and sponsorship should always
follow the process as defined in SAP.
Political contributions are strictly prohibited.
20
SAPIN 2 – LEVEL 2
9 - CODE OF CONDUCT & ETHICS
The code of conduct is available in both
paper format and easily accessible via the
intranet.
NETWORK
COMPANY
Information concerning the code of conduct,
whistleblowing and other compliance sys-
tems is posted so that ARaymond personnel
are appropriately informed.
10 - GLOBAL & CORRUPTION RISK MAPPING
The Global and Corruption Risk Maps have
been produced and updated.
Risk owners have been identified.
Actions plans have been defined and imple-
mented.
COMPANY KPIs relative to the action plan level of com-
NETWORK pletion are updated regularly.
11 - EVALUATION OF BUSINESS PARTNERS
Due diligence campaign on the third parties
has been carried out correctly for suppliers,
service providers, clients, joint ventures and
NETWORK
COMPANY
acquisitions.
12 - TRAINING
The Risk & Compliance manager (or person
designated manager) ensures that the
compliance related training programme is
NETWORK
COMPANY
working as it should and in particular that the
right module types and formats are being
delivered at the prescribed frequency.
13 - CHARITIES CONTRIBUTIONS
Referring to point 8, a “testing” on a selec-
tion of contributions and should take into
account :
NETWORK specific period (e.g. tender process);
COMPANY
nature and value of the contribution.
With respect to sponsorships, testing on
counterpart effectiveness and proportionality
of the counterpart have to be performed by
the controller.
 10 IT
AR NETWORK NORMS / PROCEDURES:
• Code of Conduct & Ethics
• Anti-corruption guidelines
• Conflict of Interest Guidelines
• Network IT Committee minutes
• IT Terms of use
• IT Server Rooms standard
• ATOMS
1 - NTIC
The Network IT Committee (NITC) minutes are
produced and shared with the EXCO members.
ALL
2 - IT SYSTEM CARTOGRAPHY
An IT system cartography is in place detailing the
infrastructure, the systems and the applications.
The links between these different elements are
explicit in order to identify and manage potential
risks to the Network’s activity.
ALL
It is the responsibility of the Raynet manage-
ment and the local MD to report all information
regarding the cartography (e.g, local internet
access, …).
3 - LOCAL IT MANAGER
A local IT manager or contact has to be named
to be the liaison to Raynet and in capacity to
manage IT rights.
PLANT
COMPANY The local IT manager is in charge of local appli-
cations, local back up, IT access rights review
(ID and password), test environment and IT
incidents).
A periodic review of IT access rights has to be
performed in coordination with Raynet in order
to identify and correct any anomalies.
ATOMS principles should be on the basis of
Business Support organization (transversal flow
orientation, value creation, autonomous team).
4 - BUSINESS CONTINUITY
Ensure that an automatic back up process for all
data is in place and operational.
PLANT An IT hotline has to be operational and available
COMPANY to all subsidiaries.
The connectivity to Internet must be approved
by Raynet and include 2 physical lines with a
back up line from a different provider.
21
KEY RISKS / CONCERNS:
• Fraud / Corruption
• Hacking
• Revenue leakage
• Strategy
• Continuity of activity
• Infringements with respect to Personal
& Company data protection
5 - IT AREA
The local IT Server rooms must respect the
AR Network IT Standard. This area should be
restricted to authorized persons and protected
PLANT
COMPANY against fire and water damage.
The Raynet back up process has to be respec-
ted and physically kept outside of the site.
6 - CYBERSECURITY
The current IT terms of use have to be signed
by all employees.
To protect the IT system and the applications
the following points have to be respected on all
machines/computers (PC, production compu-
ALL
ter, …):
• software updated with security patches;
• anti-virus regularly updated;
• firewall regularly tested;
• anti-intrusion tests performed regularly;
• back ups kept outside of the site;
• emergency line exists between the headquar-
ters and the subsidiary;
• IT exploitation continuity plan is implemented,
maintained and tested regularly.
Under the responsibility to the local IT Manager,
all hardware supplied by an external manu-
facturer and including network connection
must be connected by Raynet and not by the
supplier (eg, press, coffee machine...).
7 - IT CERTIFICATION (ISO 27001)
In 2019, the 5 year ARaymond IT objective plan
is to achieve the certification ISO 27001 for all
ARaymond Network locations.
ALL
 11 LOGISTICS

AR NETWORK NORMS / PROCEDURES: KEY RISKS / CONCERNS:

• NCG’s note 5 • Penalties
• ATOMS • Lack of efficiency
• ARaymond Network Recommandation HS Code • Errors
• Incoterms 2020 CCI • Supply disruption
• Code of Conduct & Ethics • Penal risk for directors
• Anti-corruption Guideline • Fraud / Corruption
• Conflict of Interest Guideline

1 - ATOMS PROCESS 4 - CUSTOMS DUTIES

ATOMS process has to be in place within the
logistic department to manage all logistic and
production flows.
The Supply Chain Management Principle, along
with the ARaymond TOtal Management System
ALL ALL
(“ATOMS”) are the guidelines that have been
developed to assist each AR Network Entity to
reach its goal of ultimately supporting the Third
Party Customer order requirements.
5 - CUSTOMER SERVICE
An action plan to reduce lead time and lot size
has to be implemented and updated regularly.
PLANT
COMPANY
2 - SALES OPERATION PLANNING
The process of “demand management” has to
be implemented and known.
PLANT 3 steps have to be implemented and known:
COMPANY • Sales plan building (including new products/
end of life)
• Production plan building (capacity analysis)
• Stock management (refer to point 3)
Customs duties guidelines should describe the
process to follow, including dedicated approval
flows and appropriate documentation to be
provided and stored.
Global logistic agreement should be signed
with all customers.
ALL premium fret has to be approved by ope-
rations or logistic manager or MD. A review has
to be in place to follow extra cost of exceptio-
nal carriage.
EDI connection with customers has to be per-
formed whenever it is feasible.
Customer Demand Evolution must be moni-
tored with SAP IT solution available (Control
Tower).
An action plan to improve customer service
level has to be performed.

3 - STOCK MANAGEMENT
The average for ARaymond Network is 35 days
coverage (including RM, WIP, SFG, FG).
PLANT A monthly review has to be done by category
COMPANY with a clear focus on slow mover and dead
stock (depletion action plan).
A cycle counting is recommended to improve
reliability of flow. All variances have to be ana-
lyzed and approved by the logistic manager/
the financial controller.

22
 12 CUSTOMS

AR NETWORK NORMS / PROCEDURES: KEY RISKS / CONCERNS:

• NCG’s note 5.1 • Penalties
• ATOMS • Lack of efficiency
• ARaymond Network Recommandation HS Code • Errors
• Incoterms 2020 CCI • Supply disruption
• Code of Conduct & Ethics • Penal risk for directors
• Anti-corruption Guideline • Fraud / Corruption
• Conflict of Interest Guideline

1 - CUSTOMS MANAGEMENT - TRAINING 5 - CUSTOMS MANAGEMENT – EXPORT CONTROL

It is prerequisite to have a customs representa- The BDU (dual-use) and military regulations
tive and a back-up. It is necessary to cross-train (EAR / ECCN) must be known.
the finance, purchasing, sales and logistics
PLANT PLANT It is necessary to respect SPL rules and embargo
departments on customs fundamentals, fraud
COMPANY COMPANY (via GTS).
risks and criminal risks for managers.

2 - CUSTOMS MANAGEMENT 6 - CUSTOMS MANAGEMENT – INCOTERMS

– TARIF CLASSIFICATION (HS CODE)
ARaymond Network recommendations in terms
of HS code (ARaymond Network Recommenda-
tion HS Code) must be known and applied.
PLANT
COMPANY The design owner and family design owner
rules must be known and applied in GTS.
It is essential to respect the harmonization rules
of the Network in place since January 1, 2019.
The management of commercial contracts and
flows (import / export) must be based on the
CCI incoterms 2020 regulations.
PLANT
COMPANY It is recommended that you do not use the
EXW and DDP incoterms for international flows.

7 - CUSTOMS MANAGEMENT – IMPORT/EXPORT

DECLARATION MANAGEMENT
3 - CUSTOMS MANAGEMENT - ORIGIN It must be ensured by monthly monitoring of
The different notions of origin must be maste- the clearance of export declarations.
red (preferential origin, non preferential origin, PLANT On import, it is necessary to ensure the pay-
country of origin, ...), COMPANY ments of levies and taxes.
PLANT
COMPANY S-LTVDs and C-LTVDs (Long Term Vendors Archiving must follow at least the local regula-
Declaration) must also be managed for the tions.
calculation of preferential origin in GTS.

4 - CUSTOMS MANAGEMENT - VALUE 8 - CUSTOMS MANAGEMENT – DEB/DES/INTRASTAT

The control of the different values (customs On a monthly basis, a declaration must be sent
value, commercial value, value for the VAT base, to customs:
etc.) is essential for the calculations of customs • DEB: introduction + shipping
PLANT
COMPANY
duties and VAT. PLANT
• DES: shipping only
COMPANY
A reconciliation between DEB and CA3 have to
be performed.

23
9 - CUSTOMS MANAGEMENT
– CERTIFICATION AEO/ C-TPAT
For non-AEO entities, it is recommended to
pass the FULL certification (future prerequisite),
PLANT For certified entities, it is necessary to ensure
COMPANY the respect and the application of the proce-
dures allowing to proceed to the renewal every
3 years.

10 - CUSTOMS MANAGEMENT
– CUSTOMS AUTHORIZATION
It is necessary to strictly follow the customs
authorizations and put in place the correspon-
ding procedures.
PLANT
COMPANY

11 - CUSTOMS MANAGEMENT
– CONSIGNMENT STOCK
A strict management of the consignment
stocks must be done according to the customs
and fiscal regulations and this according to the
PLANT
COMPANY countries concerned.

24
 13 MANUFACTURING

AR NETWORK NORMS / PROCEDURES: KEY RISKS / CONCERNS:

• NCG’s note 5 • Inadequacy of accounting inventory
• ARaymond Network accounting manual and real inventory

• NCCP • Security stock

• ATOMS • Supply disruption

• Standard specifications for CAPEX 

• Code of Conduct & Ethics 
• Anti-corruption Guideline
• Conflict of Interest Guideline

1 - PROCUREMENT MANAGEMENT 4 - STORAGE AREA

The procurement management is only perfor- This area, especially for FG product, should be
med by procurement assistant (Segregation Of restricted to authorized persons.
Duties with the purchase department).
PLANT
COMPANY The procurement assistant follows a production
prevision plan according to the demand mana-
ALL
gement process.
For all orders, the procurement assistant checks 5 - INVENTORY MANAGEMENT
if the delivered quantity matches with the orde-
red quantity. The level of stock is defined according to the
demand management process.
A regular inventory should be done by area. The
PLANT
COMPANY cycle counting is recommended.
2 - NOMENCLATURES Inventory gaps should be approved by the
Logistic Manager or the MD.
The production nomenclatures (BOM and
Ensure that an inventory valuation is carried out
Routing) have to be correctly uploaded into the
and that obsolete references or slow movers
PLANT system. The nomenclatures (BOM and Routing)
are depreciated following the Network rules.
are reviewed, corrected and updated after the
test production (3 serial runs).

6 - STOCK FOLLOW-UP
3 - MANUFACTURING MANAGEMENT
Ensure that stock levels (RM and component,
RAYPRO is used to monitor and control the WIP, FG) / critical items / stock rotation and
manufacturing process (metal plastic assembly). stock destruction are followed by the person in
NETWORK
All the production gaps (variances on produc- COMPANY charge of manufacturing or logistics.
NETWORK
COMPANY tion orders) are followed and analyzed.
A formal remediation plan has to be imple-
mented concerning the key gaps. The
nomenclatures (BOM and Routing) have to
be reviewed and updated on a yearly basis at
minimum.
ATOMS principles should be the base of manu-
facturing organisation (Autonomous produc-
tion ilot) and flow management (VSM Value
Stream Mapping).
Investment should respect the harmonization
rules regarding M&T and Machines.

25
 14 SUMMARY
CONTROLS
OF SAPIN II KEY

AR NETWORK CONTACTS SAPIN II

For any question do not hesitate
to contact Raygroup :
• Internal Control department
• Risk & Compliance department
• Network Officers
• Network Coordinators
The French anti-corruption law addressing transparency,
anti-corruption and economic modernization, also known as the SAPIN II
law, entered into force on 9th of December 2016.
The law stipulates that companies must establish an anti-corruption pro-
gram and implement comprehensive measures to prevent and detect acts
of corruption or influence peddling in France or abroad.
Contacts :
Risk & Compliance Manager, Raygroup

1. PURCHASE 7. QUALITY
Level 1 Level 1
1. Purchase procedure N/A
3. General purchase conditions Level 2
4. Specific ethical rules for purchases N/A
8. Overhead and services purchase 8. LEGAL
ALL 10. Creation of a supplier account
11. Suppliers competition and rating Level 1
1. External Legal Advisor
Level 2
17. Consulting fees (testing) Level 2
NETWORK
18. Gifts or invitations offered or received (testing) COMPANY 8. Legal and advisory fees (testing)
2. CAPEX
Level 1 9. RISK & COMPLIANCE
1. CAPEX procedure Level 1
Level 2 1. Code of conduct & Ethics
N/A 3. Global & Corruption risk mapping
NETWORK
COMPANY
5. Training
ALL
8. Charities contributions
3. FINANCE Level 2
9. Code of conduct & Ethics
Level 1 10. Global & Corruption risk mapping
1. Network accounting manual 11. Evaluation of business partners
7. Segregation of duties 12. Training
9. Bank reconciliations 13. Charities contributions (testing)
10. Payment >1500€
10. IT
ALL 12. Petty cash
Level 1
Level 2
N/A
17. Tax fine (testing)
18. Local analytical review Level 2
19. Reporting review N/A
4. SALES
11. LOGISTIC
Level 1
Level 1
1. Basic principles
N/A
3. Master data
NETWORK
9. Credit note Level 2
COMPANY
COMPANY N/A
Level 2
12. Margin level & profitability (analytical review)
13. Gifts or invitations offered or received (testing) 12. CUSTOMS
14. Commercial intermediaries (testing) Level 1
5. HR N/A
Level 1 Level 2
6. Travel Policy and Expense N/A

COMPANY 13. MANUFACTURING

6. HSE Level 1
Level 1 N/A
N/A Level 2
Level 2 N/A
N/A
26
NOTES

27
CONTACT [email protected]