Internal control, risk factors and insurance

IT system management and security is also piloted at Thermador Groupe level. The long-standing companies of the Group use the same IT system (ACE from the company AUREA). Mecafer and Domac use Microsoft’s ‘BCE’, Thermacome use SAP by Design, Distrilabo Sigest and DPI Sage. The quest for greater efficiency leads to the harmonisation of ERPs to simplify intra-Group flows and data entry into the accounts consolidation software.

Consolidated accounts are drawn up internally. They are facilitated by a simple legal structure, correspondences between the accounting plans, isolated intra-Group flows and common account closing practices. The introduction of interim financial statements also enables better anticipation of closing reviews requiring a joint decision by subsidiary management and top management at Group level.

Cross-subsidiary meetings involving those in the same position in the different subsidiaries allow them to pool experiences, share good practices and validate proper implementation of procedures.

Frequent complete or rotating physical inventories means that discrepancies can be detected and the efficiency of procedures checked.

Each half year, subsidiaries close their accounts according to the common reference set and closing procedures. These elements are then reviewed by the auditors and sent to Thermador Groupe’s consolidation team, which ensures the coherence of the reporting before aggregating the consolidation results and accounting entries. The annual and half-yearly financial statements are presented to the Audit committee and voted on by the Board of Directors.

In 2019, we created an anti-corruption working group that has implemented the following initiatives:

✣ Update of our General Terms of Purchase and General Terms of Sale.
✣ Roll-out of the code of conduct to the subsidiaries (administrative, commercial and purchasing/marketing departments, social and economic committees, memos to suppliers, coverage in the internal newsletter, mention of the policy in the induction booklet).
✣ Modification to internal regulations.
✣ Update of the Thermador Groupe website with our code of conduct on-line in the languages of our suppliers and customers.
✣ Awareness-raising in a broad meeting with employees.
✣ Training on the anti-corruption mechanism for exposed employees.
✣ Roll-out of an e-learning tool for non-exposed employees.
✣ Regular review of our risk mapping.
✣ Introduction of a gifts and invitations policy.
✣ Implementation of our donations and sponsorship policy.
✣ Implementation and roll-out of a responsible purchasing charter for our merchandise suppliers and general expenses.

A first audit carried out by an external service-provider in 2018 as soon as GDPR came into force helped us to map data processing activities and identify priority actions. Again in 2018, an awareness-raising campaign was run with two-hour training sessions for around 50 people (members of subsidiary management teams and departmental managers) on GDPR and good personal data management practices. Five other people from Thermador Groupe and those subsidiaries with more independent IT systems also followed a three-day course to become DPO or Deputy DPO.

2019 was dedicated to formalising GDPR conformity: update of General Terms of Sale, putting our data protection policy on line, drawing up information memos and especially writing a register of processing operations currently being deployed in each subsidiary. The update and adaptation of the 2020 and 2021 register in the subsidiaries was also an opportunity to look at things from a new perspective and optimise existing processes by adopting best practices in terms of collection, conservation and access to data.

In 2023, our DPO continued to support our subsidiaries. 13 requests were submitted, which led to the drafting of internal memos.