2020 FOCUS Guidelines English Version-2

Focus
Operational Control Guidelines
(2020 - English version)

Content
Introduction.................................................................................................................................1
I.Internal control.........................................................................................................................................................1
II.........................................................................................................Internal audit 3
III..............................................................................................Structure of the guide 5
Room sales.................................................................................................................6
I.Guarantees of payment.....................................................................................................................................6
II.....................................................................................Checking outstanding balances 9
III........................................................................................................PM Accounts 11
IV.No-Shows......................................................................................................................................................13
V. Complimentary Rooms..................................................................................................................................16
VI.Deductions / Refunds...................................................................................................................................18
VII...............................................................................................Room reconciliation 20
VIII...................................................................................................Loyalty Program 23
IX................................................................................................Agency commissions 39
F&B sales..................................................................................................................43
I.Reconciliation between sales and consumptions...........................................................................................43
II............................................................................................Par stocks & POS records 47
III...........................................................................................F&B revenue deductions 50
IV.F&B complimentaries discounts...................................................................................................................52
Finance.....................................................................................................................54
I. Cash float.........................................................................................................................................................54
I. Treasury flow (1/3)..................................................................................................................................................57
I. Treasury flow (2/3)..........................................................................................................................................59
I.Treasury flow (3/3)..........................................................................................................................................62
II.......................................................................................................Disbursements 64
III..................................................................................Cardholder data security - PCI DSS 66
IV.Accounting processing of receipts................................................................................................................68
V. Financial statements......................................................................................................................................70
VI.Corporate billing...........................................................................................................................................73
VII..............................................................................................Payment of expenses 74
Receivables.......................................................................................................................76
I. Credit policy (1/2)............................................................................................................................................76
I.Credit policy (2/2)............................................................................................................................................79
II.............................................................................................Debtor monitoring (1/3) 81
II. Debtor monitoring (2/3).................................................................................................................................83
II. Debtor monitoring (3/3).................................................................................................................................85
Purchase and stocks..................................................................................................87

I. Goods ordering/delivery (1/2).................................................................................................................................87
I.Goods ordering/delivery (2/2).........................................................................................................................90
II.........................................................................................Supplier invoice accounting 92
III................................................................................................................Stocks 95
IV.Inventories....................................................................................................................................................97
Staff management...................................................................................................100
I.Staff records...................................................................................................................................................100
II......................................................................................................CSR Compliance 104
III...............................................................................................................Payroll 107
IV.Accounting treatment for payroll.......................................................................................................................110
Risk prevention...............................................................................................................111
I. IT security and PCI DSS checklists (1/3)..........................................................................................................................111
I. IT security and PCI DSS checklists (2/3)..........................................................................................................................112
I.IT security and PCI DSS checklists (3/3).........................................................................................................................115
II..................................................................................................................GDPR 117
III........................................................................................Subcontracting-related risk 120
IV.Insurance....................................................................................................................................................122
V. Crisis and sensitive situations management........................................................................................................123
Capital expenditure.........................................................................................................127
Monitoring of capital expenditure...................................................................................................................127
Thalassotherapy center & Spa.........................................................................................129

I.Planning control.............................................................................................................................................129
II...........................................................................................................Deductions 131
III...................................................................................................Complimentaries 133
IV.Sales follow-up............................................................................................................................................135
V. Sundry creditors...........................................................................................................................................137
VI.Securing and follow-up paid entrance........................................................................................................139
Content
The Operational Control Guidelines are owned by AccorHotels. The procedures contained in this document are confidential
and exclusively intended for the Group's managed and subsidiary hotels. It states the essential, internal operational controls
that have to be implemented in each hotel. It is structured on the basis of the self-assessment questionnaire, in order to
serve as support for the implementation of appropriate procedures specific to each hotel, for both Owner and Operator
risks. These controls are presented as fact sheets for each process and sub-process. Each sheet states the different
elements necessary for implementing a control. This guide is designed to help you in the daily management of internal hotel
check points. It does not constitute a comprehensive collection of risks involved in the hotel business and remains subject
to ongoing review. As such, this guide does not comprehensively address related points subject to local regulations:
- on health and safety;
- on hotel regulation;
- on accounting and tax…
I. Internal control
Internal control is a process implemented by the Board of Directors, Managers and organization staff, and designed to provide
reasonable assurance on the performance of the following objectives:
- Operations: the performance and optimization of operations;
- Financial reporting: the reliability of financial information;
- Compliance: conformity to the laws and regulations in force.
One of the objectives of the internal control system is to prevent and control risks for Owners and Operators, resulting from
the company's activity. It also aims to prevent and control risks of errors and fraud, in particular within accounting and
finance fields, by providing guidelines and an annual self- assessment.
The internal control consists of five closely related components:
Control Environment
Management
Internal
Control
Evaluation of Risks
Information and Communication
Control Activities
Control Environment
This involves the staff's level of awareness regarding the need for checks and is the basis for all the other elements of the
internal control. Factors that have an impact on the control environment include integrity, ethics and competency of
employees, philosophy and management style of directors, and the policy on delegation of responsibilities, organization
and staff training.
Evaluation of Risks
Identification and analysis of external and internal factors that may affect the achievement of objectives.
Control Activities
Application of standards and procedures that contribute to ensuring the implementation of directions issued by
Management. These activities help to ensure that the necessary measures are taken to control risks. Control activities are
carried out at all hierarchical and functional levels.
Information and Communication

Identification and production of relevant information allowing all staff to assume their respective responsibilities. The
management must send a clear message to all staff on the importance of control responsibilities. Employees should
understand the role they are required to play in the internal control system, as well as the relationship that exists between
their own activities and those of other members of staff.
Management
The internal control systems should themselves be regularly assessed. Weaknesses in the internal control system should be
brought to the attention of Management, with the most serious shortcomings being reported to directors. These elements
are closely related, forming an integrated system capable of reacting dynamically to any changes. The internal control
system is closely related to the company's operational activities and its existence is essential for their due operation.
The internal control consists of all the security measures contributing to the company's control, with the following
objectives:
 The protection and safeguarding of business assets by preventing errors and fraud and ensuring the security
of the company’s goods and resources.
 The quality of information, in terms of its accuracy, relevance and availability.
 The application of instructions from the Management, regulations and laws.
 Improvement of performance through the rational management of goods and resources, and use of the
highest professional standards.
Levels of controls:
 The Manager:
- bears responsibility for the controls and certifies that the procedure is followed;
- respects the frequency, ensures that the control performed helps to meet the objective;
- analyzes the results of controls and sets up corrective actions;
- documents his/her controls and makes them available to supervision.
 The Supervisor:
- certifies that the controls are carried out by the people concerned at the required frequency, for a
significant number of transactions, using final statements (do not work on temporary or preparatory
editions);
- occasionally performs controls through sampling in order to corroborate the results and relevance;
- certifies that control results are analyzed and corrections are made, and documents his/her controls
and supervision.
 Signatures/initials/approval date
- This is the signing of the document in which the control has been formalized, by the person who
performed it. This signature renders reviewers responsible for the quality of their work and the
veracity of the results that they will bring to the attention of their hierarchy, and on which they will
base their actions.
 Formalization, all controls must be formalized in order to:

- attest to the reality of the controls and the results they lead to;
- save a record of control results;
- monitor the development of control results and the impact of corrective actions taken;
- guarantee the quality of the information in the eyes of external inspectors.
 Analysis and use of results

- This step, which is inseparable from controls, is essential for making decisions that limit future
anomalies. It also helps to guide the use of upcoming controls in terms of frequency and size of
samples selected.
 Archiving
- Controls must be archived in a way that allows records to be kept from one check to another (digital or
physical), and attests to the quality of information during an external audit by the Administration or
auditors. An archiving duration must be defined for each control, the minimum duration being the
legal provision for operations to which the controls relate. If the checking documents do not fall within
this scope, a duration of one year is deemed sufficient.
II. Internal audit

Internal audit provides independent, objective assurance and consulting services designed to add value and improve an
organization's operations. It helps an organization achieve its objectives by employing a systematic, disciplined approach to
evaluate and improve the effectiveness of risk management, control, and governance processes.
Internal audit work aims to evaluate whether the organization, procedures and risk management systems, as defined by
General Management, are adequate and operate to ensure that:
- risks are correctly understood and monitored;
- the main financial and operational information is reliable and communicated in a timely manner;
- actions by staff comply with the procedures in force and fall within the regulatory and legal
framework;
- the procedures in place help to optimize the security and effectiveness of operations;
- the organizations' checking processes are continuously monitored in order to ensure their quality and
relevance in terms of the nature of risks identified;
- the main legal and regulatory aspects that impact the organization are correctly understood.
Internal Audit therefore contributes to business governance by helping businesses to evaluate their risks, analyze their
control and constructively search for corrective solutions.
Scope of intervention
Any hotel may be subject to an internal audit. These audits are designed to evaluate the security and effectiveness of the
hotel's internal control system, and its compliance with the benchmarks laid down by the Group. As part of the audit, they
have unrestricted access to all documents and information that they may deem useful. In order to conduct their task, they
must also be able to meet all the employees, both in the audited entity, and in the central departments that regularly work
with the latter.
Task implementation
In implementing these tasks, internal auditors shall define the methods to be employed in order to achieve the objectives
previously defined, in particular regarding team size and the duration of the intervention.
Serving the Group, the primary aim of these tasks is to provide constructive and positive support to the audited entities.
They are schematically organized in line with commonly accepted professional practices:
 Performance of tasks according to set work programs; tests documented and conducted based on
sampling, etc.
 Summary and presentation of findings to the managers concerned within the context of a meeting, so that
their comments on the items presented can be collected.
 Issuance of a draft report consisting of an Executive Summary, report body (findings, risks,
recommendations) and any appendices. This report shall then lead to the establishment of an action plan
when required (who, what, when), by the General Management of the entity audited.
 Issuance of a final report including the action plans of the audited entity.
 If required, monitoring of effective action plan implementation by the General Management of the audited
entity.
III. Structure of the guide
This guide is structured in 3 parts:
Definition of the control
- Reminder of the questions:

The guide references are identical to those of the self-assessment questionnaire. In order to facilitate the link between the
two media, each question is repeated at the top of every sheet. Based on the risk covered by the question, every title
contains the risk it refers to, which can be either Owner, Manager, or both.
- Objectives and Risks:

Specifies the nature of the risk and the objective sought by implementing the control.
Description of the control
- Procedures
Elements to be defined by the hotel: indicates the need to define the hotel's policy or organizational choice with regard to
the specific point being checked, any thresholds or limits accepted, or the impact of local regulations on the operation.
Checks to be carried out: based on the standards that have just been defined, this section describes the steps involved in
the check and its component parts, but does not constitute a detailed procedure.
Help & best practices to go a little further…
Information on best practices that can help to implement checks.
Responsibilities and Frequency
Indicates the hierarchical level and the department of the person(s) who will carry out the control and supervision. Specifies
whether the control is performed through sampling or whether it is necessary to check all transactions. In the event of
anomalies or problems, controls which are usually performed through sampling must be conducted in a comprehensive
manner, until the problems detected have been resolved. Information on the frequency of the control or supervision to be
performed.
Room sales
I. Guarantees of payment
Reminder of the questions
 VH-1. Are credit card pre-authorisations or pre-payments from individual customers requested for sufficient
amounts upon check -in? (Owner and Operator risks)
 VH-2. Are payment commitments from Companies and Tour Operators to which will be sent final invoices
requested? (Owner and Operator risks)
 VH-3. Upon check-in, are payment guarantees requested from Corporate customers and from Tour
Operators or agencies customers when extras are not covered? (Owner and Operator risks)
Objectives and risks
 Secure revenue by limiting the risk of non-payment.

 Ensure that any expenses by guests who have only partial financial responsibility are guaranteed.
Procedures
>Elements to be defined by the hotel
 For individual guests who have not prepaid or put down a deposit/down payment for the entirety of the
stay:
The Hotel Management must define the pre-authorization amount to request upon guest arrival, based
on the services they will use during their stay:
- The value of room nights or package, such as room and breakfast
- The estimated value of a fixed amount of extras for any restaurant, bar, spa, golf services, etc.
 For guests who have only partial financial responsibility (e.g. financial responsibility for room nights / room
only).
The Hotel Management must define the pre-authorization amount to request upon guest arrival, out of the
estimated value of a fixed amount of extras for any restaurant, bar, spa, golf services, etc.
 In terms of credit card numbers: the Hotel Management must define a maximum period for storing these
numbers on the system, in accordance with PCI DSS standards and country legislation.
>Checks to be carried out
 Check that all payment guarantees have been received, based on reconciliation between the status of
scheduled arrivals and reservation files. Missing guarantees shall be indicated to reception so that upon
guest arrival, at the latest, all guarantees are obtained (this point will be verified when checking guests who
have exceeded the credit limit, see “II. Checking outstanding balances”).
 Check that guarantees respect the following arrangements:
- Individual guest with a credit card: The credit card number was saved in the PMS and pre-
authorization has been obtained for an amount corresponding to the expected revenue for the stay
(room + breakfast + fixed amount of extras to be defined).
For long-stay guests: set up weekly billing and/or renew the authorization request if the outstanding
amount exceeds the authorized amount.
- Individual guest without a credit card: Pre-payment of the entire stay.

The opening of credit in the points of sale is subject to lodging a guarantee to cover the estimated
consumption amount. Therefore, for partial payment or partial lodging of a guarantee, the hotel
must ensure that credit has been closed for the restaurant, bar, spa, golf, etc.
- Corporate Client under contract: ensure that you have the fax number, address or email address of
the responsible company or third person, specifying the nature of the services, dates of the stay and
names of the beneficiaries concerned. If the extra services are not covered by the contract, request a
guarantee deposit or make a credit card pre-authorization upon arrival of the guest. The guaranteed
amount should be defined in accordance with the standards adopted by the hotel. In case of refusal by
the guest, ensure credit for the various paying amenities is blocked.
- Company group: ensure the contracts and terms and conditions of sale are signed. If the extra services
are not covered by the contract, you should request a guarantee deposit or make a credit card pre-
authorization upon arrival of the guest. The guaranteed amount should be defined in accordance
with the standards adopted by the hotel. In case of refusal by the guest(s), ensure credit for the
various paying amenities is closed.
- Client Tour Operator: ensure you have a contract with the travel agencies and that the guest hands
over a voucher upon arrival specifying the services covered (accommodation, extras, etc.). Some
vouchers may feature an upper financial responsibility limit; any excess should be covered by a
guarantee from the guest, based on the arrangements previously defined by the hotel. In case of
refusal by the guest, ensure credit for the hotel's various paying amenities is closed.
 For all reservations made with a credit card, check that the credit card number on the reservation matches
the physical card during check-in, and check the identity of the guest upon arrival.
 A business card, booking confirmation or agency voucher with the words "payment at the hotel" does not
constitute a payment guarantee. In these cases, the hotel should apply the procedure for an individual
guest.
 Loyalty cards (Le Club AccorHotels, ibis cards, etc…) do not constitute payment guarantees.
 Upon payment by the guest, the pre-authorization reference must be used to release the amount blocked
on the guest's credit card and not block the amount twice.
 A one-euro pre-authorization does not constitute a payment guarantee in the same way as saving a
credit card number in the PMS.
 Contracts are only valid if they are signed by both parties and by authorized persons, with the company
stamp or letterhead with the company's legal references.
 Guarantee or deposit checks must be cashed without delay and under no circumstances after the stay or
event.
 When guests stay at the hotel for several nights, we recommend that 7 days are not exceeded without
partial payment. For company guests, the company should be contacted regularly with the outstanding
amount to be paid.
 Ensure that access to credit card numbers is secure and restricted (see PCI DSS standards).
 Any employees who may handle or have access to information on guests' bank details must pass the PCI
DSS certification and renew it annually (see PCI DSS standards).
Responsibility Supervision
PCI DSS certified front desk agents N+1 (Line Manager)
Frequency
- Upon every arrival
- When checking guests who have exceeded the credit limit (see II.
Outstanding liability of guests)
Room sales
II. Checking outstanding balances
 VH-4. Is a daily and formalized control carried out by the hotel when customers exceed the credit limit
defined by the hotel? (Owner and Operator risks)
 VH-5. For guest exceeding the credit limit, is a formal check of the existence of payment guarantees or a
prepayment for long-stay customers and a formal check of the presence of point of sales bills, signed by
customers when appropriate, carried out by the hotel? (Owner and Operator risks)
 VH-6. Is a formal check of the existence of documents required by local regulations as regards to customer
records (e.g. police registration card for every foreign customer and/or cardex signed by Welcome
customers) carried out by the hotel? (Owner and Operator risks)
 VH-7. Does the hotel’s control also make it possible to confirm that Welcome customers’ credit card pre-
authorisations (eligible to fast-check out) are still valid and cover the outstanding balance amount? (Owner
and Operator risks)
 VH-8. Does the line manager (N+1, hierarchy, team leader…) supervise those controls on
a daily basis? (Owner and Operator risks)
 Secure revenue, prevent billing errors and limit the risk of non-payment.
 Ensure that all Welcome guests can enjoy the fast check-out service.
 Respect the local legislation on guest registration.
Procedures
 The Management should formally indicate its credit limit management method. These limits can be:
- identical for all guests;
- variable based on the guest's category;
- variable based on the guarantees lodged upon arrival (up to the deposited amount, the upper limit
guaranteed by the credit card company, etc.);
- variable based on seasonality.
 Edit the over credit limit report daily and check the following elements for all the rooms that appear on it:
- The payment guarantee
- The presence of point-of-sale documents and the guest's signature
- The presence of the registration document required by the local regulations, such as the police
registration
 For all guests eligible for fast check-out, the presence of sufficient pre-authorization (higher than the
outstanding liability at the time of checking).
 The credit limit defined by the hotel can be established in several ways. For example, equal to the average
rate x duration of the average stay, RACH rate x duration of average stay, etc. The amount may therefore
vary according to the hotel's activity or its seasonality so as to represent a relevant number of rooms to
check. Based on its location and its PMS, the hotel should contact the support team to configure its credit
limit in the software.
 If actions are set up by the hotel, they should be formalized on the document supporting the checks, in
order to facilitate monitoring and information transfer.
 In case of significant excess and difficulties in obtaining an additional guarantee, add a note to the guest file
to adapt the initial guarantee upon their next stay.
 Insist on the importance of entering the correct nationality of the person during check- in, in order to be
able to reliably use the report issued by the PMS.
 Prepare the police registration forms with the information on the stay before the arrival of the guest so that
they have a minimum of information to fill out.
 To make it easier for guests to fill out the police registration forms: If a PMS document (Cardex) includes
most elements from the police registration form, the missing elements can be added to it so it can be used
like a police registration form. Remember to have this document signed by the guest for approval.
 If guests exceed the credit limit defined by the hotel and no additional guarantee can be lodged, it is
preferable to block any possible credit on the PMS.
Front Office Agent, Front Office Supervisor, Front
N+1 (Line Manager)
Office Manager, Night Auditor
Type of check
- All rooms that exceed the credit limit
- Comprehensive for all guests eligible for fast check-out
Frequency
Daily
Room sales
III. PM Accounts
 VH-9. After guest departure, PM Accounts are settled or transferred to city ledger within 48h (Except for
large banqueting, seminar, group billing…) (Owner and Operator risks)
 VH-10. Is a formal control with comments carried out daily by the hotel? (Owner and Operator risks)
 VH-11. Does the line manager (N+1, hierarchy, team leader…) supervise this check on a daily basis? Is the
end of month control supervised by the General Manager or Director of Finance? (Owner and Operator
risks)
 Cash flow and debt recovery optimization.

 Limit invoicing errors.
 Securing of revenue by limiting the risk of non-payment.
Procedures
 Define the person or people responsible for monitoring invoices. This task can be shared between various
departments, based on the nature of the permanent invoices.
 Edit the permanent invoice report issued by the PMS daily.
 Formalize the reasons for permanent invoices and the actions taken to settle these as quickly as possible.
 Check payment guarantees for all open permanent invoices.
 Formalize a review of permanent accounts at the end of the month validated by the General Manager or
the Director of Finance.
 It is preferable to use only one guest file number per event so as not to forget to invoice part of the services
upon transfer to receivables. For example, recurring groups or airlines.
 When checking permanent accounts, ensure there are no "trash" accounts to compensate for any balance
variances.
 Analyze credit amounts (down payments/deposits that are unused or not posted on guests' bills,
overpayment…) and formalize the action taken to settle the permanent invoice.
 Down payments should be posted on the outstanding bill upon arrival of guests. In case of a surplus, this
should be transferred to advance deposits until the next reservation (or event) or refunded if applicable.
 All down payments/deposits should be assigned to a future reservation. In case of cancellation or direct on-
site payment, send an email to the guest to inform them and refund the amount. If the guest has left no
personal details, contact accounts to register the PMS credit amount to a "sundry receivables" account.
 Checks must be carried out based on final PMS versions (e.g. detailed list of guests present, NA 30
open PM accounts...). Guest names, checked items and actions implemented should be formalized in
this document or in an appendix attached to it.
 Monthly accounts (airlines, etc.) should undergo regular, formalized monitoring and be closed at the end of
the month. There should be a contract stating the invoicing and payment arrangements, signed by both
parties, and payment guarantees for each of these accounts.
Receptionist, Night receptionist, Shift
N+1 (Line Manager)
Leader
Type of check
- Review of permanent accounts present in balance
- Monthly invoice check-off
Frequency
Daily, upon closing or when choosing actions to take
Room sales
IV. No-Shows
 VH-12. Is a daily control with comments of no-shows produced by an Front Office manager, enabling no-
shows to be billed correctly? (Owner and Operator risks)
 VH-13. Are no-shows recorded as no-shows turnover in the PMS? And is there definitely no impact on the
occupancy rate from the recording of no-shows? (Owner and Operator risks)
 VH-14. Are no-shows recorded under sales in the PMS only after payment (individual customers) or upon
written receipt of a payment guarantee (companies and travel agencies)? (Owner and Operator risks)
 Optimize the revenue related to no-shows.

 Avoid subsequent disputes.
 Limit dunning procedures in case of non-payment.
Procedures
>Elements to be defined by the hotel:
 The deadline beyond which reservations are no longer guaranteed must be defined by Management and
mentioned in the terms and conditions of sale or indicated to guests upon reservation. After this deadline,
and in the absence of a payment guarantee, rooms are put on sale again.
 No-shows stem from the hotel's terms and conditions, and their definition should therefore be
indicated irrespective of the client segment concerned:
- Individual: indication upon reservation and on any booking confirmation
- Corporate guest under contract: mentioned as part of the contract
- Company group and residential seminar: reminder in the terms and conditions of the event
contract
- Guest Tour operators: specified in the seasonal contract and for each ad hoc group.
 The following billing elements must be defined:

- The amount to be billed should be determined based on the type of service reserved (billing of room
for one night, room and breakfast, entire stay, etc.) and the legislation in force.
- The frequency of billing can be systematic or ad hoc based on the conditions to be specified (nature of
guarantee, business relationship, approval of billing decision by an authorized person, information to be
given to guests, etc.).
 The daily list of no-shows will be reviewed and signed by a manager who will identify the no-shows to be
billed.
 Billing follows the principles and terms and conditions of sale determined by the hotel, Brand and/or
country, in accordance to the following arrangements:
- For reservations guaranteed by a card number: the card is debited and an invoice is sent to the
guest (if they have left their personal details).
- For reservations guaranteed by email: an invoice is sent to the guest concerned for the first room
night.
- For groups: the no-show amount is added to the group invoice.
 These invoices do not specify the nature of the services reserved (room, apartment, etc.).
 The amount charged for a no-show does not impact the occupancy rate. Therefore it is recorded with the
Front Office as "no-show" revenue, without tax, and the invoice is sent to the guest.
 If the payment is to be made upon sending the invoice, no-show guests will be followed up on the same
basis as any other receivables, in accordance with the country or Credit Management department
recommendations. Only no-show invoices correctly denominated and supported by a written reservation or
contract specifying the terms and conditions of sale can be subject to a litigation procedure in the event of
non- payment.
 Non-invoicing for commercial reasons should be stated on the daily no-show document.
 When canceling a reservation, a code number issued by the PMS or by manual tracking must be indicated to
guests in order to limit complaints regarding no-show billing.
 Prior agreement is needed with credit card companies for the no-show service (distance selling contract to
authorize the billing of no-shows, etc.).
 A tracking table may be set up to ensure payment of no-show revenue. This table would provide a summary
of no-shows that have "occurred", have been "billed", "followed-up" and "paid", in order to perform
statistical monitoring. For information, a report can be edited on FOLS to perform this monitoring (No-show
checking report).
 For hotel Tour Operator guests, no-show contractual billing conditions should be obtained.
Receptionist N+1 (Line Manager)
Type of check
Completeness of no-shows that occurred
Frequency
Daily
Room sales
V. Complimentary Rooms
 VH-15. Does the hotel’s General Manager or Director of Finance, or persons formally authorised by the GM
or DoF (through a Delegation of Authority), give official prior permission to grant complimentary rooms?
(Owner and Operator risks)
 VH-16. Does the Front Office Manager formally control the complimentaries on a daily basis by using final
report? (Owner and Operator risks)
 VH-17. Does the General Manager or Director of Finance formally supervise this check at least on a weekly
basis? (Owner and Operator risks)
 Ensure comprehensive registration of revenue.

 Ensure free services are justified and contractual obligations are met.
 Ensure compliance with USALI (Uniform System of Accounts for the Lodging Industry) standards.
Procedures
 The General Manager or Director of Finance must define (procedure to be formalized):

- the reasons for which a free service may be granted (e.g. commercial invitation, guest
compensation, accommodation of employee on an assignment, etc.);
- people authorized to grant free services.
 The recording of free services should not have any impact on the occupancy rate or the average daily price.
 Make sure that the person authorized to grant a free room formalizes his/her authorization on the
reservation media prior to the arrival of the guest, and specifies the reason. Free services may also be stated
on a contract: tourism contracts, in particular, should specify the exact number of free services per number
of rooms sold and specify whether breakfast or half board are included. Check the billing method for
accompanying persons (drivers and tour leaders) in groups.
 Formally reconcile the list of free rooms issued by the PMS and the documents on which prior authorization
is formalized. These documents should state the guest's name, arrival and departure date, reason and name
of the person who granted the free service.
 An exchange of goods does not give rise to one or more free service(s). The revenue is recorded in the same
manner as a conventional sale and the guest's invoice is recorded as an expense. Furthermore, the invoice
of the entity with which the exchange takes place must be equal to the hotel's invoice. Finally, the exchange
must be formalized by a written agreement signed by both parties.
 On the Opera PMS, free services should be formally checked every day using the closing reports Guests
present Free service/Internal (NA50) AND Guests present with rate at 0 (NA51).
 On the Fols PMS, free services should be formally checked every day from the list of free offers.
 A free room night following a guest complaint (service provided and invoiced) should not be deducted but
transferred to a permanent invoice for reprocessing in accounts in an expenditure account "free guest
services".
Front Office Manager General Manager or Director of Finance
Type of check
Complete
Frequency
Check Supervision
It should be done weekly, at least. It may be
formalized directly on the set of logs concerned. In
Daily this context, we advise that the most significant
operations be verified through a spot check
Room sales
VI. Deductions / Refunds
 VH-18. Is the documentation on deductions/refunds (always with clear comments) adequate to

confirm they are properly justified? (Owner and Operator risks)
 VH-19. Are the deductions / refunds subject to a formalised and daily control by the Front Office Manager?
 Ensure comprehensive registration of revenue, and check the validity of deductions and refunds, which are
exceptional operations requiring justification.
Procedures
 An authorization deadline for revenue or payment method cancellation should be defined:

- either by restricting cash register system access to deduction / refund functions to management staff
(by restricted level of access to software, code or card depending on systems);
- or by fixing an upper limit on deductions / refunds registered by employees.
 Formalized checks of deductions / refunds are performed daily using a definitive log (edited physically or
digitally) issued by the PMS.
 All deduction / refund operations are:

- performed by an authorized person according to the standard defined by the hotel and validated by
the person responsible for the checks;
- justified by a ticket, an invoice in the system or directly on the deductions / refunds log book. This
justification should include:
 a clear and valid reason;
 the name of the guest and his/her room number if the guest is staying at the hotel;
 the signature/initials of the person having made the deduction or refund, or the presence of the
operator's initials in the PMS;
 the guest's signature for cash refunds.
 The catering revenue deductions implemented at reception (breakfast, mini-bar, etc.) are posted on the
catering system at the end of each shift, after checks by a catering manager, to ensure consistency between
the revenue of the two billing systems (catering and Front Office). For clarity and to facilitate supervision,
copies of the invoices and any other supporting document can be attached to the deduction and refund
reports, as well as specific manual annotations.
 Deduction and refund checks should be carried out using final statements.
 If there are no operations on the edited day, checks must nevertheless be formalized and documented.
 The procedure can be reinforced by asking guests to always initial deduction and refund vouchers in order
to certify that the operation took place.
 Guest refunds cannot be made in cash. They must be made by credit card or check, with the formal
approval of Management. Refunds made to guests who initially paid in cash are exceptions, exclusively
within the limit of their payments and with the formal approval of an authorized person. In this case, the
guest signs a refund voucher for approval.
 Refunds by credit card can only be made using the card initially charged. No refund can be made using a
different credit card (see Finance - IV. Credit card data security - PCI DSS standard and refund security).
 To facilitate monitoring and supervision, operators may be asked to draw up their deduction and refund
reports at the end of their shift and substantiate each transaction in detail. Supporting documentation for
these transactions (credit card slips, tickets, etc.) can be attached to the reports. The final check of the
day must, however, take place based on the final report from the closed PMS.
Rooms Division Manager General Manager or Director of Finance
Type of check
Complete
Frequency
Check Supervision
operations be verified
through a spot check
Room sales
VII. Room reconciliation
 VH-21. Does Housekeeping produce an accurate, formal report of the rooms that were cleaned,
inaccessible, declined service, etc. to calculate rooms occupied according to housekeeping? (Owner and
Operator risks)
 VH-22. Does Reception produce an accurate, formal report of the status of rooms sold to calculate rooms
occupied according to reception? (Owner and Operator risks)
 VH-23. Are these two reports produced independently? And are they formally reconciled daily by a third
party, if the hotel’s organisational structure so allows? (Owner and Operator risks)
 VH-24. Are all discrepancies between reception and the housekeeping highlighted? Are discrepancies
formally analysed and explained? (Owner and Operator risks)
 VH-26. If room cleaning is subcontracted, is the housekeeping report (information from the hotel) used to
check and approve the external service provider’s invoices compared with their contract? (Owner and
Operator risks)
 Ensure comprehensive recording of accommodation revenue, and reconcile the number of rooms occupied
according to the reception desk with the number of rooms occupied according to the floor reports.
 Check the invoices from the external cleaning company (if there is subcontracting for the floors).
Procedures
 The Front Office creates a daily document on the number of rooms occupied based on the rooms sold in the
PMS. Make sure to record arrivals after closing the day and the previous day, free services not included in
billing data (rooms occupied by staff, room change for a guest, day use) and any other billing correction.
 The Housekeeping department completes a daily document indicating the number of rooms occupied
based on the number of rooms cleaned and using the housekeeper and valet work sheets. Make sure to
record day-use room cleaning, room changes and cleaning of rooms that were blocked the previous day.
In addition, rooms that cannot be cleaned on the same day (rooms blocked for the day) must be included in
the calculation.
 Reconcile these two documents daily (occupancy calculation of the Front Office and that of the
Housekeeping department) and identify any discrepancies. This must be done by someone other than those
who initially filled out the document or, for establishments with low staff numbers, the same person who
did the Front Office part or the Housekeeping part.
 Formally analyze and document any discrepancies and validate the adequacy of the analysis.
 In addition, before each billing notice, the accuracy of invoicing from the cleaning company must be
checked: the number of rooms billed must match the number of rooms cleaned.
 The reconciliation statuses are compared with the invoice.
 For all-inclusive business model presenting a low volume of check-in check-out during the week, complete
room reconciliation process should be done with focus on arrival/departure date. Rest of the week can be
controlled over the Housekeeping discrepancy report and all necessary additional back ups.
 The transmission of information between the Front Office and the Housekeeping department is critical for
indicating any room transactions (room changes, technical intervention, day use, etc.).
 The documents used for counting the number of rooms to clean (housekeeper work sheets) must be stored
with the room reconciliation status.
 Every room number corresponding to the statuses affecting the calculation ("blocked room," "out-of-service
room," "room found clean," etc.) must be specified in the room reconciliation.
 If a room is blocked for several days, report on the room every day to monitor its change in status
efficiently.
 The reports for blocked rooms, house use, room move, check-in/check-out or traces can be attached to the
room reconciliation to help substantiate discrepancies and/or monitor room statuses.
 Check that all hotel rooms (including clean unoccupied rooms, out-of-service rooms, etc.) are opened every
day. (See Risk Prevention - IV Safety-Security and Crisis Management.) This check can be formalized by
someone who is not directly involved in cleaning, for example, the person in charge of minibars or technical
services.
Housekeeper
Reception General Manager or Director of Finance
Rooms Division Manager or Controller
Type of check
Complete
Frequency
Check Supervision
Room sales
VIII. Loyalty Program
Reminder of questions:
 VH-27. Is the access given to HotelLink in line with staff responsibilities and Accor Live Limitless (ALL)
procedures? Does the General Manager or Director of Finance regularly (at least once a month and every
time a member of staff leaves) ensure system accesses are up to date? (Owner and Operator risks).
 VH-28. Does the hotel formally check regularly that ALL cardholders are receiving their points in accordance
with ALL eligibility criteria at least twice a week? (Check on the validity of Burn4stay and Booking with point
recorded). (Owner and Operator risks).
 VH-29. Does the hotel perform a reconciliation of manual credits, Courtesy and Meeting Planner points
recorded in HotelLink with the PMS to ensure the data entered are correct at least twice a week? (Owner
and Operator risks).
 VH-30. Does the hotel formally check Complimentary breakfast, Dining & Spa rewards and Suite Night
Upgrades on a weekly basis? If applicable. (Owner and Operator risks).
 VH-31. Does the hotel carry out a reconciliation of Dining Offer points credited to HotelLink with POS bills at
least twice a week? If applicable. (Owner and Operator risks).
 VH-32. Does the hotel ensure that the identity of the guest matches the identity on the loyalty card saved in
the PMS? (Owner and Operator risks).
 VH-33. Does the line manager (different from the ones who performed the checks: N+1, hierarchy, team
leader…) formally supervise these checks every week? (Owner and Operator risks).
 VH-34. With respect to the ALL Program, does the hotel carry out monthly a check of the refund rate to
ensure the hotel is refunded at the appropriate rate? For Hotels without automatic occupancy rate inflow,
are the supporting documents in case of an occupancy rate ≥ 95% sent within 48H? (Owner and Operator
risks).
 Ensure that every employee has an appropriate profile and prevent any noncompliant activity
 Ensure the integrity and completeness of the transactions recorded (e.g., prevent retroclaims, detect
improper allocation of points and prevent payment of fees for those points).
Procedures
>General reminders
 Members identity
Rewards points and Status points can be credited only if the night has effectively been used by the Member.
The benefits offered to the Members are linked to the loyalty card possession and are only valid for the
Member only.
Only the cardholder can use the Rewards points for their account. In the case of using Rewards Points to
obtain a reduction on the amount of the invoice issued during an Eligible Stay, the Member's must be
present for the entire duration of their stay and must also present their membership card to qualify for this
offer.
If the identity of the guest checking in does not match the identity on the loyalty card saved on the system,
the loyalty card number must be deleted in the PMS in order not to credit the points.
Finally, in case of doubt regarding the user of the loyalty card, the hotel should contact Accor Hotels
compliance service: all.loyaltyprogramme.compliance@accor.com.
 Hotel stays:
If the channel or rate is not eligible, the entire stay and the charges paid (including extras) are not eligible.
For ineligible stays (reserved through TARS/ResaWeb), the system blocks the awarding of points. If the hotel
is deployed in "Earn PMS," the stay is visible in PMS exports and a rejected transaction notification is received
by the hotel. If the hotel is in 100% HotelLink, the system indicates that the stay is not eligible, and the
transaction must not be overridden.
Nevertheless, for reservations made directly in the PMS, the systems cannot check eligibility of the stay. So,
if the PMID is in the reservation, Earn PMS awards the points even if the rate is not eligible. To prevent this
situation, the hotel must make all its reservations through TARS/ResaWeb.
Finally, if the reservation channel or rate code is eligible for points, the stay is eligible, regardless of its
duration (1 night, 180 nights etc.).
The eligibility of the stay is determined according to the rates and channel of reservation aq detailed
bellow:
The eligibility of a stay is determined both by the reservation channel
& the rate level
Eligible Not eligible
Channels Direct Channels

Online Travel Agencies (B2C) All
AccorHotels.com & brands.com, Accor App Call
OTA's unless marked as eligible All other
centers
Ctrip
Direct Hotels
All rates from "HRS" (OTA channel)
Ventes privées AH (Very chic)
Affiliations & Partnerships

Huazhu
TO's and Bed Banks (B2B)
Ctrip - Flagship Store (Chine POS)
i.e Tourico, Hotelbeds
Traditional Travel Agencies/Consortia Public

and corporate rates through TMCs and Consortia (such as
Amex, CWT, BCD etc)
Public and corporate rates through "HRS Business" (TMC
channel)
Rates All Public Rates including promotions

Crew rates
Corporate rates settled by the guest or billed back
Complimentary Rates
Travel agent preferred rates (STAR) and airline preferrend
LDR, FIT and static leisure rates Leisure
rates (HOST)
Groups settled globally Business Groups or
Accor Bienvenue & Accor Business rates *
private events (weddings,etc.) settled
Leisure/Business Groups or private events (weddings, etc)
globally (but eligible to Meeting Planner)
settled by individual guest
* Exceptions apply
ELIGIBILITY PER CHARGES ILLUSTRATED
ACCOMODATION
• Room charge & upgrade
• Third person/extra bed
• Early arrival & Late C/O
• Relocation
F&B
• Restaurant
• Bar
• Minibar
ALWAYS ELIGIBLE • Snacks
COMMUNICATION & MEDIA
• Pay TV
• Telephone
• Internet
• Business Center
WELLNESS
• Thalassa & Cure (if stay at the hotel)
• Spa & Spa products
PARTIAL ELIGIBILITY • Massages
• Beauty & Hairdresser

If outlet is managed by the hotel, OTHER SERVICES
the charge is eligible.
• Laundry & Pressing
If the outlet is outsourced, the • Parking
charges can be excluded from EARN • Golf & green fees
turnover • Boutique
• Gourmet shop
ACCOMODATION
• No-Show
TAXES
• VAT
• Local tourist taxes

NON-ELIGIBLE CHARGES
• All other taxes
Miscellaneous
• Outings & Excursions
• Paid-Out
• Misc. charges
 Courtesy points:
To compensate a member in case of dissatisfaction during a stay, courtesy points can be awarded. A
courtesy points scale was determined by the ALL Department and must be used by the hotel to ensure
harmonization of compensation provided in hotels and by Customer Care (see below).
All courtesy points awarded must be substantiated, documented and validated beforehand by
Management.
For information, courtesy points are always billed at the hotel.
As a reminder, if there is guest dissatisfaction and the guest is not yet Accor Live Limitless an (ALL) member,
it is possible to enrol the guest at the hotel.
Finally, only Leader and Manager access can grant these types of points in HotelLink.
 Dining offer:
The Dining offer is a new opportunity for the members to earn and use Reward points in the bars and
restaurants of participating hotels, including for:
 Members not staying at a hotel.

 Members staying at the hotel with a non-eligible stay provided they pay directly at the venue.
If the sales system (POS) is interfaced with HotelLink, points are credited automatically (conditions apply). If
the systems are not interfaced, manual crediting must be performed.
- Interfaced Journey
This solution enables the guest to earn or redeem points as they pay on the Accor All App with the
payment being posted automatically in the POS.
The pre-requisites for the guest are:

 Have the Accor ALL App
 Be a member of the Loyalty Program
 Have a registered payment card in Accor Wallet (up to 5 credits/debits cards)
During the payment, pay via the Accor ALL App by entering the restaurant code and table number
Available for the launch in Eastern Europe (Poland, Hungary, Czech Republic and Slovakia).
- Non-Interfaced journey
This solution enables the guests to earn points as they pay at the payment terminal as usual (redemption
will be available at a later stage).
The pre-requisites for the guest are:

 Have the Accor ALL App.
 Be a member of the Loyalty Program.
 Have a registered payment card in Accor Wallet (up to 5 credits/debits cards).
 Accept T&Cs and link a credit card to the offer.
Available for the launch in:

 Asia Pacific : Australia, New Zealand, Indonesia, Thailand, Vietnam, Malaysia, Singapore, Hong
Kong
 NCA : Canada, United States
 Europe: Germany, United Kingdom, Ireland
 Latin America : Brazil
 Middle East & Africa : UAE, South Africa, Kenya, Ghana
- Manual journey
This journey will be available in countries where guests pay a lot in cash. The points will need to be
credited manually.
The only pre-requisite for the guest is to be a member. Therefore, the hotel should ensure that the
guest identity according to its ID card matches the name on the loyalty card saved in the system.
Available for the launch in:

 Middle East & Africa: UAE, South Africa, Kenya, Ghana
 Eastern Europe: Bosnia-Herzegovina, Bulgaria, Croatia, Czech Republic, Estonia, Hungary, Latvia,
Lithuania, Macedonia, Poland, Romania, Serbia, Slovakia and Slovenia
The hotel should collect the guest signature and all necessary information to complete the credit form,
especially if the guest is not staying at the hotel.
Besides, in order to keep the adequate justification, the hotel should print out an additional invoice,
attach it to the form and submit it to Front Office together with the filled-out form.
As a reminder, the hotel has 7 days after guest departure to credit manually the points in HotelLink (can
also be done by the F&B Coordinator, in this case FO team shall help to create a HotelLink account for
the person in charge).
Finally, rewards points must be credited daily through the “EARN WITHOUT STAY” tab
in HotelLink.
 Meeting Planner
The Meeting Planner offer enables subscribing ALL members to receive points as part of the organisation of
professional events (e.g. meetings, conferences, conventions, etc.) in participating group hotels. The organiser
does not have to attend the meeting to receive Meeting Planner points.
Cardholders benefit personally from the Meeting Planner offer. It is not a company offer. The card number
of the Meeting Planner member must appear on the contract.
Meeting Planner points must only be awarded in the context of professional events with at least 8
participants or 8 rooms booked.
The awarding of Meeting Planner points does not apply to:

- Leisure groups.
- Private events (weddings, birthdays, etc., unless organised by a professional who subscribed to the
Meeting Planner offer).
- Sports events and shows (unless organised by a professional who subscribed to the Meeting Planner
offer, except for the Pacific Region).
- Subcontracted services (equipment rental, activities, etc.), staff costs (catering assistants, technicians,
etc.) and extras paid directly by the participants (minibar, etc.).
Points awarded must only include:
- Accommodation (rates contracted for the event).

- Catering for a seminar.
- Rental of venue.
As a reminder, the regular earn rules for hotel stays or dining offer remain valid for the meeting participant.
Indeed, participants receive ALL points if they paid for the services eligible for points. If the organiser pays
for all costs (accommodation, eligible extras, meetings, F&B Banquet, etc.), no points can be awarded to the
participant.
 Burn4stay and Booking with points (BWP)
Booking with points allows members to reduce their bill at reservation time by redeeming Reward points.
This method is only available for:
- Members with 2,000 points and over.

- Bookings through direct channels (all.accor.com, app, Brands.com, RESA web).
- Eligible rates.
- Total amount > €40 (all booked expenses included).
Burn4stay allows members to reduce their bill by redeeming Reward pointsdirectly at the hotel upon
check-out. This method is only available for:
- Members with 2,000 points and over.

- Eligible rates.
- Total amount > €40 (all booked expenses included).
The following rates are eligible for BWP and Burn4Stay :

In case of cancellation of the stay by the member, it is necessary to cancel the reservation via ResaWeb so
that the latter can be reimbursed if the conditions are favorable.
All changes related to stays must be made via ResaWeb.
 Redemption : Refund & Occupancy Rate
Definition of redemption for the ALL Program: Members EARN Points (Reward Points & Status points) and
then can convert them to enjoy additional services within the hotels or through Accor’s partners. Only ALL
Reward points can be redeemed. The redemption is therefore the only way members can use their ALL
points.
The refund rate by the Loyalty Program depends on the hotel occupancy rate. If, during the stay, the
occupancy rate reaches 95% for at least 1 night, the hotel receives a refund at a higher rate.
 ALL benefits (Complimentary breakfast, Dining & Spa Rewards and Suite night Upgrades).
- Complimentary breakfast:
Members with Diamond status and above benefit from a complimentary breakfast when staying at our
hotels during the weekend, while Platinum status members in Asia Pacific, benefit from a
complimentary breakfast for the whole week.
Be aware that the hotel must manually add breakfast in the PMS on weekend / public holidays nights,
except for Platinum status members in Asia Pacific
This offer is only available on our direct channels: website, app, call centres or hotel direct.
In case of a multi-room booking, this benefit is only applicable to the member’ room. Nevertheless,
when booking online, complimentary breakfast is first applied to all rooms. Therefore, the hotelier
needs to modify the rate applied to the additional rooms of the booking in order to book the relevant
rate.
As a reminder, complimentary Breakfast rates are: RC1, RC3, RC3S, RC3M, RC3L, RC4, RC4S, RC4M, RC4L,
DRC1, DRC3, DRC3S, DRC3M, DRC3L, DRC4, DRC4S, DRC4M, DRC4L.
In case of a wrong booking rate, the hotel is invited to use flexibility to satisfy members.
- Dining & Spa rewards:
Diamond status members benefit from 4 awards worth 25 € each enabling them to
reduce their restaurant or spa bill.
- Suite Night Upgrades:
Platinum status members benefit from vouchers enabling them to book a suite at a base room rate up
to 12 nights a year.
 Hotellink’s access and user rights
- Each receptionist must have an operator access with a personal login.

- The access “advanced operator” is mainly designed for hotels with 100% manual
HotelLink credit.
- The Finance/Accounting department may also need a reporting username to perform checks on
transactions. Management creates this profile.
- If the awarding of Meeting Planner points is not managed by the reception desk, it is possible to set up
leader access for the MICE Manager.
- When an employee moves from an hotel to another, current access to HotelLink must be deleted so
that the new hotel can create new access. HotelLink is an online site: regardless of the location of the
employee, all actions performed under their username are automatically applied to the hotel in which
the username was created (Earn, Burn, memberships).
- Deleting a username from HotelLink does not delete the memberships made by the employee: those
are always included in the annual target of the hotel.
 Control of accesses to HotelLink:
- The General Manager should appoint an Accor Live Limitless Ambassador. The latter will responsible
for the staff training on the loyalty program and be the main point of contact for regional loyalty
teams.
- Check that each username in HotelLink is individual and personal.
- At least once a month and/or at every employee departure, ensure that HotelLink accesses and user
rights are consistent with the employee responsibilities. The number of access credentials assigned to
HotelLink must be consistent with the size of the hotel. (see the ALL&YOU intranet site).
- Control that user accounts who have not logged into HotelLink for at least 30 days are deactivated.
- Those controls must be archived and supervised by the General Manager or Director of Finance at
least once a month.
 Ensure that all ALL members staying at the hotel were awarded their points in compliance with the ALL
eligibility conditions through a weekly basis a reconciliation between the PMS data and HotelLink
"Transactions" report (detailing all points awarded at a hotel, by category: hotel stay, courtesy points and
Meeting Planner points for a given period).
As a reminder, hotels have 7 days to correct or post eligible missed transactions in HotelLink up to 7 days
after the departure of the guest and/or settlement of the bill
(Sundry Debtors). Should this deadline be missed, members can claim their points with ALL Customer Care
retroactively.
 Check the accuracy of hotel stay points manually credited in HotelLink by controlling the followings:
- The dates of stay in HotelLink (check-in and check-out) correspond to those recorded in the PMS. A
date error can lead to a retroclaim or a duplicate recording of points for the same stay.
- The revenue entered exclude tax and corresponds to the eligible amount paid (see the related item for
hotel stay points awarded under "General Reminders," which details the eligibility for earning points).
 Check the accuracy of the awarded courtesy points:
- As courtesy points are awarded as part of a goodwill gesture to compensate a dissatisfied member, a
valid reason for the goodwill gesture must be formally documented.
- Ensure that the thresholds defined by the Accor Live Limitless program and Customer Care
are respected
 Ensure the accuracy of the awarded Meeting Planner points:
- Check that Meeting Planner points are awarded to "meeting organisers" as part of professional events.
As a reminder, “meeting organizers” are company individuals who are responsible for organizing
meetings, conferences or events, event management companies, professional third-party organisers,
venue finders and any other contact who could organise meetings, conferences or events for
professional purposes.
- Check that the amount awarded corresponds to the services eligible for Meeting Planner points.
 Check the accuracy of the awarded of Dining offer points:
- For Manual journey:
 At least twice a week, the Dining offer operations should be controlled, the hotel needs to
generate the HotelLink Operations Report and filter it with only EARN RESTAURANT transactions.
 Reconciliation between HotelLink operations and POS bills. The hotel will ensure that the correct
amount of manual rewards points was credited to the guests by reconciling the report with the
credit form and POS bills.
 Any discrepancy, doubloon or unusual frequency of point credited shall be highlighted and
communicated to the concerned department (ensure that not more than 5 transactions are
credited per PMID/day to avoid fraud).
 The person entitled to perform the control should be in a different department than the person
crediting the points and must have access to Hotellink in “view only”.
 On a weekly basis, the ALL Dining Offer reconciliations should be submitted to the line manager
(Director of F&B, Director of Rooms/Operations Director or Finance Director).
- For Interfaced journey
 The hotel must extract and control all “ALL Dining Offer” operation from the
HotelLink Operation report.
 Earn transactions must be filtered out from other types of transactions, and each transaction must
be verified with the objective of identifying potential “double credits”.
 In case a guest has received double points for the same transaction (you can easily flag transactions
with the same amount) manually and “automatically” through the above-mentioned procedure, all
hotels must ask for the cancellation of the extra transaction within 7 days of the transaction.
 Check Burn4stay and Booking with points:
- Booking with points (BWP):

 Check the channel of the reservation is eligible.
 At check-in validate the identity of the card holder with the information recorded in the PMS.
 BWP must be validated in HotelLink after the check-in or before the check-out of the member.
 Ensure that the amount of BWP has been deducted from the eligible turnover.
- Burn4stay:
 Check the channel of the reservation is eligible.
 At check-in Check the identity of the card holder with the one recorded in the PMS.
 In case of cancellation of the stay by the Member, it is necessary to cancel the reservation via
ResaWeb so that the latter can be reimbursed if the conditions are favorable.
 Ensure that the amount of Burn4stay has been deducted from the eligible turnover.
 Benefits control (Complimentary breakfast, Dining & Spa Rewards and Suite night Upgrades). The hotel
must ensure all ALL members receive they benefits and that these are used in a proper manner.
- Complimentary breakfast:
The hotel must realise a rate control for “complimentary breakfast” to ensure that they are granted
according to the eligibility rules, i.e. according to member status, week days only (except for Platinum
status members in Asia Pacific) and for cardholder exclusively.
- Dining & Spa rewards:
The hotel must ensure that “Dining & Spa Rewards” vouchers are used only for food
and beverage or spa bill.
- Suite Night Upgrades:
 Premium and Luxury hotels must create a mapping on Hotel Distribution in order to set up the use
of Suites Night Upgrades.
 The hotel needs to add the posting of Suite Night Upgrades voucher to their daily checklist as the
SNU voucher must be validated on Hotel Link and posted in the PMS on the day of use. (Exception:
for hotels on UPE – Final image you don’t need to validate SNU on Hotel Link, it will be automatic).
 Control of cardholder’s identity:
- Upon each Member’s arrival, ensure that the name on theirs ID card matches the
name on the loyalty card saved in the system.
- If the hotel has doubt regarding the user of the loyalty card, the hotel should contact Accor Hotels
compliance service: all.loyaltyprogramme.compliance@accor.com
 Check refund rate related to redemptions such as Burn4stay, Booking with point and Suite Night
Upgrades):
- The hotel must ensure once a month that the amount of reimbursements related to the redemption is
correct. For this, the billing report which lists all the reimbursements must be read and checked once a
month to confirm that the correct amounts were reimbursed;
 If the Hotel has automatic occupancy rate inflow a spot check must be performed, in order to
identify automatic errors.
 If the Hotel does not have automatic occupancy rate inflow each time the occupancy rate reaches
≥ 95% you must send your Manager Report within 48H to
all.loyaltyprogramme.burnrefund@accor.com.
>Control of access to HotelLink:
Responsibility
General Manager or Director of Finance
Frequency
Monthly
>Check of points awarded (inclu. Dining offer):
Person who does not award points/ Accor Live

Limitless ambassador Front Office Manager
Frequency
Twice a week
>Check of cardholder’s identity:
Front Office Front Office Manager

Frequency
Daily
>Check of Complimentary breakfast, Dining & Spa Rewards and Suite night Upgrades:
Front Office / F&B Front Office Manager or FB

Manager
Frequency
Twice a week
>Check of Check of refund rate:
Front Office / Accounting General Manager or Director of Finance
Frequency
Twice a week
 All the procedures and checks recommended as part of fraud prevention are available on ALL & You and the
ALL user guide. Moreover, an e-learning on My Campus and many other documents and newsletters
regarding key hotel procedures, program developments, training documents, and useful contacts are
available.
 We recommend all people with access to hotelLink refer to the e-learning on my campus in order to have a
better understanding of ALL controls.
 How to deal with customers’ requests?

 How to contact the HHD
Room sales
IX. Agency commissions
 VH-35. Is every commission transaction indicated on the report produced in FASTCOM web checked,
corrected or removed as appropriate every week? (Owner and Operator risks)
 VH-36. Is the weekly commission report approved in the FASTCOM web application within 48 hours?
 VH-37. Are the travel agency commissions that do not pass through FASTCOM web regularly checked and
approved? (Owner and Operator risks)
 VH-38. Are the controls supervised by a line manager (different from the ones who performed the checks:
N+1, hierarchy, team leader…)? (Owner and Operator risks)
 Prevent paying inappropriate commissions.

 Limit the risk of disputes with agencies.
 Meet contractual deadlines and conditions for paying agencies.
1.FASTCOM procedures
>Callbacks
 The FASTCOM justif is a weekly document containing all agency, distributor and search engine reservations
in ResaWeb for the previous week with the amount of associated commissions.
 This document is made available to the hotel every Monday before noon on the FASTCOM web
platform.
The hotel has 48 hours (until Wednesday before noon) from when the justif is made available to check
the accuracy of the prepopulated commissions for each transaction and correct them or add any, if
necessary.
 If the hotel does not act, the justif is automatically validated by Central with no possibility for the hotel to
change it later.
 After validation of the justif, a remittance notice indicating the amounts to pay is issued and sent to the
hotel for payment.
 A check must be made at least once a week to verify, correct, if necessary, then validate the completeness
of commissions for every reservation in the FASTCOM web justif. For this purpose, the person in charge of
the check must formally reconcile the data in the FASTCOM web justif with the data in the PMS by checking
the following data:
- Reservation status (Resa type in FASTCOM web: no-show, cancelled, shortened, TARS, Net rate,
etc.)
- Guest name
- Dates of stay
- Price of stay (commission base: excl. or incl. tax, breakfast included or not, etc.)
- Commission rate applied
 If there is a difference between the PMS and FASTCOM web data, make the changes (for cancellations, no-
shows, shortening, etc.). For informational purposes, the check and corrections can be made in FASTCOM
web from the day after the departure of the guest.
 A final version of the justif (after corrections) must be archived and supervised by a hierarchical superior.
 A formal reconciliation between the remittance notice and the final validated FASTCOM web justif must be
performed to verify the consistency of the two (number and total validated remunerations in the FASTCOM
justif).
 Training material (e-learning) and tips for using FASTCOM web are available on the Digital Services intranet
site under Everything about TARS > FASTCOM.
 For additional information concerning your distribution contracts, refer to DataWeb for specific commission
rates and/or your sales representative in charge of distribution contracts.
 If there is an error during the FASTCOM web justif validation phase, it is possible to request reopening of a
justif by the FASTCOM team if the request is sent before Wednesday noon (Paris time).
 The list of FASTCOM relays can be found in DataWeb.
 Remittance notices created by ONYX PAYMENTS cannot be modified.

Front office or reservation team Line Manager
Frequency
Weekly and before validation of the evidence
2. Procedures related to agency commissions not performed in FASTCOM

(Booking.com, RoomForDay, Laterooms, etc.)
 The hotel must define, for every agency with which it has established a contract, the frequency of checks to
make based on the data validation deadline set out in the contract. The hotel must have checked the
completeness of the reservations on the extranet or commission invoice (if no extranet) for every agency
before the deadline set out in the contract.
 Example for Booking.com: the hotel has 5 days after the departure of the guest to validate or modify a
reservation on the Booking.com extranet.
 A formal check must be made to verify, correct, if necessary, then validate the completeness of the
commissions appearing on the extranet or commission invoice (if no extranet) of the agency. For this
purpose, the person in charge of the check must formally reconcile the data appearing on the extranet or
commission invoice (if no extranet) of the agency with the PMS data by checking the following:
- Guest name
- Dates of stay
- Price of stay (commission base: excl. or incl. tax, breakfast included or not, etc.)
- Commission rate applied
 If there is a difference between the PMS and extranet data, make modifications (for cancellations, no-
shows, date changes, price changes, shortening, etc.) directly on the extranet by the deadline for data
validation set out in the contract. For example, for Booking.com, within 5 days after the departure of the
guest. If no modification is made by the hotel by this 5-day deadline, Booking.com considers that the hotel
has accepted the reservation as is and, consequently, a commission applies.
 On receipt of the commission invoice, the invoice items must be formally reconciled with the items checked
for the billing period. For Booking.com, invoices are monthly and include billing for commissions related to
reservations made during the previous month based on the departure date of the guest. This check must be
made by someone other than the person who performed the validation and modification of commissions
(hierarchical superior).
 For Booking.com, a cross-check of the status of the day's arrivals from the Booking.com extranet with the
list of the day's arrivals in PMS can be made every morning to identify cancelled reservations in the
Booking.com extranet not shown in the PMS, or to identify unguaranteed Booking.com reservations (noted
first time as a declined card for Booking.com) to cancel in the Booking.com extranet.
 If a guest contacts the hotel directly to modify or cancel their reservation, the guest must be asked to
modify or cancel the reservation through Booking.com or any other agency the guest used. For
Booking.com, if the guest does not cancel the reservation through Booking.com, it remains active and the
hotel must then pay a commission.
 On Booking.com, it is possible to report invalid credit cards so that Booking.com can contact the guest to
request that they provide another credit card within 24 hours.
 For Booking.com, invoices must be settled within 14 days after the invoice date by bank transfer or direct
debit.
Front office or reservation team N+1 (Line Manager)
Frequency
Before each payment date set out in the contract or at least once a week
F&B sales
I. Reconciliation between sales and consumptions
 FB-1. Are sales of all served food and beverages items detailed in the point of sales system? If not, is a
manual follow-up maintained by the hotel?
 FB-2. Is a reliable and correct F&B cost of sales ratios calculated monthly by the hotel? Is it compared,
analyzed and in line with the budgeted ratio? (Owner and Operator risks)
 FB-3. For buffet and banqueting, does the hotel follow the consumption at least on a monthly basis, through
a formalized reconciliation between sales and consumption or a reliable F&B cost of sales ratios detailed by
outlet? (Owner and Operator risks)
 FB-4. Regarding “à la carte” food items, are discrepancies identified during the monthly reconciliation
between products consumed and sales figures (produced either using stock management software or
calculated manually by the hotel on a representative sample of 5 products from the kitchen minimum)
formally explained and analyzed? (Owner and Operator risks)
 FB-5. Regarding “à la carte” beverage items, are discrepancies identified during the monthly reconciliation
between products consumed and sales figures (produced either using stock management software or
calculated manually by the hotel on a representative sample of 15 products minimum) formally explained
and analyzed? (Owner and Operator risks)
 FB-6. Are these analyses formally supervised by the general manager or director of finance on a monthly
 Ensure the security and monitoring of the flow of goods.

 Make sure that all goods sold are billed.
 Ensure consistency between consumption and sales.
 Secure the food & beverages revenue
Procedures
> Elements to be defined by the hotel
Concerning cost of sales ratios:
The hotel needs to ensure the figures reliability of each monthly report and validated it to perform a corrects
and reliable ratios. The hotel must define a methodology if it could split this analysis by outlet, services, offers...
Concerning “à la carte” monthly reconciliation between products consumed and sales figures:
 When the hotel has catering software interfaced with stock management software, it must create the
report on all products that reconciles consumption and sales every month.
 Hotels that perform a quarterly inventory are exempted. For months in which an inventory is not
performed, manual reconciliation between actual consumption and sales for at least 5 products from the
kitchen and 15 beverages must be performed.
 If the hotel does not have catering software interfaced with stock management software, it must manually
reconcile actual consumption and sales for a sample of at least 5 products from the kitchen and 15
beverages. The choice of products checked must be determined based on at least one of the following
criteria:
- High unit price
- High consumption in quantity or amount
- 20/80 principle (check 20% of articles representing 80% of consumption)
To the extent possible, products must vary from one month to the next. Nonetheless, for unjustified
discrepancies, the products may be retained for the subsequent month.
Concerning all-inclusive business model:
 All entrances of the hotel must be controlled by security to identify the guest who are not part of the “all-
inclusive” package. Same for point of sales if they accept outside guests.
 The guest identification must be secured by using individual recognition system (bracelet, badges, ID cards,
…). Same as vouchers, a procedure must be in place to control providing process to guests.
 Fixed Food and Beverages cost of sales ratios must to be communicated to the Executive Chef and F&B
Manager at least.
 Each month the hotel must calculate a F&B cost of sales ratios. Then ratios must be compared, analyzed
with the budgeted ratio.
 For hotels performing reconciliation through catering software interfaced with stock management software,
each significant discrepancy must be formally explained and documented.
 For hotels performing manual reconciliation between quantities sold (calculated from sales statistics by
item) and quantities of products actually consumed (Initial stock + Deliveries in the period − Final stock), the
process must take place and be formalized monthly. Each significant discrepancy must be formally
explained and documented.
 This reconciliation must be formally supervised by the General Manager or Director of Finance.
 For all-inclusive business model: each month the allocation of the package between accommodation
and F&B must be formally controlled in order to guarantee the correct F&B ratio that will be calculated.
Cost control needs to challenge actual F&B consumption N vs N-1 (when history available). Variance should
be limited or explained.
 For all-inclusive business model: Follow up of staff consumption when eating in restaurant is a standard
process. On monthly basis, it should be reconciled with agreed allowance and internal staff meal policy.
 Justified discrepancies can be analyzed in an appended document, which is stored with the reconciliation
document.
 Each dish served must have an up-to-date technical data sheet detailing all the products used in the
preparation of the dish and their quantities. Thus, all products for sale must be identified in detail in the
computer system (breakdown of menus, update of dishes, etc.). This makes it possible to analyze sales in
detail and exhaustively. Generic buttons, such as "Miscellaneous" and "Open" in the invoicing system,
should be avoided:
- For fixed menus and services, all items sold must be accurately identifiable in the sales statistics or
through daily manual monitoring.
- For products served as part of a "buffet" service or for special activities, perform a manual inventory of
the quantities consumed at the end of the event in order to ensure a reliable reconciliation of
consumption/sales at the end of the month (for example, buffet for 20 people: X kilos of salmon used).
- The sales statistics by item must be reliable and available in the system, and the detail of the deliveries
of the month must also be available, as well as the transfers of stock, duly validated by hotel
Management.
- Returns to stock, losses, damaged goods, corked wine, etc., have an impact on consumption and must
be monitored formally and included in the calculation of discrepancies.
- Transfers of stock, losses and damaged goods must be documented and formally validated by
Management.
 Each beverage served must have an up-to-date technical data sheet detailing all the products used in the
preparation of the beverage and their quantities. Thus, all products for sale must be identified in detail in
the computer system (breakdown of cocktails, update of beverages, etc.). This makes it possible to analyze
sales in detail and exhaustively.
 Generic buttons, such as "Miscellaneous" and "Open" in the invoicing system, should be avoided:
- For beverages served as part of a "buffet" service or for special activities, perform a manual inventory
of the quantities consumed at the end of the event in order to ensure reliable reconciliation.
- The sales statistics by item must be reliable and available in the system, and the detail of the deliveries
of the month must be available, as well as the transfers of stock, validated by hotel Management.
- Return to stock, losses, damaged goods, corked wine, etc. have an impact on consumption and must
be monitored formally and included in the calculation of discrepancies.
- Transfers of stock, losses and damaged goods must be documented and formally validated by hotel
Management.
- Hotels must estimate losses caused by changes of beer barrels based on barrel size, distance between
the barrel and beer tap, etc.
 To perform the check of consumption compared with sales, all consumption must be recorded in the
invoicing system (including free products and staff consumption).
 If significant discrepancies are noted in the consumption/sales reconciliation, an ad hoc order/invoicing

check can be performed for restaurants that do not have printers in the kitchen to make sure that all dishes
prepared were ordered.
 To harmonize the revenue figures recorded in the PMS and POS, the hotel can perform a daily check to
detect discrepancies and rectify them quickly.
 The reliability of catering statistics can be improved by performing checks of the information entered into
the POS when placing orders, specifically, the number of people served.
 For all-inclusive business model, according to the high number of point of sales, pooling of kitchens and high
volume of food production. If hotels decided to perform an individual tracking in addition to the cost of
sales ratios analysis, it should be focus on high value items (liquors or spirits mainly).
 For all-inclusive business model, if the local legislation allows this type of action, hotel could implement
some additional controls as garbage control, body search at entrance and departure of the employees, deep
involvement of security and cameras…
Head Chef or F&B Manager General Manager or Director of Finance
Frequency
Monthly
F&B Sales
II. Par stocks & POS records
Reminder of questions
 FB-7. Are all consumptions of drinks recorded in the system before they are served? (Owner and Operator
risks)
 FB-8. Does the hotel control POS open checks (all checks closed at the end of day) at least on weekly basis
for all outlets? (Owner and Operator risks)
 FB-9. Do sales outlets operate with par stock levels for drinks sold by the unit and are they respecting
them? (Owner and Operator risks)
 FB-10. Are daily requisitions produced on the basis of physical inventory and are they reconciled with sales?
Are discrepancies highlighted and formally analyzed? (Owner and Operator risks)
 Make sure that the complete revenue amount was recorded.

 Ensure consistency between consumption and sales.
 Ensure the security and monitoring of the flow of goods.
 Make sure that all goods sold are billed.
Procedure
>Element to observe
 All guest consumption must be recorded in the billing system before orders are served.
 All invoices must be paid and closed when the guest leave the point of sales.
 Fixed stock must be defined at each point of sale for each beverage sold individually. This stock must be
defined formally based on the average quantities sold and daily storage capacity.
 For all-inclusive business model: The Finance define par stock for liquors, wines and spirits beverages at
hotel level
 The hotel must ensure that all checks closed at the end of the day are correctly and timely performed. the
hotel could select the formalization of this check with a formal document or with a mark as: “control done”.
 Formally reconcile quantities requisitioned by points of sale (to replenish their fixed stock) and sales
statistics with the last time products were brought out of the cellar. To do this:
- A physical inventory of beverages in the stocks sold individually must be performed and formalized
each time products are brought out of the cellar.
- This physical inventory must be compared with fixed stocks defined to determine the number of
beverages to bring out. The quantities brought out must then be matched formally with sales
statistics.
 This reconciliation makes it possible to uncover discrepancies that must be formally justified.
 For all-inclusive business model: Operations need to provide the empty bottles to release a new one form
stocks. At the end of the month hotel can control variance by inventory as opening stock should be
equivalent to closing one. Then if variance is present investigation must be carried out.
 For all-inclusive business model, question FB-7 is not applicable.
 The manager at the point of sale can perform an unannounced check of open tables 2 to 3 times a week
to make sure that:
- Recording in the billing software is done before orders are served.
- A bill is opened for each table, and the time corresponds to the service.
- Bills are correctly settled on departure of the guest.
 For cash register receipts, check that:

- Consumption is recorded before orders are served, the receipt being provided with consumption; and
- Any additional order gives rise a new receipt.
 The person performing this check can come from another department.
 To maintain the impromptu nature of the check, it is recommended to vary the days and times.
 Bottles can be marked to facilitate the check of goods sold at the various points of sale (e.g., stickers on
bottles).
 Exchanges and replacement of goods between points of sale lead to stock discrepancies. Formalize them
with transfer slips, with the signatures of the managers of the two points of sale.
 The losses and damaged goods report can explain anomalies revealed by this check.
 Fixed stocks can also be defined for bottles sold by the glass in order to restock the point of sale as soon as a
minimum volume of stock is reached.
 Daily requisitions should be performed with a witness to increase the level of control.
 For all-inclusive business model, purchasing management and ordering will be based on the forecast of the
consumptions established by Chef, F&B manager and commercial team.
Responsibility
F&B Team / F&B Manager
Type of check
All products brought out
Frequency
At each removal from the cellar
F&B Sales
III. F&B revenue deductions
 FB-11. Is the control formalized on daily basis for all outlets?

 FB-12. Are the documentation on all revenue adjustments in POS (always with clear comments) is
adequate to confirm they are properly justified?
 FB-13. Does the General Manager or Director of Finance formally supervise this check at least on a weekly
basis?
 Make sure the recording of catering revenue is complete.

 Make sure that deductions are valid.
Procedures

- or by setting an upper limit on deductions/refunds that are decided by employees (written procedure).
 Formal check of deductions/refunds is performed daily using a definitive log (edited physically or digitally)
from the catering software.
 Make sure that all deduction/refund transactions are:

- recorded in the POS;
- justified by a ticket, an invoice, in the system or directly in the deductions/refunds log book. This
justification should include:
 the beneficiary contact details or if guest in house, the dates of stay and room number;
 the approval of the person having made the deduction or the operator's initials in the POS.
 At the end of each shift, make sure that deductions for catering services initiated at the reception desk are
accurately posted in the catering system to ensure correspondence between the revenues of the two
systems.
 Transactions recorded by catering go into the deductions/refunds log book at reception and must be
checked daily. Thus, make sure that they correspond to the transactions in the catering software and not to
additional transactions that require checks.
 The General Manager or Director of Finance must formally supervise this check, at least weekly. It can be
formalized directly using the set of logs concerned. In this context, we advise that the most significant
operations be verified through a spot check.
 Statistics must be corrected for all service deductions (for example, make sure that, after the revenue
deduction for a meal, the number of people is also corrected).
 To validate deduction and refund transactions, the person in charge of this check can use the control strip.
Thus, a deduction with nonspecific wording, such as "type error," can be traced using the deduction time, as
well as the table and product reposted.
 To facilitate monitoring and supervision, operators may be asked to draw up their deduction and
refund reports at the ends of their shifts and substantiate each transaction. Supporting documentation
for these transactions (credit card slips, tickets, etc.) can be attached to the reports. The final check of the
day must, however, take place based on the final report in the closed POS.
Food and Beverage Manager General Manager or Director of Finance
Type of check
Complete for deductions/refunds log book operations
Frequency
Check Supervision
F&B Sales
IV. F&B complimentaries discounts
 FB-14. Are the complimentary and discount F&B vouchers reconciled daily with the complimentary and
discount report to ensure they were properly justified? Is the check formally controlled?
 FB-15. Does the documentation include a reason for the complimentary / discount F&B products ?
 FB-16. Does the documentation include the beneficiary contact details or if guest in house, the dates of
stay and room number?
 FB-17. Does the documentation include the position & the signature of the person who granted the
complimentary or discount?
 FB-18. Does the General Manager or Director of Finance formally supervise this check at least on a weekly
basis?
 Make sure the recording of catering revenue is complete.

 Make sure that offers are valid.
 Reduce the tax risk in the event of audit by tax authorities.
Procedures
 Specify the people authorized to grant offers (department manager, sales representative, etc.).
 Unauthorized people must request prior authorization, which is formalized by an offer voucher attached to
the offer invoice.
 The formal check of offers is performed daily using a definitive log (edited physically or digitally) from the
catering software.
 Make sure that all offers and discounts are:

- recorded in the PMS;
- documented by a bill, ticket, voucher, etc. for which authorization is formalized, and that this
documentation from point-of-sale cash registers includes:
 the approval of the person authorized (with the position & the signature) to offer a service or the
offer voucher validated by this person;
 reason for offer;
 the beneficiary contact details or if guest in house, the dates of stay and room number.
 Depending on the hotel, authorized persons can be authorized to offer services at specific points of sale,
and not at all points of sale. The list of authorized persons must then be adjusted for each point of sale.
 Complete recording of the offers in the cash register system facilitates reconciliations between items sold
and products consumed.
 Offers are included in the sales statistics.
 If offers are recorded on a permanent invoice, regular review can facilitate their justification and monthly
check.
 People receiving offers related to loyalty or discount cards must provide proof of their validity. The hotel
must then use the guest's card number. For regular guests, it is then possible to make a copy of the card
and store it in a secure location. The offer or discount justification in the system can then be uniquely the
last and first names of the guest.
 Even if the offer or discount does not appear in the report, the statuses must be reported and checked.
Food and Beverage Manager General Manager or Director of Finance
Type of check
Complete for all operations in the offer log book
Frequency
Check Supervision
Finance
I. Cash float
 FI-1. In the event of hotel does not have any technologies such as self-cashiering machine to ensure the
cash floats integrity, are they kept securely (access restricted to those needing to use them, out of
customers’ sight, kept locked by default, stored securely when staff are off duty, allocation letter or cash
bank letter for individual own cash float)? (Owner and Operator risks)
 FI-2. Are formal spot-checks carried out at least on a quarterly basis on all cash floats in the hotel by a
manager who does not have access to them? In the event of discrepancies, are checks supervised by
General Management? (Owner and Operator risks)
 FI-3. Are the cash floats recorded by a joint handover when shifts change? If floats are dropped off or
removed from a safe at the beginning or at the end of the day, is a count made in the presence of a witness
(unless the hotel has any technologies such as self- cashiering machine to ensure the cash floats integrity)?
 FI-4. Are discrepancies formally recorded and quickly amended (within a week)? (Owner and Operator risks)
 Guarantee the security of cash float and cash flows.

 Make sure that the amount of cash float is appropriate for the activity.
Procedures
 If there are tools or machines ensuring the integrity of cash float, ensure traceability of deposits and
withdrawals through receipts, reports, etc.
 Allocation of cash float and organization of cash receipts: allocation of cash float by cashier, team
manager or relevant department.
 Amount of cash float: the amount of cash float is always fixed, and must be reduced to the minimum
required for effective operation of the department. Depending on the activity of the hotel, it can be:
- adjusted based on the seasonality of the activity;
- determined based on levels of responsibility; and
- assessed based on activity-related needs of the department (restaurant, bar, reception desk, etc.).
 Cash float allocation letters must be established and approved by all persons responsible for individual cash
float. They must be updated for each change in the amount and formally returned on change of assignment
of the cash float holder.
 Allocation letters must specify the obligation of the persons responsible for cash float to return it:
- at the request of Management;
- at the end of the work contract; and
- when there is an extended leave.
 Cash float is secured. Access to cash float is limited to authorized persons; it is not visible to guests; the cash
box is locked by default; it is secured outside working hours; and there is an allocation letter if employees
have individual petty cash funds.
 Cash float amounts are specifically entered into accounting records. Check that the amount in account
records matches the physical counts of cash float.
 Cash float is checked at least every 3 months (on varying dates) and formally by a manager who did not sign
the petty cash allocation letter. In case of individual cash float, controls should be carried out in the
presence of the responsible of the float. Anomalies observed are subject to immediate investigation. If they
cannot be resolved, the cash float is replenished and the unresolved discrepancies are entered into
accounting records after having received formal approval from the General Manager or Director of Finance.
 Transfers of cash float (for example, during shift changes) are always formal handovers. Detailed,
simultaneous counting by the person handing over the cash float and the person receiving it is formalized.
Any anomalies are formally specified in a document (notebook, binder) signed by the person handing over
the cash float and the person receiving it, which makes monitoring possible. Discrepancies must be formally
justified, rectified as soon as possible and brought to the attention of N+1.
 When cash float is not used outside working hours, access to it must be secured and limited to a small
number of people. When transferring or withdrawing funds, all cash float must be formally counted by two
people (detailed counting in the presence of a witness).
 Unannounced check:
General Cashier, Accounting Department and/or a
person who did not sign the General Manager or Director of Finance
allocation letter
Type of check
Complete for all cash float
Frequency
Every 3 months (on varying dates)
 Handover/counting by two people:
Person responsible for cash float N+1 (Line Manager)
Type of check/Frequency
At each handover/counting by two people
Finance
I. Treasury flow (1/3)
encashments integrity, is the deposit of encashment(s) envelopes formalised on a retained document? Do
the depositor and a witness validate deposits by signing this document? (Owner and Operator risks)
encashments integrity, are encashment(s) envelopes withdrawn, opened and counted in the presence of a
witness and formally recorded in a document retained by the hotel? (Owner and Operator risks)
 FI-7. Are the daily encashment physical evidences (printing of payment terminal summary, physical counting
of cash and cheque, Apol payment summary, etc.) reconciled with the definitive cashier report (front
office / city ledger)? (Owner and Operator risks)
 FI-8. Does this reconciliation highlight any discrepancies between theoretical encashment according to PMS
and actual physical encashment? Are such discrepancies explained and rectified as soon as possible ? And is
the accounts department informed? (Owner and Operator risks)
 FI-9. Is the safe where encashment envelopes are kept secure (access restricted to those needing to use it,
out of the general public’s sight, combination changed regularly if applicable, etc.)? (Owner and Operator
risks)
 Guarantee the security of treasury flow.
Procedures
 Frequency and organization of cash register closings: for example, at each shift end at a point of sale
(morning, evening, night).
 The cash receipt method used by each point of sale: common cash register, employee cash register or
dedicated cashier function.
 Type of cash receipt accepted by point of sale: cash, checks, currency, bank cards, etc.
 Physical counting of the day's cash receipts is formal and always corresponds to the cash receipt log book or
machine reading. Discrepancies identified are investigated and corrected quickly.
 Every envelope deposit to and withdrawal from the safe takes place in the presence of a witness. Both must
sign a safe transaction record book.
 The opening and counting of cash receipt envelopes always takes place in the presence of a witness, who
signs the counting document.
 The safe transaction record book specifies the:

- department concerned and date;
- amount deposited per envelope;
- name and signature of the employee depositing the envelope and those of the witness;
- name and signature of the employee removing the envelope and those of the witness;
- number of envelopes removed at the time of withdrawal; and
- amount in the envelopes removed.
 To guarantee a thorough check, the cashier counts the cash receipts without knowing the amounts
recorded in the PMS.
 The opening and counting of the cash receipt envelopes can be formalized in documents for the
preparation of bank deposit envelopes.
 For hotel presenting remote point of sales or out of system point of sales. We do recommend to avoid
direct sales paid. A voucher system to be paid at the cashier of the hotel (as reception or activity counter)
should be implemented to use the service.
 If the level of cash transactions is low, cash on hand and cash floats in FO and POS should be adapted
accordingly.
 For all-inclusive business model with specific restricted outlets or premium services. A Vouchers system
printed and signed should be implemented. Additionally, the vouchers are issued with serial numbers that
are unique to the customer or company they are issued to and are consecutive.
 For all-inclusive business model, the hotels could use mystery guest system (usually external company) to
check control of direct sales and ensure the whole money is correctly registered in the systems in remote
point of sales. Especially on high season.
 In case of all-inclusive hotel with nightclub, we recommend to include access within “all- inclusive package”
only if security can filter the entrance and limit access to only in-house guest. In hotels close from city or
residential areas Disco should be excluded from package with payment is done onsite.
outlet manager, cashier General Manager or Director of Finance
Type of check
Complete for all cash receipts and cash register envelopes
Frequency
At each shift change/daily
Finance
 FI-10. Are all encashments (front and back office in PMS) deposited in the bank (amount written on paying-
in slip = total encashments for the day or period)? (Owner and Operator risks)
 FI-11. Are takings regularly deposit into the bank, in accordance with local instructions (head office, finance
department, security firm contract, insurance policy, etc.)? (Owner and Operator risks)
 Ensure cash receipt security

 Optimize hotel cash flow
Procedures
 A bank deposit statement and cash receipt envelope for the day must be established daily (except for the
invoicing of excessive commissions by the bank for each deposit statement). Cash receipts deposited in the
bank must correspond exactly to the amounts on the cash register breakdown of the day.
 The frequency and maximum amount of bank deposits must be defined in the specific country based on the
amount covered by the insurance policy and the cost of each deposit (or in agreement with cash courier
companies).
 Organization: the principle of separation of functions must be observed; tasks involving access to cash
receipts are incompatible with access to making accounting entries.
 Bank deposits are made by people who do not have access to accounting entries, and cash receipts
(specifically, in cash) are not processed through accounting.
 All cash receipts of the day are subject to a bank deposit statement (unless otherwise set out in specific
countries).
 Transactions related to settlement of internal expenses (reimbursements for taxis, occasional small
purchases) are not paid from cash receipts.
 The frequency of bank deposits of checks and cash must comply with local standards. If the hotel signed a
contract with a cash courier, the hotel makes sure that the total amount of cash receipts deposited does
not exceed the amount covered by the cash courier in the contract.
 Electronic payment terminal (EPT) deposits are performed daily, making sure that the remote collection
indicates successful transmission. All transmission anomalies must be immediately addressed to prevent
the risk of data loss.
 Formal reconciliation between the amounts credited by the bank, deposit statements and corresponding
cash register reports is performed, and discrepancies are formally explained.
 EPT transmission tickets are always submitted with cash register envelopes to make it possible to check
credit card receipts.
 The copy of EPT transactions must be stored so that deposits can be re-created or disputes can be justified.
 If there are erroneous transactions in the EPT, always keep the tickets issued by the device.
 There are many precautions to take regarding cash receipt methods:
- Cash:
 Do not accept bills that are no longer legal tender, and comply with the instructions of
the hotel's bank branch.
 Remain vigilant about counterfeit bills, and ensure the compliance of security devices (watermark,
magnetic strip, paper quality, etc.).
- Currency:
 Do not accept bills that are no longer legal tender, and do not accept counterfeit bills (same as
above).
 Do not accept currencies that are not indicated by the hotel's bank branch.
- Checks:
 Immediately complete the order and specify the point of sale where it was deposited.
 Make sure it is correctly filled out (amount, signature).
 Confirm the identity of the guest and the guest's signature compared with an identity document;
at the reception desk, it is preferable to note the numbers of identity documents.
- Credit cards:
 In the EPT, avoid dividing an amount on the same card (for example, bill of EUR 200 divided into
two times EUR 100).
 Services: fast check-out, no-show charged and guaranteed reservation are subject to a
"hotel" amendment to contracts concluded with credit card companies.
- Traveler's checks:
 Traveler's checks must be countersigned by the guest when paying, in front of the cashier.
- Vouchers:
 Check the date of the voucher.
 Do not provide change in cash.
 Do not accept vouchers with damaged strips.
 Ensure compliance with the security devices for vouchers (see the security description for the
current year provided by the issuer. For example: special ink, insertion of metal threads, etc.) to
avoid counterfeits.
 Always endorse vouchers (hotel stamp in the box provided for this purpose).
General Manager / Administrative and
Accounting department
Accounts Director
Type of check
Complete for all cash receipts
Frequency
Every day and at each bank deposit
Finance
 FI-12. Do foreign currency transactions comply with the local regulations in force (display of rates, bank
authorisation, commission charges, etc.)? (Owner and Operator risks)
 FI-13. Are exchange rates updated in accordance with local standards (at least once a week)? Does it ensure
consistency in the rates received or calculated, displayed, and entered in PMS? (Owner and Operator risks)
 Guarantee the security of foreign exchange transactions.

 Reduce exchange losses.
 Limit the risk of disputes.
Procedures
 Exchange transactions take place as:

- simple exchange, i.e. only during the purchase of currency for payment of the bill by the guest; or
- during the purchase and sale of currency, based on local legislation concerning the operation of
foreign currency exchange offices (in France, for example, manual exchange offices must make a
declaration with the Banque de France).
 The organization of foreign exchange involves defining the following:

- Points of sale or cash registers accepting payment in foreign currencies
- Persons authorized to perform this type of transaction
 Review of the foreign exchange standards of the country to be able to inform guests, check exchanges and
ensure their proper application.
 Standards imposed by regulations in the country (display, guest documentation, etc.) must be observed.
 Exchange rates are updated (PMS and screens displaying them), commission included, at least once a week
based on the prices transmitted by the bank or Head Office or available on the intranet.
 The rates entered into the computer system, those displayed and those calculated are published and
subject to formal weekly reconciliation.
 Bank deposits of foreign currency are made frequently in a way that minimizes bank fees (particularly when
there is a minimum commission). In addition, they are made with a referenced bank. Make sure that fees
invoiced conform with the negotiated fees.
 Commissions must be consistent with the standards defined by the Head Office.
 Foreign exchange transactions (except for payment of invoices) must observe the following
conditions:
- Local regulations (accreditation by Banque de France and specific insurance, for example, for
France)
- The exchange receipt must be signed by the guest, and a copy is given to the guest.
 The risk of error is substantial when exchanging foreign currencies that have the same denomination, for
example, U.S. and Canadian dollars.
 It is recommended to keep rate update documents for the last 3 months.
 When the hotel accepts foreign currencies only for the payment of bills, it is recommended to display
"foreign currency only accepted for the settlement of bills" on the display screen in at least 2 languages, one
of which is English.
Reception N+1 (Line Manager)
Type of check
Complete
Formal monitoring of all exchange rates
Frequency
Weekly
Finance
II. Disbursements
 FI-14. Are purchases from petty cash taken from a specific cash float? Is this float kept in a secure area and by
a person without access to the accounting system? (Owner and Operator risks)
 FI-15. Is a follow-up of checkbooks outstanding formally achieved? Are checkbooks kept in a secure place?
Are checks issued formally followed up and sent at the end of each month with invoices to accounting?
 FI-16. Is spending from petty cash or from the hotel chequebook supported by the required paperwork
(invoice including all necessary statutory items) and is it presented at least once a month to the General
Manager or Director of Finance before replenishment of the petty cash float? (Owner and Operator risks)
 FI-17. Does the hotel ensure that no employment-related payments (advance payment, temp fees, salaries,
expenses claims, etc.) are made from petty cash? (Owner and Operator risks)
 FI-18. Are paid out properly documented by invoices? Are receipts signed by customers (signed PMS
invoices from the guest attached to the invoice of the paid out and sent to accounting)? (Owner and
Operator risks)
 Ensure payment security.

 Ensure observance of the principle of separation of cash inflows and outflows.
 Optimize collection of VAT.
 Ensure strict compliance with labor law.
Procedures
 The types of expenses that can be paid with petty cash must be defined.
 The amount of petty cash must be specified, fixed and recorded in accounting.
 The replenishment procedure must comply with the standards of the country and brand.
 A maximum amount per purchase can be set by the General Manager or Director of Finance.
 The person in charge of petty cash must not be authorized to make accounting entries.
 Purchases made with petty cash are performed with specific petty cash.
 These expenses are exceptional, of low amount and only made when the traditional suppler network
cannot be used.
 The set amount of petty cash is observed and adjusted to the volume of purchases made.
 These purchases are all supported by a properly completed invoice. The invoice must specify the following:
supplier name, hotel name and name of legalcorporation, transaction date, description of goods or services,
unit price (excl. tax) and VAT rate.
 A cash register log book with all petty cash payment transactions is kept up to date and supporting
documentation for purchases is stored.
 Supporting documentation and the monthly statement of expenses are approved by the General Manager
or Director of Finance. If the hotel is associated with an Accounting Center, these documents must be
sent to it; copies of supporting documentation are retained at the hotel.
 Formal requests must be completed by the customer prior to outlay for expenses. All paid out expenses
must be reconciled with the invoices in the PMS and attached to the accounting record.
 To strengthen this check, a formal authorization document for petty cash withdrawal can be drawn up
specifying the reason, name of the person withdrawing money and the person's department. It is signed by
Management before any withdrawal of cash.
 Only the original copy of the invoice can give rise to replenishment of petty cash.
 When using reception desk petty cash for this type of expense, the supporting documentation for the
expenses must not be stored in the cash register of the reception desk for more than 48 hours.
 Labor-related expenses (advances, extra shifts, salaries, expense accounts, etc.) are not paid with petty cash but
go through the payroll system, whereby they can be settled as benefits in kind.
 Employees must not pay up front with their bank cards for petty cash expenses. If no other solution is
possible, the employee is reimbursed through the payroll system (expense report).
Accounting Department General Manager or Director of Finance
Type of check
Complete
Frequency
For each expense Monthly
Finance
III. Cardholder data security - PCI DSS
 FI-19. Are merchant receipts, pre-authorisation receipts, faxes, emails and all documents containing sensitive
data relating to customer payment cards kept in a secure, restricted-access area? Are they destroyed after
the period stipulated by current local regulations? (Owner and Operator risks)
 FI-20. Does the hotel perform a daily check of its electronic payment terminals (« Quick Audits HCP ») in
order to secure credit card payments? (Owner and Operator risks)
 FI-21. Is access to the tray where the in-house customer files are kept secured and limited access to
receptionists? (Owner and Operator risks)
 FI-22. Does the hotel ensure that no document includes a credit card CVV/CVC or PIN number ? (Owner and
Operator risks)
 FI-23. Is PCI DSS training taken by hotel employees who handle (charge, process, store,
view…) credit cardholder data at least once a year? (Owner and Operator risks)
 FI-24. Are refunds made from a payment card number (by POS, manual credit card machine and bank
transfer request) governed by a special written procedure (restriction on number of people able to do so,
prior authority, “merchant cards” kept securely)? Are checks conducted to ensure refunds are made to the
same payment card used for the original payment? (Owner and Operator risks)
 Secure bank card data

 Limit the risk of fraud
 Ensure compliance with PCI DSS and GDPR standards.
Procedures
 People with access to bank card data.
 All documents containing the bank card data of guests must:

- be stored in a room whose access is secure and limited; and
- be destroyed after the period set out in local regulations.
 Access to reservation documents containing sensitive information must be limited to people who need it as
part of their duties.
 Cash register drawers containing storekeeper receipts must be locked by default.
 An inventory of the electronic payment terminals of the hotel must be carried out and kept updated. Thus,
the hotel needs to follow 3 steps on the Vigitrust platform:
- 1. Add electronic payment terminals for inventory.
- 2. Perform an audit on the PCI DSS compliance of these electronic payment terminals. This
step has to be performed by the General Manager once a year. If the
electronic payment terminals are not compliant with PCI DSS standards, the hotel needs to implement
necessary actions to ensure that they will be compliant (updating the electronic payment terminals,
buying a new one compliant with PCI DSS standards).
- 3. Perform a « Quick Audit » of the hotel electronic payment terminals at least once a day.
 Access to the box containing current guest records and pre-authorization tickets must be limited to
reception desk staff.
 Storing the credit card CVVs or PINs of guests is prohibited.
 All employees have received PCI DSS training every year.
 A payment card refund procedure (through the payment terminal (EPT)) is formalized and followed.
 Access to storekeeper cards (which permits access to credit in the EPT) is limited.
 Reconcile the number of the card debited with that of the card credited.
 « Quick Audit » of the hotel electronic payment terminals can be performed at each shift change in order to
better secure credit card payments.
 All PCI DSS procedures are on the VigiTrust platform: http://hcp.vigitrust.com/moodle
N+1 (Line Manager) and General Manager or
All staff handling bank card data
Director of Finance
Finance
IV. Accounting processing of receipts
 FI-25. Are the persons handling cash different from the persons, receiving the payment by mail, recording
them in the PMS and in the accounts department? (Owner and Operator risks)
 FI-26. Are bank reconciliations carried out monthly (for all bank accounts)? Are the detail of pending items
in the encashment acccount printed monthly? (Owner and Operator risks)
 FI-27. Are the nature and age of pending items in balance sheet accounts, bank reconciliation and
encashment accounts always clearly indicated? (Owner and Operator risks)
 FI-28. Are pending items in balance sheet accounts, bank reconciliation and encashment accounts formally
followed up (mail to bank or paying organisations, etc.) and correctly and quickly settled (formal monitoring
of actions from one month to the next)? (Owner and Operator risks)
 FI-29. Are bank reconciliations and the detail of pending items in encashment accounts analyses, formally
supervised by an Accounts Centre supervisor or by the hotel’s Finance Department (on-site accounting
department) and by the General Manager on a monthlys basis ? (Owner and Operator risks)
 Ensure the accuracy of records, follow-up and security of financial flows.

 Reduce the number of cash receipt suspense items.
 Limit the risk of fraud.
 Ensure the reliability of accounting data.
Procedures
For off-site accounts departments, the hotel must designate a person in charge of monitoring monthly cash
receipts and ensuring the link with accountants. In the best-case scenario, this person also checks cash receipts
performed daily at the hotel (see I. Cash inflows (1/3)).
 For bank reconciliation statements, check the following:

- Reconciliations are performed at least once a month.
- They are performed on a regular basis for all bank accounts (even inactive).
- Previous suspense items are subject to regular checks and are justified.
- Bank reconciliations are performed quickly after the end of the month and submitted to the General
Manager, Director of Finance or Accounting Center Manager for formal supervision.
- Pending items relating to cash and checks received concern only the last receipts for the month. Make
sure that these suspense items match cash receipts waiting to
be cleared in the bank (check bank paying-in slips) or still in the safe (carry out formal check of safe
contents at the month-end).
 For cash receipt accounts, check the following:

- The cash receipt accounts are analyzed every month, for each issuing organization.
- The nature and age of suspense items are clearly indicated.
- In the event of anomalies in the suspense accounts (unusually long settlement period, difference with
amounts paid into the bank, etc.), payer organizations are sent reminders and the hotel works with the
accounts department to resolve these suspense items quickly.
- The resolution of suspense items is monitored from one month to the next.
- The hotel has a copy of each cash receipt pending settlement.
- The analysis of cash receipt accounts is formally approved by the General Manager and the Director of
Finance or the Accounting Center Manager.
- Provisions are made for bank card or check payments that have not been credited (due to rejection,
dispute, fraud, etc.) according to country instructions.
 If the hotel accounts are kept in a dedicated accounting center, the hotel and the accounting center
must work together at the month-end to quickly resolve any suspense items more than 2 months old.
 After this analysis, the bank reconciliation statements and analysis of the cash receipt account balances
must be dated and signed by the hotel director and by a member of the Accounting Center management or
by the hotel's Finance Department (on-site accounts department).
 Credit card and check claim files must be regularly updated.
 If transactions are entered in the accounts based on bank statements, formal analysis of suspense accounts
must be carried out monthly. The bank account balance must match the bank statement balance on the last
day of the month.
 Inactive bank accounts with no movement for 3 months must be closed.
General Manager,Director of Finance or
Accounting Department
Accounting Center Supervisor
Frequency
Monthly
Finance
V. Financial statements
 FI-30. Is the distinction between operational expenditures transactions (OPEX) and capital expenditures
transactions (CAPEX) respected, through a recording in accounting accordingly to local standards (no CAPEX
is recorded in the income statement)? (Owner and Operator risks)
 FI-31. Are the transactions registered in the P&L in the accounting system supported by proper documents?
 FI-32. Is the revenue figures recorded in the PMS formally reconciled with the sales figure in the accounting
system at least on a monthly basis? Are any discrepancies explained and rectified quickly if necessary?
 FI-33. Are the reconciliations formally supervised by an Accounts Centre Supervisor or by Director of Finance at
least monthly (for on-site accounting department)? (Owner and Operator risks)
 FI-34. Are pending items in Balance sheet accounts properly documented and quickly settled (formal
monitoring of actions from one month to the next) ? (Owner and Operator risks)
 FI-35. Are balances of the balance sheet accounts supported by the necessary documentation ? (Owner
and Operator risks)
 FI-36. Are the reconciliations formally supervised by an Accounts Centre Supervisor or by Director of Finance
at least monthly (for on-site accounting department)? (Owner and Operator risks)
 Ensure that financial flows are correctly recorded and uploaded from the PMS.
 Limit the risk of fraud.
 Ensure that the data and financial statements are reliable.
 Limit tax risk
Procedures
For off-site accounts departments, the hotel must send the accountants the originals of all supporting evidence for
accounting transactions.
 Make sure that all OPEX and CAPEX transactions are correctly recorded in accounting in accordance with
their specific features (nature of the expense, value of the expense, lifespan of the good).
 Make sure that all transactions recognized are supported by accounting records.
 Reconcile the revenue recorded in the PMS with that in the accounts.
 Reconcile guest balances according to the PMS (outstanding guest liabilities, deposits, advances, payables
balance, etc.) with the balance of the corresponding accounts held by accounting.
 The nature and age of suspense items in the balance sheet account balances must be clearly indicated and
their settlement monitored from one month to the next.
 All suspense items in balance sheet accounts must be formally justified.
 In order to respect the distinction between OPEX and CAPEX, refer to local applicable rules and standards.
 It is essential to correctly analyse the special features of the expenses through the following criteria: the
value of the expense, the lifespan of the good and the nature of the expense (cf. table hereunder).
CAPEX OPEX
Various expenses:
Acquisition of patents, software. Marketing expenses (advertising, promotion,
communication…).
Legal expenses related to contracts signature. Training
and recruitment expenses.
Administrative expenses and other general expenses (i.e.
notary fees, recording fees).
Maintenance and repairs expenses:

Additional costs: in addition to the purchase price, it is Keep the good in good condition: paints’
possible to capitalize some costs directly related to the refreshment, small carpentry, cleaning.
implementation and use of the asset: Repairs on a roof following damages caused by a storm or
Transportation, delivery and hefting expenses. expenses to remove asbestos.
Installation and assembly expenses.
Pre-opening expenses (i.e. opening party, staff costs

related to hotels’ operations, energy expenditures…).
Hotel operating equipment
Partial replacement of an asset (motor of a dishwasher,

Initial acquisition of an asset (meeting room chairs, beds on one floor only) allowing the normal use of an
beds, linens, tableware, uniforms…). asset until the end of its amortization.
Integral replacement of an asset (all the chairs
from a meeting room, all beds of an hotel…). Replacement
for rebranding or leading to an improvement (ex:
replacement of a heating
installation for a better installation).
CAPEX OPEX
Windows and doors
Partial replacement in order to keep them in good

Initial acquisition of windows and doors. conditions.
Partial replacement with an improvement of the quality
(ex: better proofing, transition to double glazing, energy
savings).
Integral replacement as part of a large
replacement program (at the pace of one floor per year).
Lifts
Standard works (failure, maintenance).

Initial installation of the lifts.
Security works (conformity to regulations).
Development of a website
Development of an “active” website allowing to Development of a “passive” website not

generate turnover (ex: rooms booking). generating any revenues (ex: presentation).
General Manager, Director of Finance or
Type of check
Complete
Frequency
Monthly
Finance
VI. Corporate billing
 FI-37. Are all the fees invoices supported by a contract? (Owner and Operator risks)
 FI-38. Are the invoices checked before any accounting registration (Checks conducted to ensure the
accuracy of the figures used as a basis for the fees calculation)? (Owner and Operator risks)FI
 FI-39. Are the fees invoices paid in accordance with the negotiated terms and conditions of the contracts?
 Ensure that invoices for fees are accurate.

 Limit the risk of disputes with owners.
 Ensure that invoices are duly paid.
Procedures
 Check that all fees invoiced are under a contract.
 Check for each fee invoiced that:

- the base and percentage match the amounts in the contract;
- the figures used for the calculation (reconciliation with income statement, Edifis, HotelLink, etc.) are
accurate;
- Payment times and frequencies are complied with.
General Manager, Director of Finance or
Type of check
Complete
Finance
VII. Payment of expenses
 FI-40. Are bank mandates up to date and do they take into account the case of absence of one or more
operational usual signatories? (Owner and Operator risks)
 FI-41. Are all supplier payments made by the Accounting Department approved by two authorised persons
? (Owner and Operator risks)
 FI-42. Are the bank transfer payment process adequately secure and, in particular, payment data sufficiently
secured (limited access to the payment file, banking software and modules for changing bank details)?
 FI-43. If the systems do not ensure the integrity of the supplier bank detail, does the hotel implement
controls to secure these changes? (Owner and Operator risks)
 FI-44. Once payments are approved, are all paid invoices correctly identified so that no double payment is
possible (ex. marked “paid” on the invoice)? (Owner and Operator risks)
 Ensure payment security.
Procedures
 The persons authorized to issue payments (sign checks, make bank transfers, etc.).
 Payment methods are to be defined based on:

- the level of security that they offer (bank transfers are preferred);
- the possibility of optimizing administrative processing;
- requirements that may be imposed on the hotel.
 Payment times are to be defined and indicated to suppliers, in accordance with:

- any legal constraints of the country;
- how payments are organized (concept of supplier payment schedule).
 Supplier payments must always be signed or approved by at least 2 people, in accordance with regularly
updated signing authorizations.
 Signing authorizations must be redefined when a signatory leaves or is absent for a long period.
 For payments by bank transfer, make sure that:

- the payment file issued by the system cannot be edited;
- access to the banking software is limited to a small number of people.
 Any changes to suppliers' bank details must be justified and approved by at least 2 people. If the systems do
not permit this separation of roles, the hotel must put in place manual checks to formally record and
approve changes made.
 Check stubs are properly completed (date, amount, payee, invoice number).
 Checks are not signed in advance unless the order has been completed (blank check).
 The word "paid" is affixed to each paid invoice, with the payment details (payment method, date).
 For cancelled checks, the part showing the check reference numbers is stapled to the stub.
 Stubs are filed for the period required by the country's laws.
 Checkbooks are monitored on the basis of a permanent inventory; each movement in the stock of
checkbooks is recorded in the inventory record book then signed by the Director of Finance.
Director of Finance Accounting
Accounting Department Center Manager or Supervisor,
General Manager
Type of check
Complete
Frequency
Monthly
Receivables
I. Credit policy (1/2)
 DD-1. Do the contracts and the General Sales Conditions (GSC) or Customer General Purchasing conditions,
signed by both parties, enable the hotel to limit the risk of dispute (conditions on booking, confirmation,
cancellation, room transfer, rates, payment terms...) ? If applicable, do they comply with the latest versions
provided by the country Head Office? (Owner and Operator risks)
 DD-2. Are solvency checks carried out before signing any contract ? Are they renewed annually and half-
yearly for tour operators, travel agencies, airlines and SMEs (referenced solvency organisations if applicable)? If
the solvency check is not available or possible, are others formalized means implemented in order to check
solvency of the guest before accepting credit ? (Owner and Operator risks)
 DD-3. Is the opening of credit lines subject to a formal procedure and approved by the General Manager or
Director of Finance, or any person authorised by them ? (Owner and Operator risks)
 DD-4. Do payment guarantees (corporate payment guarantees, vouchers, etc.) covering all services billed
always appear in debtor records? (Owner and Operator risks)
 Limit the risks of non-payment.

 Avoid disputes with customers.
 Ensure that authorized credit and invoices sent to sundry debtors are justified.
Procedures
>General reminders
 Immediate payment (cash, credit card, etc.) is preferred in all circumstances.
 No individual guests can be accepted as debtors.
 The person who authorizes the opening of lines of credit must be formally appointed by the General
Manager or Director of Finance and must not be motivated only by increasing revenue but by increasing the
hotel's results (GOP for example).
The hotel's credit policy must comply with the local head office's instructions, include the following
elements and be formally recorded and distributed to each guest-facing department:
 A contract with terms and conditions of sale.
 A formal credit inquiry certifying the creditworthiness of guests granted credit must be carried out:
- for all new guests;
- every 6 months for travel agencies, tour operators, airlines and SMEs (small and medium-sized
enterprises);
- once a year for guests who are regularly granted credit;
- if there is an unusual change in the outstanding liability of a guest with an existing credit agreement.
 Determine the inquiry procedure: who performs the analysis, who makes the decision, on what criteria,
etc.?
 Define the policy for requesting down payments.
 Payment terms that can be granted must be defined in advance and formally recorded in a contract. We
recommend that they should not be for more than 30 days.
 The conditions for granting credit are complied with, namely:
 The guest file is properly completed. In particular, it must include a contract and terms and conditions of
sale / purchase signed by both parties, using the templates distributed by Head Office.
 The company's creditworthiness has been checked, in accordance with the credit policy, and the report
kept.
 The opening of credit has been formally recorded with a maximum limit based on the inquiry result.
 This information has been sent for formal acceptance to an authorized manager, in accordance with
delegated powers defined in advance by Management.
 There are payment guarantees in the files for each of the guest's services.
 Develop the means of carrying out a credit inquiry: use of a specialist AccorHotels inquiry (Dun &
Bradstreet, GDM), Internet inquiry service, information through banks, asking Group hotels that have
received the company, contacting Credit Management if there is any doubt, etc.
 The credit inquiry must be made before entering into a contract to grant payment on credit. Once a
contract has been signed and sent to the client, there is no going back on it.
 Acceptance of the opening of a line of credit by the General Manager or Director of Finance can be formally
recorded directly on the credit inquiry, specifying the authorized credit limit.
 The authorized credit limit for a client must be established based on the credit inquiry and the total amount
of the aging balance account.
 For contracts dealt with by an AccorHotels sales office, the hotel is no longer obliged to have a copy of the
contract with the hotel, or of the credit inquiry. However, these documents must be easily accessible in the
event of checks on invoicing, renegotiation or legal proceedings via Anaïs.
 The hotel must keep all payment guarantees covering all the services negotiated with the client
(accommodation and catering). These may be agreement emails from tour operators or companies
(including the names of guests or a rooming list), vouchers or documents signed by the client for extras. Any
change in the service must be agreed in writing.
 Acceptance of client' own terms and conditions of purchase (Ts & Cs) must be limited as much as possible. If
there is no alternative, the conditions agreed must comply with Group regulations. The Group recommends
that payment terms should not exceed 30 days.
 If there are significant payment delays, the hotel must work with Credit Management to find out the
process to follow and enable it to consolidate group receivables from all the hotels.
Responsibility and frequency
Sales Manager & Credit Manager General Manager / Director of Finance
Type of check
Complete Sampling
Frequency
Daily Monthly
Receivables
I. Credit policy (2/2)
 DD-5. Are group bookings, seminars, banquets and company bookings subject to a payment deposit in
accordance with the contract and are they recorded correctly in PMS (depending on the tax rules in force in
the country)? (Owner and Operator risks)
 Guarantee payment of late cancellation fees.

 Limit the risks of non-payment.
 Limit debt recovery expenses.
 Optimize cash flow.
 Limit tax risk.
Procedures
 The deposit policy must be specified, taking account of the following:

- The methods for asking for down payments (schedule, percentage, etc.), to be included in the
terms and conditions of sale
- Cases when down payments are mandatory (for example: all contractual events, new guests, poor
creditworthiness, etc.) to be adapted according to the country
- In what cases down payments are retained by the hotel (to be specified in the terms and conditions of
sale).
 Down payments are requested in accordance with the hotel's credit policy and the contract signed by
the parties.
 The receipt of down payments is monitored rigorously, with reservations liable to be cancelled if payments
are not received on the dates specified in the contract.
 The hotel's reminder policy is complied with.
 Down payments received are recorded in reception in the guest folios and included in the guest accounts
when the guests arrive.
 Down payments still in the accounts after an event date need a formal decision by Management
(refund, postponement of the event and related down payments, move to commercial penalty). They must
not be kept in the front office.
 If the contract requires down payments, and based on local legislation, these should not be recorded as a
deposit in the PMS on receipt. This is because VAT can be recovered on down payments, but not on
deposits.
 If credit inquiries are not satisfactory, a floating deposit can be set up (deposit paid before the first stay,
systematically covering liabilities, and deducted from the payment for the last stay).
 Note that for large groups, floating deposits available at Group level do not automatically ensure refunds for
services in all hotels concerned by reservations.
 If the number of reservations or services increases significantly, the amount of the down payments must be
adjusted proportionally.
 Last-minute reservations must be paid in advance.
 Credit balances in the aging balance for which a future use for a reservation has been agreed, must be
moved to the down payments / deposits balance.
 A form to monitor events, groups and seminars can be used, listing the various payment schedules and
actions taken to facilitate monitoring by the various services concerned.
Sales Manager & Credit Manager General Manager, Director of Finance
Type of check
Complete Sampling
Frequency
Daily Monthly
Receivables
II. Debtor monitoring (1/3)
 DD-6. Is the billing time satisfactory (within 48 hours of customer departure, except for MICE contracts
representing significant volume)? (Owner risk)
 DD-7. Are reminders issued (written or by telephone) for each debtor account requiring them? (Owner risk)
 DD-8. Are the standard reminder deadlines as set by the hotel Management (or by the country Head-Office
if applicable) actually enforced thus strictly and timely respected? (Owner risk)
 DD-9. Is debtor aging balance report analysed and commented at month end (especially receivables at risk)
by the General Manager or Director of Finance and heads of department (if hte hotel structure enable it?
(Owner risk)
 Optimize the recovery of receivables and the time frame for this.
Procedures
>General reminders
 The maximum deadline for invoicing defined by the Group is 48 hours (except for complex invoices
including seminars for which an additional period is acceptable).
 The process for issuing reminders and monitoring debtors needs to be specified:
- Reminder methods: telephone, mail, fax, email, etc.
- Reminder schedule (from the payment date in the contract).
- Formal process for written reminders: 2 or 3 standard reminders becoming more and more insistent.
If there are no standard reminders (defined by the country, Division or downloaded from the Credit
Management intranet), a lawyer should review the wording of reminders.
 Invoicing times are checked, by monthly sampling at least, for compliance with the standards defined by the
hotel.
 Guest files include documents formally recording the reminders issued, in writing and by telephone, so that
the files can be monitored. The use of debt recovery services must also be formally recorded in the files.
 The reminder and formal notice-to-pay periods are monitored and comply with the country policy.
 The aging balance must be formally checked at the month-end by the General Manager or Director of
Finance in order to monitor the progress of bad debts and whether they are likely to go to litigation or not.
>Control indicators:
 Average period for sending invoices
 Percentage of aging balance more than 60 days old
 DSO (Days Sales Outstanding) corresponding to the average recovery period.
 Most debt recovery problems stem from anomalies in the initial formation of guest files. A guest file must
include: elements identifying the guest (SIREN number and/or trade name; invoicing address and sales
and accounts contacts to send reminders to); payment guarantees; signed points-of-sale documents;
correspondence; the reservation document; the signed contract (where appropriate); the front office
invoice; details of reminders, etc.
 For reminders, a monitoring form listing all reminders in chronological order, with the name and position of
the contact and the payment commitments made, can be set up.
 For example in France, the following reminder periods are recommended: R1 15 days after invoice date,
R2 30 days after and R3 45 days after with acknowledgment of receipt. R1 and R2 can be sent by email.
 If possible, we recommend generating the reminders through the PMS.
 Make sure that part payments are recognized and are properly allocated (using payment notices, invoice
number, etc.).
Credit Manager, Head of Reception, Accounting General Manager, Director of Finance or Rooms
Department Division Manager
Type of check
Complete Complete
Frequency
Daily Monthly
Receivables
 DD-10. Are provisions accurate, complete and timely accounted for doubtful receivables in accordance with
local GAAP and/or local Tax rules? (Owner risk)
 DD-11. Is bad debts write-off approved by the General Manager or Director of Finance? Is it supported by
documentation in conformity with local legislation and are they correctly recorded in the accounts system?
(Owner risk)
 Reflect risks correctly in the trading account.

 Comply with tax regulations.
Procedures
>General reminders
 According to the recovery process, after the last reminder, the hotel may have recourse to:
- a formal notice-to-pay letter;
- a specialist law firm;
- a debt recovery firm (approved by head office).
 Doubtful receivables are examined by the General Manager or Director of Finance each month and
provisions made in accordance with the country's regulations.
 The recovery process is started without delay, based on a complete file and a precise estimate from the
recovery organization of all the foreseeable costs of the actions to be taken.
 Receivables can be transferred to losses based on a document enabling this (certificate of irrecoverability,
etc.), approved by the General Manager or the Director of Finance.
 International recoveries are by their nature more difficult and often involve greater costs with no certainty
as to the outcome. Local contacts of recovery firms should be used and precise estimates must be sought
before decisions are made.
 Recovering invoices for small amounts can cost much more than the amount of the receivable. It may be
worth agreeing a more limited approach with the firm in this type of case.
 For each "left without paying" guest file:
- The revenue must be transferred and kept in an accounts receivable account (revenue may not be
deducted).
- A complaint must be filed with the police authorities (in France, it is also valid to record the matter in
the police incident book).
- At the month-end, a provision must be made for 100% of the amount of the receivable, excluding tax.
- If the debt proves irrecoverable (for example, the hotel does not have the guest's contact details), the
receivable must be recorded immediately as a loss in its amount excluding tax, if justified by a filed
complaint (in France, it is also valid to record the matter in the police incident book).
- Meetings to monitor files in litigation can be held regularly.
- Management can hold monthly meetings with the recovery organization regarding files in litigation to
ensure that they are being handled correctly.
Credit Manager, Head of Reception, Accounting
General Manager or Director of Finance
Department
Type of check
Complete Complete
Frequency
Monthly Monthly
Receivables
 DD-12. Are credit notes correctly documented? (Owner risk)

 DD-13. Are any credit amounts found on accounts of debtor aging balance formally followed up and
documented to enable the situation to be quickly rectified? (Owner risk)
 DD-14. Are debtor payments quickly recorded in the PMS (or City Ledger follow-up system) and is the
reconciliation with the relevant invoices carried out correctly and quickly (within a week)? (Owner risk)
 Secure the hotel's revenue.

 Avoid the risk of receivables' age being reduced.
 Limit the ill-advised use of credit amounts.
 Avoid disputes with guests.
Procedures
>General reminders
 In the event of a dispute, draw up a credit note or additional invoice so that the amount in the accounts
receivable balance equals the expected payment.
 The balance should only exceptionally contain credit amounts.
 Each transaction to regularize accounts receivable revenue is justified and documented.
 Any cash refunds must be justified by a receipt signed by the guest.
 Credit amounts in the aging balance are justified, monitored correctly and are no more than 60 days old.
 Each accounts receivable payment is cross-referenced correctly and quickly and matches the actual amount
received, on the one hand, and payment of the invoice it is cross-referenced with, on the other.
 A credit note that proves, after checks, to be justified, must be issued as soon as a dispute becomes known
in order to optimize the settlement period.
 Supporting evidence for credit notes must be kept and brought to the attention of Management.
 Credit amounts in the aging balance must be limited as much as possible. They must be monitored
regularly. After about 30 days maximum in the balance, measures must be taken to remove them from the
aging balance: refunded to guest, switched to down payment / deposit for a future reservation, placed in
a suspense account in the accounts, etc.
 Partial settlement can reveal the existence of a dispute.
 A one-off reconciliation can be made, by a person not linked to the management of Sundry Debtors,
between the issuing of accounts receivable payments, the bank document and the cross-referenced invoice.
Credit Manager, Accounting Department General Manager, Director of Finance
Type of check
Complete Complete
Frequency
Daily Weekly
Purchase and stocks
I. Goods ordering/delivery (1/2)
 AS-1. Is a sufficient separation between functions respected for the order, goods receipt and invoice
verification (minimum 2 people are involved in these tasks)? (Owner and Operator risks)
 AS-2. Are approved suppliers approached first, or are several suppliers invited to tender if there is no
approved list in the country? (Owner and Operator risks)
 AS-3. Is the purchasing policy subject to a formal procedure defining orders limits for each category of
products ? (Owner and Operator risks)
 AS-4. Are every orders subject to a formal procedure and authorised beforehand by the head of
department? (Owner and Operator risks)
 Ensure the security of the purchasing process.

 Benefit from Group purchasing terms and conditions.
Procedures
 As far as possible, limit the concentration of roles held by a single person to avoid an accumulation of
roles weakening the level of security of transactions, such as: Accountant/Purchaser, Purchasing
Assistant/Purchaser, and Accountant/Purchasing Assistant.
 If a country does not have a central Group purchasing system (e.g. AstorShop), the hotel must define the order
documents (purchase order, call for tenders, supplementary contract, etc.) for each type of purchase.
 When suppliers not on the approved list have to be used, the hotel must draw up a procedure for selecting
these suppliers (competitive bidding by several suppliers for a purchase) and a procedure for Management
to approve those selected.
 Formally specify, by product type or supplier, the people authorized to order and the maximum amount
they are authorized to spend (order limit).
 The list of approved suppliers and items, showing the applicable prices, is up to date and available (not
applicable if the country has a central Group purchasing system (e.g. Astorshop)).
 The list of non-approved suppliers with reasons for using them is kept up to date and approved by the
General Manager or the Director of Finance.
 Purchase orders are formally drawn up with the relevant values (the unit prices of items must be stated).
 A purchasing policy for approved and non-approved suppliers is set up.
 Any orders by employees are approved by their head of department (or N+1).
 Copies of purchase orders are sent to the people in charge of receiving goods to check compliance with
delivery dates and conditions.
 The regulations for delegating ordering authority and for separation of roles are complied with.
The rate of use of approved suppliers.
 The lack of purchase orders, especially for recurring purchases such as fresh products, can be compensated
for by lists of purchases or supplementary contracts for defined products, with only the quantities to be
filled in. For expensive products (meat, fish), the prices obtained should also be stated.
 For telephone orders, the list of items ordered must be formally recorded (in an email or on paper) so that
the person in charge of the delivery can ensure that the products delivered match the order.
 Having at least 2 people involved in the purchasing process limits the risk of concentration of tasks.
 Some central systems such as Astorshop make it possible to define a maximum amount per order and per
supplier. This system can block purchases (pending approval) or provide information (automatic email sent
warning that the maximum amount has been exceeded).
 If the hotel regularly works with non-approved supplier or for any purchase of a large amount, the hotel
must ensure that the non-approved supplier complies with social and environmental standards when
manufacturing the products or providing services. To do this, the hotel must have the supplier sign the
Procurement Charter 21 and insert a CSR clause in the contract. In addition, if the proposed purchase
exceeds K€750 in annual sales, the supplier must follow the “Know your counterparty (KYC) process”.
 For cleaning services, security services, welcome products, uniforms, business gifts, etc… The hotel could ask the
supplier for the results of external, social and environmental audits, if possible, that are less than 3 years old
and analyse them.
Head of department / F&B Manager /
Head Chef /Purchasing / Accounting Department General Manager,
Director of Finance
Type of check
Complete Sampling
Frequency
Each order Monthly
Purchase and stocks
I. Goods ordering/delivery (2/2)
Reminder of questions
 AS-5. Are products delivered formally verify / check against the order at the time of delivery (quantity,
quality, weight, etc.)? (Owner and Operator risks)
 Formally confirm incoming stocks.

 Avoid any errors or abuses.
Procedures
>Reminder
 The receiver's role must not, as far as possible, be combined with that of the purchaser, and the receiver
must not be responsible for entering invoices in the system.
 Deliveries are formally and comprehensively checked, meaning:

- Checking compliance with the purchase order: product reference, unit price, counting (including
opening boxes) or weighing of quantities delivered and checking number of items, grading and
packaging.
- Checking the quality: use-by date, appearance, product temperature, compliance with delivery times
and conditions, etc.
 Anomalies noted (quantity, quality, etc.) are formally recorded on the delivery note and a credit note
request sent to the supplier (copied to accounts). These checks must be formally recorded on the delivery
notes: tally marks, actual weights, receipt stamp, receiver's initials.
 To make price checks easier, ensure that the people in charge of these checks have the necessary
information (market price lists, approved suppliers' prices, etc.).
 The weight check must be carried out in the receiving area using appropriate scales that are checked
regularly.
 If goods are received without a delivery note, the receiver must draw up a memo indicating the items
received and reconcile the products received with the purchase order.
 If a stamp is used, it is still recommended to put a mark against each item for large orders to limit the risk of
error.
F&B Manager /
Head of department / Head
General Manager,
Chef / /Receiver
Director of Finance
Type of check
Complete Sampling
Frequency
Each delivery Monthly
Purchase and stocks
II. Supplier invoice accounting
 AS-6. Are invoice details (quantities, quality, weight, unit price, etc.) formally reconciled with purchase
orders, delivery notes or contract where applicable? (Owner and Operator risks)
 AS-7. Are invoices posted in the accounts system always formally approved by heads of department and
the General Manager or the Director of Finance, (stamped “valid for payment”) or by a person formally
authorised (delegation of powers) and communicated to the accounting? (Owner and Operator risks)
 AS-8. Do supplier payment terms comply with local regulations or the contract terms? Do those terms
enable cash flow to be optimised? (Owner and Operator risks)
 AS-9. Are accruals booked in accounting for all purchases and expenses (food and non food) where the
invoice is still pending at month end? (Owner and Operator risks)
 Ensure that purchases are recognized in the accounts and are valued correctly.
 Guard against unjustified payments.
Procedures
>Reminder
 Invoices must be entered in the accounts on receipt.

 Supplier payment deadlines and local regulations in force (e.g. the Sapin Law in France) must be complied
with to avoid any late payment penalties or fines.
 The hotel will determine who has the power to authorize payment of invoices.
 The reconciliation between purchase orders, delivery notes and the corresponding invoices is carried
out formally by checking:
- unit prices (based on price lists, suppliers' market price lists, contracts, etc.);
- quantity;
- type of item.
 These checks must be formally recorded on the invoices. They are drawn up correctly and include all legal
information, including:
- the date;
- the legal corporation name of the hotel invoiced;
- the VAT rates and calculations;
- the totals excluding and including VAT.
 Purchase orders and delivery notes must be attached to the invoices and sent to the head of department
concerned for payment authorization.
 Then all the documents (purchase orders, delivery notes and invoices) are sent to the General Manager or
Director of Finance for checking and payment authorization (via "authorized" stamp) or to the person with
delegated powers.
 Invoices and credit notes have been entered in the accounts, and the invoice record book and
corresponding accounting journals reconciled.
 All invoices and credit notes not received at the end of the month, for products received or services
provided, have been estimated and sent to accounts in a timely manner and/or entered in the stock
management system. Provisions for "invoices not received" should be entered excluding tax (barring
country exceptions).
 Checks should be made as to whether any additional non-contractual services (transport costs, delivery
costs, etc.) have been unusually invoiced.
 Only original invoices can be recognized in the accounts.
 In the event of a dispute, the copy of the invoice is kept by the manager; the original is sent to accounts
marked "do not pay", to be recorded. Disputed invoices must be reviewed each month.
 To avoid the risk of provisions being made twice, it is better each month to cancel the entire provision for
the previous month and enter the new provision.
 At the month-end, suppliers from whom the hotel has not yet received invoices (just a delivery note or job
sheet) should be contacted to get an idea of the size of the provision to make.
 In the case of centralized accounting, a schedule of payment runs can be defined and sent to the hotels to
anticipate the sending of invoices.
 All invoices must be submitted to the accounting department as soon as possible, we recommend a
maximum delay of one week.
 The disputed invoices must also be sent to the accounting department, specifying the reason for the
dispute.
 Invoices that arrive with an “old” date (example: invoice received on 1/30/2017 but invoice dated 12/31/2016)
must be returned to suppliers requesting an invoice with an updated date.
 Invoices must not remain blocked in the validation process, actions must be taken quickly to unblock
invoices payment.
F&B Manager /
General Manager /
Head of Department / Accounting Department
Director of Finance
Type of check
Complete Complete
Frequency
Daily Each due date
Purchase and stocks
III. Stocks
 AS-10. Are storage areas (hotel store, kitchen, sales outlets) locked when staff are off duty? (Owner risk)
 AS-11. Is access to storage areas restricted to a limited number of people? (Owner risk)
 AS-12. Are withdrawals of goods from storage areas formally recorded, checked and confirmed by the
person who recieved the requisition? (Owner risk)
 AS-13. Is there a report on losses and breakages in the main storage places? (Owner risk)
 AS-14. Are use-by dates respected, and products prepared by the hotel date stamped? (Owner risk)
 To guarantee stock safety.

 To control the flow of goods.
 To respect hygiene standards.
Procedures
 Storage conditions:
- Organization of stock: central store, stock at points of sales, store per department, etc.
- Safety of the premises and storage points: secure access, secure means of access (where and how are
badges, keys, etc. kept?), defined access (the list of authorized individuals must be formalized).
- Opening times (including the procedure for public holidays).
- Storage and marking of packaging in order to ensure that the oldest products are taken out first (the
aim is to limit losses).
 Stock movement monitoring system: through Cardex-type stock cards, on an Excel spreadsheet, or on a
specific software package (VSK, etc.).
 Inventory withdrawals regarding company store sales are to be regulated:

- Sales to the establishment's staff, but only on exceptional occasions (end of year, etc.)
- Restriction on the type of articles transferred, with a limit in terms of quantity
- Transfers to another of the Group's establishments.
 Each storage site has a statement of loss and damage at hand.
 Storage sites are locked outside of opening hours, and access is limited to a restricted number of
individuals. If keys are used, they must be secured (locked cabinet with control device, keys left at the
reception desk in a sealed envelope, etc.), and traceable (at each shift change, keys must be subject to a
handover, or they must be returned and collected in the presence of a witness).
 Inventory withdrawals are formalized on goods issue documents. Individuals involved in inventory
withdrawals must clearly identify themselves on the document (applicant- preparer-recipient); the
recipient's initials must attest to a check of the goods removed from stock. If the same individual carries out
all of the stages of an inventory withdrawal (request-preparation-receipt), a third person must carry out a
check of the goods removed from stock.
 Any goods not consumed and returned to stock will be subject to a return voucher, co- signed by the two
persons involved.
 Any goods that cannot be used, and any broken or corked bottles, are removed from the system or
recorded in the losses and damages logbook.
 Company store transfers are carried out:

- in accordance with the establishment's standards; and
- invoiced and paid at the latest upon withdrawal of the goods.
 Amount of losses on stock
 Raw material ratio
 Supplies of alcohol or high-value products must be kept in a different area from other products (example:
locked unit), or in a permanently secure location.
 Alcohol present in points of sale must be secured outside of opening hours (at the point of sale or kept in
another location).
 A paper envelope with a signature does not sufficiently secure access to keys. A sealed envelope with a
single seal number must be used in order to ensure the use of keys.
 When keys are collected at the start of the day by an individual different from the one who returns them at
the end of the day, a handover of the keys between these 2 individuals must be formalized in the presence
of a witness.
 In the event that keys for certain storage sites must be accessible to staff from other departments (room
service, breakfast, etc.), they must be left at the reception desk. Monitoring of the use of keys is to be
documented in a book especially for this purpose.
Responsibility
Head of Department General Manager, Director of Finance
Type of check
Sampling Sampling
Frequency
Monthly Quarterly
Purchase and stocks
IV. Inventories
 AS-15. Are physical inventories carried out at least quaterly basis by a minimum of two people and signed
off by them? (Owner and Operator risks)
 AS-16. Are manual inventory records reconciled with the final inventory using a representative range of
products? (Owner and Operator risks)
 AS-17. Do any discrepancies or inconsistencies identified during the F&B reconciliation between products
consumed and sales figures (produced either using stock management software or calculated manually by
the hotel on a representative sample of products) give rise to a second physical check by a third party?
 AS-18. Are the prices used for the inventories valuation (weighted average price, when the method could be
applied using a stock management system) regularly updated? (Owner and Operator risks)
 AS-19. Are final inventories formally checked by General Management before being sent to the accounting
department? (Owner and Operator risks)
 To guarantee the accuracy of stock valuation in accounting.

 To guarantee the accuracy of the operating account.
Procedures
 Determine the nature of articles managed in stock (food, welcome products, etc.).
 Establish the frequency with which inventories are carried out, bearing in mind that a valued inventory must
be carried out at least every quarter.
 For the months in which there is no inventory:

- Either the hotel has sales software interfaced with stock software (VR/VG), in which case the book
inventory balance will be recorded as actual inventory.
- Or the hotel does not have sales software interfaced with stock software, in which case the month's
consumption will be equal to the purchases made.
 Define the method of monitoring the book inventory balance through:

- the electronic record of a permanent inventory including sales statistics;
- a reconciliation between consumption and sales.
 Inventory count is carried out on a medium not stating the theoretical quantities, and by at least 2
individuals, one of whom is not responsible for stock management.
 Final, physical inventories must be signed by the 2 individuals who have carried out the inventories.
 The data entry for the inventory is also checked through sampling, and reconciliation with the inventory
count documents.
 Final inventories must be formally validated by the Management prior to being sent to Accounting in order
to be certain of the valued amounts.
 Each inventory logged with Accounting must comply with the inventory count procedure.
 Inventory results are reported in the accounts, ensuring that all analytical sections have been registered in
accordance with consumption over the period.
 Each month, during reconciliation between the book inventory balance and the physical inventory, any
discrepancies observed must be subject to an investigation. The count quantities are recounted in a formal
manner by a third party, with the quantities listed on the book inventory balance.
 The valuation of articles recorded in inventory listing is checked: reconciliation through sampling between
the purchase prices from the last invoices provided and the unit prices reported on the inventory
statement.
Control indicators:
 Amount of dormant stock (article with no movement for more than 3 months).
 Stock turnaround time.
 Amount of dead stock (article with no movement for more than a year).
 Stock ratio: the food and drinks / pre-tax revenue average value of the inventory per day (it represents the
number of revenue days immobilized in stock).
 Raw material ratio: it allows catering activity to be monitored through calculation of the margin between
the cost of purchases and the revenue generated. This ratio can be calculated per product family in order to
obtain a more precise analysis, and thus identify the keys areas for improvement.
 A formal product recount in the event of a significant consumption discrepancy can be directly documented
in the inventory.
 The hotel can establish a personalized selection system for products to be checked during the
manual/final reconciliation (Example: unit price value, high-consumption products, sensitive products,
etc.).
 Returnable packaging is to be monitored with regard to both full and empty crates, taking into account
packaging in circulation within the establishment.
 Stock in storage with third parties: information, at least quarterly, reconciled with consumption
invoicing must be obtained from suppliers stocking goods on our behalf.
 Dormant stock: the list of articles in stock for more than 90 days must be sent to the manager in order to
sell the items as a priority.
 Inventory impairment expense: during the inventory, any out-of-date or damaged articles must be reported
so that they can be recorded (as a provision or an expense).
 Deliveries made during the inventory are to be kept strictly separate. They will be integrated into the stock
on the next inventory, after validation of the inventory in progress.
Head of Department / Accounting General Manager /
Department Director of Finance
Type of check
Complete Complete
Frequency
At least every 3 months Quarterly
Staff management
I. Staff records
 RH-1. Is a contract prepared for each new employee in accordance with statutory obligations (signed
by both parties, stating the salary, etc.)? (Owner risk)
 RH-2. In case of requirement related to local law, is there a register that is used to keep of full up-date of
staff ? Is it in accordance with local legislation ? (Owner risk)
 RH-3. Are the validity and expiry dates of foreign workers’ residency permits and/or work
permits checked regularly? (Owner risk)
 RH-4. Do employee files contain a complete set of documents that are locally mandatory and, if applicable,
those recommended by the country Head Office (medical check-ups, annual appraisal, etc.)? (Owner risk)
 RH-5. Are local regulations regarding specific contracts (fixed-term, season, temporary work) known and
always followed? (Owner risk)
 RH-6. Whenever an employee leaves, does the management ensure that all elements belonging to the hotel
have been returned (Cash floats, keys, badge, uniform, IT access are desactivated...) and that all
administrative documents (balancing statement ending all contractual obligation, the document validating
the return of objects belonging to the hotel...) have been signed by the employee? (Owner risk)
 To comply with the legislation in force.

 To limit the risk of conflict with employees and candidates.
 To ensure compliance with AccorHotels policies and procedures.
 To limit the risk of reassessment by the competent control bodies (for example in France: URSSAF
[organization for the payment of social security and family benefit contributions], Inspection du travail [labor
inspectorate], etc.).
Procedures
 Specify any elements that must be present in individual staff files, such as:
- original ID documents. A copy of the ID card, residence card, work permit, CV, etc. will be kept in the
file of the employee concerned.
- documents formalizing the employee's effective start date (work contract, letter of appointment,
medical examination, single declaration of employment, etc.).
- documents related to AccorHotels management (performance appraisal, training courses
undertaken, job description, etc.).
- documents formalizing issue to the employee of elements belonging to the hotel (uniform, key and
master key, float, IT access, etc.).
 During the contract, the following shall be added:

- Acknowledgments of debts or records of advances and down payments.
- Vacation requests (special, paid, etc.).
- Forms concerning periodic medical examinations, the updating of residence cards, etc.
- Contract amendments.
 An individual file is created for each member of staff. This file contains compulsory elements in accordance
with the local legislation in force, in addition to administrative documents which comply with the standards
of the establishment, Head Office, and Group.
 Contracts, or amendments to initial contracts, are signed by the employee and General Manager. One copy
is given to the employee, and another copy is kept by the hotel.
 The contract established allows the individual to adapt to the activity as quickly as possible, and to benefit
from potential legal aid.
 Possible benefits in kind for staff are handled in accordance with the country's labor legislation.
 All formalities prior to recruitment have been met, in accordance with local regulations (for example in
France: DPAE [declaration prior to recruitment], pre-recruitment medical examination, etc.).
 If local labor legislation so requires, each new employee must be registered on the staff register.
 A trial period is provided for, and its successful completion is formalized through an evaluation filled out
prior to the end date.
 Labor regulations with regard to fixed-term contracts and extra contracts are respected.
 If any change to an employee's situation occurs, an amendment to the previous contract is signed by both
the employee and the employer, and is then archived.
 Employees with a special status (foreign employees, etc.) meet the legal standards of the country (residence
card, work permit, etc.). For certain countries, it is recommended that a validity request be made to the
local authorities with regard to residence cards (Prefecture in France, for example).
 An annual appraisal interview must be carried out at the end of the year.
 Upon an employee's departure:

- Departures from the company are formalized through a document indicating the end date of the
contractual relationship (resignation letter, dismissal letter, etc).
- Another document must stipulate the balance of any amounts owed to the employee. Any advances
and loans must be settled.
- This document shall also stipulate the full return of any elements belonging to the hotel. The
AccorHotels Bienvenue card must be returned in the event of a departure from the Group, in addition
to the private health insurance card if such exists.
- Other documents are to be returned to the employee upon their departure, in accordance with local
regulations (for example in France: labor certificate, receipt for the settlement of all accounts, and
employment agency declaration).
- If local labor legislation requires, the staff register shall be updated in order to include the employee's
departure.
 Staff files must be kept in a secure location, and access to them must be restricted to a limited number of
individuals.
 The hotel must ensure that each employee is familiar with the AccorHotels Group Ethics Charter and
Corporate and Social Responsibility (CSR). These documents must be signed by employees. A copy of the
signed documents shall be kept in each employee's file.
 The hotel must ensure that all employees are familiar with the Group's commitments to a non-
discriminatory and transparent recruitment policy. These documents will be made available to employees
(see. intranet site: Talent & Culture > Social Innovation > Diversity & inclusion):
- Recruitment charter
- Commitment to diversity
- "Recruiting without discriminating" leaflet and practical guide
- An e-learning course is available on the platform.
 The conditions in which different types of work contract (for example: extra contract in France) are applied
must be carefully monitored (a maximum number of shifts, grounds for appeal must be exceptional and
unforeseeable, etc.).
 The settlement of any payments by check, to be collected from the hotel, facilitates the process of returning
any elements (uniform, badge, AccorHotels card, etc.) belonging to the employer.
 A recruitment grid template (available on the Talent & Culture intranet) may be created by the hotel in
accordance with local T&C teams in order to ensure that the recruitment process is non-discriminatory and
transparent.
 In countries where tools are available, (for example the Gaia tool), Managers must sign and accept the
recruitment charter. They must also complete the e-learning course on diversity and non-discrimination.
Director of Talent & Culture
General Manager
Type of check
Complete Complete
Frequency
For each recruitment and departure of an
Monthly
employee
Staff management
II. CSR Compliance
 RH-7. Has a non-discriminatory and transparent procedure defining recruitment processes been distributed
to all hotel staff? (Owner and Operator risks)
 RH-8. Does the hotel ensure that the General Manager and the staff are aware of the Accor Group’s Ethics
and Corporate Social Responsibility Charter (CSR) commitments? (Owner and Operator risks)
 RH-9. Does the hotel ensure that the General Manager and the staff are aware of the Group's anti-
corruption policy and the Gift policy? (Owner and Operator risks)
 RH-10. Was the existence of the Group Integrity line communicated to all the staff? (Owner and
Operator risks)
 RH-11. Does the hotel respect the environmental and social commitments of the sustainable development
program Planet 21 of Accor Group? (Owner and Operator risks)
 To protect the staff and limit the risk of conflict with employees and candidates.
 To ensure the respect of policies, procedures and commitments of Accor.
 To limit the risk of corruption and non-compliance.
 To prevent the reputational risk of Accor.
 To facilitate the access to the Integrity line to all the employees.
 Ensure the implementation of the "Bronze" actions of the Planet 21 program
communicated by the Group’s Sustainable Development Department.
 Prevent Accor Group reputational risk.
Procedures
Means of communicating the various Group policies, procedures and commitments to all the staff.
 The hotel must ensure that all its employees are aware of the Group’s commitments to a non-
discriminatory and transparent recruitment policy. To do this, there are different awareness tools (available
on the Diversity & Inclusion intranet):
- Recruitment charter;
- Diversity & inclusion commitment;
- Practical guide Recruitment without discrimination.
 The Compliance program of the Group must be communicated to all the staff. To do that, the hotel
must ensure that the following documents were forwarded to them:
- The Corporate Ethics and Corporate Social Responsibility (CSR) Charter promoting
the Group’s values, commitments and responsibilities.
- The Anti-Bribery and Corruption prevention policy explaining the Group’s zero
tolerance regarding all forms of corruption.
- The Integrity line allowing for any employee to report any potential infringements of the law or
potential non-compliance with the Ethics & CSR Charter. The Integrity line is available by following the
link: https://www.accor-integrity.com/.
- The Gift policy governing gifts and invitations that an employee may offer or receive as part of a "B to
B" relationship.
 All these documents must be transmitted to the staff through any means as:
- Information on the bulletin board dedicated to staff within the hotel.
- Online training tools (e-learnings) with formalised follow-up of employees who have completed them.
- Communication to any new arrival with the signature of each employee attesting the awareness of
the documents.
- The organization of training workshops, presentations or information meetings with the signature of
an attendance record for each participant.
 The hotel must comply with the Group’s Planet 21 program and must implement the “Bronze” actions
defined as mandatory in accordance with the timetable. Participation in the Planet 21 program and the list
of «Bronze» actions are available in the Gaïa tool: https://gaia-prod.accor.com/
 A recruitment grid template may be created and used by the hotel in order to ensure that the recruitment
process is non-discriminatory and transparent.
 In countries where tools are available, the Director must sign and accept the Recruitment charter in Gaïa.
The Director and the staff must also complete the e- learning courses « Diversity & Inclusion », « Non-
discrimination » and « Corruption prevention policy ».
 The hotel must regularly make its employees aware of these topics, for example by organizing training
workshops, presentations or information meetings.
 Warning: the integrity line is not an emergency service. Please contact the relevant authorities (e.g. the
police) in case of immediate danger.
 To go even further in its CSR commitment, the hotel can also implement voluntary actions of the Group’s
Planet 21 program.
 The hotel can anticipate some “Bronze” actions that the Group expects to be
implemented in future years.
Director of Talent & Culture General Manager
Type of check
Complete
Frequency
For each recruitment of an employee.
For each update of a policy, commitment or charter communicated by the Group. For each update of the
“Bronze” actions list and for any new communication from the
Sustainable Development Department
Staff management
III. Payroll
 RH-12. Is the principle of segregation of duties observed for payroll management (payroll preparation, work
time monitoring, accounting and payment authorization)? (Owner and Operator risks)
 RH-13. Is access to payroll software data and payroll archives limited to persons who need it in order to fulfill
their duties? (Owner and Operator risks)
 RH-14. Are changes of bank details subjected to a monthly formalized follow-up? (Owner and Operator
risks)
 RH-15. Is monitoring of variable components (paid leave, sick leave, public holidays, flexitime, bonuses, etc.)
carried out effectively? (Owner and Operator risks)
 RH-16. Are work schedules signed off by employees within the statutory deadlines in the country (monthly
at least) and do the schedules comply with labour law in the country (timetable, number of hours worked
and rest days)? (Owner and Operator risks)
 RH-17. Are expense claims supported by documentary evidence and approved by line management?
 RH-18. Are advance on salary individually formally requested by employees and formally approved by the
General Manager or Director of Finance? (Owner and Operator risks)
 RH-19. Does the General Manager or Director of Finance check the accuracy of the payroll at each salary
payment ? (Owner and Operator risks)
 RH-20. Do bonuses and other staff perks comply with written objectives set at the start of the year and are
they in line with the policy issued by Head Office? Are written objectives sign both by the employee
and Hotel Management? (Owner and Operator risks)
 To guarantee the accuracy of payroll information.

 To ensure the confidentiality of data linked to payroll.
 To ensure compliance with labor law.
 To ensure the validity of payroll operations recorded and amounts paid to employees.
 To avoid disputes with employees.
Procedures
 Within the framework of the conventions, agreements, and laws in force, the following shall be defined:
- Compensation standards including, if required, specific grids for extras, elements linked to
compensation for service, etc.
- Working hours, overtime, time off in lieu, etc.
- Profit-sharing policy.
 Organization:
- Payroll information and staff files are only accessible to authorized individuals (confidential passwords
on the payroll program, pay slips and documents related to compensation issued only to appropriate
individuals, etc.).
- Where possible, ensure that functions are separated as much as possible, increasing the security level
of operations such as payroll preparation, work time tracking, accounting, and payment authorization.
- Work schedules include all individuals from each service and are formalized and established in a
manner that complies with the country's labor law regulations (range of hours, number of hours worked,
and rest days).
- Final work schedules are signed by employees, in compliance with the time frames established by the
country's legislation (at least monthly).
- Each salaried employee works for the establishment, and each individual working is subject to a pay
slip.
 Variable elements:
- Exceptional payroll elements (exceptional premiums, overtime, etc.) are approved and justified by a
letter from the supervisor, endorsed monthly by the General Manager or the Director of Finance.
- Premiums and nominative profit-sharing comply with contractual agreements, both individual and
collective, and respect the Group's policy. They must be validated by both parties once the objectives
have been defined. At the end of the period, achievement of the objectives will be justified and
recorded, then formally validated, by both parties prior to payment.
 Advances and down payments:

- Requests for advances and down payments must be subject to a formal, individual request, signed by
the employee and validated by the General Manager or Director of Finance.
- Down payments must represent, at most, the amount acquired by the salaried employee on the
payment date (paid vacation, share of end-of-year bonus, etc.).
 Expense accounts:
- Any travel must be validated in advance by the employee's hierarchical superior.
- Expense accounts are supported by valid proof and signed by the hierarchical superior.
- Any expenses reimbursed are consistent with the Group's internal policies (travel class, meal package,
means of transport, etc.).
 Monthly payroll:
- Variable payroll elements (vacations and absences of any kind, public holidays, etc.) are validated on
the individual attendance tracking sheet.
- Time off in lieu is determined in accordance with the establishment's policy.
- The General Manager or the Director of Finance formally ensures compliance with payroll procedures
on a monthly basis. Specific attention shall be paid to the pay slips of individuals who are responsible
for preparing salary slips. Validation by the General Manager or Director of Finance may be formalized
by printing and signing each salary slip, or by signing the summary statement of the salaries paid.
- Pre-slips must be produced for the formal checking and validation of pay prior to the actual payment
of salaries to employees.
- Any modification to employee bank details must be proven and validated by at least 2 people. If the
systems do not permit this separation of roles, the hotel must put in place manual checks to formally
record and approve changes made.
 For any business travel, the travel policy must be respected. The hotel may liaise with its Head Office in
order to ensure local arrangements.
 Bonus and objective grids must correspond to the model circulated by the T&C teams for the corresponding
year, and be formalized at the start of the year. The calculation of bonuses must be justified.
 The employee must be made aware of the objectives.
 It is recommended that paid leave schedules be checked regularly in order to ensure that employees do
not have quotas that are too high.
Head of Department, Talent & Culture and
General Manager, Director of Finance
Type of check
Complete Sampling
Frequency
Monthly Monthly
Staff management
IV. Accounting treatment for payroll
 RH-21. Is provision made in the accounting at month-end for paid leave, bonuses and other perks that may
exist? (Owner and Operator risks)
 RH-22. Is a formal reconciliation between the payroll and accounting systems conducted at least every half-
year? (Owner and Operator risks)
 To guarantee the accuracy of payroll information in accounting.
Procedures
 Payroll data is comprehensively recorded in the accounts, a reconciliation between the payroll book (payroll
journal), documents communicated to the authorities (for example: the DADS [annual social data
statement] in France), and the Accounting is formalized at least at the half-year accounting closings.
 Paid leave, bonuses, and other benefits are correctly provisioned each month.
Accounting Department General Manager, Director of Finance
Type of check
Complete Sampling
Frequency
Monthly / At least half-yearly Monthly / At least half-yearly
Risk prevention
I. IT security and PCI DSS checklists
(111/3)
 PDR-1. Do staff have a list available of telephone numbers for the different support units to be contacted in
the event of IT incidents? (Owner and Operator risks)
 PDR-2. Are incidents monitored such that all IT technical faults and the fixes applied by the relevant staff
can be traced? (Owner and Operator risks)
 To have a list of the telephone numbers of the different support bodies available in the establishment so as
to react swiftly to computer incidents and get in contact with Head Office.
 To react swiftly on the whole network through the centralization of computer incidents at Head Office.
 To reduce the downtime and unavailability of systems and computers which may disrupt daily operations.
 To have a situational analysis of the resolution of computer incidents.
Procedures
Each Head of Department must have a list of the telephone numbers of the different support bodies to
contact in the event of a computer incident. The slightest malfunction of a computer or device must be taken
into account by the Management in order to avoid any major incidents. Computer incidents must mention at
least the following elements:
 Date and time of the incident

 Equipment identification number
 Nature of the incident
 Intervention number assigned by the support team
 Name of person who reported the incident
 Correction date where applicable. (This follow-up may be carried out using "Assist" on the intranet, or any
other incident tracking tool made available to hotels by the country's IT services).
IT Manager or Designated Person General Manager, Director of Finance
Type of check
Complete Sampling
Frequency
Each time an incident occurs Monthly
Risk prevention
I. IT security and PCI DSS checklists
(112/3)
 PDR-3. Are computers, tablets and electronic payment terminals (EPTs) located in areas accessed by the
public properly protected against theft or damage (attached screen, locked database, tablets secured when
not in use, key in area inaccessible to the public)? Are network sockets in public areas disabled when they
are not used? (Owner and Operator risks)
 PDR-4. Are sensitive areas (server room, checkout desks, reception) equipped with video camera
(respecting the country legislation) and/or access control mechanisms to monitor individual physical
access? (Owner and Operator risks)
 PDR-5. Does the hotel use paper shredder or other method to destroy documents with sensitive data as
soon as they are no longer needed? (Owner and Operator risks)
 PDR-6. Are the computer rooms dedicated and protected by an access system (swipe card or keypad door
entry system, locked with a key that is signed out in the front office)? (Owner and Operator risks)
 PDR-7. Is fire risk in the computer rooms limited and adequately covered (by fire extinguishers, fire resistant
materials, ventilation and air conditioning, automatic fire detection system, etc.)? (Owner and Operator risks)
 PDR-8. Do the servers and PMS computers have real-time anti-virus software installed (and updated at least
weekly)? (Owner and Operator risks)
 PDR-9. Do workstations giving access to applications holding sensitive data (PMS, POS, email, etc.) timeout
after a period of non-usage? (Owner and Operator risks)
 PDR-10. Is access to applications holding sensitive data (PMS, POS, etc.) managed through named logins and
in line with the employee’s role? Is a check conducted to ensure that active logins are all for employees still
working at the hotel at least on a quaterly basis? (Owner and Operator risks)
 PDR-11. Are passwords for logins to applications holding sensitive data (PMS, POS, etc.) changed every
three months? (Owner and Operator risks)
 To ensure that PMS computers, equipment, and data are appropriately protected against vandalism, fire,
intrusions into the system, viruses, etc.
 To ensure compliance with PCI DSS procedures.
Procedures
 Protection of computers, tablets, and electronic payment terminals:

- Computers, tablets, and electronic payment terminals (EPT) present in areas accessible to the public
must be protected from potential theft and damage (attached screen, computer database under
lock and key, tablets secured outside periods of use, key not accessible to the public).
- Unused network sockets accessible to the public must be disabled.
- Control over access to sensitive areas:
- Sensitive areas (server rooms, cash points, reception offices, etc.) must be equipped with a video
surveillance system (in compliance with the legislation in force in the country), and/or any other
system allowing the physical access of individuals to be identified and checked.
- In accordance with PCI DSS standards, video recordings are to be kept for a maximum of 3 months.
 Confidentiality:
- Before being thrown away, all sensitive data documents must be completely destroyed (crosscut
shredded, incinerated or pulped) in order to make them unusable. In order to do so, the hotel can
choose to use a DIN3 category paper shredder (cross cut) or to work with an outsourcing company
provided that PCI DSS standards are respected (limited access to documents, conditions and frequency
of the collect …)..
 Access to the computer room or to the disk array:

- The computer room must be permanently locked. Access must be secured through a badge, digicode,
or keys. If the hotel has a computer cabinet, the keys must not remain on top of it.
- If access is by key, the key must be secured at the front office, and its collection and return must be
monitored using a book requiring signature and a witness.
- If access is obtained via a code, this code must be changed every 6 months and systematically upon
the departure of any employee familiar with it.
- Whichever option is selected (badge, code, etc.), access to computer rooms must remain possible even
in the event of a power outage.
- Access to the computer room must be restricted to authorized individuals. These individuals are
appointed by the General Manager or the Director of Finance.
- Furthermore, the room must neither be too warm nor too humid. A temperature of around 20°C is
adequate.
 Fire extinguishers:
- The computer room must be equipped with fire extinguishers, FM200 automatic fire-extinguishing
systems (replacement for Halon), or any other equivalent system.
- In any event, no flammable materials must be stored there, with the exception of user manuals and a
reasonable amount of paper (for example, 2 reams) to supply the printers.
 Additional requirements for medium and large structures:

- The computer room and adjacent areas must equipped with fire extinguishers and automatic fire
detection systems.
 Anti-virus programs:
- All servers and computers connected to the PMS must be equipped with a standard anti-virus program
and be updated weekly. In no event must this program be disabled.
 Automatic standby mode:

- Automatic standby mode must be configured on each computer. As such, each time the system has
not been used for 15 minutes (PCI DSS standards), the screen saver appears and is only disabled upon
entry of the staff password.
- Each employee must disconnect from the system at the end of their shift.
- Particular care must be paid to computer workstations located in areas accessible to the guests.
 Access to applications hosting sensitive data (PMS, POS, etc.):

- Access must be nominative and befitting of the employee's duties. A quarterly check must be carried
out.
- Staff passwords must be changed regularly, at least every 3 months.
- Access for employees who have left the establishment must be removed from systems in order
to prevent any unauthorized intrusion.
- Employees should be reminded that passwords are personal and must not be disclosed.
- Passwords must contain at least 7 characters, and must include both numeric and alphabetic
characters.
 Any physical access to the server room must be traced. This traceability may be ensured either by using an
automatic system (if the hotel has a badge access control system), or by using a manual logbook.
 Passwords must not be displayed on computers or be written on loose sheets of paper.
Hotel staff General Manager, Director of Finance
Type of check
Systematic Sampling
Frequency
Daily Monthly
Risk prevention
I. IT security and PCI DSS checklists (3/3)
 PDR-12. For hotel equipped with other PMS than FOLS or OPERA HOSTED, Does the hotel follow the backup
procedures issued by Head Office (describing the backup scope and frequency, the staff responsible for
running backups and the physical media replacement guidelines) ? (Owner and Operator risks)
 PDR-13. For hotel equipped with other PMS than FOLS or OPERA HOSTED, Are physical backup media taken
off-site for storage at least once a week? (Owner and Operator risks)
 To limit the risk of loss of data.

 To confirm that resources allocated to the data recovery process allow continuity of the activity to be
ensured.
 To ensure continuity of the activity in the event of prolonged computer unavailability.
Procedures
 For hotels equipped with a PMS other than FOLS or OPERA HOST:
- All computer data (PMS, hard disk, etc.) essential to the hotel's activity must be backed up regularly.
This is the only way to recover this data in the event of loss (linked to different incidents: fire, water,
virus, incorrect user operation, etc.).
- It is the hotel's responsibility to ensure that each of its systems is backed up (with the exception of
systems under centralized backup). A backup procedure must be installed for each system. The hotel
must formally check all backup records (logs, reports, etc.) to ensure that backups are carried out fully
and that there are no anomalies.
- In order to optimize backup management and reduce the risk of operating errors, a schedule may be
established. At the very least, it must include the name of the server or the machine ID, the date of the
last backup, the type of backup media, the user name, etc.
- Backup media must be kept in a secure location (fire or water resistant), and a weekly copy must be
kept off-site (at the home of the General Manager or Head of Department, or exchanged with another
of the Group's hotels, etc.). It must be correctly labeled.
 Daily actions:
- Check that the backup has been carried out successfully (consult the backup record on the server,
printed on the night printer or that of the IT contact, and check the logs).
- If the backup has been carried out correctly, the record is to be kept in a file for this purpose.
Otherwise, (software/hardware incident, incomplete backup, etc.), the IT contact must identify the
anomaly and inform the support team, or even the publisher.
- The hotel must ensure that each system is backed up in accordance with the recommendations of the
country's IT services.
 For all hotels:

- Backup procedures to be followed in the event of prolonged computer unavailability (PMS), compliant
with the guidelines issued by Head Office, must be available at the hotel.
- The hotel must print these documents and keep them at the reception desk in order to be able to
continue operations in the event of a prolonged IT system interruption (check-in, check-out, payment
templates, etc.).
IT Manager / Designated Person General Manager, Director of Finance
Type of check
Systematic Sampling
Frequency
Daily Monthly
Risk prevention
II. GDPR
Personal data is any information relating to an identified or identifiable person (Name, PMID, phone number). People using
this data must have specific business reasons, be able to explain why they need the data, have a use of it, inform people
they are using it and let them access and modify it. The data should be kept secured for a limited period of time. Moreover,
if a third party uses that data, contract should be signed to ensure protection of it. If the data is transferred outside of the
Europe, it must be frame with specific legal tools. Finally, if the data is compromised, the legal department, the relevant
data protection authority and the persons concerned must be notified.
According to article 15 and subsequent articles in the GDPR, a guest has rights (to object, to access, to erase and to rectify)
to his personal data which has been processed by Accor & hotels. These rights must be satisfied within a month.
Accor strongly recommends hotels to use the GDPR Hotel toolkit (included in Vigitrust), which is a practical guide for hotel
executive manager describing the steps, roles and responsibilities and providing the tools to achieve GDPR compliance
(General Data Protection Regulation). Registration on this platform will allow hotels to gather all information needed.
 PDR-14. Does the hotel keep an up-to-date register of your personal data? (Owner & Manager risk)
 PDR-15. Is your staff trained on GDPR? (Owner & Manager risk)
 PDR-16. Does the hotel know how to answer Data Subject Access Rights? (Owner & Manager risk)
 PDR-17. What is your personal data deletion policy? Is it GDPR compliant? (Owner & Manager risk)
 PDR-18. Does the hotel display all necessary information about data collection and processing
regarding your guest and employees? (Owner & Manager risk)
 PDR-19. Does the hotel know how to react in case of a data breach in your hotel? (Owner & Manager risk)
 To comply with the GDPR legislation in force.

 To limit the risk of conflict with all stakeholders: providers, employees and customers.
 To comply with Accor policies and procedures.
 To be able to demonstrate GDPR compliance.
Procedures
A privacy referent should be defined within the hotel. This is an identified person to enable compliance with
data protection principles. Privacy Champion is in direct relation with data compliance team.
Clearly define how long personal data is retained (for as long as is necessary for the purpose of the processing
operation), and how it is purged afterwards (video purge, employee or prospect file purge…) according to each
local regulation. Applications provided by Accor (i.e.
FOLS) are already monitored, yet it is the hotel duty to monitor local applications, such as Video Surveillance,
Concierge or Spa software.
 Print hotel personal data register available from the GDPR platform. If not registered on the GDPR platform,
make sure file format for recording data processing activity contains overview of what you are doing with
the concerned personal data.
This register must reflect the reality of your data processing and allow you to precisely identify:
- the actors (referents, subcontractors…) who intervene in the data processing;

- the type of data processed;
- the use of data (what you do with it), the access of it, and whom are they given to;
- the length of retention and the security of the data.
The register should include each tool used within the hotel.
 You must be able to demonstrate how long you keep personal data and how you use it, in accordance with
local law.
 Keep the GDPR Hotel Status Report including:
- the list of users that have taken the GDPR eLearning. Employees handling data must be certified. To
smoothen the process, the GDPR Hotel toolkit allows to keep track of certified users;
- the list of policies and procedures status implemented in your hotel (Data Subject Access Rights
procedure here):
- the list of policies and procedures status implemented in your hotel (CYBER procedure available here).
Those latter are designed to help you to manage the first moments when you suspect a cyber-attack or
a data breach (security incident that may affect in more or less significant way the database / IT systems).
If you ever face this situation:
 inform your manager without delay.
 If the incident is related to a personal action, your speed of reaction will limit the consequences.
 avoid any manipulation that could aggravate the situation or destroy any trace or supporting
documentation;
 alert the emergency services and/or relevant authorities (IT helpdesk, GM,
alert.hotline@accor.com …) while gathering all information needed (what, when, who, how
long…);
 report to immediate line manager and country/region crisis coordinator;
 manage the event;
 keep an audit trail of events, decisions and actions;
 manage communication and potential media pressure.
Your vigilance and contribution are essential for Accor to meet these obligations.
 Demonstrate how you opt-in new client in loyalty programs and obtain their consent. You must be able to
show physical evidence of client agreement if the system does not allow it.
 Information about data collection and processing must be available for guests as well as employees. Lobby
must be the best place to inform each guest.
 Only use/store personal data that you really need. If the result can be reached with less personal data, do
not collect personal information you do not require.
 Checks should be done on shared networks, looking for guest & employee’s data.
 PMS (guests cardex) should be regularly checked by a person in charge to ensure personal data is not
wrongly used (i.e. comments on plain text field).
 Procedures are listed on the GDPR Hotel Toolkit, here are some examples:
- Procedure for the management of data subject requests for customers
- GDPR Golden Rules
- Staff Training
- Who to inform?
- GDPR register
Privacy Referent General Manager
Type of check
Complete Complete
Frequency
Business as usual (on-going) Annual review

Risk prevention
III. Subcontracting-related risk
 PDR-20. As regards subcontracting (room cleaning, exterior maintenance, etc.), are the contract signed with
the subcontractor compliant with the local legislation and enable to limit the risk of dispute ? (Owner risk)
 PDR-21. As regards subcontracting (room cleaning, exterior maintenance, etc.), has the hotel obtained, in
accordance with local legislation (and Head Office instructions if applicable) all the statutory documentation
concerning the service provider’s personnel and its legal and tax situation (properly employed, social
security contributions paid, etc.)? (Owner risk)
 A PDR-22. As regards subcontracting (room cleaning, exterior maintenance, etc.), does the hotel check, in
accordance with local legislation, that the situation for all staff for every subcontractor is in order? (Owner
risk)
 PDR-23. As regards subcontracting (room cleaning, exterior maintenance, etc.), does the hotel obtained
insurance certificates for professional/operating civil liability for subcontractors providing services within
the hotel and for providers practicing in the hotel (boutique, shop window, masseur..) (Owner risk)
 To protect AccorHotels against any potential accusations of shared liability and against a negative impact on
the Group's image.
 To ensure that the subcontractor complies with local social and tax regulations.
Procedures
 The hotel must sign a contract with each AccorHotels subcontractor referenced, in compliance with
standard contracts from Head Office. Moreover, it must obtain an insurance certificate to ensure that the
subcontractor is correctly covered. Finally, it must obtain all elements allowing it to ensure that the staff
hired by the subcontractor comply with local legislation (identity documents, work permit, etc.).
 NB: the procedure related to obtaining the identity documents of staff hired by the subcontractor is
not applicable to all countries (for example, it is not applicable in France). The hotel must, therefore, liaise
with the country's Head Office in order to ensure the validity of this procedure.
 If local regulations allow, the hotel may carry out unannounced checks on employees from the external
company by asking the company's representative for proof certifying that its employees are legally
compliant (nationality, work permit, and residence card if applicable, etc.).
 A clause making it mandatory for the provider to annually provide a copy of its insurance policies must be
integrated into the contract.
Head of Department General Manager, Director of Finance
Type of check
Complete
Frequency
For each new contract and local legislation statutory time frame
Risk prevention
IV. Insurance
If the hotel is not part of the Group-wide insurance program:

 PDR-24. Does the hotel’s General Management have copies of the insurance policies for Public liability?
(Owner risk)
 PDR-25. Does the hotel’s General Management have copies of the insurance policies for Property damage
and business interruption (PDBI)? (Owner risk)
 PDR-26. Does the hotel’s General Management have copies of the insurance policies for
Professional/Operating civil liability for other activities self-managed by the hotel? (Owner risk)
 PDR-27. Does the hotel’s General Management have copies of the insurance policies for
Company cars? (Owner risk)
 To fully cover all risks linked to operations.
Procedures
 Ensure that the hotel is covered under the Group's insurance policy.
 Otherwise, once a year, the establishment's General Management must ensure that the insurance policies
listed have been taken out and are valid.
Responsibility
General Manager, Director of Finance
Frequency
Annually
Risk prevention
V. Crisis and sensitive situations management
 PDR-28. Does the hotel have crisis management procedures? (ALERT Manual, emergency contacts list,
manual guest ledger follow-up, evacuation procedures, known gathering point, extended IT unavailability
procedures, etc.)? (Owner risk)
 PDR-29. Are all employees trained in the evacuation and firefighting procedures? Is an evacuation and
firefighting drill conducted regularly (depending on local legislation and at least once a year)? (Owner risk)
 PDR-30. Are the emergency exits kept clear? (Owner risk)
 PDR-31. In case of presence of a defibrillator, is it working properly? Are employees trained to use it?
(Owner risk)
 PDR-32. In case of video protection system in the hotel, is this working properly with the recordings
complying with the country’s current legislation? Is access to these recordings restricted? (Owner risk)
 PDR-33. Are all the rooms of the hotel opened daily (including cleaned-available rooms, out of service
rooms, etc.)? Is the check conducted formally? (Owner risk)
 To guarantee the physical protection of the Group's guests, staff, and establishments.
 To anticipate and better respond to a crisis situation and thus avoid it harming the reputation, activity, or
development of AccorHotels, or calling the liability of the entity, AccorHotels, or one of their
representatives into question.
 To ensure continuity of the activity in the event of prolonged computer unavailability.
Procedures
 It is recommended that the hotel's crisis unit be established in advance, in accordance with its structure. In
the event of a crisis, the crisis unit must meet in order to determine the actions to be undertaken as soon as
possible.
 A crisis directory containing useful emergency numbers and contacts must be produced and displayed.
 A file compiling any useful tools in the event of a crisis must be available for employees 24 hours a day, 7
days a week.
 It is recommended that a case containing emergency equipment (bandages, survival blankets, etc.) be
available in the hotel or in a hotel located in the same geographical area.
 It is recommended that each hotel or group of hotels in the same geographical area have a satellite phone
(notably in areas where natural risks and/or political instability exist) in order to ensure its ability to
communicate in the event of disruption to fixed and mobile networks.
 Information and awareness points, in addition to training with members of the crisis unit and hotel staff,
must be organized regularly.
 In the event of an evacuation, there must be an established assembly point with which everyone is familiar.
 Check that the file of useful tools in the event of a crisis contains the following items:
- ALERT crisis management manual, completed by the hotel
- Crisis directory with emergency numbers and useful contacts
- ALERT reflex action sheets: help to manage sensitive situations
- Hotel plans
- Evacuation procedures
- Fire procedures
- Printed manual logbook.
 Check that the crisis directory is up-to-date and on display.
 Ensure that hotel staff are regularly made aware of, and trained in, the management of sensitive situations
(team meetings, exercises, etc.).
 Ensure that evacuation and firefighting exercises, including use of extinguishers on real fires, are carried out
at least once a year. Depending on the hotel's structure, two different evacuation procedures must be
established (one for the day and one for the night as, in general, fewer people are present during the night).
It is also recommended that staff working on the reception desk and night staff be trained in the use of the
hotel's fire detection station.
 In the event of room subcontracting, it is important to ask the subcontracting company if chambermaids
have undertaken fire training each year (obligatory in France). Moreover, it is recommended that the
subcontracting company's chambermaids participate in the hotel's evacuation exercises.
 Check that emergency exits can be freely accessed at all times.
 Ensure that a defibrillator in good working order (notably where the battery's shelf life has not expired) is
available at the hotel and that at least one trained individual be always present at the hotel.
 Ensure that video protection equipment is in good working order (clear, legible image, correct camera
positioning, etc.), with recording compliant with the local legislation in force. In addition, video recordings
must be secure and subject to restricted access.
 Check that all hotel rooms (including clean unoccupied rooms, out-of-service rooms, etc.) are opened every
day. This check must be formalized and archived.
 Print backup documents and keep them at the reception desk in order to be able to continue operations in
the event of a prolonged IT system interruption (check-in, check- out, payment templates, etc.).
 The full recommendations within the framework of the Group's Safety-Security policy can be found on the
General Management Safety-Security intranet site.
 As crisis management is an integral part of the Group's Safety-Security policy, a focus on the latter can be
found the General Management Safety-Security website in the Hotel Crisis Management Homepage section.
All procedures and recommendations regarding crisis management in a hotel can be found in this section.
You will also find assistance on how to establish your hotel crisis unit, explications as to the role it plays,
how to deal with a sensitive situation, reflex action sheets, etc.
 Many documents and templates can be downloaded from this website, including: the hotel's ALERT manual
template, reflex action sheets, the crisis directory template to be completed, the emergency kit, the
tracking sheet concerning the satellite phone, call transcript sheets, the emergency identification sheet, the
collection of witness accounts sheet, the initial information report, the logbook, the feedback
questionnaire, and the ALERT manual template for head offices.
 Additional instructions to be respected by hotels, notably due to local constraints (organizational, legal, etc.)
may exist. In order to familiarize yourself with them, you can contact your country/area correspondents whose
contact details you will find on the Crisis Management Homepage intranet site (Who's where).
 Country intranets concerning this topic may also exist; please do not hesitate to contact your
correspondents.
 It is recommended that each establishment familiarize itself with any natural disaster risks present in the
area. These risks are made available to country Head Offices. Please do not hesitate to contact your
country/area correspondents.
 Fire doors: What purpose do they serve? During firefighting, fire doors allow the spread of flames and
smoke to be delayed, and contribute to safeguarding lives and property. They help to partition premises.
This partitioning has several objectives, notably to provide emergency services with more time in which to
arrive on-site and control the fire.
 The majority of fire victims do not die from the fire, but from the toxicity of the smoke, which easily spreads
throughout the building and into emergency exits if protection is not sufficient. Due to the extreme
toxicity of fumes and the speed with which they spread, fire barriers play a vital role in securing
evacuation routes by partitioning emergency exits in order to contain the spread of smoke. These
doors must be kept closed (except when chambermaids are cleaning the rooms). Some doors may be
blocked open by a mechanism (ASD: Actuated Safety Device). When a fire alarm sounds, the mechanism
releases the door so that it closes. It is, however, possible to open the door, which will close straight away
so that the fire does not spread.
 Food and health risks: it should be noted that domestic hot water supply networks must be subject to an
annual bacteriological analysis (legionella), unless more restrictive local regulations exist.
 For air-cooling towers, unless more restrictive local regulations exist, a bacteriological and physico-chemical
analysis must be carried out monthly.
 A sanitation booklet must be placed in each establishment in order to allow maintenance operations to be
traced. This document must be kept up to date and checked monthly. It is recommended that a file be used
as a sanitation booklet.
 For suppliers/companies who carry out "hot work operations", a safety document known as a fire permit
(obligatory in France) must be drawn up between the Hotel Manager, or Technical Manager (if delegated),
and the company carrying out the work in order to delegate liability to the company working in the hotel in
the event that a fire should break out. Hot work operations cause a great number of fires. Moreover, they
are frequently carried out in areas not intended for this purpose, and in an environment unfamiliar to
workers.
 With regard to video protection in France: a statement from the Prefecture must be obtained; an
authorization, valid for 5 years, will then be granted. This document must be kept at the hotel and a copy
must be sent to the French Safety Department. This document also contains information on the length of
time for which images may be kept (this depends on each Prefecture). At the end of this period, renewal
must be requested, which may be granted for the same duration.
 With regard to fire extinguishers in France: It is important to check that fire extinguishers have not had their
pin pulled out. In fact, if the pin is no longer sealed, the maintenance company must come and check the
fire extinguishers and put the pin back in place, or replace the fire extinguisher. Fire extinguishers must be
replaced every 10 years (French regulation). It is normally the maintenance company's responsibility to
replace fire extinguishers, but if the hotel notices that an extinguisher needs to be replaced (> 10 years), it is
responsible for contacting the maintenance company.
 Evacuation exercises in France: They must be logged in the establishment's safety register.
Capital expenditure
Monitoring of capital expenditure
 IAE-1. Has each capital expenditure commitment produced by the hotel been formally authorised
beforehand by the authorised managers using adequate documentation (estimates/contracts, several
suppliers invited to tender if there is no approved list in the country, etc..) in accordance with the procedure
defined locally? (Owner risk)
 IAE-2. Are invoices approved, before payment, by authorised individuals, after confirming completion of works?
(Owner risk)
 IAE-3. For hotels under management contracts, is a budget presented and approved by the owner every
year? Is a complete year-end report of investment carried out brought to the attention of the owner?
 IAE-4. For owned hotels, are a formal inventory and accurate valuation of the condition of fixed assets in
the hotel prepared and kept up-to-date (written off if appropriate, wear and tear in accordance with local
accounting standard, etc.)? (Owner and Operator risks)
 IAE-5. For hotels under management contracts, are contractual terms regarding the FF&E reserve respected
(i.e. FF&E bank account balance reconcile with the balance sheet value)? (Owner and Operator risks)
 To carefully monitor investments that have been planned, undertaken, and carried out in order to swiftly
detect any budget overruns and analyze any cost lines in excess.
 To ensure that the process of budget validation, commitments, and supplier payments is respected.
 For hotels under a management contract, to ensure compliance with the contract and, as such, avoid any
disputes with owners.
 All supplier performance must be checked prior to payment.
Procedures
 The CAPEX budget must be validated annually, in accordance with the multi-year investment plan.
 It must be filled out, line by line, in a detailed tracking table (by investment type, by department
concerned, by project, etc.).
 This table must be updated at least monthly, displaying the budget, commitments, and actuals (amounts
invoiced). Any budget overrun must be justified.
 For hotels under a management contract, the budget must be validated by the Owner each year and, at the
end of the year, the Owner must be provided with a comprehensive statement of investments made.
 An estimate must be requested for each new commitment (several suppliers are placed in competition,
with a validation procedure for this selection). It must be formally validated by the individual in charge of
the project.
 The Investment Manager or Owner must sign a letter of commitment for each investment so that the hotel
can place the order.
 Work is monitored and checked by the individual in charge of the project. Payment of each invoice related
to the work must be formally authorized by the individual in charge of monitoring.
 Invoices must be systematically validated prior to payment: BAP (budget allocation plan) from the General
Manager or Director of Finance. If the project is monitored by a project manager, a BAP from the project
manager will also be required.
 For subsidiary hotels, an inventory and reliable assessment of the state of fixed assets in the hotel must be
documented and kept up to date (scrapped if necessary, state of wear of the property in accordance with
local accounting standards, etc.).
 For hotels under a management contract, the FF&E reserve is supplied in accordance with the contractual
obligations of the management contract, in a dedicated bank account. Each year, the balance of the bank
account is reconciled with the balance of the general ledger account.
Project Leader, General Manager, Director
Asset Manager, Owner
of Finance
Type of check
Complete
Frequency
At each stage of the process / Annually
Thalassotherapy center & Spa
I. Planning control
 ITS-1. Are the appointments validated in the system or manually checked on the planning at the customer's
check-in? (Owner and Operator risks)
 ITS-2. Are the cancellations and schedule changes formally controlled? (Owner and Operator risks)
 ITS-3. Does the General Manager or Director of Finance formally supervise this check at least on a weekly
 To ensure that revenue is comprehensively recorded.

Procedures
 The Management must establish a cancellation policy with regard to services not carried out (cancellation of
an appointment, no-shows, etc.).
 In the event that the point of sale does not have treatment scheduling software that automatically invoices
the treatments when the guest has kept their appointment, manual schedules must be used.
Schedules may be kept directly on the software or on a manual system.
 With regard to monthly schedules:

- Each service carried out must be indicated directly on the schedule through the employee's signature
when the guest is welcomed. Cancelled treatments must not be deleted, but crossed out and
highlighted. These schedules must be formally checked on a daily basis and be correctly archived.
- All of the treatments scheduled and their invoices will be reconciled at least at the end of the day in
order to ensure that the treatments have been correctly invoiced. Any treatment indicated on the
schedule that has not been invoiced, or any other anomaly, must be formally highlighted and will be
explained. The conclusions drawn from this check will be overseen by the General Manager or by the
Director of Finance at least weekly.
 With regard to schedules kept directly on software:

- Each service carried out must be validated in the system.
- The logbook of changes to the schedule must be published daily in order to justify any cancellations
made. The conclusions drawn from this check will be overseen by the General Manager or by the
Director of Finance at least weekly.
 Manual schedules must be written in ballpoint pen and the use of white-out is prohibited.
 Where possible, with regard to the resources available, plan for a separation of functions between the
individual managing the scheduling of treatments and the individual responsible for invoicing.
 Republishing a manual schedule over the course of the day allows manual changes to be limited and,
therefore, the risk of invoicing oversights is reduced.
 For thalassotherapy institutes, supervision of the check by the General Manager or Director of Finance may
be formally delegated to the Site Manager.
Institute Director / Spa Manager General Manager or Director of Finance
Type of check
Complete
Frequency
Check Supervision
II. Deductions
 ITS-4. Does the Spa Manager formally control the deductions on a daily basis? (Owner and Operator risks)
 ITS-5. Is the documentation on deductions (always with clear comments) adequate to confirm they are
properly justified? (Owner and Operator risks)
 ITS-6. Does the name of the person who made the deduction always appear? (Owner and Operator risks)

 Make sure that deductions are valid.
Procedures

- or by setting an upper limit on deductions/refunds that are decided by employees (written procedure).
 In the event that the treatment, or part of the treatment, is subject to a deduction (absence on one or more
days, the spa guest is ill, etc.), a policy related to a formal decision must be implemented by the
Management.
 > Checks to be carried out
 Formal checking of deductions / refunds must be carried out daily using a definitive
logbook published (physically or digitally) from the software.
 Make sure that all deduction/refund transactions are:

- recorded in the POS;
- justified by a ticket or invoice either in the system or directly in the deductions and refunds logbook.
This justification should include:
 the name and/or room number of the guest if the guest is staying at the hotel;
 the stamp/initials of the individual who carried out the operation, or the presence of the operator's
initials in the POS.
 At the end of each shift, the individual carrying out the check must ensure that the deductions processed at
the reception desk through the PMS are correctly displayed on the point of sale system in order to
guarantee that the revenue of the two systems corresponds.
 The General Manager or Director of Finance must formally supervise this check at least weekly. It can be
formalized directly using the set of logs concerned. In this context, we advise that the most significant
operations be verified through a spot check.
 If a deduction can be explained by an absence that occurred at the time of the treatment, a copy of the
absences register must be reconciled with the deductions logbook.
 Even if there are no deductions on the report, statements must be published and checked.
 In the event that the PMS is interfaced with the POS, operations recorded by the point of sale which are
transferred to the deductions and refunds logbook at the reception desk (PMS) need to be checked daily. As
such, it can be ensured that they correctly correspond to point of sale software operations and not to
additional operations which require a check.
 In order to facilitate checking and supervision, operators may publish their own deductions and refunds
report at the end of their shift to correctly justify each operation. Proof of these operations (invoices,
vouchers, etc.) may be attached to the reports.
 The final check of the day must, however, take place based on the final report in the closed POS.
Type of check
Complete for deductions/refunds log book operations
Frequency
Check Supervision
III. Complimentaries
 ITS-8. Are the complimentary Spa vouchers reconciled daily with the complimentary report to ensure they
were properly justified? Is the check formally controlled? (Owner and Operator risks)
 ITS-9. Does the documentation include a reason for the complimentary F&B products ? (Owner and
Operator risks)
 ITS-10. Does the documentation include the name(s) of the guest(s)? (Owner and Operator risks)
 ITS-11. Does the documentation include the name of the person who granted the complimentary? (Owner
and Operator risks)

 To ensure the validity of offers and discounts.
 Reduce the tax risk in the event of audit by tax authorities.
Procedures
 Define the individuals authorized to grant offers and discounts.
 Unauthorized individuals must request prior authorization, which will be formalized through an offer
voucher attached to the invoice.
 Formal checking of offers must be carried out daily using a definitive logbook published (physically or
digitally) from the software.
 Make sure that all offers are:

- recorded in the PMS;
- proven by an invoice, ticket, voucher, etc. upon which authorization is formalized, and that supporting
documents from point of sale cash registers include:
 the approval of the person authorized to offer a service or the offer voucher validated by this
person;
 reason for offer;
 name of the beneficiary.
 For treatments, it is important to check that the offer or discount was granted by an authorized individual.
In the case of a hotel offer including a free or discounted treatment, a copy of the prior authorization must
be kept in the institute's tray.
 In the case of offers or contractual discounts, ensure that a copy of the proof and the identity of the
beneficiary are in the tray.
 Complete recording of the offers in the cash register system facilitates reconciliations between items sold
and products consumed.
 Offers are included in the sales statistics.
 If offers are recorded on a permanent invoice, regular review can facilitate their justification and monthly
check.
 People receiving offers related to loyalty or discount cards must provide proof of their validity. The hotel
must then use the guest's card number. For regular guests, it is then possible to make a copy of the card
and store it in a secure location. The offer or discount justification in the system can then be uniquely the
last and first names of the guest.
 In the case of a discount or offer for the establishment's employees (for example, discount on products sold
in the store), it is important to ask the employee benefiting from the offer or discount to sign the
corresponding invoice or ticket.
 Even if the offer or discount does not appear in the report, the statuses must be reported and checked.
Type of check
Comprehensive on operations in the offers and discounts logbook
Frequency
Check Supervision
IV. Sales follow-up
 ITS-13. Are technical sheets defined for each treatment? (Owner and Operator risks)
 ITS-14. Are a formalized reconciliations between consumption and sales carried out monthly on a
representative sample of 20 products (including treatment and cosmetics products)? (Owner and Operator
risks)
 ITS-15. Are discrepancies highlighted and formally analysed? (Owner and Operator risks)
 ITS-16. Are the reconciliations formally supervised by a line manager (different from the ones who
performed the checks: N+1, hierarchy, Spa Manager…)? (Owner and Operator risks)
 To guarantee the safety of goods flows.

 To ensure coherence between consumption and revenue.
Procedures
 Each treatment, package, or other product which is not invoiced by the unit must be subject to a up-to-date
technical data sheet detailing all of the products used and their quantity. As such, all products intended for
sale must be identified in detail in the computer system. This makes it possible to analyze sales in detail and
exhaustively. Generic keys in the invoicing system, such as "miscellaneous" or "open", must be avoided. If
the software does not allow this option, manual monitoring must be implemented.
 When the hotel has software interfaced with stock software, it must publish the report reconciling
consumption and sales each month.
Hotels that perform a quarterly inventory are exempted. For months in which the inventory is not carried
out, a manual reconciliation between actual consumption and sales across at least 20 products (including
products used for treatments and those sold in the store) is to be carried out.
 In the event that the hotel does not have software interfaced with stock software, it must manually
reconcile actual consumption and sales each month on a sample of at least 20 products (including products
used for treatments and those sold in the store). The choice of products checked must be determined based
on at least one of the following criteria:
- High unit price
- High consumption in quantity or amount
- 20/80 principle (check 20% of articles representing 80% of consumption)
To the extent possible, products must vary from one month to the next. Nonetheless, for unjustified
discrepancies, the products may be retained for the subsequent month.
 For hotels carrying out reconciliation through software interfaced with stock software, each significant
discrepancy must be formally explained and documented.
 For hotels performing manual reconciliation between quantities sold (calculated from sales statistics by
item) and quantities of products actually consumed (Initial stock + Deliveries in the period − Final stock), the
process must take place and be formalized monthly. Each significant discrepancy must be formally
explained and documented.
 This reconciliation must be formally supervised by the General Manager or Director of Finance.
 Justified discrepancies can be analyzed in an appended document, which is stored with the reconciliation
document.
 In order to correctly carry out the consumption check with regard to sales, all consumptions must be
recorded in the invoicing system, including any offers.
 To harmonize the revenue figures recorded in the PMS and POS, the hotel can perform a daily check to
detect discrepancies and rectify them quickly.
Type of check
Comprehensive for hotels with software interfaced with stock software. Otherwise, for
at least 20 products
Frequency
Monthly
V. Sundry creditors
 ITS-17. Is the issuing of gift vouchers subject to a formalized procedure? (Owner and Operator risks)
 ITS-18. Is a formalised check of gift vouchers sold carried out? (Owner and Operator risks))
 ITS-20. Are the deposits refunds carried out in accordance with the General Terms and Conditions of Sale
(compliance with cancellation deadlines, etc..)? (Owner and Operator risks)
 To ensure the correct monitoring of sundry creditors.
Procedures
 Procedure relating to gift vouchers: define the validity period, value, description of services, terms of
use, etc.
 The establishment's Terms and Conditions of Sale stipulate the terms for the refund of down payments
(example: a reservation cancelled X days prior to the start of the treatment will be subject to a refund of Y%
of the down payment made) and possible penalties to cover administrative fees.
 In the event that the sales software does not have a module to monitor the issue of gift vouchers, these
must be numbered and their sales must follow a numbered order. A check of the consecutive sale of
vouchers will be implemented:
- As sales progress, the vouchers sold are listed on a form specifying the voucher number, its validity
date, the service, and/or its face value, along with the name of the guest.
- The Institute Director / Spa Manager will formally check that there is no interruption in the sequential
distribution of the vouchers already sold, and between the vouchers sold and to be sold.
 Formal, daily reconciliation will be carried out between the vouchers sold and the cash receipts. As such,
any gift vouchers that have expired will be recorded as profit.
 This reconciliation will be subject to formal supervision by the General Manager or by the Director of
Finance.
 Refunds on down payments are justified (cancelled reservation, email from the guest, etc.) and are
processed within the time frames stipulated in the Terms and Conditions of Sale.
 The establishment will ensure that gift vouchers have distinctive marks allowing the risk of reproduction to
be limited.
 Gift vouchers will be kept in a secure location that can only be accessed by the Institute Director / Spa
Manager.
 Gift vouchers will be invalidated (establishment stamp) as soon as they are used in order to avoid them
being reused.
 For thalassotherapy institutes, supervision of the check by the General Manager or Director of Finance
may be formally delegated to the Site Manager.
Type of check
Complete
Frequency
Check Supervision
VI. Securing and follow-up paid entrance
 ITS-21. If accesses to facilities are not free (fitness area, swimming pool, spa, hammam, etc ...), are they
secured? (Owner and Operator risks)
 ITS-22. For paid entrance, is a sales register kept up to date? (Owner and Operator risks)
 ITS-23. Is this register reconciled daily and formally with invoicing? Are discrepancies highlighted and
formally analysed? (Owner and Operator risks)
 To secure the entrances to the infrastructures.

 To limit invoicing oversights/errors.
Procedures
 The different types of entry, free of charge or charged (access to the pool, hammam, fitness area, etc.)
depending on the type of guest:
- institute guests staying at the hotel or not
- Hotel guests
- External guests
 Different types of membership (membership over a fixed period, or membership for a set number of
sessions), as well as their method of invoicing (coupon, unit, month, year, etc.).
 Charged entries must be traceable and be formally monitored, with up-to-date records kept.
 Entrance check: A check must be carried out at the entrance to the point of sale or charged areas (fitness
room, hammam, pool, etc.). Where possible, the individual carrying out the check is different from the
individual who sold entry to the area. Moreover, these individuals have a list of institute guests present (in
the case where entry is free for the institute guests present).
 Invoicing check: every day, the record is reconciled with the invoicing figures from the software. As such,
the theoretical revenue per type of service is calculated and reconciled with the revenue actually invoiced.
Any discrepancy will be highlighted and formally analyzed. This check will be supervised by the General
Manager or by the Director of Finance.
 Paid entry may be sold in the form of wristbands colored according to the service purchased, or numbered
cards from a stub booklet, on which the type of service, value, guest name, and validity date are written.
 For voucher booklets:

- Security: any "unopened" booklets will be kept in a safe, or in a location with limited access. "Opened"
booklets are kept with the reception desk float and are included in the formal handover of the float.
- Allocation: the entry into circulation of a new booklet is subject to a formal procedure (type of booklet,
date and stamp/initials of the transferor and transferee).
 For memberships, cards must be personalized (photo, name of the person, etc.).
 In the case of a membership over a defined period, the membership's end date will be indicated on the
voucher/card given to the guest in order to facilitate checking on entry.
 Memberships in the form of a limited number of entries must be subject to a check at each visit (date of the
visit) on the voucher given to the guest.
Type of check
Complete
Frequency
Check Supervision

2020 FOCUS Guidelines English Version-2

Uploaded by

Copyright:

Available Formats

You might also like

2020 FOCUS Guidelines English Version-2

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

2020 FOCUS Guidelines English Version-2

Uploaded by

Copyright:

Available Formats

Focus

Operational Control Guidelines

(2020 - English version)

Purchase and stocks..................................................................................................87

Thalassotherapy center & Spa.........................................................................................129

The internal control consists of five closely related components:

Information and Communication

 Formalization, all controls must be formalized in order to:

 Analysis and use of results

II. Internal audit

Definition of the control

- Reminder of the questions:

- Objectives and Risks:

Description of the control

Help & best practices to go a little further…

Information on best practices that can help to implement checks.

Responsibilities and Frequency

Objectives and risks

 Secure revenue by limiting the risk of non-payment.

>Elements to be defined by the hotel

>Checks to be carried out

- Individual guest without a credit card: Pre-payment of the entire stay.

Help & best practices to go a little further…

Responsibilities and Frequency

Objectives and risks

>Elements to be defined by the hotel

>Checks to be carried out

Responsibilities and Frequency

Objectives and risks

 Cash flow and debt recovery optimization.

>Elements to be defined by the hotel

>Checks to be carried out

 Edit the permanent invoice report issued by the PMS daily.

 Check payment guarantees for all open permanent invoices.

Help & best practices to go a little further…

Responsibilities and Frequency

Objectives and risks

 Optimize the revenue related to no-shows.

>Elements to be defined by the hotel:

 The following billing elements must be defined:

Help & best practices to go a little further…

Objectives and risks

 Ensure comprehensive registration of revenue.

>Elements to be defined by the hotel:

 The General Manager or Director of Finance must define (procedure to be formalized):

>Checks to be carried out

Responsibilities and Frequency

 VH-18. Is the documentation on deductions/refunds (always with clear comments) adequate to

Objectives and risks

>Elements to be defined by the hotel:

 An authorization deadline for revenue or payment method cancellation should be defined:

>Checks to be carried out

 All deduction / refund operations are:

Responsibilities and Frequency

Objectives and risks

>Checks to be carried out

 The reconciliation statuses are compared with the invoice.