In this article, Mahe FERRET (ESSEC Business School, Global Bachelor in Business Administration (GBBA), 2022-2026) shares her professional experience as an internal audit intern at NAOS.
About the company
The NAOS group was founded in 1980 by Jean-Noël Thorel and is a French skincare company headquartered in Aix-en-Provence. The vision of the founder was to create science-based skincare products prioritizing skin health and ecobiology.
The group is divided into three brands; Bioderma, l’Institut Esthederm and Etat Pur, which all participate in developing and marketing skincare products created and manufactured in France, ensuring high-quality standards backed by scientific research.
With its three brands, NAOS operates in over 100 countries, making it a major player in the cosmetics industry.
NAOS’s particularity is that, unlike traditional skincare companies, it focuses on ecobiology, a unique philosophy that views the skin as a living system that interacts with its environment. In other words, the products’ creation will be designed to enhance the skin’s natural ability to adapt, rather than correct it. The group also emphasizes the importance of research and innovation, with a strong community of scientists, dermatologists and researchers to drive its ecobiological objective.
Logo of NAOS.
Source:NAOS
My internship
My 3-month internship after my first year at ESSEC was within the internal Audit department of NAOS, whose mission is to ensure financial and operational compliance across global operations – NAOS’s three brands and international subsidiaries. My first professional experience was particularly interesting in learning how a company operates from the inside and improving risk management.
My missions
During my internship, I was involved in risk management for the Latin America subsidiaries. Through meetings with local teams, I reviewed internal control frameworks to ensure they were up to date and aligned with NAOS’s internal regulations. I contributed to the continuous improvement of internal control systems by identifying gaps in some processes – such as outdated procedures or missing key information – and proposed some recommendations to address them. In that way, I assessed the adequacy and effectiveness of processes related to the accounting and supply chain departments. My part in the analysis helped highlight inconsistencies in the internal control processes and ensured that the LATAM subsidiaries were aligning more closely to compliance standards.
Required skills and knowledge
The different tasks relied on the combination of technical and interpersonal skills in order to understand how a subsidiary operates and avoids risks. I would need analytical skills to analyze data (operational such as inventory, risk reports – incidents, compliance to security regulations…). and evaluate risk in order to identify potential operational and financial risks. Interpersonal skills were also required because the audit department relied on each department’s (Accounting, Research & Development, Supply…) collaboration to explain effectively how they work and verify they were aligned with compliance. It required strong communication skills to assess how departments and subsidiaries worked.
One thing that was difficult for me at the beginning was having to immediately evaluate processes within the firm without knowing how the company was functioning. It took me a few days (even weeks!) to understand the structure of the firm, the internal control framework and audit processes, necessary to ensure compliance and effective risk management.
What I learned
My internship deepened my understanding of how a company functions from the inside and how the internal audit department’s dedication and precision are essential for a company to ensure compliance with regulations. I gained practical knowledge in identifying risks, implementing controls and understanding financial processes (especially supplier accounting) to mitigate risks, especially in the departments I worked on – Accounting and Supply. It was also the first time I worked in a multinational environment where I had to adapt to diverse regulations and cultural contexts, and I enjoyed working with people from different countries.
Financial concepts related to my internship
I present below three financial concepts related to my internship: Risk Mapping, Compliance and Fraud Detection.
Risk Mapping
During my internship, I had to be consistent with risk assessment through risk mapping. It is a systematic process that guided me and my department to identify, assess and prioritize risk controls within the organization. In short, it was a useful tool to visualize risks in terms of likelihood and impact.
Risk Map – Audit.
Source: the company.
The Risk Heat Map helps provide an overview of an organization’s total risk environment at different levels. It is very important for pre-detection risk management, enabling our department to anticipate and mitigate potential risks before it is too late. It supports strategic planning by categorizing risk likelihood (from improbable to Frequent) and by impact (from Negligible to Catastrophic), ensuring compliance with security and regulations, as well as maintaining financial stability and avoiding vulnerabilities across NAOS subsidiaries.
One of my missions was to research risk factors from an additional department of NAOS in the first step before creating the risk map, by first learning how the department worked and how, from their perspective, there were risks that could be avoided before leading to negative consequences.
Compliance
Compliance is crucial for an audit department within an organization like NAOS. It refers to a firm’s adherence to financial regulations, laws and internal policies that govern its operations. This includes national laws, French and foreign laws for NAOS’ subsidiaries, anti-money laundering (AML) but also international regulations to ensure proper conduct and financial reporting integrity.
Compliance is important for maintaining legal and regulatory integrity, protecting NAOS from penalties and protecting its reputation. For multinational firms like NAOS, operating in a diverse regulatory environment means having a deep knowledge of every regulation to avoid fines and support smooth business operations.
During my internship, I participated in compliance monitoring, by learning how a new regulation (Loi Sapin III), that was going to be implemented as of 2025 for all French companies, could impact NAOS’ operations, mainly in France. The law focuses on preventing corruption in companies and public institutions, aligning with international anti-corruption standards. Our role was to estimate which processes to change or implement to meet the law’s requirements.
Fraud Detection
One of the other key goals of internal audit is to improve fraud detection and prevention, in compliance with regulations but also with NAOS’s own internal principles. Through internal controls and processes to identify intentional misrepresentations or misappropriations of assets and implement preventive measures to avoid anomalies.
Without processes to prevent it, fraud can lead to significant losses and financial manipulation. Relating to my internship missions, I assisted the audit department to detect and avoid inconsistencies. I also supported the implementation of standardized controls across subsidiaries such as segregation of duties, meaning breaking down a process so that different persons are responsible at different steps to prevent fraudulent activities.
Why should I be interested in this post?
This internship report is really interesting for any student curious about how companies stay on top of their finances and risks behind the scenes. It gives a real look into the day-to-day work of an internal audit team at a global skincare company, NAOS, showing how they check that everything runs legally across different countries. If you want to understand risk management, compliance, and fraud prevention—key areas in finance and business—this report offers practical insights and examples that bring those concepts to life.
Related posts on the SimTrade blog
▶ All posts about Professional experiences
▶ Alexandre GANNE Apprenticeship Depositary Control Auditor at CACEIS Bank
▶ Margaux DEVERGNE My Experience as an Apprentice Student in Internal Audit at Atos SE during the Split of the Company
▶ Federico MARTINETTO Automation in Audit
▶ Federico MARTINETTO Professional Experience PwC Associate Auditor Digital Data Hub
Useful resources
About the author
The article was written in June 2025 by Mahe FERRET (ESSEC Business School, Global Bachelor in Business Administration (GBBA), 2022-2026).