Compagnie des Alpes // 2020 Universal Registration Document

2 RISK FACTORS

Internal control procedures

Internal control is one element of the Group’s overall management system, as it helps to ensure that: l the Company’s activities are controlled, its operations are effective and its resources are used efficiently; l operational risks linked to the various operational processes, in particular risks of error or fraud, are managed. As is the case with any control system, the system the Group employs cannot provide an absolute guarantee that the risks identified have been eliminated entirely or are completely under control. It is intended to reduce the likelihood of these risks arising through the implementation of appropriate action and prevention plans. CDA Group Executive Management is responsible for implementing and monitoring the effectiveness of the internal control system. This system is tailored to the nature and scope of each of the activities and is integrated into existing processes in order to empower actors as closely as possible to the processes. It primarily consists in providing the required tools and an information-sharing platform, so that each employee is fully aware of their role in the system. An Internal Control Charter specifies the key operating principles (roles and responsibilities, governance, methodology). It is available in the Group’s reference documents. The internal control system consists of five elements: l an organisation – i.e. clearly defined responsibilities, adequate IT resources and skills based on rules and procedures; l the publication of relevant information; l a risk analysis system; l proportionate control measures; l a continuous monitoring system. Group organisation The Executive Management of the CDA Group decides on: l organisation, responsibilities and the delegation of powers and/or signing authorities; l the objectives, policies and values of the Group. Group management, under the responsibility of the Chairman and Chief Executive Officer (1) is based on a matrix organisation broken down into major functional and operational departments. They are each headed by an executive who is a member of the Executive Committee (ExCom) with the exception of the Group Human Resources Department. There are 8 such departments: l four operational departments manage the implementation of Group strategy and are responsible for the achievement of commercial and financial targets, management, and human resources and risk management at all operating entities under their responsibility: l the Ski areas Department, l the Leisure parks Department, l the Strategy, Development and Mergers & Acquisitions Department, mainly responsible for development in France and internationally, l the Distribution, New Business Lines and Innovation Department, mainly responsible for the development strategy concerning products and new business lines; l the Communications, Brand and Corporate Social Responsibility (CSR) Department, in charge of financial and institutional communications, as well as brand-related and CSR issues;

l the Finance, Risk, IT, and Procurement Departments, which have responsibility for the Group’s financial policy, in particular the production of accounting and financial information, procurement policy, the IT master plan and risk and insurance policy; l the Group Legal Affairs and Compliance Department; l the Group Human Resources Department. Main Group charters Charters are given to all employees, setting out the Group’s values: l the Corporate Governance Charter defines the areas in which Executive Management decisions are subject to prior approval by the Board of Directors, as well as the conditions for the granting of said approval. The charter also states the missions and prerogatives of the different Committees of the Board of Directors, particularly the Audit and Finance Committee. The charter is available on the Group website: www.compagniedesalpes.com; l the Ethics Charter states the values and principles of the Compagnie des Alpes Group. It serves as a guide for professional behaviour, reviews the basics of investment ethics, explains the risks of conflicts of interest, and defines appropriate behaviour. It is adjusted in line with regulatory developments; l pursuant to Law No. 2016-1691 of 9 December 2016, known as the Sapin II Law, the Group has a plan for the prevention of corruption and trading in influence, including an Anti-Corruption Code of Conduct and a whistleblowing procedure; l a procedure for the prevention of fraud, money-laundering and the financing of terrorism; l a charter for the use of IT resources. Like the Ethics Charter, it is being gradually applied to all Group employees. Information and communication Each functional or operational department defines the charters, rules and procedures that fall within its area of responsibility. These documents make up the Group’s Documentary Repository, made available to all Group employees who must apply them via a document management tool. The entities of the Group are responsible for translating Group rules and procedures, into rules, procedures and operating methods adapted to their organisation, and also for communicating these to all employees concerned. Definition of control measures Since 2013, the CDA Group has embarked on a more detailed formalisation phase of its internal control system, which is gradually being deployed on all of the Group’s processes listed in the process mapping, with a priority given to processes impacting the main income statement lines (sales, purchases, etc.), the production of accounting and financial information, as well as the Group’s priority risks. For each of the processes concerned, the method applied involves drawing up all or some of the following documents: l flow diagram: schematic description of the steps involved in the process. This flow diagram is a standard document at Group level;

(1) The Chairman and Chief Executive Officer has been assisted by a Deputy Managing Director since 4 November 2019.

41

Compagnie des Alpes I 2020 Universal registration document