Compagnie des Alpes // 2021 Universal Registration Document

2 RISK FACTORS

Internal control procedures

The IT and Digital Department is responsible for implementing an IT system that meets the requirements laid down in the areas of reliability, availability, information traceability, data consistency and security. It develops and maintains business applications common to several entities and ensures that the interfaces for feeding information into the various applications work properly. It is in charge of the system and data security policy and is involved in defining security and back- up plans. Each of the departments is involved, as part of its duties, in the internal control system, as it is required to draw up and distribute rules and procedures relating to its area of responsibility to Group entities. Process oversight Accounting and financial information is subjected to a validation process involving the Executive Management, Statutory Auditors, and the Board of Directors through its Audit and Finance Committee. The Audit and Finance Committee examines half-year and annual financial statements prepared by the Company as well as the management report on the consolidated financial statements, in the presence of the Statutory Auditors, who in turn present their own report on the closing of the accounts, the principal accounting options and events with a significant effect on the financial situation, adding comments if they choose. The Audit and Finance Committee examines changes in accounting principles. The Audit and Finance Committee examines all financial statements including the entire annual report and all Notes to the Company’s consolidated and parent-company financial statements. The Board of Directors examines each set of financial statements at each closing of accounts. Financial communication Compagnie des Alpes publishes its financial information in accordance with AMF recommendations. Quarterly, half-yearly and annual financial information is communicated to financial analysts, investors and the key media by means of press releases, as well as being made available on the Company’s website. Internal Audit regularly calls on internal or external expertise when the issue at hand is of a highly technical nature. The Internal Audit Department conducts a half-yearly review of the recommendations made to the various entities. These conclusions are then presented to the Executive Committee, and to the Audit and Finance Committee. The Internal Audit Department also coordinates the internal audit work conducted by Caisse des Dépôts’ Internal Audit Department across the CDA scope, and ensures that the ensuing recommendations are followed. The audit plans are shared for greater efficiency. The Board of Directors The Board of Directors sets the Company’s business policies and oversees management. It is assisted by three specialised committees, whose roles are described in section 3.2.1.2 “Functioning of the committees” of Chapter 3 “Report on corporate governance”.

reliability of data at Group level, is responsible for producing this data. Management Control (part of the Holdings Consolidation and Accounting Department) is responsible for coordinating the budgetary process and the five-year medium-term plan and for analysing the performance of the Group and its entities, in close collaboration with the Operations Directors and Site Managers. Guidelines are sent to the management of each entity to ensure that the budget and medium- term plan are structured on the basis of consistent starting points that are common to the whole Group. The medium-term plans, budgets and outcomes are subject to specific, in-depth analyses: comparison of data for the year with prior-year data and the budget. These analyses are discussed with the entity’s management, Operations Directors and the Executive Management. The budget serves as the reference for monthly reporting. Monthly reviews are conducted based on this reporting, and incorporate activity analyses, which are performed, in particular, with the help of specific business indicators, and include comparisons between prior-year figures and the budget for the current year. Activity indicators, such as sales figures, visitor numbers for Leisure parks and the number of skier-days for Ski areas, are monitored and analysed on a weekly basis. The investment process, which aims to ensure that the flow of investments is consistent with the Company’s strategy, is also managed by the Management Control Department. The Finance and Cash Department, another component of the Finance Department, guarantees the security, transparency and efficiency of cash and financing operations. It is responsible for: l applying the funding policy and in particular managing liquidity and counterparty risk; l managing financial expenses; l hedging the interest rate risk through the use of derivatives; l managing the Group’s cash position by centralising the management of entities’ cash surpluses and cash requirements within a cash pool for entities that have agreed to the principle of centralised management; l monitoring relationships with banks. 2.8.3 MONITORING Internal Audit The internal audit function reports to Executive Management. Every year, the audit plan is approved by the Executive Committee and validated by the Audit and Finance Committee. It is established on a multi-year basis in order to ensure adequate coverage of Group risks, strategic objectives, processes and subsidiaries. In addition, missions not provided for in the audit plan may be carried out at the request of Executive Management or the Audit and Finance Committee. An annual activity report is presented to the Executive Committee and the Audit and Finance Committee. The missions carried out by Internal Audit are aimed at ensuring compliance with laws and regulations, reviewing the proper functioning of the Company’s internal processes, identifying possible areas for improvement and detecting possible frauds. Internal audit work is carried out in accordance with the Compagnie des Alpes Group’s Internal Audit Charter. This charter describes the purposes and objectives of Internal Audit, the procedures for carrying out inspections, and the obligations of auditors and those being audited.

41

Compagnie des Alpes I 2021 Universal registration document