LEGRAND / 2018 Registration document

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

INTERNAL CONTROL AND RISK MANAGEMENT

RISK MANAGEMENT SYSTEM

3.3 – RISK MANAGEMENT SYSTEM

3.3.1 – Definition and purposes of risk management

A risk represents the possibility of an event occurring that might have adverse effects on people, resources, the environment, the Group’s objectives or its reputation. A risk is also the possibility of missing a strategic or other opportunity. Risk management is a dynamic system that enables managers to identify, analyze and deal with the main risks regarding the Group strategic objectives, to keep them at an acceptable level. It seeks to be comprehensive, to cover all the Company’s activities, processes and assets.

Risk management is considered as a business management leverage tool, and has the following objectives: W ensure the safety of the Group’s employees; W preserve the value, assets and reputation of the Group; W secure the Group’s decision-making and procedures to encourage achievement of its objectives and thus the creation of value for all stakeholders; W ensure that the initiatives undertaken are consistent with Group values; and W encourage Group employees to buy into a shared vision regarding major risks, and to raise their awareness both of the risks inherent in their activity and of newly emerging risks.

3

3.3.2 – Risk management procedure

The risk management procedure consists of three stages: 1) Risk identification: the risk environment is jointly determined using data gathered during meetings and workshops with the Group’s senior executives (“top-down” approach), supplemented by contributions from Group subsidiaries and functional departments (“bottom-up” approach), business experts and external benchmarking. An update of the risk universe in 2018 led to the identification of 25 relevant risks. 2) Assessment of identified risks: risk assessment and classification are carried out by a panel of Group senior executives using a dedicated tool. Risks are assessed and ranked according to the probability of their occurrence and their potential impact on the basis of a homogeneous set of criteria. The risks are then prioritized based on an assessment of how effectively they are controlled. Risk analysis is supported by a regular review of specific indicators (KRIs or Key Risk Indicators). These indicators, drawn up on the basis of historic and prospective data, are tracked by the relevant functional departments and fed back to the Group’s Risk Manager in charge of coordinating the process. On the basis of this risk identification and assessment, a risk map is produced, which is submitted to the Risk Committee for

approval. Risk factors and risk control systems are detailed in section 3.6 of this chapter. 3) Dealing with risks: measures to reduce, transfer or accept risks are applied. Action plans are defined and the owners of the risks identified within the functional departments, with the help of the Group’s Risk Manager. The Risk Committee validates the procedure for dealing with the main risks and monitors the progress of the action plans. The risk management process is supported by a specific tool allowing the methodology to be documented, ensuring closer involvement of the players, and facilitating co-ordination and reporting. Governance takes place through semi-annual meetings of the Risk Committee, chaired by the Group’s General Management and attended by the functional and operational departments. The Audit Committee is also regularly informed of the subjects addressed. The approach to assessing and dealing with risk is the subject of an annual discussion with the Audit Committee, during which a review is made of the major risks, of the risk control mechanisms in place, and of any current action plans. The minutes of the Audit Committee meeting are submitted to the Board of Directors.

57

LEGRAND

REGISTRATION DOCUMENT 2018