technicolor - 2020 Universal Registration Document

3 RISKS, LITIGATION, AND CONTROLS INTERNAL CONTROL

Together, the 2 senior management bodies help ensure rapid, responsive decision-making as well as smooth, efficient implementation of such decisions. The Group holds quarterly Business Reviews for each business, during which the management reviews the performance of the business, the progress of the key programs in each business, key performance indicators, and any specific operational topic which requires management attention. These programs cover mainly key customer issues, new product introduction, operational performance, transformation programs, cost reduction, and HR-related programs. The Group established an Investment Committee in 2010 to drive prioritization and optimization of resource allocation across the Company’s organization. The Investment Committee is composed of the CEO, the CFO, the COO, the People & Talent Director and the Group General Counsel. The Investment Committee reviews all significant investment decisions, including material customer opportunities, capital expenditures, restructuring, M&A and joint ventures, asset disposals, pension contributions, large procurement contracts, leases, and financing commitments. The Investment Committee ensures compliance with the Board Internal Regulations and debt agreement obligations and is a key part of the Group’s internal control procedures. The Group started evaluating its risks on a worldwide basis in 2005, with the Enterprise Risk Assessment (ERA) program. The risk management process evolved in 2010 to follow the strategic evolution of the Group. It is now under the Executive Committee responsibility using large support of the Management Committee and is called Technicolor Risk Management (TRM). The purpose of this annual four-step-process, supported by the Internal Audit Department, is to identify, assess, manage and monitor risks that may impact the Group’s ability to achieve its near and long-term objectives. The risk identification and analysis process was revamped in 2020 to consist of a bottoms up and top-down structured approach, summarized as follow: risk identification by divisional Executive Members and their • subcommittee and incorporated (with the support of Internal Audit) into the consolidated questionnaire completed by each member of the Executive Committee and the Management Committee; and supported by individual interviews led by the Internal Audit Department; synthesis of main risk areas; • ranking of risks according to criteria in terms of potential impact and • vulnerability, performed by Executive Committee and Management Committee members. Every year, the Risk Mapping is reviewed and reassessed with any potential new risk. RISK MANAGEMENT GRI [102-15] [102-30] [102-33] [102-34]

Consecutive to the risk ranking step, the CEO appoints risk owner(s) for each of the top 10 risks, among members of the Executive Committee. These risk owners assess further the risk assigned to them, monitor and mitigate them. Status reports on each top risk are presented to the Audit Committee. Internal Audit 3.2.3 GRI [102-33] [102-34] As defined in the “Internal Audit Charter”, Internal Audit performs independent and objective assurance, and consulting audits that are dedicated to adding value and improving Technicolor’s performance. It conducts risk assessments at all levels within the Group, identifies and proposes improvements in financial and operational processes, and helps the organization define action plans to mitigate risks and reinforce the control environment and governance principles. The Internal Audit Department reports its results to the Group’s management. The Audit Committee reviews and approves the annual Internal Audit Plan based on the pluri-annual Internal Audit plan and is informed of the main audit results. The Internal Audit Department also provides oversight support in the Technicolor Risk Management process. Under the responsibility of the Chief Audit Executive, Internal Audit, Internal Control, and Enterprise Risk Management allows for an effective integrated framework with coordination and efficiencies surrounding the risk identification/mitigation and maturing of the internal control environment. It enables Internal Audit recommendations to be better embedded in the Internal Control framework, and deficiencies reported during the 8TIC’S campaign to be closely followed up by Internal Audit all while ensuring the key risks across the Group are effectively monitored and remediated if needed. Throughout the year, the Internal Audit Department presents the audit schedule to the External Auditors, provides updates and shares conclusion of the reports resulting from audit reviews. In addition, the Internal Audit Department coordinates control processes/sites reviews with the External Auditors to ensure coverage of various areas. The Internal Audit Department consists of approximately 11 auditors who have prior experience in a large range of domains like finance, accounting, operations, engineering, quality, IT/Security, etc . The team is located in several key sites for the Group: Paris (France), Lawrenceville, Georgia (U.S.), New York (U.S.), Montreal (Canada), Guadalajara (Mexico), Warsaw (Poland) and Bangalore (India). The Chief Audit Executive administratively reports to the Chief Executive Officer, and functionally to the Audit Committee. The Internal Audit Department conducts audits in various domains, covering operational and financial processes, specific contracts or projects, compliance, fraud prevention, security, and follow-up audits at global and local levels. In 2020, 12 audit engagements were performed and completed (both assurance and assistance); flat vs. prior year.

68

TECHNICOLOR UNIVERSAL REGISTRATION DOCUMENT 2020