RISK MANAGEMENT MODEL

The Group has an integrated Enterprise Risk Management (ERM) model inspired by international best practices, involving the entire corporate organisation and governance bodies, each within its sphere of competence. According to the field’s guidelines and best practices, the main objective of ERM activities is to ensure optimal identification, measurement, management and monitoring of company risks.
The ERM model considers the main types of risk that may compromise the achievement of strategic objectives, harm the company’s assets and compromise the value of the Moncler and Stone Island brands or the companies’ reputation. It is integrated in, and functional to, the relevant decision-making processes.
The risks identified may be internal or external to the Group. In particular, external risks of this latter kind are linked to the industry and market context, as well as to the perception of all stakeholders of the Group’s way of operating. The enterprise risk management model classifies risks into four categories:

• Strategic Risk

• Business Risk

• Compliance Risk

• Financial Risk.

Strategic risks may refer to changes in the business or the inadequate response to changes in the competitive scenario and the Company’s business development activities. Sustainability risks may also be included in this category.

Business risks are those related to the sector in which the Group’s operate, the business operations, the organisational structure, information systems and Group’s control and reporting processes.

Compliance risks, in general, are those related to non-compliance, in the conduct of the business, with applicable national and international laws and regulations, to business activity, as well as to the Code of Ethics and internal procedures.

Financial risks are those related to the Group’s financial management, specifically related to the risk of: liquidity, currencies, rates and financial counterparties for financial and commercial transactions.

In the case of internal risks, the aim of the ERM model is to manage risk through specific prevention and control systems incorporated into the corporate processes, aimed at avoiding or transferring the risk, reducing the probability of occurrence or, in the event of occurrence, containing its impact. In the case of external risks, the aim of the ERM model is to monitor risks and mitigate the impact if such risks occur, for example through insurance policies on which the Group relies for risks that have a significant impact on operating processes.
The main risks are identified following an analysis of the context in which the Group operates and the results of the materiality analysis. Risk assessment considers four dimensions: the impact that a risk could have on the organisation if it materialises; the likelihood that the risk occurs; the speed at which a risk could spread across the organisation if it occurs; and the interconnection of a risk with other risks. The analyses are conducted using quantitative and qualitative methods according to the type of event. The assessment makes it possible to estimate the likelihood of occurrence and impact. Risks are then classified on a four-level scale and thus prioritised on the basis of the risk appetite. In particular, the procedures governing the risk management system include a description of the Group’s risk appetite for each macro-category. Lastly, the Risk Register contains a description of the mitigation actions formulated by the Group to limit the possible impacts of each risk identified and assessed.
The quantitative analysis performed on the most significant risks (of both a financial and non-financial nature) considers multiple scenarios in terms of potential lost revenue and reduced margins and assesses the potential effects for each of the scenarios considered using stress tests and sensitivity analyses. The scenarios are then placed on likelihood curves and combined using statistical and mathematical models. These analyses provide an initial quantification of the Group’s exposure to certain risk scenarios, including pandemic events, catastrophic natural events, credit risk and production stop.
During the risk assessment activity, conducted at least every six months, all risks and risk owners responsible for managing the risk and the related control system, as well as the implementation or improvement of mitigation actions, are identified, in line with the Group’s risk appetite, approved by the Board of Directors. The risks, the assessment of the internal control system covering them and the related mitigation actions are included in the Risk Register, which is periodically updated with the risk owners on the basis of an annual plan approved by the Board of Directors with the support of the Control, Risks and Sustainability Committee. The proposed plan is periodically updated to include any new elements of risk and/or to reflect a possible increase in the likelihood or impact of occurrence.
In 2022 the methodology underlying the ERM was updated to ensure better alignment of the risk portfolio with the Strategic Plan and an update of the assessment scale for the risk appetite, along with the introduction of a quantitative multi-scenario methodology to measure the main risks reported.
In addition, during the year, it continued the integration of the ERM model with climate change risks according to the areas defined by the recommendations of the Financial Stability Board Task Force on Climate-related Financial Disclosures (TCFD).