The Group has an integrated Enterprise Risk Management (ERM) model inspired by international best practices, involving the entire corporate organisation and governance bodies, each within its sphere of competence. According to the field’s guidelines and best practices, the main objective of ERM activities is to ensure optimal identification, measurement, management and monitoring of company risks.

The ERM model considers the main types of risk that may compromise the achievement of strategic objectives, harm the company’s assets and compromise the value of the Moncler and Stone Island brands or the companies’ reputation. The Model is integrated and functional in the relevant decision-making processes as well as in the development of products and services.

The risks identified may be internal or external to the Group. In particular, external risks of this latter kind are linked to the industry and market context, as well as to the perception of all stakeholders of the Group’s way of operating. The Enterprise Risk Management model classifies risks into four categories:


• Strategic Risk

• Business Risk

• Compliance Risk

• Financial Risk.


Strategic risks may refer to changes in the business or the inadequate response to changes in the competitive scenario and the Company’s business development activities. Sustainability risks may also be included in this category.


Business risks are those related to the sector in which the Group operates, the business operations, the organisational structure, information systems and Group’s control and reporting processes.


Compliance risks, in general, are those related to non-compliance, in the conduct of the business, with applicable national and international laws and regulations, to business activity, as well as to the Code of Ethics and internal procedures.


Financial risks are those related to the Group’s financial management, specifically related to the risk of: liquidity, currencies, interest rates and counterparties for financial and commercial transactions.


In the case of internal risks, the aim of the ERM model is to manage risk through specific prevention and control systems incorporated into the corporate processes, aimed at avoiding or transferring the risk, reducing the probability of occurrence or, in the event of occurrence, containing its impact. In the case of external risks, the aim of the ERM model is to monitor risks and mitigate the impact if such risks occur, for example through insurance policies on which the Group relies for risks that have a significant impact on operating processes.

The main risks are identified following an analysis of the context in which the Group operates and the results of the materiality analysis. Risk assessment considers four dimensions: the impact that a risk could have on the organisation if it materialises; the likelihood that the risk occurs; the speed at which a risk could spread across the organisation if it occurs; and the interconnection of a risk with other risks. The analyses are conducted using quantitative and qualitative methods according to the type of event. The assessment makes it possible to estimate the likelihood of occurrence and impact. Risks are then classified on a four-level scale and thus prioritised on the basis of the risk appetite. In particular, the procedures governing the risk management system include a description of the Group’s risk appetite for each macro-category. Lastly, the Risk Register contains a description of the mitigation actions formulated by the Group to limit the possible impacts of each risk identified and assessed.

The quantitative analysis performed on the most significant risks (of both a financial and non-financial nature) considers multiple scenarios in terms of potential lost revenue and reduced margins and assesses the potential effects for each of the scenarios considered using stress tests and sensitivity analyses. The scenarios are then placed on likelihood curves and combined using statistical and mathematical models. These analyses provide an initial quantification of the Group’s exposure to certain risk scenarios, including pandemic events, catastrophic natural events, credit risk and production stop.

During the risk assessment activity, conducted at least every six months, all risks and risk owners responsible for managing the risk and the related control system, as well as the implementation or improvement of mitigation actions, are identified, in line with the Group’s risk appetite, approved by the Board of Directors. The risks, the assessment of the internal control system covering them and the related mitigation actions are included in the Risk Register, which is periodically updated in collaboration with the operational risk owners on the basis of an annual plan approved by the Board of Directors with the support of the Control, Risks and Sustainability Committee. The proposed plan is periodically updated to include any new elements of risk and/or to reflect a possible increase in the likelihood or impact of occurrence.


The Moncler Group’s ERM model involves the following bodies:

• the Board of Directors, which sets the guidelines and assesses the adequacy of the internal control and risk management system;

• the Control, Risks and Sustainability Committee, which supports the assessments and decisions of the Board of Directors relating to the risk management system with adequate investigations and proposals;

• the Director in charge for the Internal Control and Risk Management System, responsible for establishing and maintaining an effective internal control and risk management system and implementing the guidelines set by the Board of Directors together with the Control, Risks and Sustainability Committee;

• the head of the Group Internal Audit, responsible for verifying that the internal control and risk management system is functional and adequate;

• the Risk Manager, responsible for coordinating the enterprise risk management activities;

• the Board of Statutory Auditors, which monitors the effectiveness of the internal control and risk management system.


The ERM model is also included in the individual employee performance review process, with indicators that correlate to the effectiveness of the risk management measures specific to each area of competency.

The methodology underlying the ERM model continued to be updated in 2023. In particular, the focus was on revising the risk appetite rating scale and refining the quantitative multi-scenario methodology for measuring the main risks reported.

In addition, during the year, it continued the integration of the ERM model with climate change risks according to the areas defined by the recommendations of the Task Force on Climate-related Financial Disclosures (TCFD) of the Financial Stability Board.

The results of ERM activities and risk management processes in general are presented to the Control, Risks and Sustainability Committee and the Board of Directors at least every six months, as an integral part of the report by the head of Internal Audit on the functioning and adequacy of the internal control and risk management system.