57 RESPONSIBLE BUSINESS MANAGEMENT56 RESPONSIBLE BUSINESS MANAGEMENT MONCLER GROUP 2022
ENTERPRISE RISK MANAGEMENT MODEL The Group has an integrated Enterprise Risk Management (ERM) model inspired by international best practices, involving the en- tire corporate organisation and governance bodies, each within its sphere of competence. According to the field s guidelines and best practices, the main objective of ERM activities is to ensure optimal identification, measurement, management and monitoring of com- pany risks.
The ERM model considers the main types of risk that may compromise the achievement of strategic objectives, harm the company s assets and compromise the value of the Moncler and Stone Island brands or the companies reputation. It is integrated in, and functional to, the relevant decision-making processes.
The risks identified may be internal or external to the Group. In par- ticular, external risks of this latter kind are linked to the industry and market context, as well as to the perception of all stakeholders of the Group s way of operating. The enterprise risk management model classifies risks into four categories:
Strategic Risk Business Risk Compliance Risk Financial Risks.
Strategic risks may refer to changes in the business or the inad- equate response to changes in the competitive scenario and the Company s business development activities. Sustainability risks may also be included in this category.
Business risks are those related to the sector in which the Group s operate, the business operations, the organisational struc- ture, information systems and Group s control and reporting pro- cesses.
Compliance risks, in general, are those related to non-com- pliance, in the conduct of the business, with applicable national and international laws and regulations, to business activity, as well as to the Code of Ethics and internal procedures.
Financial risks are those related to the Group s financial management, specifically related to the risk of: liquidity, curren- cies, rates and financial counterparties for financial and commer- cial transactions.
In the case of internal risks, the aim of the ERM model is to manage risk through specific prevention and control systems in- corporated into the corporate processes, aimed at avoiding or transferring the risk, reducing the probability of occurrence or, in the event of occurrence, containing its impact. In the case of exter- nal risks, the aim of the ERM model is to monitor risks and mitigate the impact if such risks occur, for example through insurance pol- icies on which the Group relies for risks that have a significant im- pact on operating processes.
The main risks are identified following an analysis of the con- text in which the Group operates and the results of the materiality analysis. Risk assessment considers four dimensions: the impact that a risk could have on the organisation if it materialises; the likelihood that the risk occurs; the speed at which a risk could spread across the organisation if it occurs; and the interconnection of a risk with oth- er risks. The analyses are conducted using quantitative and qualita- tive methods according to the type of event. The assessment makes it possible to estimate the likelihood of occurrence and impact. Risks are then classified on a four-level scale and thus prioritised on the ba- sis of the risk appetite. In particular, the procedures governing the risk management system include a description of the Group s risk appe- tite for each macro-category. Lastly, the Risk Register contains a de- scription of the mitigation actions formulated by the Group to limit the possible impacts of each risk identified and assessed.
The quantitative analysis performed on the most significant risks (of both a financial and non-financial nature) considers multi- ple scenarios in terms of potential lost revenue and reduced mar- gins and assesses the potential effects for each of the scenarios considered using stress tests and sensitivity analyses. The scenar- ios are then placed on likelihood curves and combined using sta- tistical and mathematical models. These analyses provide an initial quantification of the Group s exposure to certain risk scenarios, in- cluding pandemic events, catastrophic natural events, credit risk and production stop.
RISK MANAGEMENT During the risk assessment activity, conducted at least every six months, all risks and risk owners responsible for managing the risk and the related control system, as well as the implementation or improvement of mitigation actions, are identified, in line with the Group s risk appetite, approved by the Board of Directors. The risks, the assessment of the internal control system covering them and the related mitigation actions are included in the Risk Regis- ter, which is periodically updated with the risk owners on the basis of an annual plan approved by the Board of Directors with the sup- port of the Control, Risks and Sustainability Committee. The pro- posed plan is periodically updated to include any new elements of risk and/or to reflect a possible increase in the likelihood or impact of occurrence.
In 2022 the methodology underlying the ERM was updated to ensure better alignment of the risk portfolio with the Strategic Plan and an update of the assessment scale for the risk appetite, along with the introduction of a quantitative multi-scenario methodology to measure the main risks reported.
In addition, during the year, it continued the integration of the ERM model with climate change risks according to the areas de- fined by the recommendations of the Financial Stability Board Task Force on Climate-related Financial Disclosures (TCFD).
The results of ERM activities and risk management process- es in general are presented to the Control, Risks and Sustainabili- ty Committee and the Board of Directors at least every six months, as an integral part of the report by the Head of Internal Audit on the functioning and adequacy of the internal control and risk manage- ment system.
The Moncler Group s ERM model involves the following bodies: the Board of Directors, which sets the guidelines and assess-
es the adequacy of the internal control and risk management system
the Control, Risks and Sustainability Committee, which sup- ports the assessments and decisions of the Board of Direc- tors relating to the risk management system with adequate investigations and proposals
the Director in charge for the Internal Control and Risk Man- agement System, responsible for establishing and maintain- ing an effective internal control and risk management system and implementing the guidelines set by the Board of Directors together with the Control, Risks and Sustainability Committee
the head of the Group Internal Audit, responsible for verifying that the internal control and risk management system is func- tional and adequate and for coordinating the ERM process
the Risk Manager, responsible for coordinating the enterprise risk management activities
the Board of Statutory Auditors, which monitors the effec- tiveness of the internal control and risk management system.