Risk management policy

The risk management system constitutes the set of organizational structures and procedures aimed at enabling the identification, measurement, management and monitoring of the Group's main corporate risks.

The Board of Directors is responsible for defining the guidelines for the risk management system, so that the main risks facing the LU-VE Group are correctly identified, managed and monitored.

The Board of Directors is informed that the risk management system cannot provide absolute assurances regarding the prevention of risks that are characteristic of the company's activities; it believes, however, that the risk management system can reduce and mitigate the probability and impact of risk events related to incorrect decisions, human error, fraud, violations of laws, regulations and company procedures, as well as unforeseen events.

The risk management system is therefore subject to periodic review and verification, taking into account the evolution of corporate operations and the reference context, as well as existing national and international best practices.

The Board of Directors has identified the other main committees/corporate functions relevant to risk management, defining their respective tasks and responsibilities within the risk management system.

In particular, the Control and Risk Committee has the task of supporting the Board of Directors on issues related to internal control and risk management.

Risk monitoring takes place at least quarterly through meetings in which the results, opportunities and risks for all markets and geographical areas in which LU-VE operates are analyzed. At these meetings, actions deemed necessary to mitigate any risks are also defined.

The general principles of risk management and the bodies entrusted with assessing and monitoring these risks are contained in the Reference Framework for the preparation of accounting documents (pursuant to art. 154 bis of the TUF) and in the Organization, Management and Control Model pursuant to Legislative Decree no. 231/2001, to which reference is made.

The Internal Audit department systematically checks the effectiveness and efficiency of the risk management system as a whole, reporting the results of its activities to the Chairman, the Managing Directors, the Board of Auditors, the Control and Risk Committee and the Supervisory Board of LU-VE S.p.A. for the specific risks linked to compliance with Legislative Decree no. 231/2001, and annually to the Board of Directors.