The Board deemed it appropriate to adopt a structured risk management process that, on the one hand, enables the risks to be identified promptly and completely, and on the other hand, permits the adoption of adequate measures to “manage” the risks in terms of anticipating the risks and pro-active measures, rather than simply taking reactive measures, considering the accelerating pace of economic changes, the complexity of management activities and the recent changes in laws and regulations relating to corporate governance and internal control.

It is important to observe that the Board of Directors plays a central role with reference to the “governance” of the new model. Indeed, the Board is responsible for supervising the risk management process so that the risks assumed in the business are consistent with the strategies (so-called monitoring action). Furthermore, the Board defines the attitude to risk (so-called identification of the “acceptable risk threshold”) and establishes the guidelines to manage the risks which may “interfere with” or prejudice achieving the business objectives or erode critical corporate assets, in line with its top management and strategic policy-making mission.

In view of the above, the Board redefined the responsibilities and composition of the Committee for Internal Control and Corporate Governance in 2009, and the Committee was renamed as follows: “Committee for Internal Control, Risks and Corporate Governance” and the Committee’s composition was extended to 5 Board Members.

In particular, the Committee for Internal Control, Risks and Corporate Governance supports the Board (i) in the periodic identification and assessment of the principal risks relating to the Company and its subsidiaries, at least once a year, to ensure these risks are monitored correctly (Annual Risk Assessment) (ii) in defining the mitigation plans, and in general, the “risk governance” and updating them periodically, at least once a year (Annual Risk Management Plan) in order to maintain the overall levels of exposure to risk within the risk threshold assessed by the Board of Directors as being “acceptable” (risk appetite), based on the proposal made by the Committee concerned).

The Board of Directors is supported by the Risk Management Committee (chaired by the General Counsel and composed of the Finance Manager; Group Control Manager; Internal Audit Manager; Legal and Corporate Affairs and Group Compliance Manager; Investor Relations Manager and the Senior Advisor Human Resources).

The Risk Management Committee has the following responsibilities (i) to adopt and promote a systematic and structured process to identify and measure the risks; (ii) to examine the information concerning internal and external, existing and future risks to which the Group is exposed; (iii) to propose strategies to respond to the risk in relation to the overall and detailed exposure to the various categories of risks; (iv) to propose the implementation of a risk policy in order to guarantee that the risk is reduced to “acceptable” levels; (v) to monitor the implementation of the strategies adopted in response to the risk defined and compliance with the risk policies adopted.

The Managerial Committee avails itself of the Sustainability and Risk Governance Department (managed by Filippo Bettini) that includes the Risk Officer (Ms. Alessia Carnevale) who coordinates the assessment process and guarantees the on-going monitoring of the Company’s and the Group’s exposure to the principal risks, while monitoring the effective implementation of the mitigation plans in the individual company departments and organizational units.