TECHNICOLOR_REGISTRATION_DOCUMENT_2017

3 - RISKS, LITIGATION AND CONTROLS Risk factors

Cyber content security [G4-DMA Customer privacy] GRI

Tax credits evolution Risk description

Some states, provinces or countries like Canada, United Kingdom and France have developed incentive programs for film, television or advertising productions. These production incentive programs offer eligible companies financial incentives, such as refundable tax credits, tax rebates or grants, based on the qualified production costs incurred in the production location. As a result, Technicolor has installed its main production services activities in certain locations attractive to its customers. Any material change to the incentive programs available in such locations may impact significantly the decisions by customers on where they outsource production services like VFX and Animation. While the Group has been effective in optimizing the geographical footprint of its Production Services activities accordingly, and expect that it will continue to do so, there can be no assurance that the Group will not be adversely affected by changes in location-based production incentives. Risk management Technicolor is keeping an active watch on any material changes in or additions to the location-based production incentive landscape and strives to be agile in ramping up and down the facilities in the strategic geographies to respond to customers’ preferences for where production services is done. The Tax Department of Technicolor works diligently to scrutinize the production tax incentive evolution and to provide guidelines to the operations regarding eligible criteria and administrative constraints. The Group has also established and continues to nurture longstanding relationships with local governments and trade organizations in order to be a leading participant early in any discussions regarding the evaluation and implementation of any changes in production incentives. DVD Services Customer concentration and contract negotiation Risk description The DVD Services Division operates in a concentrated market with a limited number of significant customers supported by long-term contractual arrangements. The division belongs to the Entertainment Services segment, in which the top five customers accounted for 50% of the segment’s revenues and 21% of the Group’s consolidated revenues in 2017.

Risk description The secure maintenance and transmission of customer information is an essential component of the Production Services Division’s operations, as the Group is entrusted with the creation and distribution of highly sensitive content on behalf of its customers and business partners. Production Services relies on internal and external information systems and technologies (managed both by the Group and by third parties) that compute, maintain and transmit multimedia content, for example to render Visual Effects or ensure post-production digital services. The security of this information may be compromised as a result of system or control failures, inadequate or failed processes, human error, willful breaches (internally and externally), cyberattacks and business interruptions. These events could lead to a breach in the division’s global security protocols and sensitive assets, belonging to its customers, such as major studios, may be lost, disclosed, misappropriated, altered or accessed without consent. The failure to have sufficient content security systems and protocols may cause key customers to pull work from Production Services’ facilities. Risk management The security actions related to content production networks are led by internal security teams and are devoted to the mitigation of these risks. These security actions and protocols are continuously implemented, enforced, evaluated and updated as new production facilities are built, moved or acquired, and as new technologies or threats emerge. The security policies and the use of qualified providers, equipment and software, combined with regular security assessments and penetration testing, aim to mitigate the risk towards an acceptable level. Technicolor security standards are continuously reviewed and updated to stay ahead of the industry. Technicolor hosts audits from various customers (including studios) and industry associations such as the Motion Picture Association of America. Overall in 2017, Technicolor hosted more than 70 audits (by third parties), physical internal assessments or penetrations tests. Items identified for remediation are tracked and managed by internal teams.

50

TECHNICOLOR REGISTRATION DOCUMENT 2017