technicolor - 2018 Registration document

RISKS, LITIGATION, AND CONTROLS

INTERNAL CONTROL

INTERNAL CONTROL 3.3

GRI [102-29] [102-30] [102-33] [103-1 Socioeconomic compliance] [103-2 Socioeconomic compliance] [103-3 Socioeconomic compliance] [205-1]

INTERNAL CONTROL METHODOLOGY The internal control methodology is based on three pillars:

The internal control procedures mentioned in the present Chapter apply to the Company and to all its subsidiaries and are under the responsibility of each Technicolor employee. The major components underlying the preparation of this report are (i) the French Loi de sécurité financière (Law regarding Financial Security), (ii) the Ordinance No. 2008-1278 of December 8, 2008, (iii) the AMF guidelines on risk management and internal control and (iv) Article R. 225-105-1 of the French Commercial Code about disclosure of non-financial information related to Corporate Social Responsibility. In March 2011, the Company voluntarily delisted from the New York Stock Exchange (NYSE). As a consequence, it is no longer subject to the Sarbanes Oxley Act obligations (SOX). Following the delisting, the Group decided to maintain high standards of financial reporting discipline, capitalizing on the work undertaken previously. The program, called 8TIC’S, was launched at the beginning of 2011 with the objective to maintain and expand the internal control scope beyond financial reporting through a risk-based approach. The eighth annual campaign of the program has been successfully performed in the course of 2018, and a new campaign starts as of January 2019. Objectives of internal 3.3.1 OBJECTIVES OF INTERNAL CONTROL PROCEDURES The Group’s internal control framework is designed to achieve the following main objectives: application of the instructions and directional guidelines fixed by the • Group’s management bodies in line with the Group’s overall objectives and the inherent risks; correct functioning of the internal processes, such as the ones • pertaining to the security of its assets as well as the operational, industrial, commercial and financial processes; compliance with applicable laws and regulations; • reliability of financial and non-financial information obtained through • the implementation of internal control procedures. The internal control framework aims at preventing and mitigating risks arising from the Group’s conduct of business and risks of error or fraud, in particular in areas of accounting, finance and social responsibility. As for every control system, it cannot provide an absolute guarantee that these risks are totally eliminated. control procedures and implementation

a risk-based approach which starts from the Group Risk Management • program (see paragraph below “Risk Management”) and allows internal control to deploy its methodology on the main Group risks. in 2018, the risk and control referential was revisited and updated together with the evolution of risks; a self-assessment on controls implementation by the most significant • entities, totaling the vast majority of the Group scope according to the relevant indicators (Revenue, contribution to EBITDA and other financial and non-financial indicators function of each nature of risk). In 2018, about 270 control owners were designated to perform a self-assessment on 2,406 controls over 55 finance and non-finance processes; an independent testing managed by Internal Audit covering about • 20% of the self-assessed controls. This testing aims at providing assurance that the Technicolor internal control framework is effective. Independent testers are composed of Internal Auditors and some internal finance experts properly trained to the testing exercise. The internal control team ensures a continuous monitoring of the internal control campaign, through key performance indicators such as self-assessment and independent testing completion rates, deficiency rates, severities of reported deficiencies. The internal control team communicates permanently with the internal control communities, ensuring training on the approach and the tools to be used. Quarterly updates on the program are made to the Audit Committee. The management community is involved in the deficiency remediation and takes an active role in the implementation of corrective actions raised during the internal control campaign. Deficiencies with high and medium severity are monitored and followed-up by Internal Auditors until their full remediation. General control 3.3.2 environment THE ETHICAL VALUES AND PRINCIPLES OF CONDUCT FOR THE GROUP’S MANAGERS AND EMPLOYEES GRI [102-16] [102-17] [103-1 Anti-corruption] [103-2 Anti-corruption] [103-3 Anti-corruption] [205-1] [205-2] [412-1] [412-2] The values and principles of conduct for the Group’s managers and employees are defined in two of the Group’s 3 principal internal documents: the Group’s Code of Ethics, the Financial Ethics Charter and the Anti-bribery and Anti-corruption Policy.

3

57

TECHNICOLOR REGISTRATION DOCUMENT 2018