CONTROL AND RISK MANAGEMENT SYSTEM
Section devoted to the set of regulations, procedures and organisational structures established to ensure a clear allocation of responsibilities for identifying, measuring, managing and monitoring the main risks.
The design, implementation and monitoring activities of the risk management and internal control system defined by the Company are inspired by the CoSo Framework methodological reference, drawn up on the basis of the principles indicated by the Committee of Sponsoring Organisations of the Treadway Commissions; the Company constantly plans and carries out activities to develop and refine the system in its components, in a logic of continuous improvement.
In order to ensure proper risk management, Unieuro S.p.A. has implemented internal processes in line and with the recommendations of the Corporate Governance Code of listed companies promoted by the Corporate Governance Committee.
Corporate bodies involved:
In order to ensure proper risk management, Unieuro S.p.A. has implemented internal processes in line and with the recommendations of the Corporate Governance Code of listed companies promoted by the Corporate Governance Committee.
Corporate bodies involved:
- The Board of Directors plays the role of directing and evaluating the adequacy of the internal control and risk management system.
- The Director in charge of the Internal Control and Risk Management System (‘SCIGR’) identified as the Company's CEO, in line with the Corporate Governance Code. His main functions are: (i) to identify key business risks and submit them to the Board; (ii) to design, implement and manage the internal control and risk management system, verifying its adequacy; (iii) to adapt the system to operational and regulatory changes; (iv) to request internal audits in specific areas; and (v) to report any issues that arise to the Audit and Risk Committee or the Board in a timely manner.
- The Control and Risk Committee has the task of supporting the Board of Directors' assessments and decisions relating to the SICGR and the risks arising from prejudicial facts of which the latter has become aware.
- The Board of Statutory Auditors maintains regular communication flows with the Board of Directors, the Control and Risk Committee, the Supervisory Board, the Auditing Company and the Manager in charge. The members of the Board of Statutory Auditors are always invited to take part in the meetings of the Control and Risk Committee, as is the Director in charge of the SCIGR.
Within the company organisation, there are control functions that are independent of the operational structures. These functions play a key role in the overall organisational system. Their independence ensures that they can perform their tasks independently, without any external interference. Each of the control functions operates in a coordinated manner with the others, avoiding overlapping competences, but maintaining its own decision-making autonomy. This ensures effective coverage and management of the main risks to which the company is exposed.
- The Head of Internal Audit is responsible for verifying that the Internal Control and Risk Management System (SCIGR) is adequate, functional and consistent with the Board of Directors' guidelines. Annually, he proposes an internal audit plan to the Board, after examination by the Control and Risk Committee and the Director in charge of the SCIGR. In carrying out his mandate, the Internal Audit Manager maintains periodic communication flows and, in relevant cases, with all the parties that supervise the internal control and risk management system, each within its competence. The Internal Audit Manager takes part in the meetings of the Supervisory Board as an internal member and, where required, in the audits of the Board of Auditors.
- The Manager in charge of preparing the company's accounting documents, appointed in compliance with the provisions of Article 154-bis of the TUF - Consolidated Finance Act pursuant to Legislative Decree No. 58 of 24 February 1998, as amended and supplemented, must prepare adequate administrative and accounting procedures for the preparation of the company's accounting documents in accordance with the principles and regulations in force. It performs verification and control activities on the correct application of these procedures by the company, verifying the adequacy and effectiveness of the controls implemented on the corporate processes under its responsibility.
- The Compliance Function is committed to promoting and enforcing regulatory compliance. The Compliance Department's main task is to disseminate corporate awareness of the importance of acting in compliance with national and international regulations, including the provisions applicable to listed companies, consumer protection and personal data protection, regulations on bribery and whistleblowing, and accessibility. All this with a view to preventing possible violations and ensuring responsible and ethical business management.
The task of auditing the accounts is entrusted to a specialised company, appointed by the Shareholders' Meeting on the proposal of the Board of Statutory Auditors.
The auditing firm, which must be registered in a special register kept by Consob, has the task of checking during the financial year that the company accounts are properly kept and that the operating events are correctly recorded in the accounting records. It is also required to inform the Board and Consob without delay of any facts that it deems reprehensible, to verify that the financial statements and the consolidated financial statements correspond to the results in the accounting records and to the checks carried out and that they comply with the rules governing them.
At the end of each financial year, the auditing firm expresses an opinion on the financial statements, which is formalised in a special report.
In accordance with applicable regulatory provisions, the Ordinary Shareholders' Meeting of the Company held on 12 December 2016 appointed the auditing firm KPMG S.p.A. to audit the financial statements for the financial years ending in the period from 28 February 2017 to 28 February 2025 pursuant to Articles 14 and 16 of Legislative Decree No. 39 of 27 January 2010, and for the limited audit of the condensed half-yearly financial statements for the half-yearly periods ending 31 August 2017 to 31 August 2024.
The auditing firm, which must be registered in a special register kept by Consob, has the task of checking during the financial year that the company accounts are properly kept and that the operating events are correctly recorded in the accounting records. It is also required to inform the Board and Consob without delay of any facts that it deems reprehensible, to verify that the financial statements and the consolidated financial statements correspond to the results in the accounting records and to the checks carried out and that they comply with the rules governing them.
At the end of each financial year, the auditing firm expresses an opinion on the financial statements, which is formalised in a special report.
In accordance with applicable regulatory provisions, the Ordinary Shareholders' Meeting of the Company held on 12 December 2016 appointed the auditing firm KPMG S.p.A. to audit the financial statements for the financial years ending in the period from 28 February 2017 to 28 February 2025 pursuant to Articles 14 and 16 of Legislative Decree No. 39 of 27 January 2010, and for the limited audit of the condensed half-yearly financial statements for the half-yearly periods ending 31 August 2017 to 31 August 2024.
Since 25 May 2018, the Company has adopted a Privacy Organisational Model, in compliance with the provisions of Regulation (EU) 2016/679 (GDPR) and, in general, with the regulations on privacy, defining guidelines, inter alia, for the management of corporate and organisational relations and for the necessary coordination of operational and compliance activities on the processing of personal data.
The Company has appointed as DPO of the Unieuro Group the lawyer Diego Fulco, founding partner of the firm NetForLegal, partner of ‘Net For Legal’, attributing to him all the powers and functions pursuant to art. 39 GDPR. The appointment is effective from 27 April 2021.
The DPO maintains periodic communication flows with the Control and Risk Committee, and reports to the Board of Directors and, where necessary, to the Board of Statutory Auditors.
The Company has appointed as DPO of the Unieuro Group the lawyer Diego Fulco, founding partner of the firm NetForLegal, partner of ‘Net For Legal’, attributing to him all the powers and functions pursuant to art. 39 GDPR. The appointment is effective from 27 April 2021.
The DPO maintains periodic communication flows with the Control and Risk Committee, and reports to the Board of Directors and, where necessary, to the Board of Statutory Auditors.
Model 231 implements the provisions of Legislative Decree 231 of 2001 - which introduced into the Italian legal system the administrative liability of entities for certain predicate offences committed in their interest or to their advantage by directors, managers or employees - in order to prevent the commission of the offences set out in the Decree. The purpose of the Model is to encourage the performance of company activities in accordance with principles of fairness, ethics and transparency and, at the same time, to avoid potential risk situations in business management.
Supervisory Board
The Supervisory Board has the task of supervising the correct functioning, effectiveness and observance of Model 231, as well as of ensuring that it is updated and periodically verifying the implementation of the principles and controls contained therein. The
Supervisory Board of Unieuro S.p.A. reports to the Board of Directors.
The members of Unieuro S.p.A.'s Supervisory Board meet the requirements of:
The Code of Ethics is an integral part of Model 231 and constitutes its essential foundation for defining a culture of ethics and corporate transparency.
Supervisory Board
The Supervisory Board has the task of supervising the correct functioning, effectiveness and observance of Model 231, as well as of ensuring that it is updated and periodically verifying the implementation of the principles and controls contained therein. The
Supervisory Board of Unieuro S.p.A. reports to the Board of Directors.
The members of Unieuro S.p.A.'s Supervisory Board meet the requirements of:
- autonomy and independence from any conditioning in the performance of their activities;
- professionalism and competence in legal matters, control systems and company organisation;
- continuity of action in constantly monitoring compliance with Model 231, as well as its implementation and updating.
- Giorgio Rusticali, Chairman of the Body and external member;
- Raffaella Folli, Head of the Internal Audit Function internal member;
- Chiara Tebano, external member.
- a General Section that illustrates the contents of Legislative Decree 231/01, the purposes of the 231 Model, the procedures for setting up and functioning of the Supervisory Board, the system of sanctions, and staff training
- a Special Part describing the conduct and prevention measures to reduce the risk of committing the predicate offences referred to in Legislative Decree 231/01.
The Code of Ethics is an integral part of Model 231 and constitutes its essential foundation for defining a culture of ethics and corporate transparency.
The Board of Directors, in its meeting of 24 June 2021, after obtaining the favourable opinion of the Related Party Transactions Committee, approved the ‘Internal Regulation for the execution of Related Party Transactions’ (the ‘Procedure’) pursuant to and for the purposes of Consob Related Party Regulation no. 17221 of 12 March 2010, as subsequently amended and supplemented.
The aforesaid Procedure applies to Related Parties Transactions (for the definition of which please refer to the respective definitions in the Consob Related Parties Regulation, expressly referred to by the Procedure) carried out by the Company directly or through its subsidiaries.
In compliance with the Consob Related Parties Regulation, the Procedure regulates, among other things, the procedures for the instruction and approval of related party transactions defined as of greater importance on the basis of the criteria indicated by the Consob Related Parties Regulation and related party transactions defined as of lesser importance, meaning those other than transactions of greater importance and transactions of small amounts (the latter being those transactions which, individually considered, have a value not exceeding Euro 150. 000 when the related party is a natural person, or a value not exceeding Euro 300,000 when the related party is a person other than a natural person).
In accordance with the Consob Related Parties Regulation, the Procedure provides that prior to the approval of a transaction with related parties, the Related Parties Committee, composed exclusively of unrelated and non-executive directors and the majority of whom are independent directors pursuant to the Consolidated Law on Finance and the Corporate Governance Code, shall express a non-binding reasoned opinion on the Company's interest in its completion, as well as on the appropriateness and substantial fairness of the conditions envisaged.
The aforesaid Procedure applies to Related Parties Transactions (for the definition of which please refer to the respective definitions in the Consob Related Parties Regulation, expressly referred to by the Procedure) carried out by the Company directly or through its subsidiaries.
In compliance with the Consob Related Parties Regulation, the Procedure regulates, among other things, the procedures for the instruction and approval of related party transactions defined as of greater importance on the basis of the criteria indicated by the Consob Related Parties Regulation and related party transactions defined as of lesser importance, meaning those other than transactions of greater importance and transactions of small amounts (the latter being those transactions which, individually considered, have a value not exceeding Euro 150. 000 when the related party is a natural person, or a value not exceeding Euro 300,000 when the related party is a person other than a natural person).
In accordance with the Consob Related Parties Regulation, the Procedure provides that prior to the approval of a transaction with related parties, the Related Parties Committee, composed exclusively of unrelated and non-executive directors and the majority of whom are independent directors pursuant to the Consolidated Law on Finance and the Corporate Governance Code, shall express a non-binding reasoned opinion on the Company's interest in its completion, as well as on the appropriateness and substantial fairness of the conditions envisaged.
Internal Regulation for the Management of Material Information and Inside Information
The Internal Regulation for the management of material information and inside information sets forth certain procedural safeguards aimed at ensuring the proper management of corporate information concerning the Issuer that is of the nature of inside information pursuant to current legislation. It is also the objective of the Internal Rules for the Management of Material Information and Inside Information to prevent certain persons or categories of persons from using information not known to the public to carry out speculative transactions on the markets to the detriment of investors, who are not aware of such information.
It is specified that (i) ‘Inside Information’ means information of a precise nature, which has not been made public and which directly or indirectly concerns the Company or its financial instruments and which, if made public, could significantly influence the prices of the Company's financial instruments; (ii) ‘Price-sensitive Information’ means any information or news not yet qualifying as Price-sensitive Information that the Company considers to be relevant, inasmuch as it relates to data, events, projects or circumstances that, on a continuous, repetitive, periodic, or occasional, occasional or unforeseen basis, directly concerns the Company itself and which may, at a later, even nearer, time, become of a privileged nature and (iii) ‘Confidential Information’ means any information or news that does not qualify as Privileged Information, directly or indirectly concerning the Company and/or its Subsidiaries (the ‘Subsidiaries’), which is not in the public domain or which is by its nature confidential or of exclusive relevance to the Company and/or Subsidiaries, acquired by the addressees in the performance of their duties and/or functions.
The Regulation applies to all those who have access to Important and/or Privileged and/or Confidential Information and, in particular: (i) members of the management, administration, control bodies and Committees of the Company and of any Subsidiary Companies; (ii) employees; (iii) persons, both physical and legal, who, by reason of their working or professional activity, or by reason of the function performed, have access, on a regular or occasional basis, to Confidential, Important and/or Privileged Information.
Insiders Register
If the information is evaluated as Important Information, the same must be entered in a special section of the Register of Price Sensitive Information (‘RIL’), set up and updated by the Company, in accordance with the laws and regulations in force at the time, containing the indication of the persons who, by reason of their working or professional activity or the functions performed, have access to the Important Information.
Pursuant to the laws and regulations in force at the time and must be kept up-to-date, the Company has set up an electronic register (the ‘Register’) containing details of the persons who, by reason of the work or professional activity performed or the functions carried out, have access to Inside Information, also subject to delay. The Register consists of several separate sections, one for each piece of Inside Information, containing the data of the persons who have access to that specific piece of Inside Information. A new section must be added to the list every time new Inside Information is identified. In addition, there is a so-called permanent section in which the names of persons who, by reason of their functions or duties, have access to all Inside Information at all times are entered.
The Internal Regulations on Keeping the Register of Persons with Access to Inside Information and the Register of Persons with Access to Relevant Information define the rules and procedures for keeping and updating the Register and the RIL.
The Internal Regulation for the management of material information and inside information sets forth certain procedural safeguards aimed at ensuring the proper management of corporate information concerning the Issuer that is of the nature of inside information pursuant to current legislation. It is also the objective of the Internal Rules for the Management of Material Information and Inside Information to prevent certain persons or categories of persons from using information not known to the public to carry out speculative transactions on the markets to the detriment of investors, who are not aware of such information.
It is specified that (i) ‘Inside Information’ means information of a precise nature, which has not been made public and which directly or indirectly concerns the Company or its financial instruments and which, if made public, could significantly influence the prices of the Company's financial instruments; (ii) ‘Price-sensitive Information’ means any information or news not yet qualifying as Price-sensitive Information that the Company considers to be relevant, inasmuch as it relates to data, events, projects or circumstances that, on a continuous, repetitive, periodic, or occasional, occasional or unforeseen basis, directly concerns the Company itself and which may, at a later, even nearer, time, become of a privileged nature and (iii) ‘Confidential Information’ means any information or news that does not qualify as Privileged Information, directly or indirectly concerning the Company and/or its Subsidiaries (the ‘Subsidiaries’), which is not in the public domain or which is by its nature confidential or of exclusive relevance to the Company and/or Subsidiaries, acquired by the addressees in the performance of their duties and/or functions.
The Regulation applies to all those who have access to Important and/or Privileged and/or Confidential Information and, in particular: (i) members of the management, administration, control bodies and Committees of the Company and of any Subsidiary Companies; (ii) employees; (iii) persons, both physical and legal, who, by reason of their working or professional activity, or by reason of the function performed, have access, on a regular or occasional basis, to Confidential, Important and/or Privileged Information.
Insiders Register
If the information is evaluated as Important Information, the same must be entered in a special section of the Register of Price Sensitive Information (‘RIL’), set up and updated by the Company, in accordance with the laws and regulations in force at the time, containing the indication of the persons who, by reason of their working or professional activity or the functions performed, have access to the Important Information.
Pursuant to the laws and regulations in force at the time and must be kept up-to-date, the Company has set up an electronic register (the ‘Register’) containing details of the persons who, by reason of the work or professional activity performed or the functions carried out, have access to Inside Information, also subject to delay. The Register consists of several separate sections, one for each piece of Inside Information, containing the data of the persons who have access to that specific piece of Inside Information. A new section must be added to the list every time new Inside Information is identified. In addition, there is a so-called permanent section in which the names of persons who, by reason of their functions or duties, have access to all Inside Information at all times are entered.
The Internal Regulations on Keeping the Register of Persons with Access to Inside Information and the Register of Persons with Access to Relevant Information define the rules and procedures for keeping and updating the Register and the RIL.
Download Documents