DESCRIPTION OF THE MAIN CHARACTERISTICS

OF THE INTERNAL CONTROL AND RISK

MANAGEMENT SYSTEM

Kinepolis Group uses the Integrated Framework for

Enterprise Risk Management as developed by the

Committee of Sponsoring Organizations of the Treadway

Commission (COSO). This framework integrates internal

control and risk management processes with the purpose

of identifying and managing strategic, operational and

reporting risks as well as complying and regulatory risks as

to enable the achievement of the corporate objectives.

Kinepolis Group uses this framework to implement a

system of Risk Management or to control the above risks in

the business processes and financial reporting. The system

is developed centrally and is as much as possible uniformly

applied in the various parts of the organization and

subsidiaries. The system fills in the various components,

as prescribed by the reference model, as well as the various

roles and responsibilities with regard to internal controls

and risk control.

Roles and Responsibilities

Within Kinepolis Group, risk management is not the

exclusive responsibility of the Board of Directors and

Executive Management; every employee is responsible

for the proper and timely application of the various risk

management activities within the scope of his or her job.

The responsibilities regarding risk management of the

Board of Directors (and its various committees) and

Executive Management are established and described

in detail in legal stipulations, the Belgian Corporate

Governance Code 2009 and the Kinepolis Corporate

Governance Charter.

In brief, it can be stated that Executive Management bears

final responsibility for the appropriate implementation

and management of the risk management system, whereas

the Board of Directors has a supervisory role in this matter.

The implementation and management of the risk manage-

ment system is based on a pyramidal responsibility structure

in which each manager is responsible not only for the proper

introduction and application of the risk management pro-

cesses within the scope of his or her job but also has a duty

to monitor its proper implementation by his or her direct

reports (who may in turn be managers).

In this way, management can be confident of proper and

comprehensive risk management throughout the Company

and have peace of mind that related risks in the various

business processes and departments are tackled in an

integrated way.

Application of the various components

The way in which the Company applies the various

components of the COSO framework is outlined below.

This description covers only the most important elements

and is therefore not comprehensive. In addition, the

appropriateness of the application is regularly evaluated and

so permanently subject to change.

Internal Control Environment

An appropriate internal environment is a precondition of

being able to effectively apply other risk management

components. An appropriate internal environment is a

precondition of being able to effectively apply other risk

management components. With this in mind, Kinepolis Group

values integrity and ethical action highly. Alongside the

existing legal framework, Kinepolis Group endeavours to

encourage and enforce this type of behaviour through

preventive measures (such as Code of Conduct,

work regulations, various policies and procedures) and

detection measures (such as the reporting procedure and

compliance inspections).

Kinepolis Nancy (FR)

44

03 / MANAGEMENT REPORT

KINEPOLIS GROUP

ANNUAL REPORT 2015