Risk factors Management

Factors such as trends in GDP and interest rates, the ease of getting credit, the cost of raw materials, and the general level of energy consumption, significantly affect the energy demand of countries which, in the face of persistent economic difficulties, then reduce investments that would otherwise develop the market. Government incentives for alternative energy sources and for developing telecom networks also face reduction for the same reason. The Prysmian Group's transmission business (high voltage submarine cables) and Power Distribution and Telecom businesses, all highly concentrated in the European market, are being affected by fluctuating contractions of demand in this market caused by the region's prolonged economic downturn.
To counter this risk, the Group is pursuing, on the one hand, a policy of geographical diversification in non-European countries (e.g. Vietnam, Philippines, etc.) and, on the other, a strategy to reduce costs by rationalising its production structure globally in order to mitigate possible negative effects on the Group's performance in terms of lower sales and shrinking margins.
In addition, the Group constantly monitors developments in the global geopolitical environment which, as a result - for example - of the introduction of specific industrial policies by individual countries, could require it to revise existing business strategies and/or adopt mechanisms to safeguard the Group's competitive position.

In the Offshore Specialties business, the Prysmian Group has a significant business relationship with Petrobras, a Brazilian oil company, for the supply of umbilical cables, developed and manufactured at the factory in Vila Velha, Brazil. In light of the country's continuing economic difficulties causing the local market for umbilical cables to contract and of growing competitive pressures on product technological innovation, the sustainability, even partial, of the business in Brazil could be impacted.
While committed to maintaining and strengthening its business relationship with this customer over time, the Group has started to gradually reorganise the business unit to make its processes more efficient and to concentrate increasingly on developing new products whose technical and economic solutions can lower production costs.

The Prysmian Group operates and has production facilities and/or companies in Asia, Latin America, the Middle East and Eastern Europe. The Group's operations in these countries are exposed to different risks linked to local regulatory and legal systems, the imposition of tariffs or taxes, exchange rate volatility, and political and economic instability affecting the ability of business and financial partners to meet their obligations.
Significant changes in the macroeconomic, political, tax or legislative environment of such countries could have an adverse impact on the Group's business, results of operations and financial condition; consequently, as already mentioned in an earlier paragraph, the Group constantly monitors developments in the global geopolitical environment which could require it to revise existing business strategies and/or adopt mechanisms to safeguard its competitive position.

The Group’s production activities are subject to national and international laws and regulations governing Health, Safety and the Environment. Future legislative and/or regulatory changes, more or less foreseeable, might affect the operations of the Group, its ability to compete in the marketplace and its financial results, unless those changes are identified, anticipated and managed on a timely basis. In particular, the Group has analysed the potential regulatory risk relating to energy efficiency, including the introduction of more stringent reporting requirements and possible changes in local legislation that transposes the “Energy Efficiency Directive” 2012/27/EU (EED), as amended, on the efficiency of end-use energy.

The volatility of the international banking and financial system could be a potential risk factor in terms of raising finance and its associated cost. In addition, non-compliance with the financial and non-financial covenants contained in the Group's credit agreements could restrict its ability to increase its net indebtedness, other conditions remaining equal. In fact, should it fail to satisfy one of these covenants, this would trigger a default event which, unless resolved under the terms of the respective agreements, could
lead to their termination and/or an early repayment of any credit drawn down. In such an eventuality, the Group might be unable to repay the amounts demanded early, in turn giving rise to a liquidity risk.
At present, given its balance of cash and cash equivalents and undrawn committed credit lines, totalling more than Euro 1 billion at 31 December 2018, and six-monthly monitoring² of financial covenant compliance (fully satisfied at 31 December 2018), the Group is of the opinion that this risk is significantly mitigated and that it is able to raise sufficient financial resources and at a competitive cost. A more detailed analysis of the risk in question, including a description of the Group's principal sources of finance, can be found in the Explanatory Notes to the Consolidated Financial Statements.

² The financial covenants are measured at the half-year close on 30 June and at the full-year close on 31 December.

The Prysmian Group operates internationally and is therefore exposed to exchange rate risk for the various currencies in which it operates (principally the US Dollar, British Pound, Brazilian Real, Turkish Lira and Chinese Renminbi). Exchange rate risk occurs when future transactions or assets and liabilities recognised in the statement of financial position are denominated in a currency other than the functional currency of the company which undertakes the transaction.
To manage exchange rate risk arising from future trade transactions and from the recognition of foreign currency assets and liabilities, most Prysmian Group companies use forward contracts arranged by Group Treasury, which manages the various positions in each currency.
However, since Prysmian prepares its consolidated financial statements in Euro, fluctuations in the exchange rates used to translate the financial statements of subsidiaries, originally expressed in a foreign currency, could affect the Group's results of operations and financial condition. Exchange rate volatility is monitored both locally and centrally, by the Group Finance department, also using specific indicators designed to intercept potential risk situations which, when thought to exceed the defined tolerance limits, will
trigger immediate mitigating actions.
A more detailed analysis of the risk in question can nonetheless be found in the "Financial Risk Management" section of the Explanatory Notes to the Consolidated Financial Statements.

Changes in interest rates affect the market value of the Prysmian Group's financial assets and liabilities as well as its net finance costs. The interest rate risk to which the Group is exposed is mainly on long-term financial liabilities, carrying both fixed and variable rates. Fixed rate debt exposes the Group to a fair value risk. The Group does not operate any particular hedging policies in relation to the risk arising from such contracts since it considers this risk to be immaterial. Variable rate debt exposes the Group to a rate volatility risk (cash flow risk). The Group can use interest rate swaps (IRS) to hedge this risk, which transform variable rates into fixed ones, thus reducing the rate volatility risk. IRS contracts make it possible to exchange on specified dates the difference between contracted fixed rates and the variable rate calculated with reference to the loan's notional value. A potential rise in interest rates, from the record lows reached in recent years, could represent a risk factor in coming quarters.
A more detailed analysis of the risk in question can nonetheless be found in the "Financial Risk Management" section of the Explanatory Notes to the Consolidated Financial Statements.

Credit risk is represented by Prysmian Group's exposure to potential losses arising from the failure of business or financial partners to discharge their obligations. This risk is monitored centrally by the Group Finance department, while customer-related credit risk is managed operationally by the individual subsidiaries. The Group does not have any excessive concentrations of credit risk, but given the economic and social difficulties faced by some countries in which it operates, the exposure could undergo a
deterioration that would require closer monitoring. Accordingly, the Group has procedures in place to ensure that its business partners are of recognised reliability and that its financial partners have high credit ratings.
In addition, in mitigation of credit risk, the Group has a global trade credit insurance program covering almost all its operating companies; this is managed centrally by the Risk Management department, which monitors, with the assistance of the Group's Credit Management function, the level of exposure to risk and intervenes when tolerance limits are exceeded due to difficulty in finding coverage on the market.
A more detailed analysis of the risk in question can nonetheless be found in the "Financial Risk Management" section of the Explanatory Notes to the Consolidated Financial Statements.

Liquidity risk indicates the sufficiency of an entity's financial resources to meet its obligations to business or financial partners on the agreed due dates. With regard to the Prysmian Group's working capital cash requirements, these increase significantly during
the first half of the year when it commences production in anticipation of order intake, with a consequent temporary increase in net financial debt.
Prudent management of liquidity risk involves the maintenance of adequate levels of cash, cash equivalents and short-term securities, the maintenance of an adequate amount of committed credit lines, and timely renegotiation of loans before their maturity. Due to the dynamic nature of the business in which the Prysmian Group operates, the Group Finance department favours flexible arrangements for sourcing funds in the form of committed credit lines.
As at 31 December 2018, the Group's total financial resources, comprising cash and cash equivalents and undrawn committed credit lines, came to in excess of Euro 1 billion.
A more detailed analysis of the risk in question can nonetheless be found in the "Financial Risk Management" section of the Explanatory Notes to the Consolidated Financial Statements.

The main commodities purchased by the Prysmian Group are copper and aluminium, accounting for more than 50% of the total raw materials used to manufacture its products. The Group neutralises the impact of possible rises in the price of copper and its other principal raw materials through hedging activities and automatic sales price adjustment mechanisms. Hedging activities are based on sales contracts or sales forecasts, which if not met, could expose the Group to commodity price volatility risk.
A dedicated team within the Group Purchasing department monitors and coordinates centrally those sales transactions requiring the purchase of raw materials and the related hedging activities carried out by each subsidiary, ensuring that the level of exposure to risk is kept within defined tolerance limits.
A more detailed analysis of the risk in question can nonetheless be found in the "Financial Risk Management" section of the Explanatory Notes to the Consolidated Financial Statements.

Projects for high/medium voltage submarine or underground connections are characterised by contractual forms entailing a "turnkey" type of project management that therefore demands compliance with deadlines and quality standards, guaranteed by penalties calculated as an agreed percentage of the contract value and that can even result in contract termination.
The application of such penalties, the obligation to compensate any damages as well as indirect effects on the supply chain in the event of late delivery or production problems, could significantly affect project performance and hence the Group's margins. Possible damage to market reputation cannot be ruled out. Given the complexity of "turnkey" projects, Prysmian has implemented a quality management process involving extensive testing of cables and accessories before delivery and installation, as well as specific ad hoc insurance coverage, often through insurance syndicates, able to mitigate exposure to risks arising from production through to delivery.
Moreover, the ERM assessments for this particular risk have led the Risk Management department, with the support of the Commercial area, to implement a systematic process of Project Risk Assessment for "turnkey" projects, involving the assignment of a Project Risk Manager, right from the bidding stage, with the aim of identifying, assessing and monitoring over time the Group's exposure to specific risks and of taking the necessary mitigation actions. The decision to present a bid proposal to the customer therefore also depends on the results of risk assessment.
With regard to the events involving Western Link, an electrical transmission cable between Scotland, Wales and England, please refer to the sections on Significant Events in the Year and Significant Events after the Reporting Period within the Explanatory Notes to the Consolidated Financial Statements.

The submarine cables business is heavily dependent on certain key assets, such as the Arco Felice plant in Italy for the production of a particular type of cable and one of its cable-laying vessels (the "Giulio Verne"), some of whose technical capabilities are hard to find on the market. The loss of one of these assets due to unforeseen natural disasters (e.g. earthquakes, storms, etc.) or other accidents (e.g. fire, terrorist attacks, etc.) and the consequent prolonged business interruption could have a critical economic impact on the Group's performance.
The construction of a new cable-laying vessel began in 2018, with a best-in-class specification. As a result, the risk of dependence on the "Giulio Verne" cable-laying vessel has been significantly reduced.
Prysmian addresses this risk through:

• a systematic Loss Prevention program, managed centrally by the Risk Management department, which, through periodic on-site inspections, allows the adequacy of existing systems of protection to be assessed and any necessary remedial actions decided to mitigate the estimated residual risk. As at 31 December 2018, the Group's operating plants were sufficiently protected and no significant exposures to risk were noted. All the plants have been classified as "Excellent Highly Protected Rated (HPR)", "Good HPR" or "Good not HPR", in accordance with the methodology defined by internationally recognised best practices in the field of Risk Engineering & Loss Prevention;
• specific disaster recovery & business continuity plans which allow appropriate countermeasures to be activated as soon as possible in order to minimise the impact of a catastrophic event and to manage any consequent crisis;
• specific insurance programs for coverage against any damage to assets and loss of associated contribution margin due to business interruption, such as to minimise the financial impact of this risk on cash flow.

The Group's production activities in Italy and abroad are subject to specific environmental regulations, amongst which those concerning soil and subsoil and the presence/use of hazardous materials and substances, including for human health. Such regulations are enforcing increasingly strict standards on companies, which are therefore obliged to incur significant compliance costs.
Considering the large number of the Group's plants, the probability of an accident with consequences for the environment, as well as for continuity of production, cannot be ignored or the resulting potentially significant economic and reputational impact. Accordingly, Prysmian adopts a series of controls that keep the risk at an acceptable level. In fact, environmental issues are managed centrally by the HQ Health Safety & Environment (HSE) department which oversees local HSE departments and is responsible for organising specific training activities, for adopting systems to ensure strict adherence to regulations in accordance with best practices, as well as for monitoring risk exposures using specific indicators and internal and external auditing activities.
With reference to just the production sites within the pre-acquisition Prysmian Group, the certified percentage has remained relatively stable, with 95% certified under ISO 14001 and 78% certified under OHSAS 18001; in addition, specific other Organisations have also been certified (R&D, installation activities, kitting and distribution centres, etc.), for a total of four OHSAS 18001 certificates and two ISO 14001 certificates.
The overall situation has been changed by the acquisition of General Cable, about a third of whose plants (not counted in the above percentages) are currently certified under the standards in question (ISO 14001 and OHSAS 18001).
Therefore, following the acquisition, the programme of certifications at Group level has been duly revised, with the intent of certifying all the production units (except for specific cases) in the future.

The growing spread of web-based technologies and business models allowing the transfer and sharing of sensitive information through virtual spaces (i.e. social media, cloud computing, etc.) carries computing vulnerability risks which Prysmian Group cannot ignore in the conduct of its business. Exposure to potential cyberattacks could be due to several factors such as the necessary distribution of IT systems around the world, and the possession of high value-added information such as patents, technological innovation projects, as well as financial projections and strategic plans not yet disclosed to the market, unauthorised access to which could damage a company's results, financial situation and image. In partnership with the Risk Management department, the Group's IT Security function periodically performs specific assessments to identify any vulnerabilities in IT systems locally and centrally that could compromise business continuity.
Furthermore, since 2016 Prysmian Group has started to implement a structured and integrated process for managing cyber security-related risks which, under the leadership of the Group IT Security function, in partnership with the Risk Management department, aims to strengthen the Group's IT systems and platforms and introduce robust mechanisms to prevent and control any cyberattacks. A cogent Information Security strategy has been defined in this regard that clarifies the governance structure adopted by the Group and the guidelines for managing cyber risk in connection with IT architectures and business processes. A special Information Security Committee, consisting of the key figures involved in managing cyber risk³, has been appointed with the mission of defining the strategic and operational Cyber Security objectives, of coordinating the main initiatives undertaken, and of examining and approving policies, operating procedures and instructions. The Committee is convened on a periodic basis (twice a year) and in any case upon the occurrence of any extraordinary events or crises. Lastly, specific e-learning training sessions have been provided to all the Group's IT staff with the aim of increasing their awareness of this issue.

³ The following sit, as permanent members, on the Information Security Committee: the Chief Operating Officer, the Vicepresident
HR&Organization, the Chief Security Officer, the Chief Information Officer, the Chief Risk Officer, the Chief Audit & Compliance Officer
and the Group's IT Security Manager.

In the current context, featuring a continuous globalisation of business, a proliferation of channels, information access and an increase in volume and types of data managed, Prysmian has the chance to create new opportunities and new services; at the same time, however, it is experiencing a time of great complexity concerning the governance of data and its compliance with international regulations, as well as the growth of potential threats to the confidentiality, integrity and availability of information.
It is therefore essential to address the issue of how to manage information and data considered confidential or sensitive, not solely as a compliance problem but also as a security problem and a business priority. Furthermore, the coming into force, in May 2018, of the new European Regulation (EU) 2016/679 (GDPR – General Data Protection Regulation) is one of the driving forces behind a renewed commitment to data protection, particularly personal data.
The personal data protection programme adopted by Prysmian is based on three fundamental elements impacting the entire corporate structure:

• Development of a "data-centric" model by mapping the relevant personal data processed by the company functions and establishing a data processing register;
   
• Definition of a new updated governance model, designed to meet the requirements of the GDPR and based on the following pillars:

                         -A new organisational structure that includes the appointment of a Data Protection Officer, serving in an advisory and monitoring capacity, with the appropriate duties and responsibilities delegated to Internal Data Supervisors, who are                                        responsible for the   more substantial processing of data and supervise the activities of persons who process the data;

                         -A series of new policies and standard appointment documents.

•  Implementation of adequate technical, organisational measures to guarantee a level of security appropriate to the risk.

The programme also includes communication and training materials to raise user awareness of the GDPR and of the measures adopted by Prysmian to ensure compliance with this Regulation.
Following the acquisition of General Cable, the personal data protection programme has been updated and extended to General Cable.
In fact, during the course of 2018, General Cable implemented the new European rules of the GDPR throughout its group and also carried out training for about 800 employees.

In recent years, legislators and regulators have devoted much attention to the fight against bribery and corruption, with a growing tendency to extend responsibility to legal entities as well as to natural persons. With growing internationalisation, organisations more and more often find themselves operating in contexts exposed to the risk of bribery and having to comply with the many related regulations, such as Italian Legislative Decree 231/2001, Italy's Anti-bribery Law (Law 190/2012), the Foreign Corrupt Practices Act, the UK Bribery Act etc., all with a common objective: to counteract and repress corruption.
The Group's business model, with a global presence in over 50 countries and a wide array of applications for its products, brings it into constant contact with multiple third parties (suppliers, intermediaries, agents and customers). In particular, in the Energy (submarine and high voltage) and Oil & Gas businesses, the management of large international projects involves having commercial relations even in countries with a potential risk of bribery (as per the Corruption Perception Index⁴), often through local commercial agents and public officials.
Prysmian Group has therefore implemented a series of actions designed to manage bribery and corruption on a preventive basis; foremost amongst these is the adoption of an Anti-Bribery Policy which prohibits the bribery of both public officials and private individuals and requires employees to abide by it and to observe and comply with all anti-bribery legislation in the countries in which they are employed or active, if this is more restrictive. In addition, specific e-learning activities (training and testing) for all Group personnel are periodically conducted to raise awareness about compliance with this legislation.
In continuity with the previous year, Prysmian Group moved forward in 2018 with the activities defined in its Anti-Bribery Compliance Program, inspired by the ISO 37001 guidelines for Anti-bribery management systems, published on 15 October 2016 and intended to strengthen its monitoring of and focus on compliance issues. This program, in addition to giving greater control over management of the bribery risk, also aims to minimise the risk of punishment if crimes related to corruption are committed by employees or third parties. The core of the ISO 37001 standard is the control of third parties (suppliers, intermediaries, agents and customers) through a due diligence system designed to reveal any critical or negative events that undermine the reputation of third parties with whom Prysmian Group deals. Following the acquisition of General Cable, Prysmian Group's Anti-Bribery Compliance Program has been updated and expanded to include the additional activities in this area envisaged by the General Cable Compliance Program.
Further details about the actions taken by the Group to prevent corrupt practices can be found in the specific section of the annual Sustainability Report.

⁴ The Corruption Perception Index (CPI) is an indicator published annually by Transparency International, used to measure the perception of public
sector corruption in various countries around the world.

Competition rules, covering restrictive agreements and abuse of dominant position, now play a central role in governing business activities in all sectors of economic life. Its extensive international presence in more than 50 countries means the Group is subject to antitrust law in Europe and every other country in the world in which it operates, each with more or less strict rules on the civil, administrative and criminal liability of parties that violate the applicable legislation. In the last decade, local Antitrust Authorities have paid increasing attention to commercial activities by market players, also involving a tendency for international collaboration between authorities themselves. Prysmian aspires to operate on the market in compliance with the competition rules.
In keeping with the priorities identified by the ERM process, the Board of Directors has adopted an Antitrust Code of Conduct that all Group employees, directors and managers are required to know and observe in the conduct of their duties and in their dealings with third parties. The Antitrust Code of Conduct was updated during 2018; the new version, published on the company intranet and made available to all the Group's employees, contains the general principles of antitrust law generally found in industry regulations applying in the various jurisdictions in which the Group operates. In addition, other more detailed documents are currently being prepared, each focusing on the antitrust legislation specifically applicable in the main countries in which the Group operates. The Antitrust Code of Conduct forms an integral part of the training program and is intended to provide a framework for the issues concerning application of EU and Italian competition law concerning collusive practices and abuse of dominant position, within which specific situations are assessed on a case-by-case basis. These activities represent a further step in establishing an "antitrust culture" within the Group by promoting knowledge and heightening individual accountability for professional duties arising under antitrust legislation. In this context, specific classroom training sessions were held in 2017 and 2018 mostly for the Group's sales force and organised in collaboration with external lecturers and legal consultants. In addition, E-learning modules were launched on the company intranet during 2018 with the aim of continuously supporting and raising awareness of and attention to this issue.
With regard to the antitrust investigations still in progress, details of which can be found in Note 14. Provisions for risks and charges in the Explanatory Notes to the Consolidated Financial Statements, the Group has a provision for risks and charges as at 31 December 2018 of approximately Euro 233 million. Despite the uncertainty of the outcome of the investigations in progress and potential legal action by customers as a result of the European Commission's decision adopted in April 2014, as described in the
Explanatory Notes (Note 14. Provisions for risks and charges), the amount of this provision is considered to represent the best estimate of the liability based on the information now available.