

3
Information about the Company | Corporate Governance |
Reports
The protection of personal data remains a major concern for Vivendi.
Accordingly, the general counsels of the various business and legal
departments within the group have been made aware of the updated
charters on data and content protection and of the Good Practices
Guidelines in respect of matters of sensitive data protection. Inspections
and audits are conducted on a regular basis to ensure that the safeguard
procedures have been properly applied.
Responsibilities and Commitments of each Business Unit’s
General Management
Every six months, the Chairman and Chief Financial Officer of each
business unit signs a representation letter certifying compliance with
internal control procedures relating to the preparation of financial
statements and financial and industry-based information items, to ensure
the accuracy, integrity and reliability of financial disclosure.
At the proposal of the Audit Committee, Vivendi established a Code
of Financial Ethics. It applies to the senior executives of Vivendi SA
responsible for communications and financial and accounting reporting.
Rules on Market Ethics
Vivendi complies with the General Regulations of the AMF as well as
with the recommendations of the AFEP and MEDEF. Consequently,
purchase and sale transactions involving company securities are
prohibited during the period from the date on which a member of the
Supervisory Board or the Management Board becomes aware of precise
market information concerning the Company’s day-to-day business or
prospects which, if made public, would likely have a material impact on
the Company’s share price, up to the date on which this information is
made public. In addition, such transactions are prohibited for 30 calendar
days preceding and including the day of publication of the Company’s
quarterly, half-yearly and annual financial statements. The Company
prepares and distributes a summary schedule setting out the periods
during which transactions involving Company shares are prohibited
(“blackout periods”). Pursuant to the AFEP/MEDEF Code, hedging
transactions of any kind on the Company’s securities following the
exercise of stock options are prohibited.
Blackout periods are the subject of individual reminders sent via e-mail
whenever necessary including before each identified Financial Reporting
period.
Delegation of Powers
The delegation of operational powers, whether on a single occasion
or on a recurring basis, is one of the responsibilities of the General
Management of Vivendi and of the General Management of each of its
business units. These delegated powers are updated and formalized on
a regular basis in accordance with the evolving role and responsibilities
of the relevant delegate.
4.4. Risk Monitoring and Management
Vivendi’s Management Board is responsible for identifying and reviewing
measures to manage risks within business units that are likely to affect
achievement of the group’s objectives.
At the group level, risks are assessed based on a qualitative and
quantitative approach in reference to each business unit. In 2014, the
Audit and Risk Department drew up a risk mapping for each of the
group’s principal business units. For each entity, the risk mapping was
based on interviews held with 30 to 40 senior and operating managers.
These mappings were then reviewed by the business unit managers, the
Vivendi Management Board and the Statutory Auditors and presented to
the Vivendi Audit Committee on December 9, 2014.
The principal risks faced by the Company are described in Chapter 1,
Risk Factors of this Annual Report and in Chapter 4, Note 22 to the
Consolidated Financial Statements relating to market risk management
and derivative instruments.
Vivendi’s General Counsel and Company Secretary and legal department
are responsible for the prevention and management of risks relating to
ethics, competition and conflicts of interest. The management of financial
risks, including liquidity, interest and exchange rates, is carried out by
Vivendi’s Finance, Risk Management and Treasury departments through
a centralized organization at the Company’s headquarters.
Operational risks are managed by the business units, taking into account
specific aspects of their operations (e.g., regulatory risks in the Pay-TV
businesses, risks associated with infringement of intellectual property
rights in the music business and risks associated with piracy and
counterfeiting in the film and music businesses).
The policy of covering insurable risks, such as damage and operating
losses from accident and civil liability is monitored by Vivendi’s Risk
Management department in collaboration with the Finance department
and the General Counsel and Company Secretary. For a description of the
current insurance programs (see, Chapter 1 of this Annual Report).
4.4.1.
Internal Control Operations
Control operations are primarily performed by the functional and
operational management teams in accordance with existing reference
procedures.
The following bodies ensure the monitoring of internal control measures:
Audit Committee
The Audit Committee is comprised of independent members of the
Supervisory Board. Pursuant to the powers conferred upon it, the Audit
Committee prepares the decisions of the Supervisory Board and provides
recommendations or issues opinions to the Supervisory Board on a wide
range of matters. In 2014, at the proposal of its Chairman, the Audit
Committee established a multi-year program, reviewed and reinforced by
its members. This program specifically covers:
p
p
a review of the quarterly Consolidated Financial Statements
and annual financial statements of Vivendi SA, prepared by the
Management Board;
p
p
a review of impairment tests;
p
p
monitoring of the Company’s cash and any alerts as to potential
related issues;
150
Annual Report 2014