GROUP OVERVIEW Internal control and risk management 1 and functions are managed properly in line with the integrated risk list of minimum operational requirements (building aspects, technical management process. To take into account the growing complexity of aspects, human aspects). These requirements minimize risks by all legal fields, Klepierre has organized its Legal Department in units applying best practices, possibly exceeding legal obligations. of expertise consisting of specialists in the following areas: corporate Finally, on a periodic basis, the Internal Audit & Control Department law, property law, contract and lease law. Cases requiring expertise in audits the shopping centers regarding compliance with the regulations labor or tax law are handled by the Human Resources Department and internal procedures in connection with the safety and security of and the Tax Department, respectively, in coordination with the Legal individuals and assets in compliance in particular with the regulations Department. The regulatory watch is carried out in constant liaison applicable to facilities open to the general public. with specialized external firms. The Group Legal Department, supported by the relevant functions, Safety works in partnership with outside counsel to ensure that information regarding new laws and regulations that could have a material impact To mitigate safety risks, owners of clearly identified risks put in on the Group’s financial position and future growth is gathered, place appropriate controls documented in the procedures and processed and disseminated throughout the Group. This intelligence specifications. Control compliance is tested on an ongoing basis by gathering process extends to legislation and regulations in every the operational teams (center management, operational departments, country in which the Group has equity interests. country-specific departments). The Group Legal Department has developed a reporting procedure Systems that report incidents daily are in place in the shopping covering disputes. It works closely with the relevant legal departments centers to better monitor the risks associated with the safety and to defend the Group’s interests. Accordingly, it helps to curb and security of individuals and assets. to manage the legal risks to which the Group is exposed owing in Internal dashboards track these controls and an annual report is particular to its owner/manager status. presented to the Executive Board and to the Supervisory Board. A high It drafts and verifies the contractual undertakings given by the Group level of security is also provided every day by having dedicated teams and ensures that they comply with the provisions of the law and the and security guards permanently on site. The new parking facilities all regulations. The Group Legal Department is working together with the incorporate better design in terms of traffic management and specific legal departments in various countries to harmonize legal practices spaces for the disabled and for families with young children. and establish unified positions vis-à-vis international retail chains. Centers and cooling equipment in particular are also continuously The Group Legal Department assists operational staff with the monitored for preventing legionella contaminations and bacterial and/ arrangement of specific contracts and generally speaking with any or viral propagation. out-of-the-ordinary requests to ensure that the applicable regulations Identifying incidents in the shopping centers means that proper risk are complied with, irrespective of the country in which the Group is control can be measured. These incidents are reported uniformly operating. across Europe using common incident classification, thereby providing The Group Legal Department is also in charge of arranging greater insight and understanding. An analysis report of all incidents delegations of authority governing the actions of all the Group’s within the Group is sent quarterly to the Executive Board and to all employees. It also ensures compliance with the selection procedures country-specific departments. for the Group’s corporate officers. Finally, as a listed company, Klépierre also has to abide by the rules concerning publications (see Security the Financial Reporting section below), corporate governance (see the first part of this report) and insider trading. To prevent the risk In order to handle security risks, the group has developed a comprehensive of insider trading, Klépierre has adopted a Stock Market Compliance strategy which has been translated into an ambitious three-part Charter governing, among other things, the transactions in its shares, action plan. which is updated regularly. Accordingly, permanent insiders are The first part entailed rapidly adapting the installations to the new authorized to carry out transactions in Klépierre’s shares only during threats that appeared in 2016-2017, by protecting all of the group’s clearly defined periods. Moreover, an Inside Information Committee Shopping Centers from “ram-car” style attacks. was set up in 2017 consisting of the Executive Board members, the Chief Legal Officer and the Group Head of Internal Audit & Control. The second part, expected to extend over 24 months, has been This committee decides whether to classify an information as “inside launched to “toughen” the shopping centers and prepare them to information” or not, to monitor potential inside information not deal with terrorist risks and the possibility of a sudden and brutal classified as such, and to draw up the list of the insiders with respect disruption of public peace. The Group is strengthening sensitive to the information concerned so as to remind them of their obligations. equipment rooms, management offices, security and safety Command Posts, improving video surveillance systems, and is implementing the 1.9.4.6 Security and safety of individuals and assets appropriate procedures for communicating with all lessors on site and for handling a security crisis. The group’s computer-assisted threat The safety and security of individuals and assets across its entire analysis and reporting tools that have proven their effectiveness will property portfolio is a top priority for the Klépierre Group. be rolled out in all countries where the Group is present. In 2017, a software solution was rolled out, with the help of a The third part, supposed to extend over much longer periods, but specialized consultant, to improve knowledge of the Klépierre property which is already producing positive effects, develops a holistic portfolio, as regards building and technical aspects. This solution approach to security where training for the Group’s employees, harmonizes the existing process of technical reviews of assets and close relations at each management level with institutional security improves measurement and benchmarking opportunities. Before and contributors, innovation and technological watch, benchmarking and during its roll-out, 180 staff were trained to use it, 80 of whom during cooperation with the security departments of other groups in different in-person training sessions. industries, participation in the security works of the representative bodies of the profession (CNCC and ICSC), should help to increase the The Group’s Maintenance Department, as part of its partnership with general level of resilience by placing Shopping Centers at the heart of its insurer’s engineering unit, and through audits and prevention plans a genuine “security ecosystem.” prepared across an array of sites annually, defined and rolled out the KLÉPIERRE 2017 REGISTRATION DOCUMENT 35