Commitment to Excellence

Risk Management & Compliance


Risk is an integral part of doing business and can be defined as any uncertain event that could threaten the achievement of business objectives and strategies or the Group’s tangible and intangible assets. 

Luxottica is risk adverse towards events that could:

  • negatively affect the safety or well-being of employees, consumers and other stakeholders;
  • lead to breaches of local laws or regulations;
  • endanger the environment; 
  • negatively affect the Group’s reputation.

Identifying and understanding risks allows for informed decision making when actively managing events that could potentially have a negative effect on:

  • cash flow and profitability;
  • strategic business objectives;
  • tangible and intangible assets.

Within this context, the Group’s Risk Management department supports the organization to:

  • manage risks in terms of prevention and mitigation;
  • proactively seize opportunities;
  • disseminate a culture of risk evaluation across the Group decision making process, in particular, in the strategic planning process and significant business decisions;
  • ensure that the Group’s risk exposure is consistent with the Board of Director’s risk appetite and does not exceed its financial and economic capacities given the objective of achieving long-term sustainable performances;
  • assure transparency and adequate information on Luxottica’s risk profile and risk management strategies to top managers, the Board of Directors and other relevant stakeholders

The universe of risks potentially applicable to Luxottica

Risk management objectives

External risks

External factors, which are completely beyond the control of the Group and might have a negative effect on its business and assets

  • Monitor risk factors
  • Measure Group resilience
  • Mitigate the impact in case the risk occurs

Strategic risks

Characteristic of the eyewear industry and/or strictly driven by Luxottica strategic decisions

  • Create awareness during the decision making process
  • Have a risk-reward analysis
  • Consider the cost for risk mitigation and the impact of
  • risks on the Group’s economic and fi nancial targets

Operational risks

Generated by ineffective organizational structure, internal processes and systems

Reduce risks impact and probability through:
  • Continuous improvement of internal control systems
  • Adequate allocation of resources in strategic plan and budget

To meet these goals, in 2011 the Risk Management department launched a proactive, structured and coordinated Enterprise Risk Management (ERM) approach to identify, manage and monitor risks with potential negative impact on the future growth of the Group and its tangible and intangible assets. The approach is integrated in the Company processes, supports strategic and operating decisions and permeates the entire organization. It is also supplemented with specific policies, internal regulations and projects that seek to improve the level of preparation with regard to the identified risk events.

Luxottica’s Enterprise Risk Management is made up of five correlated phases

Risk framework The Group Risk Model defi nes the risks potentially applicable to Luxottica and the methodology used by the Risk Management department
Risk assessment Carried out on a yearly basis, the Risk assessment makes it possible to identify the potential risks to which the Group is exposed, assess their impact and, on the basis of the probability of them occurring, establish action plans
Risk reporting This consists of defi ning a risk mitigation action plan together with the relevant Company representatives and establishing priority action areas with reference to the risks identifi ed during the Risk assessment. A number of Key Risk Indicators (KRI) to monitor can also be established in this phase
Risk treatment Implementation of the approved action plans and risk management strategies
Monitoring The progress of the action plans and the KRIs are periodically monitored in order to guarantee correct and prompt risk mitigation

In line with the principles of the Group’s Corporate Governance, the Board of Directors plays a central role in governing the risk management process. The Board, acting upon the recommendation of the Control and Risk Committee, is responsible for the definition of risk management system guidelines in order to identify, measure, manage and monitor the principal risks impacting the Group and defining risk levels that are compatible with the strategic objectives of the Company. 


Luxottica is actively committed to mitigating ESG (Environmental, Social, Governance) risk events, particularly with regards to social and environmental risks in the areas of health, workplace safety and the environment. The Group is continuously improving its internal control system and equipping itself with policies, procedures and controls aimed at preventing potentially damaging events for the Group’s stakeholders and reputation. As a result, in the 2017 fiscal year, the risks connected with these issues were once again not deemed to be significant.

The Group also structured the Luxottica Responsible Sourcing and Manufacturing program, described further ahead, which involves various Company departments in the ongoing monitoring of social and environmental risks along its supply chain. 


Luxottica’s global dimension requires the constant alignment of the Company’s processes, procedures, conduct and activities with the reference regulatory frameworks and the Group Code of Ethics.

In terms of anti-corruption, the Compliance department oversees the definition of rules to prevent, identify and manage risks connected with corruption in the Group’s businesses, in accordance with the law as well as applicable local and international regulations. 

With specific reference to Italy, on October 27, 2005 the Luxottica Board of Directors adopted the Organization, Management and Control Model, pursuant to Italian Legislative Decree 231/2001, which is designed to prevent the risk of illegal activities being carried out by the Company’s employees and collaborators. Subsequently amended over the years, the Model takes the form of a series of principles and rules of conduct, operating procedures and disciplinary systems designed to prevent the committing of illegal acts and to guarantee the ethical behavior of those that work on the Group’s behalf, with respect for the principles of legitimacy, honesty and transparency. Over the years, the main Italian subsidiaries have also adopted their own Organization, Management and Control Model pursuant to Italian Legislative Decree 231/2001. 

This commitment is also outlined in the Code of Ethics which affirms that “Luxottica openly opposes any corruptive practice designed to obtain undue advantages, with regard both to relations with public authorities and public entities in general, and to relations with private parties”. This declaration is further strengthened by the adoption of company policies and procedures that regulate the areas that could be exposed to corruption crimes.
In 2017 Luxottica launched the “Be transparent and keep it transparent” compliance program dedicated to combating corruption. This program is applied at global level and presents specific rules for the prevention, identification and management of corruption risks in the Group’s sphere of activities. It integrates initiatives already in progress and pre-existing company documents, such as the Code of Ethics, and is based on eight rules that all Group employees must adhere to in their daily activities:

  • conduct transparent business relations with third parties;
  • conduct transparent relations with public authorities; conduct yourself transparently when giving or receiving gifts, hospitality or other benefits;
  • conduct yourself transparently when granting sponsorships or participating in charitable initiatives;
  • conduct yourself transparently with political parties, trade unions and associations; be transparent when declaring small expenses;
  • avoid behavior that involves the payment of sweeteners; be transparent in recruitment decisions. 

The Group also encourages its employees to take part in training courses on specific regulatory compliance issues which are defined year by year according to the needs of participants. In 2017 Luxottica focused on two main areas: privacy and anti-laundering.

The prevention of corruption

Luxottica is part of the network of Transparency International, the biggest global organization for the prevention and combating of corruption, and actively participates in conferences and meetings where it shares best practices in this area. In 2017, the Compliance department presented its anti-corruption program at the OECD in Paris and the American Embassy in Washington DC.

Given the size of the Group in the US, in 2016 and 2017 Luxottica guaranteed training on the “Foreign Corrupt Practices Act (FCPA)25 ” to over 700 employees and third parties (agents, distributors, customers, consultants).

Luxottica has activated a global whistleblowing process for the prompt communication of actual or presumed violations of the current “Anti-bribery & corruption” program or any other related illegal behavior. The internal whistleblowing system utilizes various communication channels, from a dedicated telephone number to specific email and postal addresses.

In addition, Luxottica provides all of its employees in Luxottica Group S.p.A. and in the subsidiaries having an Organization Model pursuant to Italian Legislative Decree 231/2001 with specific training. In 2017 the main international subsidiaries were asked to fill out an Anti-bribery & Corruption questionnaire in order to understand and improve their internal level of organization against corruption. In 2018 the survey will be extended to all other subsidiaries and a global training activity will be launched. In addition, the second edition of the antitrust training program, aimed at around 1,100 new hires and employees from the Wholesale and Retail divisions regarded as relevant for antitrust issues in EMEA and the US, will be organized (the previous edition, held in 2015 and 2016, saw over 1,100 people exclusively from the Wholesale division in the EMEA area take part in an e-learning course). 


With around 9,000 stores in the world, approximately 80% of which are directly operated, and a growing presence in the e-commerce sphere, Luxottica is aware of just how much its customers value their privacy and is committed to guaranteeing maximum levels of transparency in the way it collects, uses, communicates, transfers and memorizes information relating to them. 

In 2017, it dedicated five seminars to the corporate functions on the new European General Data Protection Regulation (GDPR) which was adopted on May 25, 2016 and will be implemented on May 25, 2018. Taking part were the parties that will be affected by the application of the regulation (i.e. the main representatives of the HR, Customer Relationship Management, Retail and E-Commerce departments) in terms of both specific aspects and the most important critical issues.

Awareness raising and information activities for around 5,000 employees are planned for 2018 while targeted training programs will continue for the most exposed functions. 

Anti-money laundering prevention

Luxottica has developed and disseminated at global level a specific policy, the “Anti-money laundering and terrorist financing policy”, which draws inspiration from the FATF (Financial Action Task Force) recommendations and the four EU directives26 issued so far on this topic. The aim is to guarantee respect for all laws and regulations, actively prohibiting and preventing any activity that may be considered or which could facilitate money laundering and/or the financing of terrorist or criminal activities. In 2017 training activities were organized for all of the Group’s wholesale subsidiaries, involving the administrative and/or country managers.



25. The Foreign Corrupt Practices Act (FCPA) aims to prevent the corruption of foreign public officials by American companies for the purposes of obtaining or maintaining business relations

26. Directives 91/308/EEC, 2001/97/EC, 2005/60/EC and 2015/849/EU of the European Parliament and of the Council