CoC – Carry out risk assessment of potential areas of corruption 2015 CARRY OUT RISK ASSESSMENT OF POTENTIAL AREAS OF CORRUPTION Italian law 262 of December 28, 2005 for the protection of savings and regulation of the financial markets (“Disposizioni per la tutela del risparmio e la disciplina dei mercati finaziari”) is part of a broad set of measures aimed at guaranteeing the stability of the financial markets and protecting investors. Among other things, as part of the corporate governance of listed companies this law introduces the requirement of a position with responsibility for financial reporting in charge of ensuring the preparation of all company accounts. This provision emphasizes the importance of planning and implementing adequate controls relating to the process of producing company data, especially all activities relating to preparation of the company’s financial statements and—if applicable—consolidated financial statements. When applying Law 262, risk and compliance activities benefit from: Maximum flexibility to respond to changing national regulations and requirements Fewer errors caused by fragmented systems and manual tasks Flexibility in customizing the control model and risk management activities for each organization Full control of all organizational levels through built-in workflow tools Accurate historicizing and documentation of information related to control procedures Full traceability and transparency for all control processes Optional integrated risk management model The Generic Test Plan (‘GTP’) is a tool developed by Datalogic’s Corporate Finance for the purpose of promoting greater consistency in the way that the entities in-scope for 262 law address the key financial statements mis-statement risks identified by Corporate Finance. The objectives of the GTP are: To communicate the key financial risks that exist within DATALOGIC’s main trading and financial reporting processes as well as indicative key controls (both automated and manual) that are typically used to manage or mitigate these risks. These controls are enclosed within both Monitoring and Control Activities and Information & Communication components of the COSO framework (recognized as international framework for the evaluation of the internal control system). To support testing procedures, by including a “Suggested Test Procedure” column in order to properly manage the testing activity. Datalogic Vietnam LLC