Derichebourg // 2020-2021 Universal Registration Document

2

Risk factors and internal control Risk factors

Change ( vs. prev. yr)

Risks

Risk management systems

15. The implementation of the IED directive (Industrial emissions) could require investments to be made, mainly in order to reduce emissions to air from shredders, noise and discharge into water. 16. Financial consequences of unintended non-compliance with employment regulations: the Group employs more than 30,000 employees in labor-intensive service activities. The complex nature of employment management (calculating hours, reductions in contributions, etc.) could lead to significant contribution adjustments despite there being no intention to circumvent the regulations. 17. As the final operator at all of its operating sites, in the event that activities cease, the Group is responsible for rehabilitating the various sites in accordance with an objective to be agreed with local and regional authorities. The Group endeavors to limit the potential consequences of its activity on the environment, in particular through the presence of concrete slabs, but it does not have detailed knowledge of the history of all of the sites it operates. In the event of a cessation of activities, significant sums could be paid out to restore and to clean up certain sites. 18. The European Union is currently considering an in-depth reform of conditions for exporting waste outside the EU. Depending on any new legislation in force at the end of current discussions, the Group may no longer be able to export certain types of waste that it currently exports outside the European Union, which could impact its revenue, profitability and financial position. 19. Some economic players may wish to change the nature of their contractual relations with the Group, retain ownership of the materials entrusted to them, and use the Group as a service provider. 20. The creation of an inflationary price-wage loop, with difficulty in passing on all salary increases to customers.

This regulation will affect all players in the industry. Investments are planned for the 2021-2022 fiscal year with a view to bringing sites that do not already comply with this new regulation into compliance. In the face of increasing complexity, the Group is bringing together payroll functions in shared service centers in order to share expertise.

=

=

The Group’s intention is to continue activity at the vast majority of the sites that it operates. At the few sites where the Group is planning to cease activity, the Group recognizes provisions when it has management plans prepared in accordance with the future state of the site. At September 30, 2021, the amount of the provisions for rehabilitation and decontamination was €9.4 million.

=

Certain products exported by the Group are of a quality level that, under certain conditions, allows them to be “removed” from waste status and obtain product status. The Group is preparing for these regulatory changes by promoting the quality of its ferrous scrap metals and non-ferrous metals, so that it can continue to export outside the European Union. Some contracts already operate in this way. While this type of contractual relationship is less financially attractive during periods of rising prices, it does provide protection in the event of a fall in raw materials prices. As part of the contractualization of commercial relations for the Multiservices division, the introduction of price indexation mechanisms should be considered to anticipate salary inflation. The Group has a reliable IT organization based on duplicating machine rooms, tested failover plans and the regular backup of data. The Group has also taken out cybercrime insurance. Intrusion tests are also carried out by an independent firm, and the teams are regularly made aware of cyber/fraud risks. In addition to all the actions undertaken and detailed above, the Group has decided to carry out an inventory of the internal system to combat cybercrime. This audit will be carried out by a specialized ANSSI-certified firm. The purpose is to be able to identify areas for improvement by incorporating best practices. There is a Multiservices IT department and a Group IT Department. Moreover, no tool is implemented without the agreement of the Group’s General Management.

=

Information technology risks

21. A major IT incident (hardware failure, cybercrime, etc.) could affect the Group’s activities.

22. A failure to digitalize the Group’s key tools and processes could lead to problems of competitiveness and sub-optimal processes. In addition, significant costs could be incurred for the implementation of new, unprofitable and insufficiently secure features.

=

DERICHEBOURG 2020/2021 Universal Registration Document 44