Hermès // 2022 CSR EXTRACT

RISK FACTORS AND MANAGEMENT RISK FACTORS

Intrusion tests on internal, Wi‑Fi and external networks were carried out, as well as IT disaster simulations, and corresponding action plans were formalised. The continuity of IT operations is also tested regularly. Crisis simulation exercises are carried out annually and are followed by feedback and action plans. In addition to the information systems department, they involve various Group departments (internal communication department, financial communication and investor relations department, insurance department, audit and risk management department, legal compliance department and the Data Protection Officer, etc.) as well as a member of the Group Executive Committee. Furthermore, the Group ensures that it complies with the various standards and regulations applicable to the protection of personal data (in particular GDPR, the Group's standard in terms of personal data) and payment card data (PCI‑DSS). Compliance with the GDPR standard is ensured by a global governance made up of relays (Group and local) and assessed regularly through internal controls and external audits. In 2022, the Group’s personal data protection standard was audited by an external firm on various topics, in particular related to data governance and the processing of customer, employee and third‑party data. The information systems department accordingly works with other departments to reduce the risks of damage to information systems and its impacts in the event such risks were to materialise.

MAJOR EXTERNAL CRISIS ӳ

4.1.1.4

DESCRIPTION OF THE RISK ◆

POTENTIAL IMPACTS ON THE GROUP ◆

The Group is exposed to economic, political, social and health developments in the many countries in which it operates.

Geopolitical, economic or social tensions as well as a pandemic situation could have an impact on sales. The consequences would be even more unfavourable in areas where the Group has a significant presence, particularly in Asia.

IMPACT PROBABILITÉ

4

The breakdown of the Group’s revenue by geographical area is presented in chapter 1 “Presentation of the Group and its results”, §1.7.

RISK MANAGEMENT ◆

Hermès holds a unique position in the luxury market. Its broad portfolio of products reduces the risk of dependence on any particular range, while its distribution is well balanced geographically. The Group operates 300 exclusive stores under the Hermès banner, including 222 branches that generate over 91% of revenue. In addition, the Group is continuing to develop its online sales activity with the successive deployment of e‑commerce platforms in its distribution subsidiaries. Some Hermès products are also distributed via a network of multi‑brand points of sale carefully selected on the basis of qualitative and/or quantitative criteria. This distribution method concerns in particular perfumes, watches and certain products from the Home universe. Lastly, the Group also owns other brands that distribute their products directly or through their own selective network. Details of these brands are described in §1.4.1. In addition, there is little exposure of sales to seasonality. The policy of opening new points of sale is prudent and aims to spread the risks over several geographical areas. In this respect, the acceleration of the development of the Americas region aims in particular to reduce the weight of Asia in the Group’s sales. In addition, a crisis management system is in place. It has ensured the continuity of activities since early 2020 in the context of the Covid‑19 pandemic, still very present in Asia in 2022. This system was also implemented in 2022 during the suspension of activities in Russia (§4.3.4 on crisis management).

● Strategy and operations ● Industry

● CSR

● Regulatory compliance

● Finance

2022 UNIVERSAL REGISTRATION DOCUMENT HERMÈS INTERNATIONAL EXTRACT FROM 2022 UNIVERSAL REGISTRATION DOCUMENT HERMÈS INTERNATIONAL

371