QUADIENT - 2019 Universal Registration Document

RISK FACTORS AND INTERNAL CONTROL Risk factors

Risks

Risk management system

Dependence on suppliers

The Group’s main supplier is Hewlett-Packard (HP) for inkjet printing heads and cartridges. HP accounted for 6.1 % of total Group purchases in 2019 and 2018. The top five suppliers and the top ten suppliers respectively account for 18,7 % and 27.6 % of total purchases in 2019 versus 19,9 % and 27,8 % in 2018. The Group works also with OEM vendors. A disruption in supply from any one of these suppliers could significantly affect the Group’s business, despite the contractual clauses in the agreements protecting the Group against such risk.

The Group has put in place alternative solutions in case such an event should actually occur. The Group works with three OEM vendors (tier one suppliers), which assemble entry-level and mid-range machines in Asia. Production is divided between these three tier one suppliers. In the event one of these suppliers should fail, the other two could take over production. Quadient also has a choice of strategic tier two suppliers, and for each of these, a replacement supplier has been selected. In addition, the Group is the owner of all molds, specific tools and industrial design. The Group has put in place alternative solutions for procurement. The Group has not been or very few impacted by COVID-19 crisis for procurement.

LEGAL RISKS

Risks

Risk management system

Low risks New regulations

4

Quadient operates in several regions and in different activities. Some activities are under special regulations. This is the case for Mail-Related Solutions and postal regulations. Other activities are also under specific regulations such as intellectual property and data privacy. The group must be very careful.

The Group legal councel department and its local delegates follow the evolution of regulations. Group projets are launched to adapt the Group’s processes to new regulations such as Sapin II law and GDPR (1) . As of today, the Group is not aware of any governmental, legal or arbitral proceedings likely to have a material impact, or which had over the past 12 months a material impact on the Group’s financial position or profits.

TECHNOLOGICAL RISKS

Risks

Risk management system

High risks Information system and cyber criminality

Quadient past decentralized organization and growth by acquisitions lead to great diversity in terms of information systems. Harmonization of IT insfrastructures, and pallications is part of the "Back to Growth" strategy.

A Chief Digital Officer has been appointed in 2019. His responsability is to align operational processes and IT within the Group. All IT teams report to him. This new team aims to focus on operational processes, cooperate with the management team in order to enforce "Back to Growth" strategy. IT security in terms of infrastructure and application is a key topic.

(1)

General Data Protection Regulation.

85

UNIVERSAL REGISTRATION DOCUMENT 2019