SOMFY // 2022 Annual Report

03 NON-FINANCIAL STATEMENT

Finally, in 2021 SOMFY launched a global cybersecurity awareness and training programme (Cyber 360), aiming to reinforce the awareness of all employees of IT security risks and challenges, and to embed good practices. This programme will continue for several years and will be supplemented with additional content and assessment questionnaires. In 2022, the existing e-learning modules on IT security were completed by 582 additional people.

In addition, IT security has been strengthened: – email and internet access filtering with machine learning and sandboxing technologies; – setting up an outsourced Security Operations Center (SOC) to strengthen the capacity of internal IT security teams; – subscription to a Cyber Threat Intelligence (CTI) service to detect potential information leaks or anticipate potential attacks; – organisational or technical audits, as well as intrusion tests, regularly carried out by accredited and independent third parties on various areas of the information system.

COMBATTING TAX EVASION

The Group notably undertakes to pursue the following actions in its drive for tax transparency and to combat tax evasion: participate in compulsory reporting such as the – Country-by-Country Report for France; –monitor compliance of intragroup transactions with arm’s length principles and OECD actions on taxation base erosion and profit shifting (BEPS).

SOMFY undertakes to observe the spirit and the letter of the law in all countries in which it does business. It wants a frank and transparent relationship with all tax authorities, seeks to clarify all uncertainties and resolve all disputes in due course. It considers that it pays its fair share of taxes in those countries in which it operates.

65

SOMFY – ANNUAL REPORT 2022