Sopra Steria - 2020 Universal registration document

2 RISK FACTORS AND INTERNAL CONTROL Risk factors

"% ) $ ) $+ % # " The Covid-19 pandemic has inevitably affected the Group’s risk environment. A number of risks have materialised in one way or another or require increased vigilance. The main impact of the health crisis lies in the downturn in activity for certain sectors or clients that have been hardest hit by the economic situation, such as aerospace and transport. This event also required a certain number of measures to protect employees’ health and safety by rigorously applying government recommendations with the introduction of widespread working from home and observance of health measures at sites, to ensure the continuity of our services to clients, and to adapt the management of operations and implement measures to restructure and reorganise operations where necessary. The impacts of the Covid-19 pandemic observed by the Group in 2020 are described in Section 6.1 (Comments on 2020 performance) of Chapter 1 and in Note 1.3 to the consolidated financial statements (Impact of the Covid-19 crisis on the consolidated financial statements for the period), in Chapter 5.

The Covid-19 pandemic has created considerable uncertainty for Sopra Steria concerning its business environment. These conditions have been taken into account in analysing risk insofar as they may change both the nature of risk and the medium-term assessment thereof. Some risks – already identified before the pandemic – remain a topical issue in order to maintain the resilience of Sopra Steria’s business model, in particular those relating to adapting services to digital transformation, innovation, developing skills and managerial practises and even risk relating to cyberattacks, systems security and data protection. "% ) $ ) . ' )) The risk of a cyberattack is one of the main risks identified by the Group. The detailed presentation below describes the nature of the risk and the procedures put in place by the Group to mitigate the effects (1.3.2 Risks related to operational activities). The impact of the cyberattack suffered by Sopra Steria in 2020 is set out in Section 6.1 (Comments on 2020 performance) of Chapter 1 (pages 29 to 30) and in Note 4.2.3 to the consolidated financial statements (Other operating income and expenses included in Operating profit), in Chapter 5 (page 174).

Detailed presentation of risk factors 1.3.

' ( ( ' ! ) )$ ()' ) . # -) '# ! )$'(

ADAPTATION OF SERVICES TO DIGITAL TRANSFORMATION AND INNOVATION ❙

Risk description The business activities of the Group’s clients are changing and are being transformed as a result of their digital transformation and the emergence of new competitors, new businesses and new organisations. Clients are seeking to become more agile, and to do so they are reinventing their business models, organisational structures and resources. These developments concern all of the Group’s businesses. If the Group is unable to understand, satisfy and anticipate clients’ needs, an unsuitable market positioning and/or difficulties in implementing its strategy could significantly impact its financial performance and image, and ultimately call into question its strategy.

Risk management measures The management of this risk is integrated into the development of the Group’s strategy as well as its effective implementation. Each year, the Group conducts a strategy review and/or update, under the supervision of the Strategy Department, the Chairman and the Chief Executive Officer, with the assistance of the Group’s Executive Committee, covering some or all business lines and markets in which it operates. This exercise, which draws both on external studies and internal feedback from stakeholders in contact with clients, leads the Group to take a certain number of decisions, in particular involving the transformations to be undertaken or the acquisitions strategy. These decisions are applied, on the one hand, by the central functions, responsible in particular for investing on behalf of the entire Group in support of the planned transformations and, on the other hand, by all Group entities (countries and subsidiaries) as part of the updating of their three-year strategic plans. The Group-wide implementation of the transformations initiated by the central functions as well as the progress made on each entity’s strategic plan are monitored on a regular basis by the Chairman, the Chief Executive Officer and the Strategy Department, in liaison with the Group’s Executive Committee.

By way of illustration, the following were subject to additional review and/or monitoring in 2020: the project for all entities and more specifically the transformation p of the “France” business unit (concerning in particular the rollout of updating of information systems); the strategy in the United Kingdom (in particular the p development of service platforms) and the transformation of Sopra Banking Software (digitisation of services, transformation of R&D); the development of Consulting activities within the Group p (particularly in France, under the brand name “Sopra Steria Next”); the strengthening of the Group’s position in its priority vertical p markets; the Group’s industrial policy; p the skills development; p the technological partnership with Axway; p acquisitions. p

37

SOPRA STERIA UNIVERSAL REGISTRATION DOCUMENT 2020

Made with FlippingBook - Online catalogs