WORLDLINE_REGISTRATION_DOCUMENT_2017

D

Corporate Social Responsibility report Being an ethical and fair player in business

D.4.1.1.5

Risk assessment andmapping process

Fair competition policies : a roundtable policy stipulates the main rules of fair competition to adhere to through meetings with potential and known competitors. An Export Control policy also explains the main principles and prohibitions related to Export Control Regulations, and provides clear processes to mitigate risks. Thanks to these measures, the Group was not subject to any penalties or any major non-monetary sanctions for non-compliance with laws and regulations in 2017. It received no complaints from customers or suppliers related to corruption. Worldline contribution policy regarding gifts or benefits : To protect Worldline from any disproportionate gift or benefit given or received by a Worldline employee, a policy was implemented in 2013, aiming to screen gifts, invitations and other benefits of which Worldline is provider or recipient. This policy further enhances the compliance efforts relating to corruption and prevents Worldline employees from accepting or offering any disproportionate gift, invitation, hospitality package or any other similar contribution. When in doubt, an employee is required to seek approval from management that can carry out checks in case of identified risk. D.4.1.1.4 The Company's Code of Ethics, based on the Atos group’s Code of Ethics, was approved by Worldline Board of Directors. This Code of Ethics has been included in every employee's employment contract since January 1, 2011. It demonstrates promotion of ethical excellence at the highest level of Worldline Group, through values and by establishing ethical practices as the backbone of the Group's corporate strategy: responsibility, trust, sustainable competitiveness, service quality and listening to customers, innovation, well-being at work and excellence. The Code of Ethics enhances the role of the compliance function in providing leadership and guidance to global operations, to protect the Worldline brand and to ensure sustainable business. Additionally, the Code of Ethics introduces the right of any Group employee to disclose behaviors or actions deemed inconsistent with the values and principles of the Code of Ethics. The Code of Ethics was initially rolled out across all global operations in early 2016. Strong involvement by the Human Resources department has ensured a consistent and thorough implementation, particularly in countries requiring representatives of employee councils to be involved, such as several European countries. Additionally, the Legal department of each country reviewed the content of the Code of Ethics to ensure alignment with local laws and regulations. Consequently, certain countries have adopted a slightly modified Code of Ethics, particularly with respect to issues carrying legal implications, such as national whistleblowing systems. The deployment of the new Code of Ethics has continued throughout 2017, notably with its deployment in the new entities in the Baltic countries. The Code of Ethics

[GRI 205-1] Atos has put in place a Legal and Compliance risk management process, which was fully integrated with Enterprise risk management function in 2016. This risk management exercise consists in evaluation of a series of legal risks (i.e. risks with a legal cause) by members of the Atos Legal, Compliance and Contract management department and relevant non-legal stakeholders (Human Resources, IT, security) that allows Atos entities to implement adequate remediation actions where necessary as well understand how the risks identified are perceived within the organization. As integrated with Atos Enterprise risk management, the results of the Legal risk management exercise are presented to the Group’s Audit Committee, with a clear mapping of the legal risks of the Group. In 2017, to fit with new requirements of French “Sapin 2” law, Worldline, under the initiative of Atos Compliance department, created a specific Compliance Risk Mapping leading to a Compliance Risk Heatmap allowing Compliance Officers to identify clearly the main compliance risks within their areas of responsibility and related mitigation actions to be put in place. In addition, the review of core compliance issues in assessing business opportunities is an important part of the overall risk assessment framework. The compliance review process of transactions is well established within Atos, similar to the review systems for credit, commercial and legal risks, through the Rainbow Process, which sets out defined steps and escalation procedures [GRI 205-1]. In 2017, Atos decided to reinforce Atos group’s country compliance approach within the business opportunities. In September 2017, the global compliance department has combined a multi-disciplinary body composed of legal and compliance, finance, security, insurance, rainbow, and internal risks to set up monitoring of Atos’ operations in 124 countries identified as representing a compliance risk. Atos’ operation in those rated countries will be closely monitored.

132

Worldline 2017 Registration Document