Worldline - 2019 Universal Registration Document

EXTRA-FINANCIAL STATEMENT OF PERFORMANCE Ensuring business ethics within our value chain [GRI 102-9] [GRI 103-3 Social compliance]

Thus, Worldline Group has been one of the first providers as from 2010 to be granted authorization for the hosting of based on its own feedback and pragmatic bases. Thus, personal health data. In 2019, several approvals were Worldline renewed in 2019 its authorization and got this new operational through various projects operated by Worldline. certification for the hosting of personal health data (based on The Company also took part in the consultation steps with the new referential of requirement from ASIP). ASIP Santé in order to build a certification reference system

Fight against bribery and corruption [GRI 103-1 Anti-corruption] D.4.3 [GRI 103-1 Socio-economic compliance] [GRI 103-2 Anti-Corruption] [GRI 103-2 Indirect Economic Impacts] [GRI 419-1]

Policies against corruption D.4.3.1 and against fraud in general [GRI 102-17] [GRI 103-2

Worldline SA/NV, the Group's Belgian subsidiary, has an anti-money laundering (AML) policy in place since 2011 (overseen by the local banking regulator). It sets out the general principles of AML, the “Know Your Customer” (KYC) principle as applied at Worldline SA/NV, and the allocation of responsibility between the Sales and Marketing (S&M) and the Customer Services (CS) Divisions. The Group has also developed a Fraud Detection & Reaction (FD&R) application that allows the detection of fraud in near real time based on a data analysis application. Furthermore, the Group’s risk mitigation process has been enhanced with additional features to better manage residual risks, such as geo-blocking, real time blocking, fall back de-activation and back-up systems. Fair competition policies: a policy stipulates the main rules ● of fair competition to adhere to through meetings with potential and known competitors. Worldline treats its customers, suppliers, partners and intermediaries with respect and shall not take unfair advantage nor practice discriminatory conditions. Consequently, Worldline refuses that its employees or third parties when assisting the Company in developing business, take part in an agreement, understanding or concerted practice which would contravene the applicable laws and regulations concerning anti-competitive practices. Anti-bribery and Anti-corruption policy (regarding gifts ● or benefits): To protect Worldline from any disproportionate gift or benefit given or received by a Worldline employee, a policy was implemented in 2013, aiming to screen gifts, invitations and other benefits of which Worldline would be provider or recipient. As participant to the United Nations Global Compact, Worldline subscribes to anti-bribery principles in “all its forms, including extortion and bribery”. The policy has been updated in 2019 and enhances the compliance focus overall including guidelines on forbidding contributions made or received for political purposes which could damage Worldline’s reputation, provision of money, gifts, entertainment or hospitality or anything else to any government of public officials or their close associates. When in doubt, an employee is required to seek approval from the compliance function and his management that can carry out checks in case of identified risk.

Anti-Corruption] [GRI 103-2 Indirect Economic Impacts]

As a signatory of the United Nations Global Compact since 2016, Worldline has implemented several internal policies and processes to prevent compliance risks such as bribery, corruption, violations of competition laws and export control laws, and fraud in general all along its value chain. The following policies are applied throughout the Company. Thanks to these measures, Worldline was not subject to any claims, penalties or major non-monetary sanctions for non-compliance with laws and regulations in 2019. It received no complaints from customers or suppliers related to corruption. To prevent risks, it is based on several policies: Assessment of partners’ ethical behavior: any ● intermediaries, consortium partners or consultants assisting Worldline in developing/retaining its business are screened before the beginning of any business relationship: their behavior and knowledge of ethics are essential criteria that are checked upstream all relationships. Anti-Fraud policy: Worldline kept on relying in 2019 on the ● existing anti-fraud policy that defines roles and responsibilities of the management and support for prevention of fraud. The assets owned by Worldline which consist, in particular, in material such as hardware, or intellectual property rights or financial equity are used only for conducting Worldline business and pursuant to the law and rules defined by the Group. Worldline’s business related fraud risk management: ● Worldline Group, as an issuer processor, has put in place all necessary measures, in accordance with best practices ( e.g. PCI certification) to minimize the risk of data breaches. As a commercial acquirer, the Group must ensure compliance with payment security rules established by the organizations that issue PCI certifications and address money laundering risks. The Group’s Fraud risk management department has implemented various policies and procedures to address these risks. For example,

D

163 Universal Registration Document 2019