Worldline - 2020 Universal Registration Document

F

RISK ANALYSIS Risk management activities

The Group operates in a constantly evolving environment and is exposed to risks that, if materialized, may have a material adverse effect on its business, prospects, customers, partners, reputation, financial condition including operating results and cash flows. The Group relies on a continuous process of identification and analysis of risks, their impact and probability of occurrence in order to identify those likely to affect the achievement of its objectives. Risk assessment and management is an integral part of the Group’s operational and strategic management. Risks are assessed and monitored through business lines and functions. Internal Audit, risk management, Compliance, Legal, Insurance, Security and Finance departments can be cited as Functions playing a key role in identifying and controlling the main risks, among other. Risk assessment and management is based on a multi-level organization, which is detailed below. Risks are also appraised through the Internal Control initiatives and Internal Audit assignments (see Section F.5 “Internal Control” of this Universal Registration Document). In addition to integrated process of risk management, dedicated activities are also deployed for transversal internal risk management (see Section F.1 “Risk management activities” of this Universal Registration Document). Risk management activities are closely followed by Executive management through dedicated bodies on a regular basis ( e.g. Risk Management Committee) to review and challenge risks evaluations as well as to ensure a smooth implementation of mitigation measures. Furthermore, this consolidated view is shared with the Group Audit Committee on a quarterly basis, with specfic deep dive when needed. Investors should carefully consider all the information set forth in this Universal Registration Document, including the risk factors set forth in this chapter. Risks described in Sections F.2 are, as of the date of this Universal Registration Document, the risks that the Group believes, should they were to occur, could have a material adverse effect on its business, results of operations, financial condition or prospects. Investors should note that there may be other risks that have not yet been identified as of the date of this Universal Registration Document, or whose occurrence as of the date hereof is not considered likely to have a material adverse effect on the Group’s business, results of operations, reputation, financial condition or prospects. The extra-financial performance analysis assesses on a yearly basis, risks related to the four top areas underlined through the Corporate Responsibility and Sustainability program highlighted in Section D.1.1. This materiality assessment is aligned with the Enterprise risk management exercise described in Section F.1.1. The main extra-financial risks identified are “Building customer trust” ( i.e. Cyber-attack, security of systems and data protection, innovative portfolio; competitors landscape; service delivery quality and business continuity), “Being a Responsible employer” ( i.e. People). Other risks relate to mergers & acquisitions, expansion to new markets, regulatory and legal risks, clients, suppliers, intellectual property, commercial acquiring business, macro-economic changes and country risks and financial risks. Their magnitude varies in terms of impact on the Group’s business or results and/or likelihood to occur. Please refer to the mapping tables in Section F.2 for a description of those risks and the mitigation actions.

Risk management activities F.1

Risk assessment and management is an integral part of the Group’s operational and strategic management and is described in the paragraphs below. In addition to managing the risks embedded in each process, dedicated activities are also deployed for a transversal management of risks.

The risk management organization is consistent with a three-line of defense organization as described in Chapter D.4.2.2 Risk management functions are the second line. These functions provide oversight and provide the tools, systems and guidance necessary to support, challenge and monitor the first line in identifying, managing and monitoring risks.

F.1.1

Enterprise risk management (ERM)

The risk mapping is revised each year under the sponsorship of general management. The selected methodology involves the most senior managers of the Group through workshops and questionnaires, to collect their perception of

the main risks, their relative importance (inherent risk) and mitigation effectiveness (residual risk). This view is also cross-referenced with the inventory of operational risks carried

out on a “bottom-up” basis with all entities.

336

Universal Registration Document 2020

Made with FlippingBook Ebook Creator