Worldline - Registration Document 2016

A

Corporate and social responsibility report Annex III - Building client’s trust with fully available and secured platforms and reinforcing value for clients

enhancing in 3 areas: The client engagement and customer experience is continually Strategy; ● Governance; ● Employee’s awareness. ● Strategy Since 2014, Worldline has achieved the harmonization of the geographies. customer satisfaction process that provides standard and benchmarked KPIs for its business lines across all its During 2015, additional measures were implemented to increase the overall maturity of the customer satisfaction process, and to satisfaction process performance featuring an Overall Customer Satisfaction metric of 7.67 by the end of 2016 [GRI 102-44]. ensure its end to end execution. These sustained efforts resulted in a significant improvement of the Worldline customer The challenge for the coming years will consist in putting Customer perspective in everything we do in order to achieve TRUST 2020 ambitions linked to Customer Satisfaction. Worldline has committed to achieve an Overall Customer Satisfaction metric of above 8 by 2020. Looking at the 2015 results we notice a positive trend towards the achievement of that goal. During the period of 2014 to end 2016 Worldline has been focusing on addressing problems and issues of its security of Worldline’s internal and external (i.e. “Customer related”) business processes. This process applies to all staff, contractors and consultants throughout the Worldline organization. Security and Safety policies, standards and guidelines. Worldline security policies are mandatory and binding for all Worldline Worldline’s security organization has defined a set of 78 Global entities and employees in order to guarantee the safety and the Worldline’s Safety and Security policies encompass the protection of all Worldline’s assets, whether owned, used or held in custody by Worldline (information, intellectual property, sites, network, personnel, software and hardware). In order to meet the business specificities, Worldline has developed since 2009, a comprehensive set of information variations for more clarity or specific local constraints. Those policies are aligned with the Worldline Group Safety and security policies and standards that can include some local Security policies and are compliant with the ISO 27001:2013 standard. A Security Policies Governance is in place to define, support the implementation and maintain those policies. information, including, but not limited to, the use of confidential In addition, Worldline has implemented measures and policies to protect its intellectual property assets and confidential agreements, encryption and logical and physical protection of A.2.1.3 Security [GRI 418-1] A.2.1.3.1 Worldline’s comprehensive asset protection approach

customers. The objective for the coming years will consist in promoting a more proactive approach to better anticipate the expectations of our customers not only in terms of quality of delivery but also value for money and innovation.

Governance andmonitoring of action plans

members. CSAT performance indicators are linked with management bonus scheme. These good governance monthly basis during the dedicated meetings and is communicated to Worldline’s Management Committee achievement of process targets. The implementation of improvement actions is measured, reported and reviewed on a around Customer Satisfaction process to ensure the measures ensure that the right level of management time and attention is given to the process. Worldline has implemented a set of governance measures Employees’ awareness A dedicated training has been designed to enhance customer experience across the Company. Besides the customer experience training, regular awareness sessions are organized globally to drive the necessary behaviors value and manage the relationship with customers to become a true partnership. – importance of understanding the clients’ business needs and pro-actively adapt Worldline’s solutions and services, maximize Compliance department advises on all commercial transactions to ensure that appropriate provisions are included in its information where required. Furthermore, Worldline Legal & applicable laws. contracts with customers and suppliers and that confidential matters are appropriately dealt with and in compliance with Worldline certified successfully 22 of its 23 eligible sites. program with Atos group to clearly state that Worldline is engaged in a continuous security improvement process. In 2016 Worldline is also engaged in an ISO 27001 multisite certification awareness. In 2016, 90% of Worldline’s employees have attended “Security & Safety” mandatory e-learning courses in order to develop their In addition to it, Worldline’s Security department organized in 2016, 3 special awareness events at local and global level to provide its employees with a more concrete view on cyber and physical threats that they can face, through concrete examples and practical prevention actions. penetration tests, reviews of access rights, intrusion detection systems including DDoS mitigation systems, and monitoring anomalies (weekly security watch analysis, monthly monitoring of firewall configurations, weekly vulnerability scans, yearly In addition to these high-level indicators, technical monitoring and reporting are in place to act proactively on security and logging of system events). All these measures are part of the Worldline security framework. Security Key Performance Indicators and reporting

Building client’s trust with a robust and proved IT system

286

Worldline 2016 Registration Document