Under the supervision of the Audit and Risks Committee, the Group regularly identifies and analyzes some 200 risks that could potentially have a negative effect on its operations or reputation. Meticulously mapped out based on their financial impact and the probability of their occurring, they are divided into five broad categories :
- Financial risks (such as currency fluctuations, client default)
- Legal risks (such as change in local laws and regulations adversely affecting the Group’s solutions)
- Information systems and cybercrime risks (such as cyberattack, personal data protection)
- Group strategy and competitive environment risks (such as presence of competitors, acquisition strategy)
- Operational risks (such as business continuity, voucher fraud)
The CSR Department conducts a supplemental review of non-financial risks based on international standards and external benchmarks. The impact of the non-financial risks is assessed using the Group’s risk mapping methodology, taking into account the views of stakeholders. Priority risks are those that relate directly to the priority challenges defined in the materiality assessment.
The Group addresses these risks with specific actions plans and monitoring procedures. In 2020, these plans were adapted to local circumstances arising from the Covid-19 epidemic :
- Business continuity, thanks to faster digitalization of solutions. In addition, the deployment of digital tools and preliminary crash tests made it possible to set up an efficient remote working system for nearly 95% of the workforce at the height of the health crisis;
- Inclusion of a higher risk of client defaults in the forecasts for certain regions strongly affected by the economic crisis;
- A mitigation of the risk of fake vouchers or the fraudulent use of vouchers, thanks to the use of digital media and fraud prevention and detection mechanisms.