Worldline - Registration Document 2016

Corporate and social responsibility report Annex III - Being an ethical and fair good player in business

A.4.1.1.8

[GRI 205-2] Improving awareness [GRI 102-16] and

lists, it is rejected by the BPT. business partner is on any of the main international sanction international laws, regulations and sanctions and in the event a business partners. In addition, Worldline closely complies with the Group CFO and Group General Counsel, for high-risk low-risk business partners, to complex approval processes by ranging from a simple approval process by the Head of Sales for assessment will identify the appropriate validation process, perform the required validation process. The level of risk to perform a risk assessment on business partners, as well as to documents to gather the different items of information needed practice in the area of business partner management. the Group’s Compliance department were revised to reflect best In 2015, the business partner contract templates developed by seek approval from management. similar contribution. When in doubt, an employee is required to disproportionate gift, invitation, hospitality package or any other prevents Worldline employees from accepting or offering any the compliance efforts relating to corruption. The policy In addition, the Worldline contribution policy further enhances rules and procedures to be followed in the event of inspection Worldline also has a “Dawn raids” policy which provides a list of by local authorities. across the entire Atos group. BPT uses a series of questions and automated tool, the Business Partner Tool (BPT), applicable paper-based review and validation process was replaced by an diligence and validation process. In 2015, the former developing and retaining its business are subject to a due consortium partners and consultants assisting Worldline in Worldline’s business partners, including agents, intermediaries, and the Code of Ethics is a key Group priority. As detailed above, non-compliance alerts. management process and the action to be taken in response to the Non-Compliance Response Procedure sets out the Prevention of fraud and non-compliance with Worldline values several key actions: framework more generally, Atos group Compliance will focus on To support this objective, and enhance the compliance manage legal and compliance risks throughout the chain of Redesign Worldline legal risk mapping to better identify and ● global operations; particular by implementing the Global Legal Compliance operations by improving the governance framework, and in Reinforce the compliance culture throughout global ● Board; compliance dashboards and compliance KPIs, permitting each country through the deployment of the country Greater visibility on the strength of the compliance culture in ● compliance culture of the Group; targeted enhancements and trainings to improve the overall in late 2016. Management Systems is expected to be completed by ISO standard related to Anti Bribery and Corruption Benchmarking Worldline compliance with the ISO 37001 ●

respect to Company policies through appropriate dissemination Worldline aims to promote awareness of employees with part of Worldline’s compliance program. of these policies, including through training program, which is In the first instance, Worldline has implemented a thorough personnel representative bodies, which makes the policies’ benefits need to be presented to local management and policies, such as the policy on gifts, entertainment and other deployment plan for its compliance policies: all compliance policies. communication to the employees of the new compliance deployment plan is the launch of mandatory global and local content enforceable within the Group. The next step of this community, called “Legal Compliance Organization”. The communication channel with employees, who can join a specific application of policies. employees to ask questions about compliance and the well as applicable internal rules and policies and to enable objective is to circulate information on compliance matters, as In addition, Worldline’s social network, blueKiwi, is a direct program. Worldline to achieve another step in improving its compliance of specific online training on the Code of Ethics has enabled Concerning awareness, the launch in late 2013 and during 2014 adoption of fair practices on a daily basis. This e-learning training ensures a better understanding of the Code and promotes the This specific training on the principles of the Code of Ethics employees completed it [GRI 205-2]. country and hierarchical level and in 2016, 79% of Worldline is mandatory for all employees, regardless of their job, function, To complement this e-learning module on the Code of Ethics, professional activities relate to the content of the Code. persons considered as “core target” or whose day-to-day specific webinars were organized for top managers and all

A.4.1.2

103-2 Customer Privacy] Data protection [GRI 102-13] and [GRI

A.4.1.2.1

Worldline’s comprehensive data

protection approach. value of personal data used in day to day business is now account or on behalf of its customers. The importance and Every day, Worldline processes personal data for its own employees is managed with a particular attention. obvious. Personal data from both Worldline’s customers and

A

321

Worldline 2016 Registration Document