HERMÈS - 2018 Registration document

1

Overview of the group

Risk factors

The balance of the geographical portfolio reduces risks related to geo- graphical areas, with results obtained throughout all the Group’s areas and a controlled investment policy.

with Group procedures are carried out periodically by all subsidiaries, in collaboration with the audit and risk management department and with the help of external service providers independent of the Group ISD, where appropriate. Work to further enhance the security of IT systems also entailed conti- nuing to harmonise the different systems in use using a standard ERP system and a single Group accounting system. In the field of IT risk prevention, IT risk mapping is regularly updated and presented to the Audit and Risk Management Committee. The work car- ried out in 2018was focused chiefly on reinforcing the security of central systems, the control of workstations for the Group as a whole, the cen- tralisation of access rights to facilitate their management, the security of internal and external accesses and the protection of confidential data, the protection of cloud applications, the physical security of data centres and the improvement of back-up and fault-tolerance mechanisms for critical systems toensure continuedoperation in theevent of an incident. Intrusion tests via internal, Wi-Fi and external networks were carried out, as were IT disaster simulations, and action plans were formalised. The continuity of IT operations is also tested regularly. The Group also ensures compliance with various standards and regu- lations, for example in the field of payment card data management (PCI‑DSS) and the protection of personal data (GDPR). Description of the risk Hermès Group is committed to respecting the regulations in the coun- tries where it operates. The quality of products sold and their compliance with high safety standards is one of the Group’s priorities. Risk management Hermès products are regularly tested throughout the supply and produc- tion chains. Finished product testing is also conducted by independent laboratories in Europe, Asia and the United States to verify compliance with the world’s most stringent regulations, and to ensure their safety. Monitoring is carried out to analyse the development of regulations before drawing up product specifications. 1.9.1.6 Protecting the health and safety of consumers

Minimising risks to property assets

1.9.1.4

Description of the risk The presence of Hermès Group in the best locations for its distribution activities and the construction of quality buildings, living environments and work tools for its craftsmen and employees are a major challenge for the Group. Risk management The management of the Group’s real estate operations is centralised within the construction development department whichmonitors quality, cost and deadlines. This contributes to the judicious control of critical issues: s s identifying and assessing the viability of locations for distribution and production facilities and administrative offices based on qualitative and technical criteria; s s securing our key locations through a detailed analysis of our rental commitments and associated risks; s s project management (direct or by delegation) of key building projects to ensure that the work is properly carried out; s s supervisinginspectionplansfortheGroup’smainsites,toensurethey conform to construction, safety and fire safety regulations. These ins- pections are supplemented by prevention system reviews carried out by the Group’s insurers. In addition, the construction development department monitors potential risks, notably by formalising property risk mapping for major projects. It also verifies the proper application of the Group’s rules in this area and carries out systematic follow-up of all action plans. Description of the risk Information systems are of prime importance for the proper performance of the Group’s daily operations, whether in relationships with clients, suppliers or employees but also with regards to the processing and sto- rage of Group data. Risk management Hermès’ expenditure on IT systems (capital and operational expendi- tures) is comparablewith that of its peers in the sector. The aim is to bring the technology infrastructure and systems in line with the increasing needs of users and the Group’s métiers, to guarantee good operational performance, to keep IT-related risks under control and to prepare sys- tems for the future, especially for new digital services. The Group’s IT systems department works under an information tech- nology governance charter and has drawn up a corpus of procedures that apply to all Group companies. Audits of IT security and compliance 1.9.1.5 IT risk monitoring and prevention

Recruiting and training employees and craftsmen in the standards of excellence required by the Group

1.9.1.7

Description of the risk The savoir-faire of our craftsmen, and more widely that of our staff form the foundation of our sustainable development. Our uniqueness comes from preserving, enriching and passing on these often exclusive skills in a period of growth for our métiers and our workforce.

38

2018 REGISTRATION DOCUMENT HERMÈS INTERNATIONAL