Fiscal 2022 Corporate Responsibility Report

Effective risk management

Introduction

Effective risk management

Managing risks lies at the heart of Sodexo’s business. Good risk management drives better business decisions, protects our assets and supports our strategic priorities.

Our Risk Management Approach

Sodexo has put in place a well-defined process for identifying, assessing and managing risks at the appropriate level within the organization, from our colleagues working on-site, to our senior executives looking at strategic risks for their activity (see diagram). Measures to manage the risks identified are implemented at site, country, regional or global level depending on their nature. The progress of those action plans is monitored and reported to senior management on a regular basis.

Operational managers are assisted by transversal support functions who define the procedures and standards and provide tools and processes to help manage risks. Internal Audit carries out an independent assessment of risk management and makes recommendations for improvements. Overall responsibility for the robustness of risk management procedures lies with Sodexo’s Executive Committee, while Sodexo’s Board of Directors and the Audit Committee provide risk oversight, ensuring that procedures are functioning effectively.

1 IDENTIFY

Identify risks that could impact our business objectives

2 ASSESS

Understand the likelihood of the risk occurring and the impact

3 MITIGATE

Develop mitigation actions and controls

4 MONITOR & REPORT

  • Review to ensure that we have the right plans in place
  • Insightful reporting

Main Risks

Each year, a risk profile is established based on the risk assessments senior management performs with regard to the main entities and also in interviews with senior executives. The risks considered to be the most significant for Sodexo as of August 31, 2022 are presented in the table below.

The risk profile has changed this year; the risk associated with staff shortages and resource planning being identified as “high”. The pandemic risk continues to be classified as a medium risk, but is considered lower overall than last year.

CLIENTS/CONSUMERS

  • Client retention: HIGH LEVEL
  • Changing consumer expectations and behaviors: MEDIUM LEVEL
  • Bidding risks: MEDIUM LEVEL
  • Competition: MEDIUM LEVEL

OPERATIONS

  • Client contract execution, including inflation management: HIGH LEVEL
  • Technology and information security: MEDIUM LEVEL

PEOPLE

  • Talent management and development: HIGH LEVEL
  • Staff shortages and resource planning: HIGH LEVEL

CORPORATE RESPONSIBILITY

  • Food, services and workplace safety: MEDIUM LEVEL
  • Environmental impact: MEDIUM LEVEL

EXTERNAL ENVIRONMENT

  • Compliance with laws and regulations: MEDIUM LEVEL
  • Pandemic risks: MEDIUM LEVEL

For more information, see section 6.4 of the Universal Registration Document.