Home - Mobile
€90.670 -1.88 %   19/05/2022 13:20

Risk factors

Managing the Group’s activities includes taking into account the principal risks detailed in the table below. The level of criticality of each of these risks (high, intermediate or moderate) was determined on the basis of its probability of occurrence, the anticipated extent of its adverse impact at Group level and in consideration of risk management procedures already in place so as to show the net impact.

This chapter includes a specific description of the impact of the Covid-19 pandemic, which is also summarised in the table below.

impact of the Covid-19 pandemic
Type of riskDescriptionCriticalityImpacted by Covid-19Trend
Contracting business+
• Before the contract is signedHigh
• After the contract is signedIntermediateYes
Concessions business
• Design phaseIntermediate
• Construction phase Intermediate
• Operating phaseHighYes
Property development businessIntermediateYes
Acquisition and disposal of companiesIntermediate
Contractual relationshipsHigh=
Legal and regulatory complianceIntermediate
Workforce-related and social
Human rightsHigh+
Health, safety and security of employees and subcontractorsHighYes
Attracting and retaining talentModerate
Climate change and increasing scarcity of resourcesHigh+
Environmental quality and presence of contaminantsIntermediate
Business ethics risksModerate=
Financial and economic
Changes in the economic and tax environmentHighYes+
Financial risksIntermediateYes


Impact of Covid-19

Early in 2020, a major public health crisis began to take hold across the world. To limit the spread of the virus, many countries put in place restrictive measures: quarantines, bans on social gatherings, closures of certain businesses and venues to the public, travel restrictions or bans, lockdowns affecting large segments of populations, curfews, etc. These measures were then adapted as the pandemic progressed.

VINCI’s activities were significantly impacted. Against this background, the Group implemented measures to adjust the level of its activities as well as its operating expenses, re-evaluate the phasing of investments and strengthen its financial liquidity.

The pandemic affected the following risk factors:

Operational risks
- Contracting business: construction phase (after the signing of the contract)
During the first wave of the health crisis, the Group’s activity levels in the building and civil engineering sectors were very low in France for nearly two months beginning in mid-March 2020, as lockdowns and administrative and logistical constraints were imposed. In many other countries, on the contrary, activity remained at near-normal levels, although there, too, the situation evolved as measures were implemented by local public health authorities. The situation gradually improved beginning in the second half of April, including in France, thanks to the efforts made by teams to adapt to these new circumstances as well as the health and safety measures put in place. As a result, activity returned to a near-normal level across all VINCI business lines during the second quarter of 2020.
The high level of idle capacity at the height of the crisis, which meant that fixed costs could not be covered during that period, together with the additional costs generated by the infection prevention and control measures put in place at worksites, impacted the operating profitability of the contracting entities. However, some of these additional costs were able to be covered by customers.
In addition, partial support measures introduced by a number of governments, in particular by French authorities, offset a portion of payroll costs.

- Concessions business: operating phase
Traffic levels on VINCI’s motorway networks were impacted by the travel restrictions. In France, VINCI Autoroutes suffered a sharp contraction due to the lockdown imposed in the country on 17 March 2020. It then quickly recovered in two stages when those measures were lifted – partially on 11 May, then fully on 2 June. Over the summer, traffic levels were close to those seen during the same period in 2019. When a new national lockdown was imposed in November 2020, traffic levels once again declined significantly, before recovering at the very end of the year.

Air travel, the first sector to be affected (as early as February 2020 in Asia), was also one of the those hit hardest by the pandemic and the restrictive measures put in place worldwide (quarantines, lockdowns, border closures, commercial flight bans). Passenger numbers were still very low at the end of 2020. How quickly business recovers will depend on factors such as when travel restrictions are lifted, the effectiveness and swiftness of the vaccine campaigns, and the extent of the economic downturn.

In this context, the earnings of the Group’s concession subsidiaries took a direct hit from the decline in revenue they suffered, as their costs are mostly fixed.

- Property
Property operations in France suffered from the pandemic’s impact on worksites, as described above for the Contracting business, and also from the difficulty in obtaining the construction permits necessary to launch operations.

Cyber risks and fraud
The widespread adoption of remote working since the start of the health crisis has increased cyber risks. The increase in the number ofremote connections is a source of vulnerability to malicious actors. Nevertheless, by strengthening its IT security measures, the Grouphas been able to protect its information systems.

Workforce-related and social risks
The unprecedented situation caused by the pandemic prompted VINCI to be more vigilant about health and safety risks for its employees, partners, subcontractors, customers and other stakeholders. The Group worked alongside professional organisations to determine, together with the public authorities, the conditions under which its projects could gradually resume, while protecting the health and safety of everyone on its worksites, which is VINCI’s top priority. The measures implemented to reduce these risks are presented in chapter E, “Workforce-related, social and environmental information”, in paragraphs 1.1.2 (pages 190 to 193), 4.3.2 (pages 247 to 248), 4.3.3 (pages 248 to 252) and 4.4.3 (pages 256 to 260).

Financial and economic risks
The health crisis and the resulting economic crisis have had an unfavourable impact on the financial situation of some of Group’s subsidiaries. Their credit ratings are in danger of being lowered, because this type of exceptional event carries a temporary risk of non-compliance with the covenants of their financing agreements. This has already been the case for London Gatwick Airport, which nevertheless obtained a waiver of its financial covenants in September 2020. This topic is described in greater detail in Note J.25.3 to the consolidated financial statements, page 333.
In addition, in this uncertain context, VINCI is paying particular attention to the impairment tests performed on assets to ensure that their recoverable amount remains higher than their carrying amount.

Risk factors

The risks that may affect VINCI’s performance are identified, assessed and handled at the different organisational levels (holding company, business line, subsidiary), within the framework of VINCI’s decentralised organisation.
Group companies might be subject to risks related to the environmental and social conditions in the areas where they operate. As VINCI is a major participant in the economy, any risk that materialises could tarnish the entire Group’s image.

Operational risks

Depending on its business, each Group company is exposed to specific operational risks, which are prevented, controlled and managed differently.
One of the key elements of VINCI’s risk management system is the existence of risk committees at each level of the organisation, and in particular at the holding company level. These committees examine, at the preliminary phase, all proposals that involve commitments or investments by the business lines exceeding certain thresholds. These thresholds are defined in the general guidelines provided to the various managers of the Group’s entities. The operating procedure for these committees and their composition are described in paragraph 3.4.3, pages 180 to 181.

Business risks

The Group’s Contracting business lines serve a large number of public and private entities in 100 or so countries and operate under fixed-term contracts covering periods of a few weeks to several years.
Performance under these contracts includes a design phase followed by a construction phase, which ends with the handover of the finished project.

Business risks CONTRACTING
Risk identificationRisk management procedures
Before the contract is signed
- Poor evaluation of the country, customer or project
- Errors in design and cost estimates
- Errors in interpreting contract clauses
- Overestimation of available internal resources
- Poor evaluation of subcontracting costs
Possible consequences:
- Organisational, technical, contractual, administrative or regulatory difficulties affecting performance under the contract that could impact lead times, costs, cash flow or quality

- Prior analysis as part of a project selection meeting
- Presentation to the Risk Committee before a bid is submitted (see paragraph 3.4.3, pages 180 to 181), with risk scorecards
- Negotiation with the customer for a balanced sharing of risk
- Assessment of the proper size of the teams in charge
- Taking into account of feedback from previous projects during the design phase
After the contract is signed
- Insufficient preparation time
- Errors in the selection of equipment and methods
- Insufficient or poorly adapted human resources or supplies
- Difficult relationship with the customer
- Unexpected events and obstacles
- Changes imposed by the customer during construction
- Poor contract management
- Cost inflation
- Default of partners (co-contractors, suppliers, subcontractors) or customers
- Customer disagreement on invoicing and the final breakdown of expenses
Possible consequences:
- Organisational, technical, contractual, administrative or regulatory difficultiesaffecting performance under the contract that could impact lead times, costs, cash flow or quality
- Damage caused to third parties
- Damage to the Group’s reputation

- Organisation of worksite preparation
- Specific risk management systems tailored to the business line (Codex at VINCI Energies, Kheops at Eurovia, Orchestra at VINCI Construction)
- Application of price adjustment formulas
- Transfer of risk to subcontractors and suppliers
- Prior selection of robust solutions or equipment to deal with uncertainties
- Discussions with the customer, amicable settlement committees and legal action if necessary
- Payment guarantees, contract clauses
- Insurance policies (see paragraph 3.5, pages 182 to 183)

The risks of a concession contract, whose duration can vary from a few years to several decades, are carefully evaluated before bid submission during the design phase, which is generally much longer than it is in the Contracting business.
The main risks on the operation of concession assets relate to changes in traffic or passenger numbers, the level of toll charges and collection, as well as the operating, maintenance and repair costs set in the concession contract. Traffic levels on motorway concessions are correlated to economic activity and are generally affected by changing fuel prices. Toll increases are determined by set formulas, the main aim of which is to offset the risk of inflation. For airport concessions, passenger numbers may be impacted by a variety of events, including natural events or harsh weather conditions as well as terrorist attacks or threats. Rates are set in accordance with the regulation applicable to the contract, which may or may not make reference to a return on invested capital. In addition, social incidents such as those experienced in late 2018 and early 2019 can hamper concession operation and lead to acts of vandalism. A health crisis such as Covid-19 can also have a very significant impact on traffic levels and passenger numbers due to travel restrictions.
For all concession infrastructure under operation, provisions are taken to cover the cost of renovating installations – particularly motorway road surfaces and airport runways – as well as the cost of building maintenance, based on maintenance expense plans (see Note H.19 to the consolidated financial statements, page 312).

Business risks CONCESSIONS
Risk identificationRisk management procedures
Design phase
- Erroneous business plan
- Poor estimate of required investment
- Difficulties in finalising the financial structure
- Constraints relating to the applicable regulation
- Lack of robustness of the contractual environment
- Poor estimate of environmental impact
- Legal or tax uncertainties
Possible consequences:
- Cost overruns and delays
- Late delivery, project deterioration
- Unprofitable project
- Challenges to contract by the concession grantor
- Damage to the Group’s reputation

- Presentation to the Risk Committee before a bid is submitted
- Transaction structured as a special purpose vehicle (SPV): to limit the Group’s commitments and the amount it invests in the SPV, share capital and control may be shared with one or more partners. In this case, a majority of the financing is comprised of debt with no recourse or only limited recourse to shareholders.
- Some risks may remain with the concession-granting authority, in particular in relation to making land available.
- Recourse to the expertise of the Group’s Contracting business
- Involvement of lenders from the preliminary phase
- Use of outside consultants
Construction phase
- Poor choice of contractor and other companies
- Difficulties or unexpected events during construction
- Disturbances caused by project opponents
Possible consequences:
- Cost overruns and delays
- Penalties
- Late delivery, project deterioration
- Unprofitable project

- Special attention paid to the preparation phase, management of relations with stakeholders Implementation of best practices in line with the Cooperate initiative
- Fixed-price construction contracts based on a back-to-back principle
Operating phase
- Lower-than-expected traffic levels or passenger numbers – Difficulties in concession management with the concession-granting authority, regulatory authorities and/or end users
- Legislative or tax changes
- International sanction(s) against a partner or a country in which the Group operates
- Damage to the infrastructure
- Significant deterioration in financial markets
- Climate change, extreme climate events
Possible consequences:
- Unprofitable project
- Difficulty in refinancing the project at favourable terms
- Unilateral decision by the concession-granting authority to challenge the terms of the contract
- Financial difficulties at airlines
- Infrastructure unavailability that could cause loss of revenue and contractual penalties
- Damage to the Group’s reputation

- In-depth review of the wording of the initial contract and the periodic economic regulation contracts Quality of service to end users
- Strict application of surveillance and maintenance procedures. In France, for example, this relates to the review and implementation of the rules laid down in the set of official documents comprising the technical instructions for the monitoring and maintenance of civil engineering structures (known by its French acronym ITSEOA).
- Analysis of airline credit risk


The Group’s property development activities are exposed to numerous administrative, technical, commercial, tax and economic uncertainties as well as to the potential business failure of partners or subcontractors (builders). The Group’s property operations are carried out essentially in France by VINCI Immobilier. Some VINCI Construction subsidiaries may also participate in property transactions or property development programmes, with a limited assumption of risk. Any commitments exceeding defined thresholds must be authorised in advance by the VINCI Risk Committee. The Group’s policy is to undertake a new project only after it has reached a minimum pre-sale rate.

Business risks PROPERTY
Risk identificationRisk management procedures
- Cyclical business
- Risk of obtaining permits; recourse to third parties
- Poor project and programme definition (number and size of residential units, quality category)
- Poor choice of partner and subcontractor companies
- Deterioration in the financial condition of investors and buyers
- Less favourable lending terms
- Defects in workmanship
Possible consequences:
- Construction permit not obtained
- Overvaluation of land
- Programme not in line with market preferences
- Buyers cannot obtain bank financing
- Lack of demand
- Insufficient occupancy (offices, residential)
- Risk of unsold properties
- Cost overruns, delays or abandonment of certain projects
- Damage to the Group’s reputation
- Presentation to the Risk Committee prior to acquisition of the land and/or launch of property development operations
- Separation into three areas of expertise: residential, business property, property services
- Conditions precedent in land purchase contracts (obtaining building permit, pre-sale percentage, etc.)
- Limiting transactions with no reservations; minimum pre-sale threshold required
- Strengthening controls for assigning and tracking construction work
- Developing a strategy to ensure that no reservations are raised at the handover for quality programmes


Acquisition and disposal of companies

Business risks Acquisition and disposal of companies
Risk identificationRisk management procedures
- The Group’s growth has long been based on a proactive acquisition policy, focusing on companies of all sizes, in all its business lines.
Risks related to these acquisitions:
- Reliability of the financial information provided and the business plan drawn up by the sellers
- Corporate governance continuity
- Potential hidden disputes
- Corporate culture compatibility
- Damage to the Group’s reputation
- Compliance issues
- Proposed acquisitions and disposals are submitted to the VINCI Investment Committee for approval. The largest projects are also submitted to the Strategy and CSR Committee of the Board of Directors (see chapter C, “Report on corporate governance”, paragraph 3.4.2, page 151) and in some cases to VINCI’s Board of Directors (see chapter C, “Report on corporate governance”, paragraph 2, page 134).
- VINCI’s external growth policy is to:
- target companies with which synergies can be created due to their expertise, their market positioning or their geographic location;
- generally, take a majority interest in the share capital of target companies in order to limit risks associated with their integration and to be able to quickly apply the Group’s management principles;
- seek out corporate culture compatibility in order to facilitate the integration of new acquisitions into the Group;
- create value for VINCI shareholders.

Legal risks

Contractual relationships

As a general rule, the Group’s contracts are subject to the laws of the countries in which the projects are executed, supplemented where possible by the arbitration clause of the International Chamber of Commerce, in particular for countries where the legal system might not offer sufficient protection.

As mentioned above in paragraph 2.1, “Operational risks” (see page 171), disputes may arise during the performance of said contracts.Detailed information on the principal disputes and arbitrations in which the Group is involved can be found in Note M to the consolidated financial statements, page 351. These disputes are examined on the date the financial statements are approved and, if necessary, provisions are constituted to cover the estimated risks.

Legal risks Contractual relationships
Risk identificationRisk management procedures
- Different interpretations of new items arising during the performance of the contract
- Change in the contracting authority’s governance
- New jurisprudence
- Misinterpretation of contractual clauses
The Group’s policy is to limit its risk during the proposal phase by seeking to negotiate terms with contracting authorities that:

- pass onto the customer the extra costs and/or additional time stemming from changes implemented at the customer’s request after the contract is signed;
- halt construction in the event of non-payment;
- exclude indirect damages;
- exclude or limit liability relating to existing pollution;
- limit its contractual responsibility for the total project to a reasonable percentage of the contract amount;
- cap delay and performance penalties at an acceptable percentage of the contract amount;
- stipulate contractual provisions allowing for adjustments (price and time schedule) to account for legal, tax or regulatory changes;
- obtain protection via a force majeure clause (against political risk, a unilateral decision of the customer or concession-granting authority, economic upheaval, poor weather conditions) or for early contract termination;
- obtain an international arbitration clause;
- keep an eye on the activation of insurance cover.


Legal and regulatory compliance

Given the diversity of their activities and geographical locations, the Group’s companies operate within specific legal and regulatory environments that vary depending on the place where the service is provided and on the sector involved. Laws in effect in some countries may have an extraterritorial scope that could apply to the Group’s companies.

In particular, Group companies must comply with rules relating to:
- the terms of agreement and performance of public and private sector contracts and orders;
- laws governing construction activities and in particular the applicable technical rules governing the delivery of services, supplies and works;
- environmental law, commercial law, labour law, competition law, and financial and securities law;
- personal data protection;
- duty of vigilance and accident prevention (especially the Sapin 2 and duty of vigilance laws in France).

Legal risks Legal and regulatory compliance
Risk identificationRisk management procedures
With respect to concessions, aside from the legislative, regulatory and tax policy changes that are always possible during such long-term contracts, the Group is dependent on public authorities that may, as is the case in France, have the right to unilaterally alter the terms and conditions of public service, PPP or concession contracts during their execution phase or even terminate the contract itself, subject to compensation.
In the performance of their activities, Group companies could be held civilly or criminally liable and thus suffer the financial or administrative consequences thereof. Similarly, Group executives and employees may be held criminally liable.
A large share of the risks of non-compliance is therefore likely to lie primarily with senior executives and with employees to whom responsibility has been delegated, but may also lie with legal entities. The consequences may be financial (fines) or criminal penalties (conviction and/or being banned from operating).
The main measures relating to legal and regulatory controls are presented in paragraphs 2.3, “Respect for human rights”, page 213, and 2.4, “Business ethics”, page 214, of chapter E, “Workforce-related, social and environmental information”.
The financial risks relating to the potential invoking of the third-party liability of Group companies are covered within certain limits by the insurance policies described in paragraph 2.5, “Insurance cover against risks”, page 182 to 183.

Cyber risks

Protecting VINCI’s informational capital is of major strategic importance, for reasons of competitiveness, trust in the company and data protection. As the Group steps up the digital transformation of its businesses and professional practices, it also continues to strengthen the resources it employs to ensure the security of its information systems and thereby preserve its operating performance.


New collaborative practices have made it possible to work together in a more fluid and efficient manner. But in today’s hyper-connected world, those same technologies have become a source of vulnerability, because they are both essential to the Group’s operational efficiency and exposed to cyberattacks. These attacks can be very diverse and have become increasingly sophisticated.
Major international groups are frequently subject to sometimes massive cyberattacks as well as fraud attempts. This trend picked up considerable speed in 2020, in particular during the widespread lockdowns. These large-scale attacks aim to compromise data integrity or information quality.

Cyber risks Cyberattacks
Risk identificationRisk management procedures
- Cyberattacks: attacks on information systems
- Data leak: loss or disclosure of data
- Cyber spying: eavesdropping or theft of confidential data
Possibles consequences:
- Damage to the Group’s reputation
- Financial loss
- Information system unavailability
- Non-compliance
In 2020, VINCI stepped up the rollout of its overall IT security policy, which defines the roles and responsibilities of all participating individuals:
- Several information system security directives were issued, which specify the mandatory security rules for each subsystem. These rules derive from industry best practices, such as the ISO/IEC 27001 standard (information security management) and the guidelines of the French national agency for information system security (www.ssi.gouv.fr).
- A member of the Group’s Executive Committee was appointed cyber security coordinator; the CIO and the Group’s head of IT security periodically present the cybersecurity measures in place to the Executive Committee.
- CyberSecPlan 2020, the multi-year strategic transformation plan, was rolled out; it will be renewed in partnership with the heads of IT security and the business line representatives.
- A workstation security uniformisation standard was launched and user authentication mechanisms were strengthened.
- VINCI-Cert, the computer emergency response team, was strengthened; this team’s role is to identify threats to information systems and those systems’ vulnerabilities, as well as to bring its expertise to bear in the event of a cyberattack.
- The Group also continued its efforts to raise awareness among all information system users.
- It carried out intrusion tests on all critical infrastructure.



Cyber risks Fraud
Risk identificationRisk management procedures
Fraud: intentional act by an employee or a third party aimed at embezzling Group assets

The systems of a group as decentralised and diversified as VINCI are exposed to the risk of both internal and external fraud, especially as regards payment systems. Attempts at fraud generally target the individuals involved in external payment processes.
Possibles consequences:
- Financial loss
- Damage to the Group’s reputation
External fraud prevention involves several Finance Department, Security Department and Information Systems Department units. The core system includes reporting via an online platform or email to a dedicated address, enabling central services to react immediately and facilitating analysis of fraud attempts. Specific information and recommendations are distributed to CFOs and anti-fraud coordinators. In 2020, as soon as the first lockdown was imposed, the fundamental rules of IT security with regard to remote working were communicated to them.

The Group’s Finance Department, in conjunction with the Security Department and the Information Systems Department, has developed a set of fraud prevention measures available on the Group’s intranet. These include instructions specifying correct conduct in the event of suspicion, guidelines concerning means of payment, and awareness-raising measures to be taken in regard to the key personnel faced with this kind of situation.

Internal fraud prevention is based on the Code of Ethics and Conduct as well as on specific training or awareness initiatives. It is described in chapter E, “Workforce-related, social and environmental information”, page 214.

Workforce-related and social risks

The Group’s workforce-related and social risks are set out in full in which reports on the duty of vigilance planThe information provided in this section includes both the effects of VINCI’s activities on workforce-related and social issues and, vice versa, the impact of those issues on the Group’s risks.

Group companies are subject to risks related to the working conditions of their employees. They must also deal with the significant impact they have on the stakeholders and residents of the territories in which they are active. These workforce-related and social risks are taken into account at every stage of the project and are analysed far upstream so as to identify local issues and the expectations of stakeholders, including employees and their representatives. Appropriate measures are implemented as a result of this analysis. Similar analyses are carried out regularly throughout the life of each project.

Human rights

VINCI companies have strong roots in the regions where they operate; these areas have very different labour standards. The companies must also meet international standards of human rights: the Global Compact, which VINCI signed in 2003, the UN Guiding Principles on Business and Human Rights and the eight fundamental ILO conventions.

Group companies ensure that they uphold human rights in their operations and place great importance on their employees’ working conditions and those of their subcontractors. They remain exposed to allegations brought or controversies raised by human rights organisations, local communities and residents, international organisations or financial institutions. These can affect the Group’s image.

Workforce-related and social risks Human rights
Risk identificationRisk management procedures
- Risks inherent to the nature of the construction business: labour-intensive, cyclical character and multiplicity of participants in the value chain (subcontractors, temporary staff)
- Lack of personnel training and/or clear guidelines, non-compliance with Group rules
Possible consequences:
- Deterioration in relationships with stakeholders
- Legal proceedings and potential conflicts with employee representative bodies, human rights organisations and other NGOs
- Lack of credit with investors and international organisations
- Damage to the Group’s reputation
- Developing and disseminating VINCI’s Guide on Human Rights, identifying Group-level risks and the related guidelines in favour of human rights
- Identifying potential sources of project controversy and risks incurred in the region
- Implementing the appropriate legal, management and coordination tools (clauses for subcontractors, election of employee representatives, dialogue with local communities, etc.)
- Evaluating human rights in subsidiaries
- Implementing training and raising awareness among managers and their team members
- Taking part in sectoral and collaborative human rights initiatives


Health, safety and security of employees and subcontractors

Health and Safety
Employees of VINCI companies and subcontracting companies are required to work on the often complex projects and operations that the Group carries out. This can threaten their health, safety, hygiene and the quality of their life at work. The health and safety coordinators of the Group’s business lines have identified several major risks.
In case of accident or near miss, the affected company’s business can be slowed considerably, and appropriate corrective measures must be implemented before it can be restarted.

Given the large number of countries where the Group operates, some activities may be affected by various forms of social and political instability (terrorism, armed conflict, embargo, seizure of bank accounts or equipment, etc.), as well as malicious acts such as vandalism and theft on construction sites, or criminal acts such as physical attacks or kidnapping.

Santé-sécurité et sûreté des salariés et sous-traitants
Risk identificationRisk management procedures
Health and safety
Given the complexity and increasing constraints imposed on worksites, the major identified risks are related to:
- moving objects (equipment, vehicles);
- falling objects;
- working at height;
- electrical equipment;
- handheld mechanical tools;
- traffic risks;
- health crises (epidemics or pandemics).
Possible consequences:
- Deterioration in health and safety conditions for employees and subcontractors
- Longer lead times due to work stoppages and business operating losses
- Damage to the Group’s reputation

Analysing risks as far upstream as possible and at the start of operations
- Supplying appropriate personal protective equipment
- Implementing prevention and operating procedures deriving from the evaluation of risks (markers, guardrails, stairways, etc.)
- Performing dedicated audits and obtaining certifications (OHSAS, ISO 45001)
- Organising training and awareness-raising events
- Implementing reporting tools, in particular digital tools
- Creating partnerships with outside organisations such as France’s Institute for an Industrial Safety Culture (ICSI)
- Including dedicated clauses in contracts with subcontractors
- Implementing remote working solutions for employees whose physical presence is not required
- Adhering to public health guidelines implemented by local authorities, such as the guide put out by the French Professional Agency for Risk Prevention in Building and Civil Engineering (OPPBTP)
The local geopolitical context is linked to the economic, social and political issues present in the region, influencing the security conditions of employees and subcontractors.
Possible consequences:
- Deterioration in security conditions for employees
- Threat to business continuity with potential contractual consequences

- Constant surveillance of geopolitical and security-related issues and dissemination of information about evolving risks to Group companies and projects
- Providing drivers in high-risk areas
- Specific recommendations for protection of people and property
- Awareness programmes for travelling employees and expatriates
- Audits and special protection plans
- Crisis management measures
- Dialogue with customers about terms of partial or full shutdown of activity


Attracting and retaining talent

It is essential for the Group to be able to attract and retain talent. Worksite activity changes very quickly, and companies that have specialised skills and expertise have a competitive advantage in responding to calls for tender.

Attracting and retaining talent
Risk identificationRisk management procedures
- Unattractive Group businesses; little awareness of the employer brand associated with Group companies
- Lack of inducement and professional advancement
Possible consequences:
- Difficulty in retaining qualified employees trained in the Group’s specific business lines
- Difficulty in responding to project needs
- Project delays or cancellations
- Damage to the Group’s reputation in the event of deficient work quality due to a lack of proper skills
- Improvement of the skills of Group employees according to a human capital development cycle (training and development objectives in the annual performance review)
- Implementing a training programme for every employee
- Creating programmes that foster internal job mobility
- Forging local partnerships with economic, social, institutional, academic and non-profit entities
- Developing the skills of locally recruited employees, especially those hired under programmes to help people integrate the workforce
- Promoting diversity among employees by combating discrimination in Group companies
- Employee profit-sharing (Group level)
- Encouraging community outreach among Group employees

Environmental risks

Group companies might be subject to risks related to the environmental conditions in the projects and regions where they operate, in particular risks related to climate change and the potential contamination of natural environments.
These risks are analysed during the tendering phase with respect to the human, technical, financial and legal issues they represent. Solutions are devised and scaled with the development teams so as to take environmental risks into account as far upstream as possible. VINCI analyses the environmental protection needs of the region concerned. If necessary, VINCI supplements this analysis through consultation with local stakeholders and regularly re-evaluates the risks depending on how business activities evolve. VINCI then implements the technical and organisational solutions it can to reduce these risks to a minimum. Environmental risks are also evaluated with the insurance companies so as to adapt contracts to the projects’ residual risks.
How these risks are taken into consideration changes over the course of a project’s life, including during the infrastructure’s operation phase. The cost of reconstruction following major weather events may be partly covered by insurance companies. Environmental risks go beyond economic aspects and extend to VINCI’s image and reputation, as operations can suffer long-term consequences if a risk event occurs. Taking a longer-term view, regulatory changes, as well as the development of the market and certain technologies, can constitute ecological transition risk factors.
The environmental risks related to the Group’s activities and their potential consequences on the environment are detailed at greater length in the non-financial performance statement, presented in chapter E, “Workforce-related, social and environmental information”, pages 216 to 243.

Climate change and increasing scarcity of resources

Climate change has made extreme climate events more frequent and more severe, making environmental risks more significant for the Group’s activities. These risks include:
• “storms”, a general term that includes weather events causing high winds and precipitation (rain, snow and hail);
•wide variations in temperature (heat or cold waves);
•flooding, from rivers overflowing their banks, run-off from heavy precipitation, or rising sea levels, which can cause landslides and exacerbate erosion;
•rockslides or other ground movements, such as the expansion and contraction of clay, which can affect buildings and infrastructure.

At the same time that the natural climate balance is changing, certain raw materials (minerals, rare metals, fossil fuels) are becoming more scarce, and regions subject to water stress are expanding. The Group’s activities depend on the availability of these resources. Their increasing scarcity has a direct impact on the Group’s ability to obtain the materials it needs for its projects and concessions.

Climate change and increasing scarcity of resources
Risk identificationRisk management procedures
- Increasing scarcity of resources, expansion of areas of water stress
- Extreme weather events
Possible consequences:
- Damage to installations and equipment
- Deterioration in health and safety conditions for employees
- Financial impact resulting from increased expenses necessary to maintain or repair damaged infrastructure and equipment, operating losses and construction delays
- Financial impact resulting from possible increases in the cost of certain materials
- Impact on the Group’s image and reputation in the event of deficient quality of service, such as substandard work or missed delivery deadlines
- Loss of business, or of projects’ financial profitability, as a result of regulatory ormarket changes
Prior identification of the risks affecting the specific area and implementation of technical facilities to mitigate extreme weather events (cofferdams, pumps, retention basins, cooling equipment, etc.)
- Establishing a business continuity plan (BCP) for certain concession assets (e.g. airports)
- Emergency procedures, in cooperation with local actors, to respond to extreme climate events (inclement weather work stoppages for employees, equipment removal, etc.) and cooperation with local officials to implement appropriate emergency and work resumption measures Managing unplanned events with the appropriate insurance company departments
- Implementing ecologically designed solutions to reduce the use of certain raw materials and to reuse or recycle construction materials after demolition in a circular economy approach
- Identifying project sites in areas of water stress so as to adapt construction and operation methods
- Reducing water consumption and development of solutions to reuse water at certain sites
- Adapting processes and technology watch


Environmental quality and presence of contaminants

The risk of working on a deteriorated or polluted parcel of land is substantial in the urban environment, where past industrial installations may have had a negative impact on soil quality and functions or other aspects of the natural environment. If it is impossible to determine who caused the deterioration, the developer is often responsible for site remediation so as to ensure the durability of the new buildings and infrastructure. Filling in old quarries, decontaminating soil and treating waste are activities that entail significant cost and extend the lead times of certain worksites and development projects. In addition, before recycling or treating materials, it is necessary to check that there are no contaminants, including invasive plant species.

Environmental quality and presence of contaminants
Risk identificationRisk management procedures
Risk of working on a deteriorated or polluted parcel of land
Possible consequences:
- Financial impact resulting from increased expenses necessary to remediate sites and from construction delays
- Deterioration in health and safety conditions for employees
- Impact on the Group’s image and reputation in the event of deficient quality of service, such as substandard work or missed delivery deadlines
- Identifying polluted and degraded land and estimating treatment costs
- Managing unplanned events with the appropriate insurance company departments
- Protecting employees working on land exposed to risks
- Implementing techniques and procedures to decontaminate and reprocess polluted or degraded components

Business ethics risks

Group companies work autonomously in an international environment with a multitude of stakeholders who participate in or are impacted by the Group’s operations: project managers and their representatives, concession-granting authorities, regulatory authorities, contractors, architects, design offices, joint contractors, subcontractors, suppliers (including local suppliers of concrete, aggregates and water, etc.), service providers (inspectors, transporters, freight forwarders, charterers, insurers, bankers, etc.), local residents, communities, users, etc.

Moreover, the Group’s international expansion, in particular through acquisitions, accentuates the risk of exposure to internal or external fraud, to infringements of the Group’s ethical principles or of regulations, in particular with regard to corruption. If such infringements were committed, VINCI would be subject to fines, exclusion from public contracts, remedial action or contract termination. Such infringements would also tarnish the Group’s image, erode the trust of investors, customers and partners, tarnish its reputation, and reduce its ability to respond to calls for tender.

Business ethics risks
Risk identificationRisk management procedures
- Infringement of the Group’s ethical principles
- Infringement of anti-corruption regulations
- Infringement of competition rules
Possible consequences:
- Fines
- Exclusion from public contracts
- Remedial action or contract termination
- Damage to the Group’s image or reputation
- Difficulty in responding to calls for tender
- Erosion in the trust of investors, customers or partners
- Strong commitment of management at the highest level
- Broad distribution of two reference documents within the Group:
• the Code of Ethics and Conduct, which sets out the rules and the conduct incum-bent upon all of the Group’s companies and employees;
• the Anti-corruption Code of Conduct, detailing the Group’s rules for preventing corruption.
- Structured corporate governance: the seven-member Ethics and Vigilance Committee (of whom five are members of the Executive Committee) supervises the deployment of compliance procedures covered by the Code of Ethics and Conduct as well as all subsequent updates to these procedures, in particular with regard to the following areas:
• preventing corruption;
• preventing serious violations of human rights and fundamental freedoms, harm to human health and safety, or damage to the environment resulting from Group activities;
• ensuring procedures are deployed in the business lines through a network of ethics coordinators:
- the Ethics and Compliance Club, which includes the Ethics and Vigilance Director, the Chief Audit Officer, as well as several representatives of the business lines and divisions, keeps close tabs on ethics-related legislation and promotes best practices;
- the GDPR Coordinators Club, which supports the business lines and ensures the Group complies with Regulation (EU) 2016/679 on data protection (GDPR).
- Training programmes and information sessions to aid in the detection and prevention of corruption
- Multicriteria evaluation of third parties (customers, suppliers, subcontractors, service providers) through questionnaires, due diligence and quality audits
- Whistleblowing system: the VINCI Integrity online platform for reporting serious infringements of the Group’s rules and commitments
VINCI’s internal system for managing ethical risks is described in paragraph 2.4, “Business ethics”, of chapter E, “Workforce-related, social and environmental information”, page 219.

Financial and economic risks

Changes in the economic and tax environment

Financial and economic risks Changes in the economic and tax environment
Risk identificationRisk management procedures
Political uncertainty, changes in commodity prices and slowing economic growth could lead to a worsening of conditions on markets where VINCI operates. This could weaken demand and heighten competition.

In addition, harsher tax provisions in countries exposed to rising government debt levels are putting further pressure on the profit margins of Group companies. Given the uncertainty about the future course of tax provisions, their impact cannot always be incorporated into proposals made to customers, or into external growth transactions.
- Diversification of the Group’s business lines
- Geographical diversification of the Group’s activities

Financial risks

Financial and economic risks Financial risks
Risk identificationRisk management procedures
Risk of credit rating downgrades
VINCI enjoys investment grade ratings granted by two rating agencies, Standard & Poor’s and Moody’s.
These ratings give the Group access to the financial markets at favourable terms and enable it to secure long-term resources to meet its investment needs. Credit ratings may be downgraded by the agencies as a result of events materially affecting VINCI’s financial condition, a significant change in its business profile, or a change in the agencies’ methodologies. The Group’s financing terms could become dearer as a result and its access to the financial markets more difficult.
- Counterparty risk stemming from contracts and financial instruments contracted with banks and other financial institutions, should the debtor be unable to honour all or part of its commitment.
- Risk of a breach of the financial covenants included in certain financing agreements, which could trigger early repayment clauses.
- Monitoring procedure for financial ratios (both actual and projected) tracked by the agencies and contributing to the determination of the rating. Regular dialogue with agency analysts and tracking of any agency methodology changes that might have an impact on the Group’s rating.
When the Group is considering a major acquisition, it performs financial projections to simulate the acquisition’s impact on its financial structure. For the most significant acquisitions, these simulations are presented to the rating agencies so as to obtain their preliminary opinion on the potential impact of proposed transactions on the Group’s rating.
- The Group has a reporting system for tracking financial covenants. If necessary, the Group negotiates with lenders to prevent a potential event of default triggered by non-compliance with covenants.
- The management of financial risks is detailed in Note J.27 to the consolidated financial statements, page 335.
Last updated: 14/06/2021