Universal Registration Document 2025

4.4.4 Responsible procurement

4.4.4.1 Organization of the Groupe Procurement Department

The teams are based in the Groupe’s three main regions: Americas, Europe and APAC. Some of them are also specialized by type of business sector or industry. The Chief Procurement Officer reports to the Groupe Chief Financial Officer. All teams must comply with the various regulatory frameworks, whether European Directives (such as CSRD) or national laws. A cross-functional team is dedicated to the key issues of responsible procurement.

Training of teams and buyers

All employees negotiating with suppliers must comply with the rules of the Janus Code of Conduct and Ethics, in particular in the context of commercial negotiations. All employees must act professionally and in a rigorous manner, free from any conflict of interest. Like all Company employees, Procurement Department teams must complete mandatory anti-corruption and anti-conflict of interest training, in addition to other training modules specifically tailored to their duties. Buyers are regularly trained on CSR issues by the CSR Manager of the Procurement Department, which works closely with the Groupe’s CSR Department. These annual CSR training sessions provide an update on regulatory changes in terms of human rights as well as climate and ethics issues. Changes to the CSR for Business Guidelines are reviewed with the teams at least once a year. Finally, buyers also participate in conferences/webinars held with suppliers on these topics.

In terms of subcontracting, the contractual elements are clearly established. Whenever necessary, the Groupe requires its suppliers to submit subcontracts for approval, and reserves the right to conduct audits or any other form of detailed review to verify compliance.

4.4.4.2 Due diligence

In 2025, and for the last four years, the Groupe Procurement Department extended its supplier compliance program in order to ensure closer monitoring, in particular through the Vendor Management Program. This risk analysis and compliance program is based on five pillars:

1. Risk analysis: this part covers a wide range of topics, such as the financial health of the Company and supplier reputation issues. Since 2023, the Groupe Procurement Department has activated and rolled out the ARIBA platform, with the SLP (Supplier Lifecycle and Performance) module and Supplier Risks functionalities to identify and monitor legal compliance, financial position, CSR assessment and operational issues. In recent years, the Groupe Procurement Department has continued its risk-based approach by revising the internal guidelines defining seven processes. This includes detailed assessments of the controls created by type of project according to the risk weighting, the frequency of these controls and the analysis methodology. Additional safeguards were added, including on governance to ensure their application. A dedicated PMO (Procurement Management Office) team is in charge of prior verification before submitting a contract for signature (validations tracked by Docusign). In 2024, the Groupe Procurement Department developed a tool incorporating artificial intelligence to better assess risks, with greater analysis granularity. Several databases, such as Factiva (Dow Jones) as well as other media, feed into this tool;
2. Anti-corruption: teams carry out a specific anti-corruption analysis to assess risk. Publicis Groupe will not work with suppliers that may present a risk of corruption or do not comply with anti-corruption laws and the Groupe’s anti-corruption policy;
3. Data protection: under the application of the GDPR (General Data Protection Regulation) and other regulations, suppliers are required to comply with the Groupe’s DPA (Data Processing Addendum). The GDPO (Global Data Privacy Office) performs critical reviews according to the level of data protection risks identified, and appropriate mitigation measures. In 2024, Groupe Procurement Department teams were trained, with an additional program, to strengthen their skills in this area;
4. Information systems security: GSO (Group Security Office) teams carry out regular assessments of supplier information system security. This review includes tests (due diligence) to verify the security of the supplier’s systems in order to verify their compliance and security and their alignment with the Groupe’s policies. The terms of the contracts contain specific criteria to be met. The GSO informs of any risks and approves the service continuity plans proposed by suppliers;
5. CSR, social and environmental impacts: the CSR component is addressed either by external assessments (such as EcoVadis for the Groupe’s strategic suppliers), or by a CSR self-assessment on the Groupe’s P.A.S.S. (Publicis Groupe Providers’ Platform for a self-Assessment for a Sustainable Supply chain) platform. In the context of calls for tenders initiated by the Groupe Procurement Department, CSR assessments account for 20% of the final score awarded to the supplier’s proposal. Two other aspects are considered: Suppliers’ Diversity (Section 4.3.11.5), in order to better identify them and work with a greater number of them, and the climate commitments that are subject to ad hoc monitoring.