Saint-Gobain // Universal Registration Document 2021

6 Risks and control Internal control www.saint-gobain.com SAINT-GOBAIN UNIVERSAL REGISTRATION DOCUMENT 2021 238 Internal control 2. Each of the Group’s companies evaluates the main risks affecting the shaping of its strategy, the smooth running of its operations, compliance with laws and regulations and resilience to external events. As such, the general aims of internal control include: management of the company’s operational risks; ■ proper implementation of processes and reliable ■ financial information; compliance, in accordance with the Group’s programs, ■ particularly on antitrust law, laws on embargoes and trade sanctions and the fight against corruption (in accordance with the recommendations of the Agence Française Anticorruption (AFA), the French Anticorruption Agency); anti-fraud. ■ Group employees. The three lines of defense model is therefore adopted by Saint-Gobain: Each level of the organization plays a role in internal control, as internal control and risk management affect all in the first line of defense, companies employ an ■ internal control and risk management system tailored to their situation, at the initiative of the Chief Executive Officers and local managerial structures (Regions, countries and activities). The companies have access to Shared Services Centers (Finance, Payroll) and IT expertise. It is essential that there is a segregation of tasks between these organizations for successful skills optimization and transaction security; in the second line, Group Internal Control establishes an ■ internal control reference framework applicable to all, in addition to specific guidelines prepared by the Group’s corporate departments; and in the third line, it involves verification of the proper ■ application of the internal control principles which is carried out in-house by the Audit Department and externally by the Statutory Auditors. Compagnie de Saint-Gobain’s internal control and risk 2.1 management system The aims of internal control 2.1.1 and risk management The Saint-Gobain internal control and risk management system is part of the legal framework applicable to companies listed on the Euronext Paris regulated market, and is inspired by the reference framework on the internal control and risk management system of the AMF (French Financial Markets Authority) and the “Committee of Sponsoring Organizations of the Treadway Commission” (COSO). Saint-Gobain Group’s internal control and risk management system is supported by a continuous improvement process and an Internal Control Reference Framework. This is a whole set of resources, behaviors, procedures and actions tailored to each company’s specific characteristics which: enables it to appropriately address material operational, ■ financial or compliance risks; helps it to manage its operations and meet its ■ objectives; improves the efficiency of its operations and ensure ■ that its resources are used to best effect. It is more specifically designed to provide assurance concerning: application of General Management’s instructions and ■ orientations; compliance with the laws and regulations applicable to ■ the company; the efficiency and effectiveness of internal operating, ■ industrial, marketing, financial and other processes; of property, plant and equipment and intangible assets, ■ in particular the prevention of fraud; the reliability of financial information. ■ By promoting constant improvement in all entities, internal control creates value and supports the companies’ performance. The internal control and risk 2.1.2 management environment The Group’s core values 2.1.2.1 Internal control is based on values and rules of conduct which are formalized in: the Saint-Gobain Group Principles of Conduct and ■ Action: professional commitment, respect for others, integrity, loyalty, solidarity, compliance with the law, respect for the environment, protection of health and safety at work and employee rights (see Saint-Gobain Today - Chapter 1). The Principles of Conduct and Action are distributed to all Group employees; the Group Human Rights policy (see Section 1, ■ Chapter 3); the Saint-Gobain Attitudes: being close to customers, ■ acting as an entrepreneur, innovating, being flexible, building an open and engaging culture; the Group’s compliance program: competition law, ■ economic embargoes and sanctions, fight against corruption, influence peddling and fraud, professional associations, conflicts of interest, gift policy, etc. (see Section 2.5.6 of Chapter 6 - The Group’s compliance culture tools).

RkJQdWJsaXNoZXIy NzMxNTcx