SAINT_GOBAIN_REGISTRATION_DOCUMENT_2017

Risks and control Internal control

Corporate departments

Main responsibilities

Reference standards and/or measures

2017 key figures

Financial Control Department

Dashboards „ Permanent relationship with „ Delegations and Sectors Oversight of the network of Group „ controllers Implementation of common analysis tools „ Group reference base and notices to „ corporate departments and Sectors

Over 150ɸmeetings per year with „ Sectors and Delegations 11ɸtraining sessions with the „ participation of 173ɸemployees 199 DAC (Credit Authorization „ Requests) 58 planned acquisitions, 36 „ of which have been completed 29 divestments and mergers „ completed 650 documents available on the „ Doctrine intranet 388 questions addressed via the „ hotline 1,573ɸemployee subscribers to „ Doctrine News More than 27,000ɸemployees „ completed online training on the prevention of corruption or competition law at least once Almost 9,000ɸemployees completed „ “Saint-Gobain Economic Sanctions and Embargos” online training on economic sanctions and embargos More than 150ɸsites subject to „ competition audit by specialized legal counsel (since 2007) In 3ɸyears, more than 700 in-person „ compliance training seminars (competition law, anti-corruption rules, economic sanctions and embargos) have been organized

Implement continuous control „ of the Group’s results and operating performance Participate in drawing up the „ budget and quarterly budget reviews Oversee monthly results figures „ at all levels of the organization Closely analyze and validate the „ financial consequences of investment, acquisition, divestment, merger and capital expenditure plans and restructurings Manage, update and distribute „ all financial, administrative and management procedures applicable to the Group’s companies Identify the main legal risks „ Define and implement relevant „ policies and controls Provide guidance to operational „ staff through the network of compliance and embargo correspondents

Doctrine Department

Group organization and procedures „ Financial and accounting standards „ Group Intranet „

Legal Department

Group Doctrine in respect of legislation „ in force (particularly in relation to laws on competition, fight against corruption, economic sanctions and embargos, gifts and invitations policies, conflicts of interest, etc.) Employee training related to legislation in „ force and Group policy adopted on the subject (online and in person trainings) Questions on the compliance statement „ on compliance-related topics

7

Sectors, Activities and General 2.2.5 Delegations The Presidents of the Sectors, Activities on the one hand, and of the General Delegations on the other, are tasked with distributing the Internal Control Reference Framework to the companies under their responsibilities and ensuring compliance with Group instructions. They are responsible for managing the specific risks associated with their business. Their responsibilities also include: assessing and managing the principal risks in their domain „ which are laid out in their own risk map; specifying, so far as is necessary, the specific conditions „ for implementation of Group controls to reflect the particular features of the processes and information systems within their scope;

prescribing the supplementary controls which are made „ necessary by risks specific to the operations carried out in entities in their scope; leading the compliance statement procedure set up by the „ Internal Audit and Business Control Department; analyzing internal control failures and incidents, and the „ results of audits to achieve continuous improvement of the internal control system; coordinating the supervisory controls or second line of „ defense, which they represent directly through the dissemination of standard procedures or the sampling of controls on major points.

195 SAINT-GOBAIN - REGISTRATION DOCUMENT 2017