Saint-Gobain // Universal Registration Document 2021

6

Risks and control Internal control

Corporate departments

Reference standards and/or measures Group organization and ■ procedures Financial and accounting ■ standards (IFRS) Group intranet and Yammer ■ page.

Main responsibilities

2021 key figures

Accounting Standards and Pension Liabilities Department

512 documents available on the ■ Accounting Standards intranet 430 questions addressed via ■ the hotline 1,460 employees subscribed to ■ the Accounting Standards Department newsletter At the end of 2021, 97.6% of ■ managers had completed the “ACT” online anti-corruption training At the end of 2021, 96.7% of ■ managers had completed the “Comply” online training on anti-trust law At the end of 2021, over 13,400 ■ employees had completed the “Saint-Gobain Economic Sanctions and Embargoes” online training on economic sanctions and embargoes Specialized legal counsel ■ performed competition audits on 164 sites since 2007 Almost 800 in-person training ■ sessions on compliance (competition law, anti-corruption rules, trade sanctions and embargoes) have been held since 2017 8,736 travelers involved in ■ international travel (with tracking) 14,007 travelers involved in ■ domestic trips (with tracking) 1 site audited ■ Number of e-learning sessions: ■ 1,980

Manage, update and distribute all financial, ■ administrative and management procedures applicable to the Group’s companies Coordination and review of the valuation ■ of the Group’s pension obligations Monitoring of “IFRS 16” leases ■ Coordination of the financial portion of the ■ Universal Registration Document Identify the main legal and ethics and ■ compliance risks Define and implement relevant policies ■ and controls as part of an ethics and compliance program Advise operational staff via the network of ■ Ethics and compliance managers and/or embargo managers Perform controls to verify the application ■ of the rules of the ethics and compliance program

Legal and Ethics and Compliance Department

Group policies and procedures ■ with regard to compliance

with current legislation (especially in terms of combating corruption and influence peddling,

competition law, economic sanctions and embargoes) Group ethics and occupational ■ whistle-blowing system Employee training related to ■ legislation in force and Group policy adopted on the subject (online and in person trainings) Questions on the compliance ■ statement on compliance-related topics Dedicated audits (Essentials of ■ compliance) centered on compliance topics

Safety Department

Protection of people: ■ Ensure the safety of travelers and ■ expatriates Country and site safety audits ■ Safety of Assets: ■ Develop anti-fraud policies ■ Ensure fraud prevention ■ Investigate fraud incidents ■ Security of sensitive information: ■ Ensure the protection of information ■ relating to national defense secrets

Group travel policy ■ Group safety policy ■

Training and awareness ■ Fraud incident reports ■ Safety Officer function ■ Audit of sensitive sites subject ■ to authorization

Audits according to a grid in 13 sections, covering the requirements of ISO 14001: 2015 and ISO 45001: 2018 and the additional internal (1) requirements, for the Group’s manufacturing activities ESPR (Environment, Safety and Prevention of Risks) audit: specific to the Building Distribution (2) Buy-Tech : Workshop that brings together purchasers and technicians with the aim of improving their cooperation, optimizing local purchases, (3) promote best practices in terms of defining specifications and using the TCO (Total Cost of Ownership) tool and guarantee the best use of framework, national or regional contracts

Operational departments 2.2.5 The Heads of the Regions, countries, BUs and companies’ CEOs are crucial in rolling out the internal control and risk management system in the Group; their main roles include: analyzing major risks faced by the companies; ■ carrying out appropriate controls based on the Internal ■ Control Reference Framework; gradually implementing the Group’s programs; ■

making self-assessments on the internal control system, ■ in the form of an annual compliance statement, for the applicable management levels, that includes a letter of commitment confirming the Chief Executive Officer’s personal commitment as regards the fairness and accuracy of the self-assessment; active, constructive and transparent involvement in the ■ various assessment exercises: internal, specialized and external audits.

SAINT-GOBAIN UNIVERSAL REGISTRATION DOCUMENT 2021 244

www.saint-gobain.com