Activity and sustainability report 2023

1. Governance, risks and compliance To oversee the Group’s ethics and compliance system, the GEODIS Executive Board has set up the Governance, Risks and Compliance Department, a dedicated team which encompasses three areas of expertise: ● the Group Ethics, Compliance and Customs Department; ● the Group Internal Control and Risk Management Department; ● the Group Internal Audit Department. Each department, except for Internal Audit, has a central team and a network of correspondents in all the regions and lines of business to ensure the overall consistency of the compliance program and to match it to the appropriate level of the organization. The Group executive vice president, Governance, Risks and Compliance is a member of the GEODIS Management Board and reports directly to the Chief Executive Officer. She keeps the Management Board regularly informed of the progress of her activities to ensure that it has all the support it needs for decision-making. Ethics, Compliance and Customs The mission of the Group’s Ethics, Compliance and Customs Department is to manage any risk of violation of the rules applicable to anti-corruption, competition law, personal data protection, customs and export control, as set out in the relevant laws and regulations, as well as in the Group’s Code of Ethics. It is also tasked with administering the internal alert system, through which Group employees and third parties can report potential violations of laws and regulations, as well as of the Code of Ethics. The department is made up of several teams with the necessary expertise in the fields concerned, supported by a network of correspondents in the lines of business and the regions, providing effective support to operational staff through a dynamic approach to continuous improvement. Internal Control and Risk Management In line with international standards, GEODIS’s internal control and risk management system is based on three lines of control: operations (first line), support functions such as Human Resources, Finance, Legal Affairs, etc. at the level of the lines of business, the regions and the Group (second line), and Internal Audit (third line). Each of these has well-defined roles and responsibilities in the implementation of risk management within its perimeter. In its role as a second line of defense, the Group’s Internal Control and Risk Management Department assists functional and operational departments at Group, line of business and regional level to define their internal rules and procedures enabling them to integrate relevant controls for effective risk management. It has drawn up the Book of Business Principles, which it regularly updates. This document constitutes the Group’s mandatory reference framework regarding governance rules and authorization thresholds. The department defines the Group’s approach to internal control and risk management, which is then rolled out within each perimeter with the support of correspondents in the lines of business and the regions. Thanks to this organization, the Group’s internal control and risk management system can be deployed effectively and consistently across all activities and entities. Internal Audit The Internal Audit Department’s mission is to provide independent, objective assurance on the degree of control over the Group’s operations, and to advise on how to improve the conduct of business, thereby helping to create value for the organization. The department is centralized and comprises qualified experts who perform reviews throughout the organization, in accordance with the annual audit plan and as needs are identified. 2023 ACTIVITY AND SUSTAINABILITY REPORT - 25 EDITORIAL > 1. PROFILE AND AMBITION > 2. CSR POLICY > 3. ENVIRONMENT > 4. SOCIAL > 5. ETHICS > 6. TABLE OF INDICATORS

RkJQdWJsaXNoZXIy NzMxNTcx