RISK MANAGEMENT THROUGH RIGOROUS GOVERNANCE The Board of Directors oversees risk management and defines the principles and organization of internal control. It steers the mapping of the Group’s major risks and ensures compliance with a risk monitoring process, which is based on operational entity accountability. In addition, this risk management framework provides Bureau Veritas with a comprehensive understanding of the risks we face, including financial, non-financial, material and emerging. COMBINING FINANCIAL AND CSR RISK MANAGEMENT Bureau Veritas has created a standardized methodology, criteria and rating scales for Group risks, including CSR factors. This was made possible by aligning our approach to impact measurement between risk mapping and materiality analysis. In addition, we are working toward consolidating the risks examined by these two disciplines. 10 MAJOR RISK FACTORS FOR FINANCIAL MARKETS Of the 20 most common critical risks, the Risk Management Department has selected to focus on RISKS AT BUREAU VERITAS those most pertinent EXECUTIVE OPERATIONAL DEPLOYMENT UPDATING BUREAU VERITAS GROUP RISK MATRIX to Bureau Veritas. COMMITTEE SUPERVISION OF ACTION PLANS THE RISK MAP Consultation Risk rating carried MONITORING Every risk has Action Owners The Risk Map with 50 out by 230 Each risk a plan of action are responsible managers employees. employees on is monitored linked to it, for deploying network updates two main themes: by a member supervised by action plans. the risk map. – I mpact and of the Executive a Risk Delegate. occurrence Committee, – Gross impact the Risk Owner presents an annual progress report to the Committee. CSR RISK MAPPING FOR BUREAU VERITAS AND STAKEHOLDERS The Risk Management and CSR departments RISK MAPPING UPDATE rated the criticality — July 2022 — of CSR risks using At the request of the Executive the same scale Committee, review of the selection for impact and of the 10 major risk factors of occurrence. the Group’s risk mapping was conducted through interviews with all members of the Committee. The goal was to review the level of severity and the margin for improvement of each major risk. Meanwhile, efforts have been made to integrate emerging risks into the Group’s risk mapping. 64TROPER DETARGETNI 2202