HERMÈS - 2018 Registration document

Corporate Governance

Ethics – Compliance

ORGANISATION

3.2.2

3.3.2.2 Compliance and Vigilance Committee The Compliance and Vigilance Committee is composed of the following functions: s s General Counsel Compliance and Public Affairs;

3.2.2.1 Ethics Committee An Ethics Committee was created in 2018 to (i) advise on the Group's ethics culture and make recommendations, (ii) receive alerts (alongside other reporting channels) and (iii) direct and monitor the way in which alerts are handled. It comprises the Executive Vice-President, Governance and Organisational Development, who is a member of the Executive Committee and chairs the meetings, the Group Legal Director, the Human Resources Director and the Director of Legal Compliance and Public Affairs. The Ethics Committee meets in plenary session with anyone who is duly authorised to deal with alerts, as often as is necessary and at least once every six months. General Counsel Compliance and Public Affairs The General Counsel Compliance and Public Affairs' main task is to design, develop and implement compliance programmes worldwide, to identify, evaluate and control the risks to which the Hermès Group is exposed, to verify compliance with the various laws and regulations, and ensure the coordination, implementation and updating of compliance programmes, in close cooperation with the Group’s various depart- ments. This position reports to the Group’s Chief Legal Officer, who reports to the Executive Vice-President, Governance and Development of Organisations, member of the Executive Committee, who in turn reports to the Group’s Executive Chairman. The General Counsel Compliance and Public Affairs' independence is ensured by direct reporting, on a regular basis, to the Executive Vice- President, Governance and Organisational Development. Meetings are accordingly held on a regular basis. The General Counsel Compliance and Public Affairs chairs and oversees the "Compliance and Vigilance Committee". He or she reports on the actions and decisions of the Compliance and Vigilance Committee to the Executive Vice-President, Governance andOrganisational Development. He or she is also a member of the Ethics Committee, chaired by the Executive Vice-President, Governance andOrganisational Development. The General Counsel Compliance Department and Public Affairs relies on the lawyers in the Hermès International Legal Department, based in Paris, on subsidiaries' legal departments (in Lyon, New York, Mumbai, Shanghai, Singapore and Tokyo) and on the Group's network of internal controllers, to deploy compliance programmes within the Group. These employees are involved in implementing and leading compliance programmes, including the corruption prevention plan, across all Group métiers and entities. They check in particular that operational and métiers staff apply the policies and procedures put in place. 3.2.2.2

s s Group General Counsel; s s Audit and Risk Director; s s Sustainable Development Director; s s Consolidation and Management Control Director; s s Group Labour Relations Director; s s Group Direct Purchasing Coordination Manager; s s Group Indirect Purchasing Manager; s s Group Retail Activities Director. The Compliance and Vigilance Committee meets regularly.

3

Its duties include in particular to: s s define compliance guidelines;

s s design and implement prevention and monitoring actions in terms of supplier vigilance, fraud and the fight against corruption for all Group entities; s s manage the deployment of awareness-raising and training cam- paigns for employees most at risk. Generally speaking, the Compliance and Vigilance Committee: s s provides expertise by analysing regulatory and legislative requirements; s s fosters a culture of compliance; s s ensures programme coordination and consistency; s s develops the Group’s policies in this area. Group Data Protection Officer A Group Data Protection Officer was appointed on 1 March 2018, with the task of informing and advising the Company on its legal and regula- tory obligations with regard to personal data, and steering and monito- ring data processing and ensuring its compliance with these obligations. The Group Data Protection Officer is the point of contact for the people concerned and for authorities in charge with the protection of personal data. The position is part of the Group Legal Department, reporting to the Executive Vice-President, Governance and Development of Organisations, member of the Executive Committee, who in turn reports to the Group’s Executive Chairman. Personal data protection governance The Data Protection Officer's work is reliant upon a Group-wide network of people, primarily members of the Legal Department and internal controllers. This network enables the officer to be informed of perso- nal data processing-related issues, to ensure that these are handled consistently by subsidiaries and to be alert to local legal and regulatory changes, as applicable. 3.2.2.4 3.2.2.5

2018 REGISTRATION DOCUMENT HERMÈS INTERNATIONAL

217