Universal Registration Document 2024

4 SUSTAINABILITY REPORT GOVERNANCE MATTERS

4.4.2.6. Preventing and detecting corruption [G1-1-10-(h)] → Disclosure of functions most at risk in respect of corruption and bribery In 2024, 20 categories of functions exposed to corruption and bribery risks were identified, across 289 functions. The list was adjusted on the basis of the 2024 corruption risk mapping exercise. This list is still being consolidated, particularly at Group subsidiary level. It will be updated twice a year, in conjunction with the Group's subsidiaries and controlled companies.

[G1-3-18-(b)] → The investigators or investigation committee are separate from the chain of management involved in preventing and detecting corruption The Group has put in place a number of prevention measures to separate the prevention and detection of corruption from the handling of reports: u the Director of Ethics and Personal Data is responsible for handling reports and works directly under the Group's Chairman and Chief Executive Officer, giving her the requisite independence to carry out her duties; u an internal team dedicated to internal investigations – separate from the risk prevention and Ethics and Compliance Programme deployment units – reports to her. The investigators are also trained and subject to strict confidentiality rules, and are supported by a charter for handling reports, an investigator's guide and internal procedures that enable any conflicts of interest to be detected, and guarantee independent, confidential, objective, impartial and proportionate handling; u in addition, no managers in the area concerned by a report is involved in processing it; u the handling of reports is overseen by a processing committee, making it possible to take collective decisions (strategy and recommendations). [G1-3-18-(c)] → Information on the process, if any, to report outcomes to the administrative, management and supervisory bodies The Ethics and Compliance programme is monitored by the Social and Economic Committee, the Executive Committee and the Board of Directors (Audit and Risks Committee and CSR Committee) – see the 2024 summary table in [G1 ESRS 2 GOV-1-5-(a)]. The corruption risk map is also presented to the networks, management committees and decision-making bodies each time it is updated (latest update in 2024). In 2022, the investigation process and reports dashboard were presented to the Executive Committee. In 2024, a presentation was made to the Social and Economic Committee on: u changes in regulations, in particular to strengthen the protection of whistleblowers and facilitators, and the inclusion of these changes in the whistleblower charter and the investigators' guide; u handling reports: the number of admissible reports, their type, investigations, recommendations and sanctions. The Director of Ethics and Personal Data meets the Chairman and Chief Executive Officer on a monthly basis to provide him with a clearer picture of ethics and compliance issues, and to enlist his support as necessary in carrying out her duties. [G1-3-19] → Disclosure of plans to adopt procedures to prevent, detect and address allegations or incidents of corruption or bribery where no procedures exist See [G1-1-10-(c)] → Disclosure of guarantees relating to the notification of irregularities, including the protection of whistleblowers.

Number of functions

Categories and functions exposed

Purchasing

10

Asset

1

Other users ADIT*

2

Customers/commercial Executive Committee

40

5

Communication Accounting Development

10 10

20

Finance

12

Governance Real Estate Legal Affairs

6 7 7 7

Management Committee Members

Operations

105

Projects

14

Ethics and Compliance Officers Ethics and Compliance Coordinators

1

3

Human Resources

23

Sponsorship

4 2

Sponsorship/communication

TOTAL

289

* Third-party evaluation tool.

Based on this identification process, an appropriate training plan is defined (see G1-3-21). [G1-1-11] → The entity is subject to legal requirements for whistleblower protection Yes, see G1-1-10 (a). [G1-3] – Prevention and detection of corruption and bribery [G1-3-18-(a)] → Information on the procedures in place to prevent, detect and address allegations or incidents of corruption The French law of 9 December 2016 on transparency, the fight against corruption and the modernisation of economic life (Sapin II), aims to thoroughly modernise French legislation in line with internationally recognised principles, including the United Nations Convention against Corruption of 2 December 2004. Groupe ADP's Ethics and Compliance Programme, described in G1-1-10(a), meets the requirements of the Sapin II law. The introduction of a whistleblowing system for all Group employees, as well as employees of entities with which the Group has business relationships, meets the requirements of the Waserman law and the Potier law.

506

AÉROPORTS DE PARIS w UNIVERSAL REGISTRATION DOCUMENT 2024