2025 Universal Registration Document

The Group, with its 87 industrial sites (owned factories and distribution centres), including three classified as "Seveso high threshold", is exposed to various industrial risks related to the environment and safety (fires, explosions, failure of equipment or safety systems, or even human error in operating existing facilities or managing works, etc.). These could result in injuries, accidental pollution within or outside the Group sites, particularly when they are located in a populated area, and/or the temporary unavailability of an industrial site. The occurrence of such events could have a financial, operational and reputational impact.

The Group's Environment, Health and Safety (EHS) Policy aims to minimise the impact on the environment and guarantee the health and safety of employees, customers and the communities in which L'Oréal carries out its activities. As a result of this policy, the risks inherent in our business activities are systematically identified and brought under control.

The Operations Department issues internal rules that set out the principles of L'Oréal's EHS Policy. Each site is covered by an EHS Manager. EHS risk management programmes, methods and tools are implemented and the corresponding training programmes are being rolled out systematically. EHS performance indicators are collected monthly from all factories, distribution centres, and administrative and research sites with over 50 people. Special audits are conducted by internal EHS teams and external independent experts. The fire risk is controlled by very strict fire prevention standards (National Fire Protection Association standards or equivalent).

Industrial sites classified as "Seveso" are subject to specific procedures adapted to the nature of the risks related to storage of chemicals or flammable materials and are in compliance with the regulations. Since 2020, the Group has extended compliance with the main requirements of the European Seveso Directive beyond the European Union to all sites it operates worldwide.

Across all its sites, the Group strives to reduce its greenhouse gas emissions, its water consumption and its waste generation and to limit the impact of its activity on biodiversity. The Group also aims to reduce the footprint from the transport of its products and to no longer send waste to landfill.

Details of how the risk relating to the temporary unavailability of an industrial site is managed are given in the section on "Product availability".

The Group is subject to many general and specific laws, such as the European REACH and CLP (Classification, Labelling, Packaging) regulations on cosmetic products intended to strengthen the safety of cosmetic and chemical products for humans and the environment, and legislation on competition and corruption and international trade controls, including policies on economic sanctions. The diverse and constantly evolving regulatory landscape, as well as its growing instability due to a fragmented geopolitical environment, expose the Group to non-compliance risk and an increase in its compliance costs.

L'Oréal remains exposed to the risk of default or fraud, which could have an impact on its reputation, its business activities and its results.

In its communications, L'Oréal highlights the innovative nature, quality and performance (including environmental) of its products. These communications may be challenged by authorities, organisations or consumers, despite every care used to guarantee their accuracy and fairness. Such actions could affect sales or, more generally, the Group's financial position, particularly if claims are made or products recalled.

See also the "Legal disputes" risk.

L’Oréal’s Code of Ethics sets out the fundamental business ethics principles which L’Oréal considers particularly important. The Group’s Legal Charter reiterates the importance of complying with local legislation, especially in terms of contracts, corporate law, intellectual property and competition law, embargoes and economic sanctions, and personal data protection.

To ensure compliance with these laws and regulations, the Group has implemented a robust system of governance involving all the Group's operating entities and Functional Departments (in particular the Internal Control Department, the Legal & Compliance Department, the Regulatory and Claims Substantiation Department, Public Affairs and Operations). This governance means that the Group is able to monitor legislation on an ongoing basis and take any measures necessary to comply with it or assert its rights in a timely manner. To improve its management of certain non-compliance risks and to navigate a complex and constantly changing international regulatory environment, the governance of compliance has evolved to form the Legal & Compliance Department. Legal & Compliance is responsible for defining and managing the Group's compliance programmes in the areas of competition law, embargoes and economic sanctions, corruption prevention, personal data protection and duty of care. Close collaboration has been established with the organisation's various control functions to ensure these programs are duly implemented and effective.