U.S. Compliance Program

Introduction

Sanofi is a global pharmaceutical company engaged in the research, development, manufacture, and marketing of healthcare products. Sanofi is committed to conducting its business ethically and in compliance with all applicable laws, regulations, guidelines and policies. In keeping with this commitment, its United States affiliates Sanofi US Services Inc., sanofi-aventis U.S. LLC (collectively “Sanofi US”), Sanofi Pasteur Inc., and Genzyme Corporation (“Genzyme”) (all four companies collectively the “Company”) have implemented a comprehensive compliance program for their US operations, which is summarized here.

Mission of the Compliance Program

At the highest level, the Compliance Program helps support the collective values of employees and the Company that integrity is a commitment that must guide our behaviors beyond mere compliance with law and regulation, driving us to make the right choice when facing any situation. The Company is subject to a number of laws and regulations and its policies and procedures are designed to ensure that all employees act consistently with those laws. To that end, the Compliance Program supports all Company employees’ adherence to these values. To do that, the Compliance Program consists of various elements designed to help all employees avoid violating policies and procedures and to identify where violations of policies may have occurred and take appropriate remedial action to help us avoid violating policies in the future.

Specifically, the purpose of the Compliance Program is to: (a) establish compliance-related policies and procedures for business operations to ensure compliance with applicable law and Sanofi’s values of ethics and integrity; (b) prevent, detect, and correct violations of Company policy and procedures; (c) develop training and other programs to educate employees about compliance policies, procedures and standards; (d) implement a mechanism for independent assessment of the effectiveness of essential elements of the Compliance Program; (e) implement a mechanism for internal reporting of questionable or inappropriate activities to enable timely investigation and resolution; and (f) take appropriate corrective action to prevent recurrence of misconduct.

Elements of The Compliance Program

A. North America Compliance Officer

The North America Compliance Officer is responsible for overseeing the administration and implementation of the Compliance Program. The North America Compliance Officer or delegate reports at least quarterly on Compliance Program operations to, among others, the Company’s U.S. Compliance Committees and periodically to the Global Executive Compliance Committee. The North America Compliance Officer is vested with the authority to direct and implement compliance-related change in the organization as necessary, and has the authority to exercise independent judgment in assessing compliance-related matters. The North America Compliance Officer has authority to seek advice from independent legal counsel or other outside experts when appropriate. The North America Compliance Officer is authorized to report issues of any kind directly to Company officers and directors.

B. U.S. Compliance Committees

The Company has established one or more U.S. Compliance Committees, which meet at least quarterly. The mission of the U.S. Compliance Committees includes ensuring the implementation and effectiveness of all components of the Compliance Program, which shall include, among other things:

• Development and implementation of compliance-related policies, standards and procedures in all areas of the U.S. business;
• Development and implementation of training and other programs designed to educate Company employees regarding applicable laws, rules, regulations, policies, procedures and standards (collectively, “Requirements”);
• Development and implementation of auditing, monitoring and other controls and processes designed to prevent, detect and correct violations of applicable requirements;
• Development and implementation of mechanisms for internal reporting of questionable or inappropriate activities and timely investigation and resolution of such instances; and
• Development and implementation of corrective and disciplinary action to address and prevent recurrence of misconduct or non-compliance.
• The U.S. Compliance Committees also shall provide advice, counsel, and support to the North America Compliance Officer in day-to-day oversight responsibilities for the US Compliance Program.

C. Compliance Related Policies

As part of its commitment to the highest ethical standards of business conduct, the Company has implemented corporate standards and requirements that are consistent with that obligation and are specific to the Company’s operations and the evolving business and regulatory environment.

The Company expects employees at all levels of the organization to adhere to its Compliance Program, the standards set forth in the Code of Conduct (“Code”), the Company’s policies and procedures and all applicable laws. All U.S. employees must annually acknowledge their responsibility and commitment to conducting the Company’s business consistent with these standards and to report to management, Human Resources, Legal, the North America Compliance Officer or Compliance Department knowledge of any violation of these standards. An employee who violates these standards will be subject to appropriate disciplinary action, up to and including termination. The Code expressly prohibits retaliation or retribution against any employee for making any good faith report of suspected misconduct or improper behavior.

A number of policies and procedures are designed to ensure that interactions with healthcare professionals are appropriate, ethical and consistent with applicable laws and standards, including (but not limited to) the April 2003 “Compliance Program Guidance for Pharmaceutical Manufacturers” issued by the U.S. Department of Health and Human Services Office of Inspector General (“OIG Guidance”), the Pharmaceutical Research and Manufacturers of America (PhRMA) “Code on Interactions with Healthcare Professionals,” as revised and effective January 1, 2022 (“PhRMA Code”), and the AdvaMed Code of Ethics on Interactions with Health Care Professionals as revised and effective June 1, 2023 (“AdvaMed Code”). Sanofi is a member of PhRMA and has policies and procedures in place to foster compliance with the PhRMA Code and AdvaMed Code.

For a statement regarding compliance with California Health & Safety Code § 119402, click here. 

D. Training and Educational Programs

A critical component of the Compliance Program is the training and education of employees concerning their general ethical obligations and their specific obligations to comply with Company policies and procedures and with all applicable laws and regulations. The Company has implemented training programs to educate employees on the Code, on new and existing compliance policies and on the standards and procedures applicable to their job functions. New employees receive or will receive compliance training as part of their initial training; and employees receive on-going compliance training on a routine and periodic basis. The Company implements additional training for the entire Company or particular departments and/or business units on an as-needed basis.

E. Communicating Compliance Issues and Concerns

The Company is committed to fostering an environment in which open communication regarding questions about the Code or Company policies and procedures or concerns about suspected improper business practices is encouraged. Any employee who has concerns about a particular activity that the employee feels may violate policies or the law is required to report such concerns.

Employees are encouraged to ask questions about compliance issues or make reports of potentially problematic conduct to their managers. As an alternative, employees may contact the North America Compliance Officer or use the North America Compliance Helpline (1-800-648-1297). The Helpline, a toll-free number available 24 hours a day and 7 days a week, allows confidential, anonymous reporting. The Helpline is administered by an independent outside contractor whose employees are trained to handle such calls. Employees may visit  http://speakup-sanofi.com.

The Code expressly prohibits retaliation or retribution against any employee for making any good faith report of suspected misconduct or improper behavior.

F. Monitoring, Auditing, and Investigations

The Compliance Program includes activities designed to monitor and audit compliance with the Company’s policies and procedures. The North America Compliance Officer oversees and/or coordinates systems for monitoring and auditing. On a periodic basis, but not less than annually, the North America Compliance Officer develops a Compliance audit plan, recognizing that the nature and frequency of reviews depends upon a variety of factors, primary of which is through the completion of a compliance Risk Assessment. The Risk Assessment process, executed annually, focuses on the risk of various activities identified by the Company including promotional and non-promotional activities. A variety of internal and external auditing resources may be used to conduct periodic monitoring and auditing. The North America Compliance Officer works with relevant internal experts and management to evaluate audit findings and ensure the implementation of any corrective action deemed necessary as the result of audits or routine monitoring activities.

The North America Compliance Officer (or designee) reviews and evaluates concerns communicated to the North America Compliance Department to determine whether further investigation is required of activities that may be inconsistent with the Code, policies or procedures, or any provision of the Compliance Program or applicable law. The North America Compliance Officer may, as required, request assistance from the members of the Compliance Committees or outside experts to conduct an investigation, depending on the nature of the alleged misconduct. Investigations shall be conducted confidentially to the greatest extent possible and with every effort to respect the rights of all concerned.

G. Corrective Action and Discipline

If it is determined, after investigation, that noncompliant conduct occurred, the matter is forwarded to the appropriate parties for corrective and/or disciplinary action. Such response and disciplinary action may include (but is not limited to): terminating or otherwise disciplining the employee(s) involved; disciplining supervisors in accordance with the facts for failure to supervise adequately and control the behavior of the employee(s); revising guidelines, policies and procedures or any function of the Compliance Program to prevent the reoccurrence of misconduct in the area; or increasing auditing and monitoring procedures.

H. Updating the Compliance Program

From time to time, the Company may amend its Compliance Program. The U.S. Compliance Committees shall review all changes suggested by the North America Compliance Officer, members of the U.S. Compliance Committees, or other Company personnel. The North America Compliance Officer shall be responsible for communicating changes in the Compliance Program to Company employees in a timely manner.

For a written copy of this North America Compliance Program description, call 1-800-648-1297.