Exhibit 99.1

Report of the Chairman of the Board of Directors as presented in the French-language document de référence

(Section L. 225-37 of the French Commercial Code)

In preparing this report, the Chairman consulted the departments involved in the supervision of internal control and risk management, in accordance with Section L. 225-37 of the French Commercial Code. The Board of Directors was informed of the conclusions of the specialist Board committees and of the Statutory Auditors, and has approved this Chairman’s report.

1. Corporate Governance

Corporate governance is discussed in “Item 16G. Corporate Governance” of the Annual Report on Form 20-F.

2. Internal control and risk management procedures implemented by the Company

The Group’s senior management has a clear ongoing commitment to maintaining and enhancing its internal control and risk management systems.

2. A. Definition of the internal control system

The internal control system is implemented by the Group’s senior management, middle management and staff with the aim of providing directors, corporate officers and shareholders with reasonable assurance that the following objectives are met:

· reliability of accounting and financial information;

· effectiveness and efficiency in the conduct of operations;

· compliance with applicable laws and regulations; and

· safeguarding of corporate assets.

The internal control system covers the entities and businesses consolidated by the Group, and includes methodologies adapted to specific risk exposures. It is systematically rolled out in newly-acquired entities from the date of acquisition, using a tailored timetable reflecting the priorities at each stage of the integration process.

In order to comply with Section 404 of the Sarbanes-Oxley Act (SOA 404), the internal control system builds in procedures to assess the effectiveness of internal control over financial reporting.

2. A.a. Reference framework for the internal control system

Because the Group has a U.S. stock market listing and is subject to the requirements of the Sarbanes-Oxley Act, it applies the “Internal Control — Integrated Framework” issued in 1992 by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). This framework is regarded as equivalent to the reference framework of the Autorité des Marchés Financiers (AMF), the French financial markets regulator.

The Group is currently assessing the impact of COSO 2013 on its internal control and risk management system.

In this report, the description of the system is aligned on the five COSO components.

2. A.b. Underlying principles of the internal control system

The internal control system is built upon the following core principles:

· responsibility and competencies of Group employees as regards the implementation and maintenance of effective internal control;

· information about risk and control frameworks and about compliance with Group-wide procedures; and

· segregation of duties, in other words ensuring that those who perform tasks are not responsible for approving or controlling the performance thereof.

The internal control system can only give reasonable assurance, and can never give absolute assurance, that these objectives are met. The probability of meeting these objectives is subject to the limitations inherent in all internal control systems, including the possibility of defective judgment in decision-making, the need for cost/benefit analysis before implementing controls, and the risk of deficiencies caused by human failings or mere error.

In its organizational choices, the Group strives to abide by the principles of safety, reliability and effectiveness in its operations while factoring in the constraints imposed by its activities and its regulatory, economic and social environments. A legal and managerial structure, with internal and external delegations of authority, has been established to conduct operations and to disseminate and apply the Group’s strategy at the appropriate organizational level. The Group has set up an Internal Control and Processes department in order to enhance the robustness of the system as a whole, especially fraud prevention.

2. A.c. Organization of the internal control system for the production of financial statements

To comply with legal requirements on internal control in both France and the United States, the Group has a dedicated Internal Control Assessment Department which reports to the Group Finance Department.

This department has developed and applies a process that complies with SOA 404, with the objective of assessing and improving the effectiveness of the internal control system for the production of financial statements. This process is used to identify and rank internal control deficiencies in financial processes, and applies to Group activities in proportion to their contribution to the consolidated financial statements and their risk profile.

In accordance with the recommendations published by the U.S. Securities and Exchange Commission (SEC), the internal control system applies a risk-based approach, which is defined at Group level and implemented locally.

To meet these objectives, the Internal Control Assessment Department:

· defines the control framework and the internal control assessment methodology;

· ensures that risks relating to financial information are covered in accordance with the reasonable assurance principle;

· defines the scope for deploying assessment of the internal control system for the production of financial statements, and supports the network of internal control correspondents through communication, leadership, backup and the sharing of good practices. Responsibility for conducting these assessments rests with named correspondents within the network;

· assesses the effectiveness of the internal control system for the production of financial statements;

· contributes to fraud prevention and detection programs; and

· coordinates these tasks with the procedures conducted by the statutory auditors.

The Report of Management on Internal Control Over Financial Reporting pursuant to SOA 404 is presented in “Item 15. Controls and Procedures” of the Annual Report on Form 20-F for the year ended December 31, 2013.

2. B. Control environment

The control environment underpins the internal control system. It refers to the degree of awareness Group staff have of internal control, and is implemented largely via frameworks presented in the form of codes, procedures and charters, which are available on the Group intranet.

2. B.a. Codes

Code of Ethics

The Sanofi Code of Ethics defines the ethical principles and rules that must be followed when conducting Sanofi business. It helps each employee determine the attitude he or she should adopt in relationships within and outside the Group. It is provided to all employees, and addresses issues such as:

· prevention of conflicts of interest;

· prevention of insider dealing;

· fighting bribery and corruption;

· good promotional practices; and

· the compliance helpline.

Deployment of the Code of Ethics is coordinated centrally by the Global Compliance Department through its network of Compliance Officers, including in newly-acquired entities. The Global Compliance Department has developed a program designed to give employees a better understanding of the rules and principles contained in the Code of Ethics, which it delivers through various training media.

Financial Code of Ethics

In accordance with U.S. securities law, Sanofi has adopted a Financial Code of Ethics that applies to the Chief Executive Officer, the Executive Vice-President Chief Financial Officer and the Vice-President Corporate Accounting. This Code stresses the fundamental importance of irreproachable ethical conduct on the part of key executives with responsibility for financial information and financial reporting. The Chief Financial Officers of Group entities are also required to attest each year that they adhere to and will abide by the Code’s principles.

Code of Conduct: Prevention of Insider Dealing

As a result of the dual listing of Sanofi in France and in the United States, both French and U.S. rules apply. Other countries’ rules may also apply given that Sanofi shares are owned by individuals located in different countries. The Code provides background information and familiarizes employees with insider dealing rules under French and U.S. law, in particular rules relating to confidential information obtained in the course of their employment.

Code of Internal Control Principles

In order to improve the effectiveness of processes, the reliability of the financial statements, and legal and regulatory compliance, the Code of Internal Control Principles sets out the key principles of governance and internal control, unifying action taken by the Group to implement internal control and improve its effectiveness.

2. B.b. Charters and Procedures

Sanofi provides all employees with charters and procedures that structure and promote the internal control environment, and ensure that operations are conducted in an orderly and consistent manner.

In exercising their responsibilities, each operational division must disseminate these rules, check that they are properly applied, and inform the Executive Committee of any adjustments that may be required. The Group has set up a dedicated centralized platform for these charters and procedures on the corporate intranet, which is accessible to all employees.

The pharmaceutical industry is subject to specific regulatory constraints at both national and supra-national level. A large body of laws and regulations governs each stage of operations.

These external standards form the basis of charters and procedures adapted to the specific activities carried on by each entity, thereby contributing to the internal control system.

The Group also has a crisis management procedure designed to anticipate potential crises as far as possible, via management principles and early warning systems covering all Group activities.

2. C. Risk identification, assessment and management

The Group operates an ongoing process of identifying, assessing and managing risk factors which may adversely affect the achievement of goals, and opportunities for improving performance. Responsibility for identifying, assessing and managing risks is drilled down to all appropriate levels of the organization and to all activities within the Sanofi Group.

For a description of the main risks relating to the Group’s activities and financial risks, refer to “Item 3. Key Information — D. Risk Factors” of the Annual Report on Form-20F.

2. C.a. Identifying, assessing and managing risks associated with Sanofi’s activities

The process of identifying, assessing and managing risks associated with the Group’s activities is the responsibility of the operational divisions and support functions and, given the nature of Sanofi’s business, of the pharmacovigilance and epidemiology department.

Pharmacovigilance and epidemiology

The pharmacovigilance and epidemiology department reports to the Chief Medical Officer. It develops structures and tools for assessing the safety profile of products under development, and of licensed or marketed drugs, medical devices, dietary supplements, cosmetics and vaccines. Pharmacovigilance is responsible for developing and updating tools and procedures to satisfy all regulatory requirements within its sphere of action. Operating procedures define the roles and responsibilities of those involved in the management of pharmacovigilance data, and in the reporting of such data (immediately or periodically) to the healthcare authorities and/or to investigators.

In addition to assessing the safety profile of products under development and marketed products, pharmacovigilance is responsible for detecting and analyzing warning signals so that it can, if necessary, issue recommendations to limit the occurrence of side-effects, ensure the product is used properly, and provide healthcare professionals and patients with up-to-date medical information.

Pharmacovigilance helps assess the risk/benefit profile of products, whether in clinical development or already on the market. For a definition of the risk/benefit profile, refer to “Item 4. Information on the Company — B. Business Overview — Global Research & Development” of the Annual Report on Form 20-F.

Working with the clinical development and regulatory affairs teams and the epidemiology unit, pharmacovigilance coordinates the development of risk management plans and monitors their application. These plans summarize the safety profile of the products as established during the development phase, describe the measures in place to monitor identified or potential risks, and propose guidelines to ensure the drug or vaccine is properly used.

In monitoring tolerance through the clinical trials phase and gathering unsolicited information about products already on the market, pharmacovigilance relies on the network of pharmacovigilance units based in Group subsidiaries, and on contractual ties with development and marketing alliance partners. These units also act as an interface between the local healthcare authorities and other departments within the entity.

In 2013, pharmacovigilance migrated its pharmaceuticals and vaccines activities to a single platform with standardized procedures. All information about side-effects for these activities is now centralized by pharmacovigilance in a single worldwide database.

An early warning procedure has been put in place to detect any risk liable to trigger the crisis management procedure, and to notify the Chief Executive Officer without delay.

As regards the Animal Health business, Merial has a global pharmacovigilance department reporting to the head of global regulatory affairs within Merial’s R&D function. Merial Pharmacovigilance systematically applies policies, procedures, and practices for assessing, controlling, communicating and reporting risks in the Animal Health sector. A comprehensive set of procedures ensures quality and consistency for all pharmacovigilance-related activities, including adverse event data collection and reporting across the different Merial subsidiaries as well as by third parties with whom Merial works.

2. C.b. Approach to identifying, assessing and managing risks associated with the production of financial statements

Under SOA 404 and obligations imposed by French legislation, the Group has adopted a methodology for identifying, assessing and managing financial risks. This methodology provides assurance about the reliability of the internal control system for the production of financial statements; it was developed and is overseen by the Internal Control Assessment Department, which assists entities in identifying the risks that need to be covered and the controls that need to be implemented.

The methodology is based on the COSO framework and on:

· a reference framework of processes used in the preparation and processing of financial and accounting information;

· a reference framework of financial risks (including fraud), structured to enable assessments to be conducted at all levels of the Group, and updated periodically to take account of new developments and of the Group’s priorities; and

· a control framework, applying at different organizational levels according to their contribution to the financial statements and their risk profile. Entities that apply this framework use it to identify financial risks and the associated control activities.

The Internal Control Assessment Department is responsible for notifying management of any deficiencies in internal control, and for providing reasonable assurance that financial risks are properly controlled.

The methodology also specifies the obligations incumbent on each department to prevent, identify and deal with fraud in coordination with the Finance and Compliance departments.

A Rating Committee conducts an annual assessment of the internal control system for the reliability of financial information, and of financial risks and of fraud incidents, based on the findings of the Internal Control Assessment Department. This committee then notifies the Audit Committee of any residual risks that might have a significant or material impact on the published financial statements and hence undermine the reliability of the Group’s financial reporting.

2. D. Control activities

Conducted at all hierarchical and functional levels of the organization, control activities address the risks described in section 2.C., “Risk identification, assessment and management”. Control activities are based on codes, procedures, information systems, operating methods, and tools and practices. They are structured by process, and decentralized to Group entities. They contribute to the permanent internal control system, and are the responsibility of the operational divisions.

Control activities covering risks related to sales administration, purchasing, production and inventory management, human resources, information systems and legal affairs are included in the scope of the assessment conducted under SOA 404.

The Group Finance Department organizes annual accounts committees, which play a role in preparing the year-end accounting close at both consolidated and individual entity level. Their remit includes reviewing the tax, legal, treasury and financing aspects of Group entities, and validating the application of Group accounting policies.

A Treasury Committee meets monthly to review strategies on financing and investment and on the hedging of interest rate risk, currency risk, banking counterparty risk and liquidity risk.

The fraud prevention and detection program specifies tools available to identify and detect fraud. Any incidents of fraud are investigated, corrective measures are implemented, and an annual summary is submitted to the Audit Committee.

Under Section 302 of the Sarbanes-Oxley Act, the Chief Executive Officer and the Executive Vice President Chief Financial Officer are required to carry out an evaluation of the effectiveness of the Group’s control over published financial information and fraud. To meet this objective, they push down the certification process to local level, requiring representation letters to be signed off twice a year by the Chief Executive Officers and Chief Financial Officers of Group entities as evidence of certification.

2. E. Information and communication

Information and communication refers to the flow of information accompanying internal control and risk management procedures, from the guidelines laid down by management to action plans. It contributes to establishing the control environment and to disseminating and promoting a culture of internal control, and enables relevant control activities to be performed in order to manage risks.

Information and communication media rely on information systems placed under the responsibility of the Chief Information Officer (CIO). The Group Information Systems Department oversees the development and administration of Group-wide and business-specific applications. It also formulates Group information systems policies, coordinates processes for managing the information systems function, and administers transverse IT infrastructures and services.

Information systems governance is monitored by the Information Systems Strategic Board, which includes business line heads, the Executive Vice President Chief Financial Officer, and the CIO. The Board is tasked with setting guidelines to ensure that the Group’s information systems are aligned with current and future business strategy, maximizing value creation through the use of information, and supporting the deployment of Sanofi’s internal control system.

The Group Information Systems Department has a team dedicated to implementing the internal control assessment process for information systems processes. Working within the Group’s overall methodological framework, this team conducts transverse risk assessments to determine the requisite level of controls.

2. F. Monitoring of internal control and risk management procedures

2. F.a. The Board of Directors and its specialist committees

The Board of Directors, through its specialist committees and particularly the Audit Committee, obtains assurance that the Group has reliable procedures for monitoring the internal control system and for identifying, assessing and managing risks.

The composition of the Board of Directors and its specialist committees, the way their work is organized, and their contribution to the effective and transparent conduct of the Group’s affairs, are described in “Item 6. Directors, Senior Management and Employees” of the Annual Report on Form 20-F.

The Board Charter requires a discussion of the operating procedures of the Board to be included on the agenda of one Board meeting a year, with a formal evaluation performed every three years.

In accordance with the publications and recommendations issued by the AMF:

· The roles, responsibilities, composition and operation of the Audit Committee are defined in the Board Charter, and are consistent with the AMF report on audit committees published in 2010.

· The Board Charter, as updated and approved by the Board on a regular basis, specifies that the Audit Committee is responsible for monitoring:

· the process of preparing financial information;

· the effectiveness of internal control and risk management systems;

· the audit of the individual and consolidated financial statements by the statutory auditors; and

· the independence of the statutory auditors.

The Audit Committee is informed periodically, and on request, about the process used to identify, assess and manage the principal risks to which the Group is exposed.

2. F.b. Managerial committees

The following committees identify and monitor risks that may impair the effectiveness of the internal control system.

Executive Committee

The Executive Committee, chaired by the Chief Executive Officer, sets guidelines for internal control and risk management, allocates resources, and monitors actions that are implemented within the Group and supervised by local management committees in each operational unit.

The Committee meets as often as required by the need for rapid decision-making. It draws on the experience and competencies of its members to anticipate and monitor risks and opportunities associated with developments affecting the Group itself and the pharmaceutical sector generally. For details of the composition of the Executive Committee, refer to “Item 6. Directors, Senior Management and Employees — A. Directors and Senior Management” of the Annual Report on Form 20-F.

Risk Committee

The remit of the Risk Committee is to assist the Executive Committee in fulfilling its risk management responsibilities. The Committee is co-chaired by the Senior Vice President Corporate Social Responsibility and the Senior Vice President Audit and Internal Control Assessment, and meets quarterly. It applies a structured methodology to identify, assess and manage transverse risks that could have a significant impact on the Group’s activities. More generally, the Risk Committee promotes a responsible risk management culture within the Group.

Executive Compliance Committee

The role of the Executive Compliance Committee is to facilitate and oversee the effectiveness of all aspects of the Sanofi compliance program. It sets overall guidelines, and also has an operational role in proposing and implementing actions to reinforce the effectiveness of the program and foster a continuing commitment to Sanofi values. The Committee is chaired by the Chief Executive Officer.

Acting on the recommendation of the Executive Compliance Committee, the Group has implemented a system for collating and managing alerts, the primary purpose of which is to deal with any alerts warning of potential or actual breaches of the Code of Ethics and/or of any applicable law, regulation or procedure.

Published Information Review Committee

The Published Information Review Committee is responsible for reviewing and validating key documents intended for shareholders and the public, and for assessing the procedures and controls used in preparing such documents.

The Committee has implemented a process of reporting information to the Committee’s secretary to ensure that the Committee is kept informed of any significant event liable to impact the share price. The secretary then consults Committee members to determine what approach to adopt as far as informing the public is concerned.

2. F.c. Audits

Various types of audit are conducted, covering all Group companies. The roles and responsibilities of the Internal Audit and Information Systems Audit functions are described in a charter.

Sanofi’s Internal Audit function (including the Information Systems Audit function) is certified by IFACI, the French Institute of Internal Audit and Internal Control, indicating that it operates to international professional standards.

The Internal Audit function is independent and objective, reporting to the Chief Executive Officer. It has neither authority over nor responsibility for the operations it reviews, and has complete freedom of action. Internal Audit is responsible for providing the Group’s senior management, and the Board of Directors via the Audit Committee, with reasonable assurance about the level of control over risks associated with operations within the Group and about the effectiveness of internal control. The Audit Committee is periodically informed about the results of internal audit activities, the implementation status of internal audit recommendations, the annual audit plan, and related resource needs.

The Quality Assurance departments conduct regular audits to assess good practice and obtain assurance as to compliance with procedures and regulations on quality issues in their area of expertise.