1 222 Table of Contents 224 514

2018 Guide to Effective Proxies

2.16 Risk oversight | 221 6 TH EDITION | GUIDE TO EFFECTIVE PROXIES GATX CORPORATION CORPORATEGOVERNANCE Risk Oversight FULL BOARD While management is responsible for managing risk, the Board and its committees play a role in overseeing our risk management practices. We have robust internal processes and an effective internalcontrolenvironment that facilitates identification and management of risk and regular communication with the Board. These include an enterprise risk management program, regular internal management disclosure committee meetings, codes of business conduct and ethics, a strong ethics and compliance program, and a comprehensive internal and external audit process. The Board implements its risk oversight function both as a whole and through delegation to Board committees, whichmeet regularly and report back to the Board. • • • • • • • • • • • • • • • AuditCommittee CompensationCommittee GovernanceCommittee PlaysakeyroleintheBoard’srisk oversightprocess,particularlyinrelation torisksthatcouldhaveafinancial impact,suchasfinancialreporting, taxes,accounting,disclosure,internal controls,legalmatters,andourethics andcomplianceprograms. Discussesourriskassessmentandrisk managementguidelinesandpolicieswith management,theinternalauditors,and theindependentregisteredpublic accountingfirm. Receivesregularreportsfrom managementanddiscussesstepstaken bymanagementtomonitorandcontrol riskexposures. Reviewsallofourquarterlyfinancial reports,includinganydisclosuretherein ofriskfactorsaffectingusandour business. ProvidesregularreportstotheBoardon itsriskoversightactivitiesandanyissues identifiedthereby. Managesrisksassociatedwithpersonnel andcompensationissues,including executivecompensation. Receivesregularreportsfromthe independentcompensationconsultant andmanagementconcerningour compensationplans,policies,and practices. Setsperformancegoalsunderour annualandlong-termincentiveplansand overseesourcompensationplans, policies,andpractices. ProvidesregularreportstotheBoardon itsoversightofcompensation-related risks. TogetherwithCompensation Committee’sindependentconsultant, providesinputtoourhumanresources staffinconjunctionwiththeirannual assessmentofpotentialrisksthatmay becreatedbyourcompensationplans, policies,andpractices.Theassessment conductedfor2016foundthatour compensationplans,policies,and practicesdidnotcreaterisksthatwould bereasonablylikelytohaveamaterial adverseeffectonGATX.Inreachingthis conclusion,weconsideredthemixof compensationpaidtoemployees,as wellastheriskcontrolandmitigation featuresofourplans,including appropriateperformancemeasuresand targets,incentiveplanpayout maximums,ourcompensationclawback policy,andmandatorystockretention requirementsforourexecutiveofficers. Managesrisksassociatedwith governanceissues,suchasthe independenceoftheBoard,Board effectivenessandorganization,corporate governance,anddirectorsuccession planning. Reviewstheskillsandexperienceofthe directorsonaregularbasistoensurethe diversityofrelevantexperience necessaryforaneffectiveBoard. Maintainscorporategovernance guidelinesandproceduresdesignedto assurecompliancewithallapplicable legalandregulatoryrequirementsand governancestandards. ProvidesregularreportstotheBoardon itsactivities. 10 GATXCORPORATION - 2017ProxyStatement GENERAL DYNAMICS COPORATION Governance of the Company R ISK O VERSIGHT Our comprehensive risk management program is conducted by senior management and overseen by the Board of Directors. In particular,theBoardoverseesmanagement’sidentificationandprioritizationofrisks.Webelievethatourriskmanagementprocesses arewellsupportedbythecurrentboardleadershipstructure. How We Manage Risk. The following summarizes the key elements of the Board’s, senior management’s and external advisors’ rolesinourriskmanagementprogram. • The Board oversees risk management,focusing on the most significant risks facing the company,including strategic, operational, financial,legalandreputationalrisks. • Each Board committee is integral to risk management and reports specific risk-management matters as necessary to the full Board. • Senior management is responsible for day-to-day risk management and conducts a thorough assessment through internal managementprocessesandcontrols. • Thechiefexecutiveofficerandsenior managementteamprovidetotheBoardadedicatedandcomprehensivebriefingofmaterial risks at least twiceper year, and the Board is briefed throughout theyearasneededonspecificrisks facingthecompany.Topics discussed in 2017 include our cyber security risk management program, human capital management and program-specific matters. • External advisors provide independent advice on specific risks and review and comment on risk management processes and proceduresasnecessary. The Role of the Board of Directors in Risk Management. The full Board reviews and approves annually a corporate policy addressing the delegation of authority and assignment of management responsibility to ensure that the responsibilities and authority delegated to senior management are appropriate from an operational and risk-management perspective. In addition, the Board assesses the company’s strategic and operational risks throughout the year, with particular focus on these risks at an annual multi-day Board meeting in early February. At this meeting, senior management reports on opportunities and risks in the markets in which the company conducts business. Additionally, each business unit president and each business group executive vice president presents the unit’s and group’s respective operating plan and strategic initiatives for the year, including notable business opportunitiesandrisks.TheBoardreviews,adjustswhereappropriate,andapprovesthebusinessunitandbusinessgroupgoalsand adopts our companyoperating plan for the year. These plans and related risks are monitored throughout the year aspartofperiodic financial and performance reports given to the Board by the chief financial officer and executive vice presidents of each business group. The Board also receives briefings from senior managementconcerning a variety of matters and related risks to the company, includingdefensebudgetandacquisitionmattersandspecificcustomerorprogramdevelopments. Inaddition,eachoftheBoardcommitteesconsidersriskasitrelatestoitsparticularareasofresponsibility. • Audit Committee. The Audit Committee has responsibility for oversight of the company’s policies and practices concerning overallriskassessmentandriskmanagement.Thecommitteereviewsandtakesappropriateactionwithrespecttothecompany’s annual and quarterly financial statements, the internal audit program, the ethics program and internal controls over financial reporting. To facilitate these risk oversight responsibilities, the committee receives regular briefings from members of senior management on accounting matters; the internal audit plan; internal control over financial reporting matters; significant litigation and other legal matters; and ethics program matters. The committeealso holds regular executivesessions with internal audit and regularexecutivesessionswiththepartnersoftheKPMGLLPauditteam. • Compensation Committee. The Compensation Committee oversees our executive compensation program to ensure that the program creates incentives for strong operational performance and for the long-term benefit of the company and its shareholders withoutencouragingexcessiverisk-taking.Thecommitteereceivesbriefingsfromthechairmanandchiefexecutiveofficer,human resourcesseniormanagementandoutsideconsultantsandadvisorsoncompensationmatters. • Finance and Benefit Plans Committee. The Finance and Benefit Plans Committee oversees the management of the company’s financepoliciesandtheassetsofthecompany’sdefinedbenefitplansforemployees.Thecommitteeoverseesmarketriskexposurewith respecttoitsassetswithinthecompany’sdefinedbenefitplansandrelatedtothecapitalstructureofthecompany,includingborrowing, liquidity,allocationofcapitalandfundingofbenefitplans.Toassessrisksintheseareas,thecommitteereceivesregularbriefingsfromour seniormanagementorexternaladvisorsonfinancepolicies,pensionplanliabilitiesandfunding,andassetperformance. GeneralDynamics2018ProxyStatement 17 Total of 02 pages in section GENERAL MOTORS CORPORATEGOVERNANCE Access to Outside Advisors TheBoardandeachBoardCommitteecanselectandretaintheservicesofoutsideadvisorsattheCompany’sexpense. Board and Committee Meetings and Attendance In2017,yourBoardheldatotalof10meetings,andaveragedirectorattendanceatBoardandCommitteemeetingswas97%.Eachdirector standing for re-election attended at least 90% of the total meetings of the Board and Committees on which he or she served in 2017. Directors are expected to attend our Annual Meeting of shareholders, which is held in conjunction with a regularly scheduled Board meeting.Alldirectorsinofficeatsuchtimeattendedthe2017AnnualMeeting. Board and Committee Oversight of Risk OversightandmonitoringofGM’s significant risks BOARDOFDIRECTORS Identification,assessment,andmitigationof risksacrossGM MANAGEMENT AUDIT COMMITTEE RISK COMMITTEE GOVERNANCE COMMITTEE FINANCE COMMITTEE COMPENSATION COMMITTEE CYBERSECURITY COMMITTEE YourBoardhastheoverallresponsibilityforriskoversight,withafocusonthemostsignificantrisksfacingtheCompany.Effectiverisk managementistheresponsibilityoftheCEOandothermembersofmanagement,specificallytheSeniorLeadershipTeam.Aspartofthe risk management process, each of the Company’s business units and functions is responsible foridentifying risks that couldaffectthe achievementofbusinessgoalsandstrategies,assessingthelikelihoodandpotentialimpactofsignificantrisks,andprioritizingtherisks andactionstobetakentomitigatesuchrisks,asappropriate. Your Board implements its risk oversight function both as a whole and through delegation to Board Committees, particularly the Risk Committee. The Board receives regular reports from management on particular risks within the Company, through review of the Company’sstrategicplanandthroughregularcommunicationwithitsCommittees.Managementprovidescomprehensivereportstothe Risk Committee on the key strategic, operating, vehicle, and workplace safety, financial, and compliance risks facing the Company, includingmanagement’sresponsetomanagingandmitigatingsuchrisks,asappropriate.TheCompany’sChiefComplianceOfficeralso regularlyreportstotheAuditCommittee. The Chair of the Risk Committee coordinates with the Chairs ofthe other BoardCommitteesin their reviewofthe Company risks that have been delegated to these Committees to support them in coordinating the relationship between risk management policies and practicesandtheirrespectiveoversightaccountabilities.EachoftheotherBoardCommittees,whichmeetregularlyandreportbacktothe Board,isresponsibleforoversightofriskmanagementpracticesforcategoriesofrisksrelevanttoitsfunctions. Your Board believesthat its structure for risk oversight providesfor open communication between management and the Boardand its Committees,whicheffectivelysupportsmanagement’senterpriseriskmanagementprograms.Inaddition,strongindependentdirectors chairtheCommitteesinvolvedinriskoversight,andalldirectorsareinvolvedintheriskassessmentandongoingriskreviews. G E N E R A L M O T O R S 2018 PROXYSTATEMENT 27 GOLDMAN SACHS GROUP, INC. CorporateGovernance |BoardOversightofourFirm Board Oversight of our Firm KEYAREASOFBOARDOVERSIGHT OurBoardisresponsiblefor,andcommittedto,theoversightofthebusinessandaffairsofourfirm.Incarrying outthisresponsibility,ourBoardadvisesourseniormanagementtohelpdrivesuccessforourclientsandlong- termvaluecreationforourshareholders,andoverseesmanagement’sefforts toensurethatthefirm’scultural expectationsareappropriatelycommunicatedandembracedthroughoutthefirm.OurBoarddiscussesand receivesregularupdatesonawidevarietyofmatters affectingourfirm. CONSIDERATION OF OUR REPUTATION IS CENTRAL TO BOARD AND COMMITTEE OVERSIGHT Strategy Cultureand Conduct Financial Performance and Reporting Executive Succession Planning CEO Performance Risk Management Strategy d OurBoardoverseesandprovidesadviceandguidancetoseniormanagementontheformulationand implementationofthefirm’sstrategicplans » Thisoccursyear-roundthroughpresentationsanddiscussionscoveringfirmwide,divisionalandregional strategy,aswellasgrowthinitiatives,bothduringandoutsideBoardmeetings d OurBoard’sfocusonoverseeingriskmanagementenhancesourdirectors’abilitytoprovideinsightand feedbacktoseniormanagement,andifnecessarytochallengemanagement,onitsdevelopmentand implementationofthefirm’sstrategicdirection d OurLeadDirectorhelpsfacilitateourBoard’soversightofstrategybyensuringthatdirectorsreceive adequateinformationaboutstrategyandbydiscussingstrategywithindependentdirectorsat executivesessions CEO Performance d UnderthedirectionofourLeadDirector,ourGovernanceCommitteeannuallyevaluatesMr. Blankfein’s performance » Theevaluationprocessincludesanexecutivesessionofindependentdirectors,aclosedsessionwith Mr. BlankfeinandadditionaldiscussionbetweenourLeadDirectorandMr. Blankfeinthroughouttheyear d TheCommitteereviewstheresultsofMr. Blankfein’sevaluationunderour“360degree”reviewprocess (360° ReviewProcess,asdescribedfurtheronpage42) andalsoassessesMr. Blankfein’sperformanceboth asCEO andasChairmanoftheBoardagainstthekeycriteriaandresponsibilitiesfortheserolesthatwere developedbyourGovernanceCommittee StrategyCEOPerformanceRiskManagementExecutiveSuccessionPlanningFinancialPerformanceandReportingCultureandConductCONSIDERATIONOFOURREPUTATIONISCENTRALTOBOARDANDCOMMITTEEOVERSIGHT 34 GoldmanSachs | ProxyStatementforthe2018AnnualMeetingofShareholders Total of 03 pages in section

RkJQdWJsaXNoZXIy NTIzNDI0