Compliance Committee Charter

CHARTER OF THE COMPLIANCE COMMITTEE
OF THE BOARD OF DIRECTORS OF
McKESSON CORPORATION
As Approved by the Board on April 26, 2023

I. PURPOSE OF THE COMMITTEE

The purposes of the Compliance Committee (the “Committee”) of the Board of Directors (the “Board”) of McKesson Corporation (the “Company”) shall be to assist the Board in overseeing (i) our compliance programs and (ii) management’s identification and evaluation of our principal legal and regulatory compliance risks as more fully described below. Through the respective Committee Chairs, the Compliance Committee will coordinate with the Audit Committee in monitoring compliance by the Company with legal and regulatory requirements, providing risk oversight, and evaluating other matters as the committee chairs deem appropriate. Nothing in this Charter shall relieve the Audit Committee of its obligations under applicable law or the rules of the New York Stock Exchange.

II. COMPOSITION OF THE COMMITTEE

The Committee members, a majority of whom has been determined in the business judgment of the Board, to qualify as an independent director under (a) the rules of the New York Stock Exchange and (b) the Company’s Corporate Governance Guidelines, will be appointed by the Board and may be removed by the Board in its discretion. The Chair of the Audit Committee shall serve on the Committee.

III. MEETINGS AND PROCEDURES OF THE COMMITTEE

The Committee may fix its own rules of procedure, which shall be consistent with the By-laws of the Company and this Charter. The Committee shall meet as often as it determines, but not less frequently than quarterly, and at least once annually, the Committee shall meet jointly with the Audit Committee. The Board may designate one member of the Committee as its Chair, and in the absence of any such designation by the Board, the Committee shall designate by majority vote of the full Committee one member of the Committee as its Chair.

The Committee may request that any directors, officers or employees of the Company, or other persons whose advice and counsel are sought by the Committee, attend any meeting of the Committee to provide such pertinent information as the Committee requests.

Following each of its meetings, the Committee shall deliver a report on the meeting to the Board, including a summary description of actions taken by the Committee at the meeting. The Committee shall keep written minutes of its meetings, which minutes shall be maintained with the books and records of the Company.

The Committee shall review and reassess the adequacy of this Charter annually and recommend any proposed changes to the Board for approval. The Committee shall annually conduct a self-assessment and report the results to the Board. In lieu of a meeting, the Committee may also act by unanimous written consent resolution.

IV. COMMITTEE RESPONSIBILITIES

In carrying out its responsibilities, the Committee shall, among such other activities it deems appropriate:

1.  Oversee the Company’s compliance programs, including review of, with the appropriate members of management, the organizational structure, staffing, implementation and management’s assessment of the effectiveness of the Company’s compliance programs relating to the Company’s principal legal and regulatory compliance risks, the related policies and procedures, and the adequacy of the resources for those programs. Review of the Company’s compliance policies and procedures shall include the Company’s Code of Conduct, relevant “whistleblower” reporting and non-retaliation policies, relevant education and training, and other written compliance policies and procedures that guide the Company and the conduct of its agents in day-to-day operations.
2.  Review the Company’s approach to, and results of, risk identification, assessment, and mitigation plans for the principal legal and regulatory compliance risks facing the Company.
3.  Review the Company’s compliance with relevant laws, regulations, and corporate policies (including the Company’s Code of Conduct) governing the distribution of controlled substances and reporting of suspicious orders pursuant to the Company’s Controlled Substance Monitoring Program.
4.  Oversee significant complaints and other matters raised through the Company’s Integrity Line and other compliance reporting mechanisms, that involve allegations relating to violations of non-compliance with the CSMP or distribution of opioids, including the review and investigation of such matters as necessary.
5.  Review significant government inquiries or investigations and other significant legal actions.
6.  Review information about current and emerging legal and regulatory compliance risks and enforcement trends that may affect the Company’s business operations, performance, or strategy.
7.  Meet regularly with the Company’s Chief Compliance Officer to discuss matters within the Committee’s oversight responsibilities.
8.  Review the appointment, compensation, performance, and where appropriate or necessary, replacement of the Company’s Chief Compliance Officer and the Senior Vice President, Controlled Substances Monitoring Program (or other designated employee responsible for the oversight of the Company’s CSMP).
9. Prior to the Compensation Committee’s approval of executive compensation, deliver an annual report, including a written component, to the Chair of the Compensation Committee or the full Compensation Committee regarding the performance of relevant members of senior management with respect to efforts relating to the Company’s compliance with applicable laws, regulations, and rules.

V. INVESTIGATIONS AND STUDIES; OUTSIDE ADVISORS; AUTHORITY

The Committee may conduct, commission, or authorize investigations into or studies, analyses, review and/or surveys of matters within the Committee’s scope of responsibilities to evaluate the Company’s compliance with regulatory requirements, as well as to evaluate the quality of the personnel, committees, and entities providing compliance and regulatory services to the Company. The Committee shall have the authority, to the extent it deems necessary or appropriate, at the Company’s expense, to retain independent legal, accounting, or other advisors.

The Committee may require management to conduct audits on compliance, regulatory and/or legal concerns, and where appropriate, direct management to provide the results of such audits to the Committee directly. The Committee may also request and meet privately with any member of the Company’s senior management team or any other Company employee.

VI. LIMITATION OF COMPLIANCE COMMITTEE’S ROLE

Although the Committee has the duties and responsibilities set forth in this Charter, the Committee is not responsible for determining whether the Company’s compliance programs are effective. Management is responsible for designing programs to comply with applicable laws and regulations in scope of this Charter.