Prevention Plan of Corruption Risks and Related Offences
Last update: May 2025
1. Introduction
1.1 FRAMING
Decree-Law No. 109-E/2021, of December 9, established the General Regime for the Prevention of Corruption (hereinafter referred to as “RGPC”), which implemented new Compliance obligations for public or private entities with 50 or more employees, which include the adoption and implementation of a Regulatory Compliance Program that includes, at least one plan for the prevention of risks of corruption and related offences, a code of conduct, a training program and a whistleblowing channel.
This Plan for the Prevention of Risks and Related Infractions was prepared under the provisions of articles 5 and 6 of the RGPC and constitutes a tool that allows ENDIPREV (hereinafter referred to as ENDIPREV), as an entity obliged under the provisions of article 2, paragraph 1, of that law, to prevent, detect, suppress and sanction acts of corruption and related infractions, carried out within or through the company, covering its entire organization and all activities carried out within the scope of its corporate purpose.
1.2 SCOPE AND OBJECTIVES
The Plan is applicable to all ENDIPREV Employees, including all partners, administrators and managers, suppliers, internal and external service providers, contractors, subcontractors, interns, workers, temporary workers and volunteers.
This Plan identifies the risks of corruption and related infractions to which ENDIPREV is exposed, as well as the identification of preventive and corrective measures that are appropriate in this area. To this end, the following shall be carried out:
- Identification, analysis and classification of risks and situations that may expose ENDIPREV to acts of corruption and related infractions, including those associated with the exercise of functions by the members of the management and management bodies, considering the reality of the company and the pursuit of its activity.
- Identification of preventive and corrective measures that reduce the probability of occurrence and the impact of the risks and situations that are identified.
1.3 MISSION AND COMMITMENT
At ENDIPREV, we have transparency objectives, aiming to perform functions with maximum loyalty and efficiency, seeking the greatest satisfaction of our customers, and ensuring the strictest compliance with our legal obligations.
Demand and responsibility are fundamental values, which we imprint on our conduct.
- We are demanding what we do and how we do it. Only by acting with integrity, loyalty and ethics will we be able to do good, well done.
- We are responsible for complying with the Code of Ethics and Conduct, and all our Employees are committed to promoting a culture of integrity, with the aim of assertin ourselves as a company of excellence, acting with competence, responsibility, ethics and professionalism.
In this effort, ENDIPREV thus has an Anti-Corruption Policy, which defines the principles of action in the prevention of corruption, repudiating the practice of any conduct that, directly or indirectly, may be related to corruption, regulating our performance by the fundamental principles of respect, integrity, loyalty, ethics and compliance with the law in force.
Because we guide our activity in this way, and because we recognize the importance and value of this instrument in preventing and combating corruption and related infractions within ENDIPREV, this Plan for the Prevention of Risks of Corruption and Related Infractions (hereinafter referred to as the “Plan”) is adopted and implemented, in due compliance with the legal obligations imposed by the RGPC.
1.4 DEFINITIONS
| Term | Definition |
|---|---|
| PPR | Corruption Prevention Plan |
| RGPC | General Regulation for the Prevention of Corruption |
| DL | Decree of Law |
1.5 REFERENCE DOCUMENTS
Ref 1 DL 109-E/2021, of December 9
2. Responsible for regulatory compliance
The Regulatory Compliance Officer is appointed by ENDIPREV’s Board of Directors, being, in this capacity, the person responsible for monitoring, controlling and executing the Regulatory Compliance Program under the terms of article 5 of the RGPC.
The Regulatory Compliance Officer performs his duties with independence and decision-making autonomy, having access to internal information and to the technical and human resources necessary for the exercise of his duties.
The Regulatory Compliance Officer shall provide all clarifications on ENDIPREV’s Regulatory Compliance Program and shall promote the performance of internal audits that may be necessary within the scope of the correct implementation and execution of the regulatory compliance program
3. Compliance Department
The responsibilities associated with the Compliance area and, consequently, with the Plan, are based, firstly, on the commitment of the management bodies, which approve the respective Plan and determine its implementation, transposing it to their sphere, through specific procedures and respective controls, and, secondly, on the Regulatory Compliance Officer, within the scope of the functions delimited and specified in the previous chapter.
Under the guidance of the Regulatory Compliance Officer, ENDIPREV’s Compliance Department is established, which is specifically responsible for the following functions:
- Prepare an annual report on the implementation of the Plan in close collaboration with the various departments, ensuring a constant identification, analysis and assessment of the organization’s risks.
- Identify preventive and corrective measures to reduce the probability of occurrence and the impact of the risks and situations identified.
- Assess the balance of the measures adopted and the measures to be adopted, the description of the risks eliminated or whose impact has been reduced and those that remain, and the risks identified throughout the year that were not included in the initial plan.
- Prepare proposals for revision of the Plan.
- Promote employee awareness and training.
- Promote publication on the website and on the internet.
- Promote communication between the Administration and other departments in the field of risk management.
- Ensure that risk information is up to date, consolidated, structured and properly communicated to stakeholders.
In the identification, analysis and classification of risks and situations that may expose ENDIPREV to acts of corruption and related infractions, this component of the company’s organizational structure was considered.
4. Anti-corruption policy
ENDIPREV repudiates any practice of corruption or related infractions or even other forms of undue influence, imposing strict compliance with the law and internal policies in all its internal and external relations, whether with private or public entities.
With this Policy, it is intended to transmit and ensure to all Employees, Customers and external entities with which the company relates, ENDIPREV’s commitment to ensure that its activity is based on respect for the law in force, promoting its values defined in the Code of Conduct and complying with the duties of supervision and control of its activity.
All must comply with the applicable national and international standards to combat corruption and related infractions, and any and all behaviors that may constitute the practice of the crime of corruption or any related infraction provided for by law are expressly prohibited.
4.1 OFFENCES PROVIDED FOR BY LAW (APPLICABLE ONLY IN PORTUGAL)
For the purposes of Portuguese law and this applicable system, we must, in criminal and disciplinary terms, consider the following offences:
A. Crimes provided for in the Penal Code (Decree-Law No. 48/95, of 15 March)
| LEGAL TYPE | CONDUCT | REGULATORY FRAMEWORK |
|---|---|---|
| Corruption | Practice of any act or omission, whether in both cases lawful or illicit, in exchange for the receipt of an undue patrimonial or nonpatrimonial advantage, for oneself or for a third party. | Articles 372 to 374a of the Criminal Code |
| Unlawful Receipt or Offer of an Advantage | When the official, in the exercise of his duties or because of them, by himself, or through an intermediary, with his consent or ratification, requests or accepts, for himself or for a third party, a patrimonial or non-patrimonial advantage, which is not due to him. | Article 372(1) of the Criminal Code |
| Misappropriation of Public Funds | When the official illegitimately appropriates for his own benefit or that of another person, money or any movable thing, public or private, which has been given to him, is in his possession or is accessible to him by reason of his duties. | Article 375(1) of the Criminal Code |
| Misappropriation by use | When the employee uses or allows another person to make use of immovable property, vehicle, or other movable object or animal of appreciable value, public or private, which has been delivered to him, is in his possession or is accessible to him because of his duties. | Article 376 of the Penal code |
| Economic participation in business | When an official who, with the intention of obtaining, for himself or for a third party, unlawful economic participation, harms in a legal transaction the patrimonial interests that, in whole or in part, he is responsible for, by virtue of his function, to administer, supervise, defend or carry out. | Article 377(1) of the Criminal Code |
| Concussion | Where an official, in the exercise of his duties or of the de facto powers deriving therefrom, by himself or through an intermediary with his consent or ratification, receives, for himself, for the State or for a third party, by inducing error or taking advantage of the victim’s error, a financial advantage which is not due to him, that is, greater than that due, namely contribution, fee, emolument, fine or fine. | Article 379 of the Criminal Code |
| Abuse of power | When the official abuses powers or violates duties inherent to his duties, with the intention of obtaining, for himself or for a third party, an illegitimate benefit or causing damage to another person. | Article 382 of the Criminal Code |
| Influence Peddling | When someone by themselves or through an intermediary, with their consent or ratification, requests or accepts, for themselves or for a third party, a patrimonial or nonpatrimonial advantage, or their promise, to abuse their influence, real or supposed, with any public entity. | Article 335 of the Criminal Code |
| Money Laundering | When the official converts, transfers, assists or facilitates any operation of conversion or transfer of advantages, obtained by him or by a third party, directly or indirectly, with the purpose of concealing its illicit origin, or to prevent the perpetrator or participant of such offenses from being criminally prosecuted or subjected to a criminal reaction. | Article 368a of the Criminal Code |
To this end, it is important to bear in mind the concept of “official”, referred to in Article 386 of the Criminal Code, according to which the following should be understood as such:
- The civil and militay public employee.
- Who holds public office by virtue of a special bond.
- Whoever, even temporarily or temporarily, for remuneration or free of charge, voluntarily or compulsorily, has been called upon to perform or participate in the performance of an activity falling within the scope of the administrative or judicial public function.
- Judges of the Constitutional Court, judges of the Court of Auditors, judicial magistrates, public prosecutors, the Prosecutor General of the Republic, the Ombudsman, members of the Supreme Council of the Judiciary, members of the Superior Council of the Administrative and Tax Courts and members of the Superior Council of the Public Prosecutor’s Office.
- The arbitrator, the jury, the expert, the technician who assists the court in judicial inspection, the translator, the interpreter and the mediator.
- The notary.
- Whoever, even temporarily or temporarily, for remuneration or free of charge, voluntarily or compulsorily, performs or participates in the performance of an administrative public function or exercises functions of authority in a legal person of public utility, including private institutions of social solidarity.
- Who performs or participates in the performance of public functions in a public association.
- Members of management or administration bodies or fiscal bodies and employees of public companies, nationalized, with public capital or with a majority participation in public capital and also of public service concessionaires.
- The holders of a management or administration body, appointed by the State or by another public entity, in the case of companies with equal or minority participation of public capital.
- Judges, officials, agents and equivalent of organizations governed by public international law, regardless of nationality and residence.
- Officials who are nationals of other States.
- All those who perform functions identical to those described in paragraph 1 within the scope of any international organization governed by public law of which Portugal is a member.
- Magistrates and officials of international courts, if Portugal has declared that it accepts the jurisdiction of these courts.
- All those who exercise function within the scope of out-of-court dispute resolution procedures, regardless of nationality and residence; and
- National jurors and arbitrators from other States.
B. Crimes provided for in Law No. 34/87, of 16 July (crimes under the responsibility of holders of political office)
| LEGAL TYPE | CONDUCT | REGULATORY FRAMEWORK |
|---|---|---|
| Corruption | When the holder of a political office, by himself or through an intermediary, with his consent or ratification, requests or accepts, for himself or for a third party, a patrimonial or non-patrimonial advantage, which is not due to him, in return for taking a decision contrary to the duties of the office, within the scope of his functions. | Article 17 of Law No. 34/87 of 16 July |
| Improper receipt or offer of advantage | When the holder of a political office, in the exercise of his functions or because of them, by himself or through an intermediary, with his consent or ratification, requests or accepts, for himself or for a third party, a patrimonial or nonpatrimonial advantage, which is not due to him. | Article 16 of Law no. 34/87 of 16 July |
| Misappropriation of Public Funds | When the holder of a political office, in the exercise of his functions illegitimately appropriates for his own benefit or that of another person, money or any movable thing, public or private, which has been delivered to him, is in his possession or is accessible to him by reason of his functions. | Article 20 of Law no. 34/87 of 16 July |
| Misappropriation by use | When the holder of political office uses or allows another person to make use of immovable property, vehicle, or other movable thing or animal of appreciable value, public or private, which has been delivered to him, is in his possession or is accessible to him by reason of his functions. | Article 21 of Law no. 34/87 of 16 July |
| Embezzlement due to another’s mistake | When the holder of a political office, in the exercise of his functions, but taking advantage of the circumstantial error of another, receives for himself or for a third party fees, emoluments or other amounts not due or of an amount higher than that due. | Article 22 of Law No. 34/87 of 16 July |
| Economic participation in business | When the holder of a political office who, with the intention of obtaining, for himself or for a third party, an illicit economic participation, harms in a legal transaction the patrimonial interests that, in whole or in part, he is responsible for, by virtue of his functions, to administer, supervise, defend or carry out, as well as when the holder of a political office receives a patrimonial advantage by entering into an act relating to interests over which, by virtue of his position, he has at that moment the powers of disposition, administration or supervision, even if he does not harm them. | Article 23 of Law no. 34/87 of 16 July |
| Abuse of power | When the holder of a political office abuses powers or violates duties inherent to his functions, with the intention of obtaining, for himself or for a third party, an illegitimate benefit or causing damage to another person. | Article 26 of Law No. 34/87 of 16 July |
| Malfeasance | When the holder of political office, in the exercise of his functions, intervenes in a process in which he makes unlawful decisions with the intention of harming or benefiting someone. | Article 11 of Law no. 34/87 of 16 July |
| Violation of secrecy | When the holder of a political office reveals a secret of which he or she has been aware or entrusted to him by virtue of his or her duties, with the intention of obtaining an undue benefit for himself or a third party or to cause damage to a public interest or that of a third party. | Article 27 of Law No. 34/87 of 16 July |
For the purposes of applying criminal law, article 3 of Law nr. 34/87, of 16 July, specifies that the following are considered to be “political positions”:
- That of President of the Republic.
- The President of the Assembly of the Republic.
- That of member of the Assembly of the Republic.
- That of member of the Government. that of the member of the European Parliament.
- Representative of the Republic in the autonomous regions.
- A member of a self-government body of an autonomous region.
- A member of a representative body of a local authority; and
- Holders of political offices in organizations governed by public international law, as well as holders of political offices in other States, regardless of nationality and residence, when the offence has been committed, in whole or in part, in Portuguese territory.
C. Crimes provided for in Law No. 20/2008, of 21 April (criminal regime of corruption in international trade and the private sector)
| LEGAL TYPE | CONDUCT | REGULATORY FRAMEWORK |
|---|---|---|
| Corruption to the detriment of international trade | Practice of any act or omission thereof, directly or indirectly, in order to give or promise to an official, national, foreign or international organization, or to a holder of a political office, national or foreign, or to a third party with knowledge of them, an undue patrimonial or non-patrimonial advantage, with a view to obtaining or preserving business, contract or other undue advantage in international trade. | Article 7 of Law No. 20/2008 of 21 April |
| Corruption in the private sector | Practice of any act or omission, directly or indirectly, in the sense of soliciting or accepting, for oneself or for a third party, an advantage or promise of undue patrimonial or non-patrimonial advantage, in exchange for any act or omission that constitutes a violation of one’s functional duties. | Article 8 of Law No. 20/2008 of 21 April |
D. Crimes provided for in Decree-Law No. 28/84, of 20 January (anti-economic offences and offences against public health)
| LEGAL TYPE | CONDUCT | REGULATORY FRAMEWORK |
|---|---|---|
| Fraud in obtaining a subsidy or subsidy | Where the official provides the competent authorities or entities with incorrect or incomplete information about himself or a thirdparty concerning facts relevant to the award of a subsidy or subsidy; omitting information about important facts; use a supporting document obtained through inaccurate or incomplete information; to obtain a subsidy or subsidy | Article 36 of Decree-Law No. 28/84 of 20 January |
| Procurement fraud Credit | When the employee submits a proposal for granting, maintaining or modifying credit conditions, containing: a) inaccurate or incomplete written information intended to give you credit or relevant to the decision on the credit application. b) Documentation, relating to the economic situation, inaccurate or incomplete, namely balance sheets, profit and loss accounts, general descriptions of assets or expert opinions. c) The concealment of deteriorations in the economic situation that have occurred in the meantime in relation to the situation described at the time of the credit application and that are important for the decision on it. | Article 38 of Decree-Law No. 28/84 of 20 January |
| Deviation of subsidy, subsidy or subsidized credit | When the official uses benefits obtained by way of subsidy or subsidy, a benefit obtained by way of subsidized credit, for purposes other than those for which they are legally intended.v | Article 37 of Decree-Law No. 28/84 of 20 January |
E. Disciplinary infractions for the private sector provided in the Labor Code (Law No. 7/2009, of 12 February)
The following conducts provided for in article 128(1) of the Labor Code constitute the employees’ duties, and failure to comply with them may trigger disciplinary liability under the terms of article 328 of the Labor Code:
- Respect and treat the employer, superiors, co-workers and people who relate to the company, with politeness and probity.
- Attend the service assiduously and punctually.
- Carry out the work with zeal and diligence.
- To participate diligently in professional training actions provided by the employer.
- Comply with the employer’s orders and instructions regarding the execution or discipline of work, as well as safety and health at work, which are not contrary to their rights or guarantees.
- Maintain loyalty to the employer, namely by not negotiating on their own account or on behalf of others in competition with them, nor by disclosing information regarding their organization, production methods or business.
- Ensure the conservation and proper use of work-related assets entrusted to it by the employer.
- Promote or execute acts aimed at improving the company’s productivity.
- Cooperate in improving safety and health at work, through the workers’ representatives elected for that purpose.
- Comply with the prescriptions on safety and health at work that arise from a law or collective bargaining agreement.
Pursuant to the provisions of article 128(2) of the Labor Code, the duty of obedience concerns both the orders or instructions of the employer and the employee’s hierarchical superior, within the powers attributed to him by the latter.
5. Risk identification, analysis and assessment
As is apparent from point 3 of Notice No. 5882/2009, of 19 March, of the Portuguese Council for the Prevention of Corruption, the risk consists in the “(…) fact, event, situation or circumstance likely to generate corruption or a related infraction”. Risk can be defined as the combination of the probability of an event and its consequences. ENDIPREV is aware that the mere fact of existence of activity opens the possibility of the occurrence of events or the generation of situations whose consequences constitute opportunities to obtain advantages (positive side) or threats to the pursuit of the activity (negative side), constituting, therefore, risks.
In the identification, assessment and classification of the specific risks of corruption and related infractions to which ENDIPREV may be exposed, the following methodology was adopted:
a) Identification of risks of corruption and related infractions.
b) Risk assessment:
– Identification of controls for risk mitigation.
– Identification of those responsible for monitoring controls.
c) Identification and definition of the action plan for monitoring risks and respectivemitigation measures.
Risk identification aims to identify an organization’s exposure to the element of uncertainty. This identification requires a thorough knowledge of the structure of the organization, the market in which it operates, the legal, social, political and cultural environment in which it operates, as well as the development of a solid interpretation of its strategies and operational objectives, including the key factors for its success and the threats and opportunities related to the achievement of these objectives.
The identification of risks must be approached in a methodical manner, to ensure that all significant activities within the organization have been identified and all risks arising from them are defined. All theassociated volatility related to these activities should be identified and classified by categories.
Regarding the identification of risks, the circumstances and/or activities likely to enhance irregular situations were identified.
The risk assessment analyzes the probability of occurrence of each of the potential situations that may expose the entity to acts of corruption and related infractions, and their possible impact (financial and reputational).
The determination of the probability of risk exposure situations is carried out through a qualitative approach, essentially considering the following factors:
- Complexity, criticality and frequency of the activities carried out.
- Degree of automation and typification of the activity.
- Existence of a control activity and the possibility and cost of correcting identified errors.
- Segregation of duties.
- Profile of the employees (experience, knowledge of the activity, training, motivation, suitability for the role, etc.).
- Number of employees with access to confidential/reserved information.
- Adequacy of the size of the team.
- Concentration of knowledge/tasks on specific collaborators.
- Existence of activities using third parties.
- Reliability and robustness of the existing information and its support systems.
The probability of the occurrence of the act that constitutes the commission of a crime of corruption or related infraction is classified according to the following criteria:
| Probability of occurrence | Low | Average | Discharge |
| 1 | 2 | 3 | |
| Risk prevention stems properly from the preventive/corrective measures previously adopted. | Adequate risk prevention may require and justify additional preventive measures in relation to those that already exist. | Adequate risk prevention requires additional corrective measures compared to those that already exist. |
The assessment of the financial and reputational impact of the occurrence of an event exposing that entity to acts of corruption or related offences shall be carried out based on the following factors:
- The existence of obstacles to new business and expansion opportunities.
- The number of possible faults in relation to the same risk.
- The history of sanctions conferred on the same risk.
The foreseeable impact on the organization of the occurrence of the risk of corruption or related offence is classified according to the following criteria:
| Impact | Low | Medium | High |
| 1 | 2 | 3 | |
| The occurrence of the risk may be translated into a wording of the efficiency of the procedure or the function to which it is associated, requiring the review of the procedure itself. This is an internal impact, with implications at the procedural level of the entity or organization. | The occurrence of the risk may result in a reduction in the efficiency and effectiveness of the procedure or function to which it is associated, requiring a review of the procedure and the corresponding objectives associated with it. This is an internal impact, with implications for the procedural and productive plan of the entity or organization. | The occurrence of the risk may result in a reduction in the efficiency and effectiveness of the procedure or function to which it is associated and may be subject to media coverage. This is an impact with internal implications in the procedural and productive plan of the entity or organization, and with external implications, of mediatization of the occurrence, with reputational impacts on its credibility. |
Then, relating to the potential impact of business risks and the probability of materialization of these risks, the risk level will be designated according to the following scale:
1 – Low risk.
2 – Medium risk; and
3 – High risk.
Once the areas of activity and the risks of corruption and related offences had been identified, it was necessary to classify the risks. For this purpose, a classification was carried out according to the Risk Management Standard of the Federation of European Risk Management Associations.
From the correlation of the classification assigned to each risk, based on the aforementioned indicators (degree of occurrence and impact), the level of risk was reached, which can be low (1), medium (2) or high (3). The risk calculation was performed using the following formula: Risk = Probability of occurrence x Impact.
| RISK LEVEL MEASUREMENT MATRIX | ||||
| Probability of occurrence | ||||
| Low (1) | Average (2) | High (3) | ||
| Impact | Bass (1) | Minimum (1) | Weak (2) | Moderate (3) |
| Medium (2) | Weak (2) | Moderate (4) | Elevated (6) | |
| Tall (3) | Moderate (3) | Elevated (6) | Maximum (9) | |
A. Definition of the action plan for monitoring risks and respective mitigation measures
Once the risk situations to which companies are exposed and the respective level of risk have been defined, the measures are defined to reduce the probability of occurrence and the foreseeable impact of each situation identified within ENDIPREV, to ensure the proper mitigation of the identified risks.
To ensure the topicality, solidity and continuity of the robustness of ENDIPREV’s internal control system on the prevention of the phenomenon of corruption and related infractions, if necessary, the adoption of appropriate corrective measures to mitigate risks is proposed.
Depending on the concrete measurement of the level of risk, under the terms of the matrix indicated above, the following approach is defined in the face of appropriate or necessary preventive and corrective measures:
| 1 to 2 | Maintain the preventive measures already in place. Intervene by taking corrective action only if justified by a more detailed analysis. |
| 3 to 5 | Assess the implementation of existing preventive measures and the need to implement corrective measures. |
| 6 to 9 | Implement corrective measures until the situation is mitigated or eliminated. |
6. Risk and controls matrix
The Risk and Controls Matrix compiles the set of risks that may expose ENDIPREV to acts of corruption and related infractions, considering the organization of the company and the activity it pursues.
The respective mitigation controls, the prevention policies implemented, as well as the existing mitigation measures and any corrective measures to be implemented are also identified.
Attached to this Plan is the risk matrix and the measures established in accordance with the methodology described above.
7. Monitoring
The execution of the Plan is subject to control, which will be carried out under the following terms:
- Drawing up, in October, a mid-term assessment report of the situations identified as highor maximum risk;
- Drawing up, in April of the year following the year to which the implementation relates, ofthe annual assessment report, containing the quantification of the degree of implementation of the preventive and corrective measures identified, as well as the forecast of their full implementation.
The evaluation reports are reported to the Administration and analyzed by it.
Without prejudice to the above, it is also incumbent upon the heads of each department to verify and monitor the implementation of the preventive and corrective measures applied therein, and to communicate to the Regulatory Compliance Officer and the Compliance Department any risks or irregularities detected.
In compliance with the provisions of article 6, paragraph 5 of Decree-Law no. 109-E/2021, of 9 December,ENDIPREV will review the Plan every three years or whenever there is a change that justifies the revision of any of its elements.
8. Disclosure
ENDIPREV ensures the availability of the Plan and the respective mid-term evaluation and annual evaluation reports to all its Employees, through publication on ENDIPREV’s website (www.endiprev.com), as well as on its intranet system, within 10 (ten) days from the implementation of the Plan and respective revisions, in compliance with the provisions of article 6, paragraph 6 of DecreeLaw no. 109-E/2021, of 9 December.
ANNEX I
ANNEX I – RISK MATRIX AND PREVENTIVE/CORRECTIVE MEASURES
| Process / Department | Risk | Risk assessment | Preventive and corrective measures | ||
|---|---|---|---|---|---|
| Probability | Impact | Inherent Risk | |||
| Business development | Inappropriate payments through intermediaries to obtain/maintain a contract/market | 1 | 1 | 1 |
– Segregation of duties. – Matching the payment to specific documents. – Budgeting. – Limits for approval of supplier documents. – Maximum limits for autonomous payments. – Periodic internal and external audits. – Periodic review of the management of significant financial transactions. – Code of conduct. – Internal reporting channel. – Conducting training on corruption. |
| Business development | Inadequate payments through subcontractors and co-contractors to obtain/maintain a contract/market | 1 | 2 | 2 |
– Segregation of duties. – Matching the payment to specific documents. – Budgeting. – Limits for approval of supplier documents. – Maximum limits for autonomous payments. – Periodic internal and external audits. – Periodic review of the management of significant financial transactions. – Code of conduct. – Internal reporting channel. – Conducting training actions. |
| Business development | Inappropriate gifts or payments to obtain/maintain a contract/market | 1 | 2 | 2 | – Maximum limits for autonomous payments. – Audits and control of expense reports. – Code of conduct. – Internal reporting channel. – Conducting training actions |
| Business development | Conflict of interest and/or influence peddling in the context of a tender (private client) | 1 | 2 | 2 | – Prior verification of conflicts of interest. – Code of conduct. – Internal reporting channel. – Conducting training on corruption. |
| Business development | Invoicing the sale of fictitious goods / provision of services or invoicing the customer above / below the established amount in exchange for an undue advantage | 1 | 1 | 1 | – Segregation of duties. – Matching the payment to specific documents. – Control in the review, approval and payment of supplier invoices. -Budgeting. – Limits for approval of supplier documents. – Code of conduct. – Internal reporting channel. – Conducting training actions. |
| Shopping | Payment of fictitious service or favoritism to a supplier in exchange for an undue advantage | 2 | 2 | 4 | – Segregation of duties. – Matching the payment to specific documents. – Control in the review, approval and payment of supplier invoices. -Budgeting. – Limits for approval of supplier documents. – Code of conduct. – Internal reporting channel. – Conducting training actions. |
| Payments | Facilitation payments | 1 | 1 | 1 | – Segregation of duties. – Matching the payment to specific documents. – Control in the review, approval and payment of supplier invoices. – Budgeting. – Limits for approval of supplier documents. – Code of conduct. – Internal reporting channel. – Conducting training actions. |
| Payments | Improper payments concealing the beneficial owner | 1 | 1 | 1 | – Segregation of duties. – Matching the payment to specific documents. – Control in the review, approval and payment of supplier invoices. – Budgeting. – Limits for approval of supplier documents. – Code of conduct. – Internal reporting channel. – Conducting training actions. |
| Human resources | Favoritism in hiring in exchange for an undue advantage | 2 | 2 | 4 | – Segregation of duties. – Code of conduct. -Human resources procedure. – Internal reporting channel. – Conducting training actions. |
| Information Systems and Access to Privileges and Data | Improper access to information classified as confidential and to personal and sensitive data | 1 | 3 | 3 | – Code of conduct. – Internal reporting channel. – Carrying out training actions. – Access to information rules. |
Contact Us
If you have any questions or suggestions, do not hesitate to contact us.