En impregilo generalpart_260811_def
-
Upload
impregilopgc -
Category
Business
-
view
341 -
download
0
description
Transcript of En impregilo generalpart_260811_def
BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012
Organisation, Management and Control
Model (ex Legislative Decree 231/01) Impregilo SpA
ORGANISATION, MANAGEMENT AND CONTROL MODEL
IMPREGILO S.p.A.
pursuant to the Legislative Decree no. 231 dated 8 June 2001
BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012
Organisation, Management and Control
Model (ex Legislative Decree 231/01) 2 / 30 Impregilo SpA
CONTENTS
DEFINITIONS 4
GENERAL PART 5
A. THE REGULATION FRAMEWORK 5
1. Introduction 5
2. The underlying crimes 5
3. Criteria for indicting responsibility to the body 5
4. The organisation, management and control Model 7
5. Crimes committed overseas 7
6. The sanctions 7
7. The body’s responsibilities and amending matters 9
B. THE IMPREGILO MODEL 10
1. Purpose of the Model 10
2. Guidelines 10
3. Principles inspiring the Model 11
4. Structure of Model 11
5. Relationship between Model and Code of Ethics 11
6. Corporate Governance System and Organisational Structure 12
6.1 Corporate Governance System 12 6.2 Organisational Structure 12
7. Criteria for adopting the Model 12
8. Significant crimes for the Company 13
9. Model recipients 13
10. Adoption, amendment and additions to the Model 13
11. The Model in the context of the Group 14
12. Board of Vigilance 15 12.1 Function 15 12.2 Requirements 15
12.2.1. Reputation 15 12.2.2 Professionalism 15 12.2.3 Autonomy and independence 15 12.2.4 Continuity of action 16
12.3 Composition, appointment and permanence of role 16 12.4 Removal 17 12.5 Tasks and powers 17
13. Information flows from and to the Board of Vigilance 19 13.1 Information to Corporate Bodies 19 13.2 Information to the Board of Vigilance 20 13.3 Information between Group’s Boards of Vigilance 21
14. Infra-group relations 21
BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012
Organisation, Management and Control
Model (ex Legislative Decree 231/01) 3 / 30 Impregilo SpA
14.1 Provision of services for the companies in the Group 21 14.2 Provision of services carried out by companies belonging to the Group for
the Company 22
15. The sanction system 22
15.1 General principles 22 15.2 Violation of the Model and the Code of Ethics 23 15.3 Sanctions and disciplinary measures 23
15.3.1 Sanctions for employees 23 15.3.2 Sanctions for executive managers 25 15.3.3 Sanctions for Directors 25 15.3.4 Sanctions for statutory auditors 26 15.3.5 Sanctions for collaborators and external subjects working on contract to the
Company 26
16. Communication and training 26 16.1 Communication 26 16.2 Training 27
17. General Prevention Protocols 27
17.1 General Prevention Principles 27 17.2 General Prevention Protocols 28 17.3 Protocols on observing debarment sanctions 30
Attachment 1 to the General Part – Table Sensitive Activities / Special Parts
SPECIAL PART A - CRIMES IN RELATION WITH THE PUBLIC ADMINISTRATION
SPECIAL PART B - CORPORATE CRIMES
SPECIAL PART C - MARKET ABUSE CRIMES
SPECIAL PART D - TRANSNATIONAL CRIMES
SPECIAL PART E - CRIMES CONCERNING HEALTH AND SAFETY IN THE WORKPLACE
SPECIAL PART F - CRIMES OF RECEIVING STOLEN GOODS, MONEY LAUNDERING AND USE OF
MONEY, ASSETS OR BENEFITS OF ILLEGAL ORIGIN
SPECIAL PART G - ACTS OF TERRORISM
SPECIAL PART H - CRIMES AGAINST INDIVIDUALS
SPECIAL PART I - COMPUTER CRIMES
SPECIAL PART J - ORGANIZED CRIME OFFENCES
SPECIAL PART K - CRIMES CONCERNING TRADEMARKS AND AGAINST INDUSTRY AND COMMERCE
SPECIAL PART L - CRIMES CONCERNING COPYRIGHT
SPECIAL PART M - INDUCEMENT TO MAKE NO DECLARATIONS OR TO MAKE MENDACIOUS
DECLARATIONS TO THE JUDICIARY AUTHORITY
SPECIAL PART N - ENVIRONMENTAL CRIMES
ATTACHMENT 1 - UNDERLYING CRIMES
ATTACHMENT 2 - ORGANISATIONAL STRUCTURE
ATTACHMENT 3 - UPDATING OF THE MODEL
ATTACHMENT 4 - IMPREGILO GROUP’S CODE OF ETHICS
ATTACHMENT 5 - LEGISLATIVE DECREE 231/2001
BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012
Organisation, Management and Control
Model (ex Legislative Decree 231/01) 4 / 30 Impregilo SpA
DEFINITIONS
I. Decree: the Legislative Decree no. 231 dated 8 June 2001 and later amendments
and modifications;
II. Model: the herein organisation, management and control model;
III. Code of Ethics: the Impregilo Group’s Code of Ethics (attachment 4);
IV. Top-level subjects: people with representational, administration or management
positions in the Company or in one of its organisational units, who have financial
and functional autonomy, or are actively involved in the management and
control of the Company;
V. Subordinates: people subject to management or supervision by one of the top-
level subjects;
VI. Board of Vigilance (OdV): the board, as set out in art. 6, letter b) of the Decree;
VII. TUF: the Legislative Decree no. 58 dated 24 February 1998 (Finance Consolidating
Act) and later amendments and modifications;
VIII. Underlying crimes: the specific crimes identified by the Decree from which the
body’s administrative responsibility may arise and, as far as they are equivalent,
specific administrative offences may also arise for which the application of the
regulations contained in the decree is foreseen;
IX. Company: IMPREGILO S.p.A.;
X. Companies belonging to the Group:
i) the Italian companies and operating enterprises that are directly or indirectly
controlled by the Company;
ii) the overseas companies and operating enterprises that are directly or indirectly
controlled by the Company, which operate in Italy with a permanent
organization;
XI. Process managers: the process managers to whom the Specific Sensitive Activities
report;
XII. Internal managers for specific sensitive activities: the organisational unit managers
to whom the Specific Sensitive Activities report;
XIII. Operating Unit: affiliates and / or projects that manage one or more contracts
and/or direct job orders;
XIV. UO: Organisational Unit i.e. a group of company resources in charge of manning
a set of activities that are homogeneous by content and skills required for them to
be carried out, all led by a Manager or by a Director;
XV. Sensitive Activities: Company activities within whose realm the risk may arise of
committing one of the crimes explicitly stated in the Decree;
XVI. Prevention Protocols: protocols aimed at programming the formation and
implementation of the body’s decisions in relation to the crimes to be prevented;
XVII. Procedure: organisational regulations that describe the roles, responsibilities,
decision rules and operational modes for carrying out a company process or a set
of activities.
BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART
Organisation, Management and Control
Model (ex Legislative Decree 231/01) 5 / 30 Impregilo SpA
GENERAL PART
A. THE REGULATION FRAMEWORK
1. Introduction
In our system, the Decree no. 231/2001 (the Decree) introduces and governs “bodies’”
responsibilities for administrative offences resulting from a crime.
The bodies to which the Decree is applied are all the companies, associations with or
without legal status, public economic bodies and private concessionary bodies of a
public service. On the other hand, the Decree is not applied to the State, public territorial
bodies, non-economic public bodies and bodies that carry out constitutional functions
(e.g. political parties and trade unions).
The bodies respond for the perpetration or attempted perpetration of some crimes by
subjects linked to them by functional relationship. Non-observance of the rules contained
in the Decree may give rise to sanctions for the body, which may have a strong effect on
the carrying out of said body’s activities.
The body’s responsibility does not substitute, but is instead added to the personal
responsibility of the person who has committed the crime.
A national register was set up by the Decree which contains the executive rulings and
sentences concerning the application of administrative sanctions to the bodies resulting
from a crime. Each body with jurisdiction over administrative offences resulting from a
crime, all public administrations, the bodies appointed to carry out public services where
a certificate is required to carry out any of their functions and the public prosecutor, for
matters of justice, have the right to obtain certification of all the body’s existing entries in
the register.
2. The underlying crimes
The body can only be called upon to answer for the carrying out of certain crimes (so-
called underlying crimes), identified by the Decree, and by laws that expressly refer to the
Decree’s subject (see Attachment 1 – Underlying Crimes).
3. Criteria for indicting responsibility to the body
The perpetration of one of the underlying crimes is only one of the conditions for
applicability of the regulations set out in this Decree.
There are, in fact, further conditions that pertain to the way in which the crime is indicted
to the body and that, depending on their nature, may be divided into objective and
subjective indictment criteria.
The objective criteria require that:
▪ the crime was committed by a subject functionally tied to the body;
▪ the crime was committed in the body’s interest or to its advantage.
The perpetrators of the crime from which the entity’s responsibility may derive can be: a)
Subjects with representation, directorship or management roles in the entity or one of its
organisational units, who have financial and functional autonomy, and also those who
carry out the management and control of the entity , even if only by deed (so-called top-
level subjects); b) persons subjected to the management and control of the top-level
subjects (so-called subordinates).
In particular, the top-level subjects category may include directors, general managers,
legal representatives, but also, for example, persons in charge of branches or divisions, or
BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART
Organisation, Management and Control
Model (ex Legislative Decree 231/01) 6 / 30 Impregilo SpA
Project Managers with financial and functional autonomy. Also, subjects delegated by the
directors to carry out company management activities or management of branches must
also be considered top-level subjects.
The subordinates’ category also includes those persons subject to the management and
supervision of the top-level subjects and who, substantially, carry out the top
management’s decisions in the interest of the body or, in any case, work under their
supervision. All the body’s employees, and all those who act in the body’s name, on its
behalf or in the body’s interest, such as, for example, external collaborators, freelance
insourcing and consultants may also be included in this category.
For the responsibility to be placed on the body, it is also necessary that the crime was
committed in the body’s interest or to its advantage.
In any case, the body will not be liable for the crime, if it was committed in the exclusive
interest of the perpetrator or third parties.
The subjective attribution criteria pertain to the profile of the body’s culpability. The body’s
responsibility exists if proper standards of correct management and control for the
organisation and carrying out of its activity have not been adopted or have not been
observed. The body’s culpability, and therefore the possibility of applying a reprimand,
depends on verification of an incorrect company policy or structural deficits in the
company organisation that have not prevented the perpetration of one of the underlying
crimes.
The Decree in fact excludes the body’s responsibility if, before the crime is committed, the
body has set up and efficiently implemented an “ORGANISATION, MANAGEMENT AND
CONTROL MODEL” (the Model) which is suitable for preventing the perpetration of a crime
of the type that has then occurred.
The Model operates as exempting if the underlying crimes was committed by a top-level
subject or if it was committed by a subordinate. For crimes committed by top-level
subjects, the Decree, however, introduces a kind of assumption of the body's responsibility,
as it only foresees its exclusion of responsibility if the body can prove that:
▪ the Board of Directors has adopted and efficiently implemented a model suitable for
preventing crimes of the very kind then carried out, before the crime was actually
committed;
▪ the task of supervising the functioning and respect of the Model, and taking care of
updating of the latter has been entrusted to a body with autonomous powers of
initiative and control (Board of Vigilance);
▪ the persons have committed the crime fraudulently circumventing the Model;
▪ there has not been insufficient or lack of supervision by the Board of Vigilance.
On the other hand, the body only answers for crimes committed by subordinates if it is
proved that “the perpetration of the crime was possible due to the non-observance of
management or supervisory obligations” which usually rely upon the company’s top
management.
However, in this case too, the adoption and efficient implementation of the Model, before
the crime was committed, excludes non-observance of management or supervisory
obligations and exempts the body from responsibility.
Adopting and efficiently implementing the Model, therefore, while not a legal obligation,
is the sole instrument available to the body to prove its own non-involvement in the crime
and, finally, to be exempted from the responsibility established by the Decree.
BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART
Organisation, Management and Control
Model (ex Legislative Decree 231/01) 7 / 30 Impregilo SpA
4. The organisation, management and control Model
The Model therefore operates to exempt the body from responsibility solely if suitable for
preventing the underlying crimes and only if efficiently implemented.
The decree, however, does not analytically state the Model’s characteristics and
contents, but limits itself to dictating some general principles and some essential content
elements.
Generally speaking - according to the Decree – depending upon the nature and extent
of the organisation as well as the type of activity carried out, the Model must foresee
measures which will guarantee the carrying out of the activity in full observance of the law
and to discover and promptly eliminate risky situations to commit certain crimes.
In particular, the Model must:
▪ identify the activities in whose realm the crimes can be committed (so-called sensitive
activities);
▪ foresee specific protocols aimed at programming the formation and implementation
of the body’s decisions in relation to the crimes to be prevented;
▪ identify the management of the financial resources suitable for preventing the
committing of crimes;
▪ foresee information provision obligations for the body appointed to supervise the
functioning and respect of the models;
▪ introduce a disciplinary system that is suitable for sanctioning the non-observance of
the measures stated in the Model.
With reference to the efficient implementation of the Model, the Decree also states the
need for regular verification and amendments to the Model if any significant violation of
the provisions are discovered, or if any changes are made to the body’s organisation or
activity.
5. Crimes committed overseas
As provided by art. 4 of the Decree, the body can be called upon in Italy to answer for
underlying crimes committed overseas, on the condition that the objective and subjective
indictment criteria set by the Decree have been met.
The Decree however, affects the possibility of pursuing the body for crimes committed
overseas if the following conditions are met:
▪ that the government of the place where the crime is committed is not already
proceeding against the body;
▪ that the body's headquarters are located in Italy;
▪ that the crime was committed overseas by a top-level subject or by a subordinated
one, pursuant to art. 5, paragraph 1, Legislative Decree no. 231/2001;
▪ that conditions to proceed as foreseen by arts.s 7, 8, 9, 10 of the Penal Code exist.
6. The sanctions
The sanctions for administrative offences resulting from a crime are: pecuniary sanctions,
debarment sanctions, forfeiture and publication of the conviction.
These sanctions are considered as administrative, even though they are applied by a
penal judge.
In the event that the body is convicted, a pecuniary sanction is always applied. The
pecuniary sanction is determined by the judge using a system based on “quotas”. The
number of quotas depends on the seriousness of the crime, the body’s degree of
BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART
Organisation, Management and Control
Model (ex Legislative Decree 231/01) 8 / 30 Impregilo SpA
responsibility, the activity carried out to eliminate consequences of said crime and to
alleviate such consequences or to prevent the perpetration of other crimes. When
deciding the size of a single quota, the judge takes the body’s economic and financial
conditions into consideration, in order to ensure sanction efficacy.
Cases for reducing the pecuniary sanction also exist. In particular, the pecuniary sanction
can be reduced by one third to one half if, before the trial is declared open, the body has
fully compensated the damage and has eliminated the harmful or dangerous
consequences of the crime, or if a suitable Model for preventing the perpetration of
further crime has been adopted and implemented.
The debarment sanctions are applied in addition to the pecuniary sanction, but only if
expressly stated for the crime that is being pursued, and on the condition that at least one
of the following conditions exists:
▪ the body has gained a significant profit from the crime and the crime has been
committed by a top-level subject, or by a subordinate, but only if the perpetration of
the crime was aided by serious organisational lacks;
▪ in the event of reiteration of offences.
The debarment sanctions provided for by the Decree are:
▪ debarment from carrying out activity;
▪ suspension or withdrawal of authorisations, licences or concessions functional to
committing the offence;
▪ ban on negotiating with the public administration, except to obtain provision of a
public service;
▪ exclusion from subsidies, loans, contributions or grants and withdrawal of any of the
ones already granted;
▪ a temporary or permanent ban on advertising goods or services.
Debarment sanctions are usually temporary, but in the most serious cases they may
exceptionally be applied with permanent effect.
Debarment sanctions may also be applied as a precautionary measure, i.e. before
conviction, if serious evidence exists of the body’s responsibility and there are grounded,
specific elements that support belief of a tangible danger that offences of the same kind
as the one being tried will be committed.
However, debarment sanctions are not applied if the body carries out the following
before the first instance trial is declared open:
▪ it has compensated the damage and eliminated the harmful or dangerous
consequences of the crime (or has at least worked effectively to achieve such goals);
▪ it has set the crime profit at the judicial authority’s disposal;
▪ it has eliminated any organisational lacks that caused the crime, adopting and
implementing organisational models that are suitable for preventing the perpetration
of new crimes of the same type as the one already committed.
The Decree also foresees another two sanctions: forfeiture, that is always ordered by
means of the conviction ruling and which consists of the State acquiring the price or profit
of the crime, or sums of money, assets or other benefits with the same value as the crime’s
price or profit, and publication of the conviction sentence in one or more newspapers
indicated by the judge in the ruling and using posters billed in the town where the body
has its headquarters.
The Decree also foresees applicability of real precautionary measures against the body.
In particular:
BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART
Organisation, Management and Control
Model (ex Legislative Decree 231/01) 9 / 30 Impregilo SpA
pursuant to art. 53 of the Decree, the judge can order the seizure of the items for which
forfeiture is permitted as set out in art. 19 of the same Decree;
as provided for by art. 54 of the Decree, the judge may order seizure of the body’s
movable property and real estate or of sums of money or items owed to the body, if
there are grounds to believe that the guarantees for payment of the pecuniary
sanction, legal costs, and any other amount due to the Inland Revenue do not exist or
may be lost.
7. The body’s responsibilities and amending matters
The Decree governs the body’s responsibility system in the event of amending matters:
transformation, merger, spin-off and sale of the company.
The Decree approves the rule that, in the event of a “transformation of the body,
responsibility for the crimes committed prior to the date on which the transformation takes
effect remains”. The new body will therefore be the recipient of the sanctions that were
applicable to the original body, for deeds committed prior to transformation.
In the event of a merger, the Decree establishes that the body emerging from the merger,
also by incorporation, is to be held liable for the crimes for which the bodies involved in
the merger were responsible.
In the event of a part spin-off, the Decree instead establishes that the spun-off body's
responsibility for crimes committed prior to the spin-off remains. However, the bodies
benefitting from the part or full spin-off will be jointly obliged to pay the pecuniary sanctions
owed by the spun-off body, for crimes committed prior to the spin-off. This obligation is
limited to the value of the transferred equity.
If the merger or the spin-off takes place before the trial to ascertain the body’s
responsibility ends, the judge will bear in mind the original body’s economic conditions
when deciding the extent of the pecuniary sanction, and not those of the body emerging
from the merger.
In any case, the debarment sanctions are applied to the bodies which have retained the
branch of activity, even only in part, in which the crime was committed.
In the event that the company is sold or transferred in the realm in which the crime was
committed, the Decree states that, except for the alienor body’s benefit of the right of
prior discussion, the transferee is jointly obliged with the alienor body with regards to
payment of the pecuniary sanctions, within the limits of the value of the sold company
and within the limits of the pecuniary sanctions that are found in the statutory accounting
books or which the transferee already knew about.
BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART
Organisation, Management and Control
Model (ex Legislative Decree 231/01) 10 / 30 Impregilo SpA
B. THE IMPREGILO MODEL
1. Purpose of the Model
The herein Organisation, Management and Control Model (the Model), adopted on the
basis of the provisions contained under arts.s 6 and 7 of the Decree, constitutes the
Company’s internal regulations, to all effects.
Its main objective is to configure a structured system of protocols and organisational,
managerial, and control procedures aimed at preventing the perpetration of the crimes
provided by the Decree, in addition to making the controls and Corporate Governance
system adopted by the company and inspired by the recommendations contained in the
“Code of Self-discipline” for companies listed on the stock market, as briefly described in
point 6.1 below, more efficient.
More generally, the Model is the essential instrument for increasing the awareness of all
the employees and all the stakeholders (suppliers, clients, commercial partners, etc),
called upon to adopt correct, transparent conduct, in line with the ethical values to which
the company aspires in pursuing its own company purpose.
The provisions contained in the herein Model therefore aim at the confirmation and
diffusion of a company culture set on legality, as the indispensable prerequisite for long-
lasting economic success: no illegal conduct, carried out in the interest or for the
advantage of the company, can be considered as in line with the policy adopted by the
company.
The Model is also aimed at the diffusion of a control culture, which must rule all the
decisional and operational phases of the company activity, in full awareness of the risks
coming from the possible perpetration of crimes.
The achievement of the afore-said aims is reached by the adoption of measures that are
suitable for improving efficiency in carrying out the company activities and for ensuring
continuous observance of the law and rules, identifying and promptly eliminating risky
situations. In particular, the goal of an efficient and balanced organisation for the
company, suitable at preventing the perpetration of crimes, is mainly pursued by
intervening on the formation and implementation processes for the company's decisions,
on controls, and on information flows, both inside and outside the company.
2. Guidelines
When drawing up the herein Model, the Company was inspired by the Confindustria
Guidelines for the drawing up of organisation, management and control models pursuant
to the Legislative Decree no. 231/2001, in the final version approved on 31 March 2008
and declared suitable by the Ministry of Justice on achieving the target set by art. 6,
paragraph 3, of the Decree. The herein Model has also taken the Code of Conduct for
construction companies and the Model drawn up by the National Association of Building
Constructors (ANCE), approved on 31 March 2003 and later amendments, into
consideration.
Any differences to specific points in the Confindustria Guidelines and the ANCE indications
are the result of a need to adapt the organisational and management measures to the
activities actually carried out by the Company and to the context in which it operates.
This can, in fact, require some differences to be made compared to the indications
contained in the trade associations’ Guidelines which, by their very nature, are
generalised and do not have any binding value. Within the regular Model review and
updating, the Company also takes into account international “best practices”.
BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART
Organisation, Management and Control
Model (ex Legislative Decree 231/01) 11 / 30 Impregilo SpA
3. Principles inspiring the Model
This Model was prepared with inspiration from some basic principles:
▪ the mapping of activities at risk (so-called “sensitive activities”), i.e. those activities in
whose context the crimes provided for by the Decree may be committed, as an
essential condition for suitable precautionary organisation;
▪ the attribution of powers consistent with the organisational responsibilities assigned to
subjects involved in the drawing up and implementation of corporate will;
▪ transparency and traceability of each important operation, in the realm of activities at
risk of crimes being committed and the consequent possibility of ex post verification of
Company conduct;
▪ attribution to an independent control board (Board of Vigilance) of specific control
tasks over the Model’s effective implementation and observance;
▪ diffusion of the conduct rules, procedures, and Company policies in the Company,
which are compliant with the principles set out in the Model and involvement of all
Company levels in its implementation;
▪ the need to verify the correct functioning of the Model in the field, and to carry out
regular updates on the Model itself, following indications that come from application
experience.
4. Structure of Model
The Model comprises a General Part, that describes and governs the overall functioning of
the organisational, management and control system adopted, aimed at preventing the
perpetration of underlying crimes, and some Special Parts, aimed at integrating the
content in relation to certain types of crime.
Whenever considered necessary for a more efficient coordination of the organisational
rules, the provisions contained in the Model are expressly contained in the relevant
company procedures. No disposition contained in the company procedures can in any
way justify the non-observance of the rules contained in the herein Model.
5. Relationship between Model and Code of Ethics
The Code of Ethics of the Impregilo Group, that was adopted by resolution of the Board of
Directors and that has been successively updated (please see attachment 3) is a different
instrument to the herein model in nature, function, and content.
The Code of Ethics, however, contains the principles of conduct and basic ethical values
to which the Company aims in pursuing its own goals, and such principles must be
observed by all those interacting with the Company.
From this point of view, the Code of Ethics should be considered as a vital foundation for
the Model, as the provisions contained in the latter assume observance of the contents of
the former, together creating a systematic corpus of internal regulations aimed at the
diffusion of a culture of ethics and corporate transparency.
The Code of Ethics, referred to herein as a whole, is attached to the Model (Attachment
4) and is a fully integral part.
BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART
Organisation, Management and Control
Model (ex Legislative Decree 231/01) 12 / 30 Impregilo SpA
6. Corporate Governance System and Organisational Structure
6.1 Corporate Governance System
The herein Model stands alongside the organisational choices made by the Company
regarding corporate governance, whose structure aspires to the principle according
to which having a system of corporate governance rules, ensuring higher levels of
transparency and reliability contemporarily creates higher standards of efficiency.
In this perspective, Impregilo adopted a Corporate Governance system in the year
2000, aspiring to the principles and guidelines contained in the Code of Self-Discipline
of the Italian Stock Market which has represented Italian Best Practice on corporate
governance ever since it was first published in 1998.
In compliance with what is foreseen in art. 124 bis and ter of the TUF and art. 89 bis of
the Consob Regulations implementing the provisions on issuers, the Company annually
publishes a report on its adhesion to the Italian Stock Market’s Code of Self-Discipline
and on the observance of consequent undertakings. This report is made available to
the public on the Company’s web site in a specific section.
6.2 Organisational Structure
In order to implement the herein Model, the Company’s organisational structure,
according to which the essential organisational structures, their respective areas of
competence and the main responsibilities attributed to each are identified, plays a
vitally important role. For a description of the current organisational structure, please
refer to Attachment 2 – Organisational Structure.
7. Criteria for adopting the Model
The Model implementation project was commenced by the Company in September 2001,
and was completed in January 2003, with approval of the Model by the Board of Directors
and the setting up of the Board of Vigilance. Further to legislative amendments that took
place after the first adoption of the Model, with the increase in the number of underlying
crimes, and changes in the Company organisation and the context within which the
Company works, specific Model review and updating projects were started up, with the
aid of external consultants. Within it various updates, therefore, the Model has been
adopted with specific resolutions by the Company's board of directors (see Attachment 3
- Updating of Model).
In agreement with the Decree’s provisions and taking inspiration from the Confindustria
guidelines approved by the Ministry of Justice and the ANCE indications, adoption of the
Model and its various updates have brought about the development of specific analyses
to identify Company areas where the risk of committing the crimes in question exists,
which have also witnessed the involvement of the main functions of the Company.
In particular, these analyses were carried out using the following methods:
▪ appointment to external consultancy Company aimed at carrying out a preliminary
analysis of Company activities at risk, during the drawing up phase of the Model;
▪ analysis of the Company’s organisational structure and consequent interviews with the
Company management;
▪ sharing of crime risk evaluations that emerged with the Company management.
With regards to implementation of the Model, analyses aimed at identifying the existing
gaps between current procedures and Model provisions were carried out. For this
purpose, specific Action Plans were drawn up, whose progress is subject to monitoring by
the Board of Vigilance.
BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART
Organisation, Management and Control
Model (ex Legislative Decree 231/01) 13 / 30 Impregilo SpA
8. Significant crimes for the Company
Adoption of the Model as an instrument that can guide the conduct of subjects operating
inside the Company and that can promote lawful, correct conduct at all Company levels
has a positive effect on preventing any type of crime or offence foreseen by the legal
system.
However, in order to fulfil the Decree’s specific provisions, and in consideration of the
analysis of the Company context and Company activities with potential crime risk, the
offences listed in point 2 of each Special Part, which can be consulted for a more precise
identification, are considered to be significant and are therefore specifically examined in
the Model.
9. Model recipients
The rules set in the Model and in the Code of Ethics are applied to those who hold
positions of representation, administration or management in the Company, or in one of its
organisational Units with financial and functional autonomy, as well as also to those who
manage and control the Company, also de facto.
The Model and the Code of Ethics are also applied to all the Company’s employees,
including those who work overseas and all top management or employees of the
Company’s overseas branches.
The Model and the Code of Ethics are also applied, within the limits of existing contracts,
to those who operate according to mandate or on behalf of the Company, even though
they do not actually belong to the same, and those who are in some way linked to the
Company by business relationships that are relevant for the prevention of crime. For this
purpose, the Legal and Corporate Affairs Director, having consulted the Human Resources
and Organisation Director and the Area Manager of the area to which the contracts or
relations belong, will preliminarily determine the types of legal contract with external
subjects, to whom the provisions contained in the Model and the Code of Ethics apply,
due to the nature of the activity carried out. The Legal and Corporate Affairs Director,
having consulted the Human Resources and Organisation Director and the Area Manager
of the area to which the contracts or relations belong also determines the methods for
communicating the Model and Code of Ethics to the external subjects involved, together
with the necessary procedures for the respect of the provisions set therein, in order to
ensure that all the subjects involved know the contents, according to the modes set out in
paragraph 16 below.
The recipients of the Model and the Code of Ethics must observe all the provisions and
protocols contained therein and all the procedures implemented for the latter, with the
utmost correctness and diligence.
10. Adoption, amendment and additions to the Model
The Board of Directors has the exclusive responsibility for adopting, amending and
changing the Model. The Board of Vigilance, in the realm of the powers granted to it in
compliance with art. 6, paragraph 1, letter b) and with art. 7, paragraph 4, letter a) of the
Decree, has the power to submit proposals to the Board of Directors concerning the
updating and adaptation of the herein Model and must also promptly inform the Board of
Directors in writing, also by including the information in the six-monthly report as set out in
point 13.1, of deeds, circumstances, or organisational gaps found in the vigilance activity
that show the necessity or advisability for the Model to be amended or changed.
BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART
Organisation, Management and Control
Model (ex Legislative Decree 231/01) 14 / 30 Impregilo SpA
In any case, the Model must be promptly amended or changed by the Board of Directors,
also further to proposal, and after consultation with the Board of Vigilance, when the
following circumstances occur:
▪ violations or circumventing of Model’s instructions that have proved the inefficacy or
inconsistency of the Model for the purpose of preventing crimes;
▪ significant changes to the Company’s internal structure and/or the modes used for
carrying out the Company's activities;
▪ amendments to legislation.
Amendments, updates or additions to the Model must always be notified to the Board of
Vigilance.
The operational procedures adopted as implementation of the herein Model are
amended by the competent Company functions, if they prove to be ineffective for the
correct implementation of the Model’s dispositions. The competent Company functions
will also address amendments or additions to operational procedures required to
implement any reviews to the herein Model.
The Board of Vigilance is promptly informed about the updating and implementation of
new operational procedures.
11. The Model in the context of the Group
“Companies belonging to the Group” is intended to mean all the Italian companies and
operational enterprises that are controlled directly or indirectly by the Company, and the
overseas companies and operational enterprises controlled directly or indirectly by the
Company that operate in Italy with a permanent organisation.
The Company will communicate the herein Model and any later update to the
companies belonging to the Group using the methods that it considers to be most
appropriate.
The companies belonging to the Group will autonomously adopt their own "organisation,
management and control Model”, by resolution of their own Boards of Directors,
Administrators or Receivers, and under their own responsibility.
Each company belonging to the Group must identify its own activities that are at risk of
crime, and the suitable measures for preventing perpetration of the latter, in consideration
of the nature and type of activity carried out and the size and structure of its own
organisation.
When preparing their own Models, the companies belonging to the Group will aspire to the
principles contained in the herein Model and will acknowledge its contents, except where
an analysis of their own activities at risk shows the need or appropriateness for adopting
different or additional specific prevention measures compared to what it is stated in the
herein Model, and in this case they must inform the Company’s Board of Vigilance.
Until its own Model is adopted, the companies belonging to the Group will guarantee
prevention of criminal deeds through suitable internal organisational and control measures.
Each company belonging to the Group will be responsible for implementing its own Model
and appointing its own Board of Vigilance. In the smaller companies, the function of Board
of Vigilance may be carried out directly by the Board of Directors, pursuant to art. 6,
paragraph 4 of the Decree.
BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART
Organisation, Management and Control
Model (ex Legislative Decree 231/01) 15 / 30 Impregilo SpA
12. Board of Vigilance
12.1 Function
In compliance with the provisions stated under art. 6, paragraph 1, letter b) of the
Decree, a specific corporate body is set up (Board of Vigilance, OdV), with the task of
continuously supervising the effective functioning and respect of the Model, and
taking care of the update of the same Model, proposing amendments and/or
changes to the board of directors in all cases where - pursuant to point 10 (section B) –
this becomes necessary.
12.2 Requirements
The members of the OdV must possess the requirements of good reputation,
professionalism, autonomy and independence as indicated in the herein Model. The
OdV must perform the functions allocated to it, ensuring the required continuity of
action.
12.2.1. Reputation
The members of the OdV will be identified among those subjects with the subjective
requirements of good reputation as provided under the Ministerial Decree no. 162
dated 30 March 2000, for the members of a listed company's Board of Statutory
Auditors, adopted pursuant to art. 148, paragraph 4 of the TUF.
The following are, in any case, reasons for non-eligibility or removal from the OdV:
▪ a conviction (or plea bargaining), even if not yet final, for one of the underlying
crimes provided under the Decree or, a conviction (or plea bargaining), even if
not yet final, with a sanction that brings about debarment (also temporary) from
management roles of legal entities or enterprises;
▪ the issue of a sanction by CONSOB, for having committed one of the
administrative offences in the realm of market abuse, as set out in the TUF.
Any reform of any non-executive conviction (or plea bargaining) will bring about the
overturning of the cause of non-eligibility for election but will not affect any
withdrawal from the appointment.
12.2.2 Professionalism
The OdV must be composed by subjects with specific skills in inspection activities, in
analysing control systems and in legal contexts (especially criminal code), so that the
presence of suitable professionalism is guaranteed for the carrying out of the
relevant functions. Where necessary, the OdV may also use the aid and support of
external experts, for acquiring any specialised knowledge.
12.2.3 Autonomy and independence
When carrying out its functions, the OdV acts with autonomy and independence
from corporate bodies and other internal control bodies.
The OdV is granted with independent financial resources, based on an annual
budget, approved by the Board of Directors, and further to proposal by the OdV
itself. In any case, the OdV can also ask for additional funds to be allocated, if
available funds are not sufficient for the efficient performance of its duties, and may
extend its spending autonomy on its own initiative in the event of exceptional or
urgent situations, which will then be reported to the Board of Directors.
The activities carried out by the OdV cannot be questioned by any other company
body or structure.
BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART
Organisation, Management and Control
Model (ex Legislative Decree 231/01) 16 / 30 Impregilo SpA
The OdV must be exclusively or by majority composed of subjects without any other
relationship with the Company or with other companies in the Group (except for the
role of member of the Board of Vigilance or member of the Board of Statutory
Auditors in one or more companies within the Group). Any internal members must
not in any case carry out any operational role within the Company or other
companies belonging to the Group, and must not hierarchically report to any
operational areas manager.
When carrying out their duties, the members of the OdV must never find themselves
in situations (even potential ones) of conflicts of interest due to any personal, family
or professional reasons. Should this situation occur, they must immediately inform the
other members of the board and must keep themselves from taking part in any
relative decisions. This hypothesis is mentioned in the report in point 13.1 below.
12.2.4 Continuity of action
The OdV must be able to ensure the necessary continuity in carrying out its duties,
also by scheduling activities and controls, writing minutes of meetings and governing
information flows from any company structures.
12.3 Composition, appointment and permanence of role
The OdV is a board composed by at least three members, among those:
a) two or more members are not employed by the Company;
b) one member who is the person in charge of the Company’s Internal Auditing.
The OdV is appointed by the Company’s Board of Directors, with a motivated
provision that acknowledges the existence of the requisites of reputation,
professionalism, autonomy and independence.
For this purpose, the external candidates must send their Curriculum Vitae,
accompanied by a declaration that states that they possess the above-mentioned
requirements.
The Board of Directors examines the information provided by the persons interested in
the role, or available to the Company, in order to assess whether they actually possess
said requirements.
On accepting the appointment, the members of the OdV, having read the Model
and having formally adhered to the Code of Ethics, undertake to perform their duties
ensuring the required continuity of action and to immediately inform the Board of
Directors of any occurrence that may affect the upkeep of the above-stated
requirement.
After appointing the OdV, the Board of Directors will check that the subjective
requirements for all OdV members still apply, at least once a year.
If any member of the OdV no longer possesses the subjective requirements as required
he will immediately be removed from his appointment. In the event of withdrawal,
death, resignation or cancellation, the Board of Directors will promptly replace the
missing member.
In order to ensure full autonomy and independence, the OdV will remain in their
appointment for a period of three years, and until the new Board of Vigilance is
appointed, regardless of the expiry date or any advance dissolving of the Board of
Directors that appointed it.
BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART
Organisation, Management and Control
Model (ex Legislative Decree 231/01) 17 / 30 Impregilo SpA
The Board of Directors appoints the Chairman of the OdV, from those among the
members of the OdV who are not Company employees. In its regulations, the OdV
can delegate specific functions to the Chairman.
12.4 Removal
The removal of the members of the OdV may only take place due to just cause, by
resolution of the Board of Directors, having consulted the Board of Statutory Auditors,
where "just cause" means serious negligence in carrying out the duties connected with
the role, such as:
▪ if information-providing reports of activity carried out are not drawn up for the
Board of Directors and Board of Statutory Auditors (see paragraph 13.1 of this
section);
▪ if the OdV’s control plan is not drawn up (see paragraph 12.5 of this section);
▪ non-verification of reports that it receives, pursuant to paragraph 13.2 below,
concerning the perpetration or presumed perpetration of crimes as set out in the
Decree, and violation or alleged violation of the Code of Ethics, the Model or the
procedures set out as implementation of the Model;
if OdV meetings are not summoned and held in a six-month period;
if no controls are carried out on the suitability of training programmes, of
implementation methods and results (see paragraph 16 of the herein section);
if no reports are made to the Board of Directors and the Board of Statutory
Auditors about any changes in the regulation framework and/or significant
changes in the internal structure of the Company and/or Modes used to carry out
the Company activities that require an updating of the Model;
if the Board of Directors is not informed about disciplinary measures and sanctions
that may be applied by the Company, for violation of provisions contained in this
Model, of prevention protocols and any relative implementation procedures, and
the violation of provisions contained in the Code of Ethics;
if no routine/ad hoc control on specific sensitive activities are carried out, as set
out in the OdV’s Verifications Plan.
12.5 Tasks and powers
The OdV has autonomous powers of control and initiative within the Company, so that
they can carry out the duties contained in the Model in an efficient manner. For this
purpose, the OdV has its own rules, contained in the Board of Vigilance Regulations,
which is notified to the Board of Directors.
The OdV has no management or decision-making powers concerning the carrying
out of the Company activities, organisational or modification powers of the Company
structures and no sanction-ordering powers.
The OdV has the task of supervising over the functioning and observation of the Model
and is responsible for any updates to the latter. For this purpose, the Board of
Vigilance has been assigned the following tasks and powers:
a) to verify the efficiency, effectiveness and adequacy of the Model for preventing
the perpetration of the crimes set out in the Decree, proposing any updates to the
Board of Directors, as foreseen in point 10 above (section B);
b) based on information flow analysis and any reports it receives pursuant to points
13.2 and 13.3 below (section B), to verify the observance of the Code of Ethics,
rules of conduct, prevention protocols and procedures foreseen in the Model,
highlighting any differences found in conduct;
BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART
Organisation, Management and Control
Model (ex Legislative Decree 231/01) 18 / 30 Impregilo SpA
c) to periodically carry out inspections, following the modes and dates indicated in
the OdV regulations and specified in the OdV’s Verification Plans, of which the
Board of Directors is informed;
d) to promptly propose the adoption of sanctions as set out in point 15 below (section
B) to the body or the function holding necessary disciplinary power;
e) to monitor the definition of staff training programmes using the group’s Model and
Code of Ethics of the Impregilo Group, as set out in point 16.2 below (section B);
f) to supply the information to the corporate bodies in compliance with what is
defined in point 13.1 below (section B);
g) to freely access any organisational unit without needing to provide notice, to
request and acquire information, documents, and data considered necessary for
carrying out its tasks as set out in the Model;
h) to access all the information concerning the activities at risk of crime, as listed in the
Special Parts of the Model;
i) to request and obtain information or production of documents concerning
activities at risk of crime, wherever necessary, from directors, the Board of Statutory
Auditors and the external auditing company;
j) to request and obtain information or the production of documents concerning
activities at risk from collaborators, consultants, agents and external representatives
and generally from all subjects who must observe the Model, on the condition that
this power is explicitly stated in contracts or mandates that link the external party to
the Company;
k) to receive information provided in compliance with the contents of points 13.2 and
13.3 (section B), for performing its own supervisory duties on the working and
implementation of the Model;
l) to request and obtain information from the Boards of Vigilance of the other
companies in the Group;
m) to use the help and support of Internal Auditing function, and of any external
consultants for particularly complex problems, or that require specific skills.
The OdV carries out its own functions in coordination, when necessary, with the
departments concerned for the aspects regarding the interpretation and monitoring
of the reference regulation framework of the Model, and for specific matters provided
by the sector legislation . The OdV also works in coordination with the Company
functions involved in the activities at risk for all aspects regarding the development of
procedures for the implementing of the Model.
With reference to Italian operating units and overseas branches of the Company, the
Board of Vigilance is in charge of:
- verifying that the Model is effectively implemented and respected, in conformity
with the annual audit plan approved by the ODV itself;
- supervising that the Code of Ethics is handed over to local, overseas and/or on
secondment employees;
- coordinating with the Human Resources and Organisation Function regarding
training of employees on secondment in overseas operating units.
The members of the OdV, and the subjects that the Board uses, for any reason, must
observe the obligation of confidentiality on all the information they learn about while
carrying out their duties.
The OdV carries out its functions in full observance of the laws in force, and the
BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART
Organisation, Management and Control
Model (ex Legislative Decree 231/01) 19 / 30 Impregilo SpA
employees’ individual rights.
13. Information flows from and to the Board of Vigilance
13.1 Information to Corporate Bodies
The OdV reports to the Board of Directors, also via the Internal Control Committee,
except when otherwise stated in the herein Model.
Whenever considered as necessary and using the methods stated in the OdV
regulations, the OdV will inform the Chairman of the Board of Directors and the
Managing Director about significant circumstances and facts of their own function or
about any urgent critical factors in the Model which have emerged while carrying out
supervisory activities.
The OdV will draw up a written report to the Board of Directors and Board of Statutory
Auditors once every six months, which must contain the following information, in
addition to any other information considered appropriate at that time:
a) a summary of the activities carried out in the six-month period by the OdV;
b) a description of any problems that have arisen regarding operational procedures
for implementing the Model's provisions;
c) a description of any new activities at risk from individual crime;
d) a statement of reports received from internal and external subjects, including
anything discovered directly, about the presumed violation of provisions contained
in the Model, in prevention protocols and in relative implementation procedures,
and also violation of the provisions found in the Code of Ethics, and the result of
any consequent controls which were carried out. In the event of violations of the
Code of Ethics or the Model by a member of the Board of Directors or the Board of
Statutory Auditors, the OdV will then make the necessary notifications as set out in
point 15.1 below (section B);
e) information about the perpetration of any significant crimes for the purpose of the
decree;
f) if the Board of Directors is not informed about disciplinary measures and sanctions
that may be applied by the Company, for violation of provisions contained in this
Model, of prevention protocols and any relative implementation procedures, and
the violation of provisions contained in the Code of Ethics;
g) an overall evaluation of the functioning and efficacy of the Model with any
proposals for additions, corrections or amendments;
h) reporting about any changes in the regulation framework and/or significant
changes in the internal structure of the Company and/or modes used to carry out
the Company activities that require an updating of the Model;
i) reporting of any conflicts of interest that exist or are potential, as set out in point
12.2.3 (section B) above;
j) a statement of costs incurred.
The Board of Directors and the Board of Statutory Auditors have the right to summon
the OdV at any time, in order to receive information about its duties’ activities.
BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART
Organisation, Management and Control
Model (ex Legislative Decree 231/01) 20 / 30 Impregilo SpA
13.2 Information to the Board of Vigilance
All recipients of the Model must inform the Board of Vigilance of any information
which may be useful for the carrying out of the verifications on the correct
implementation of the Model. In particular:
▪ If Internal Managers for Sensitive Activities should find realms for improvement in the
definition and/or application of prevention protocols as set out in the herein Model,
they should promptly draw up and send a descriptive memorandum of the
motivations underlying the highlighted areas of improvement.
▪ The Process Managers and/or Company bodies/organisational Units, in compliance
with their respective organisational empowerments, must inform, on a biannual
basis, the Board of Vigilance in writing of any information as follows:
- the issue and/or update of organisational documents;
- the evolution of responsibilities for the functions with activities at risk;
- the Company proxy and power of attorney system and any update thereto;
- the main elements of extraordinary operations started up and completed;
- stipulation or renewal of service and infra-group service agreements;
- the reports issued by the Functions/Control Bodies (including the Auditing
Company) on their verification work, from which facts, deeds, events or
omissions may emerge that are critical for observance of the Decree’s
provisions or the provisions contained in the Model and the Code of Ethics;
- disciplinary proceedings started up due to violation of the Model, dismissal
orders for such proceedings and relative motivations, application of sanctions
for violation of the Code of Ethics, the Model or procedures set up for
implements of the latter;
- possible misalignment observed during the protocols’ implementation foreseen
in the Special Parts of the Model and/or Company procedures.
▪ All the employees and members of the Company’s corporate bodies must
promptly report the perpetration or alleged perpetration of the crimes stated in the
Decree, of which they become aware of, and also any violation or presumed
violation of the Code of Ethics, the Model or procedures set up to implement the
latter, of which they become aware of.
▪ Collaborators and all external subjects, identified as per the contents of point 9
above (section B), must directly inform the Board of Vigilance about any violations
as stated above, regarding the activity carried out for the Company, on the
condition that said obligation is specified in the contracts that tie said subjects to
the Company.
▪ All the employees and members of the Company's corporate bodies can clearly
ask the Board of Vigilance about the correct interpretation/application of the
herein Model, prevention protocols, relative implementation procedures and the
Code of Ethics of the Impregilo Group.
In order to ensure the regular observance of the provisions as set out in this section,
13.2, the electronic mail address [email protected] has been set up, dedicated to
communications to the Board of Vigilance by employees, members of the Company’s
corporate bodies and external collaborators. If access to the computer system is not
possible or not available, notifications can be made orally or by internal
correspondence, to the Internal Auditing Manager, in his role as member of the Board
of Vigilance. In the event that the notifications are made orally, the Internal Auditing
Manager, in his role as member of the OdV, will write a report about the meeting. In
BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART
Organisation, Management and Control
Model (ex Legislative Decree 231/01) 21 / 30 Impregilo SpA
any case, the Internal Auditing Manager, will promptly inform the other members of
the OdV.
Notifications are kept by the OdV according to the modes indicated in the Board of
Vigilance Regulations.
The Company adopts suitable measures so that confidentiality about the identity of the
person sending information to the OdV is guaranteed. Any form of reprisal,
discrimination or penalisation against those subjects who make notifications to the
Board of Vigilance in good faith are forbidden. The Company reserves the right to
take any action against anyone who makes untruthful notifications mala fide.
Violation of the obligation of providing information to the OdV as set out in the herein
point, which constitutes a violation of the Model, will be sanctioned in compliance
with the provisions as set out in the point 15 below (section B), which represents the
sanction system.
13.3 Information between Group’s Boards of Vigilance
Each company in the Group will appoint its own autonomous and independent Board
of Vigilance.
The Company Board of Vigilance may request information from the Boards of
Vigilance of the other companies in the Group, if such information is necessary for the
carrying out of its own control activities.
The Boards of Vigilance (OdV) of the companies in the Group will draw up a report for
the Company OdV every six months, pointing out any relevant facts that have
emerged during their own activities, disciplinary sanctions applied and any significant
amendments made to their own Model.
The OdV of the companies in the Group will promptly inform the Company OdV in the
event of a violation of their Model, their Code of Ethics and their preventive protocols.
The Company OdV refers the information as set out in this point to the Company
Board of Directors, in the report as set out in point 13.1 (section B).
14. Infra-group relations
14.1 Provision of services for the companies in the Group
The provision of services by the Company for companies belonging to the Group, that
might involve sensitive activities as set out in the Special Parts below, must be
regulated by a written agreement; a summary report on the status of the agreements
is periodically sent to the Company’s Board of Vigilance.
In particular, the service agreements, as in the point above, must provide for:
▪ the obligation for the company receiving the service to certify the lawfulness and
completeness of the documentation or information communicated to the
Company, for the purpose of carrying out the services requested;
▪ the power for the Board of Vigilance of the company receiving the service to
request information from the Company Board of Vigilance, i.e. – after informing the
latter - to the Company functions, for the correct carrying out of supervision.
When providing services as set out in this section, the Company must observe the
code of ethics and the contents of its own Model and procedures established for the
latter’s implementation.
If the services provided are considered as sensitive activities not considered in its own
Model, the Company will produce suitable rules and procedures for preventing the
perpetration of crimes, after consulting the OdV.
BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART
Organisation, Management and Control
Model (ex Legislative Decree 231/01) 22 / 30 Impregilo SpA
14.2 Provision of services carried out by companies belonging to the Group for
the Company
The provision of services, carried out by companies belonging to the Group for the
Company, that may involve sensitive activities as set out in the Special Parts below,
must be regulated by a written contract; a summary report on the status of the
agreements is periodically sent to the Company’s Board of Vigilance.
In particular, the service agreements, as in the point above, must foresee:
▪ the obligation for the Company to certify the lawfulness and completeness of the
documentation or information provided for the purpose of carrying out the services
requested;
▪ the power for the Company Board of Vigilance to request information from the
Board of Vigilance of the company providing the services, i.e. – after informing the
latter - to the functions of the company providing the services, for the correct
carrying out of its supervisory tasks.
The agreements must establish that the company belonging to the Group which
provides the services will have a model and procedures that are suitable for
preventing the perpetration of crimes and administrative offences.
15. The sanction system
15.1 General principles
The sanction system described below is an autonomous system of measures, aimed at
safeguarding the observance and effective implementation of the Model and the
Code of Ethics, fixing the awareness in the minds of Company staff and any type of
Company collaborators of the Company's desire to pursue any violation of the rules
established for the correct carrying out of the Company business. The application of
sanctions set by the Model does not substitute or suppose the infliction of further,
sanctions of another kind (criminal, administrative, tax), which may derive from the
same deed. However, if the violation committed also configures a hypothesis of a
crime that may be notified by the judicial authorities, and the Company cannot reach
a clear reconstruction of the facts using the verification instruments at its disposal a, it
may await the result of judicial investigations to adopt any disciplinary measures.
Observance of the dispositions contained in the Code of Ethics and the Model applies
to any type and nature of labour contracts, including those for executive managers,
project-based contracts, part-time contracts etc, and also any type of insourcing
contracts.
The disciplinary procedure may be started up on the OdV's initiative, which also
carries out an advisory role during its entire procedure.
In particular, the OdV, having become aware of a violation or alleged violation of the
Code of Ethics or the Model, will immediately undertake the necessary controls,
ensuring confidentiality of the subject against whom proceedings are being taken.
If it is ascertained that the violation was committed by a Company employee
(meaning any subject linked to the Company by an employment contract), the OdV
will immediately inform the holder of the disciplinary power and the Central Corporate
Director.
If the violation concerns an executive manager of the Company, the OdV must inform
the Board of Directors, as a representative of the Chairman and the Managing
Director in writing, in addition to the Central Corporate Director and the holder of
disciplinary power.
BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART
Organisation, Management and Control
Model (ex Legislative Decree 231/01) 23 / 30 Impregilo SpA
If the violation is committed by a Company Director, the Board of Vigilance must
immediately inform the Chairman of the Board of Statutory Auditors, and the Board of
Directors, in the person of the Chairman and the Managing Director, if not directly
involved, in writing.
If the violation is committed by a Member of the Board of Statutory Auditors, the OdV
must immediately inform the Board of Directors, in the person of the Chairman and the
Managing Director, and the Board of Statutory Auditors, in the person of the
Chairman, if not directly involved, in a written report.
If a violation is committed by collaborators or external subjects who operate by
mandate of the Company, the Board of Vigilance will inform the President and the
Managing Director by written report, and also the Central Corporate Director, the
Human Resources and Organisation Director, the Legal and Corporate Affairs Director
and the Area Manager in whose area the contract or mandate are carried out.
The bodies and functions departments holding disciplinary power, will start up the
procedures they are responsible for notification of and any application of sanctions.
The sanctions for violating the dispositions contained in the Code of Ethics and the
herein Model are adopted by the bodies who are responsible due to the powers and
attributions awarded them by the articles of association or by the Company’s internal
regulations.
15.2 Violation of the Model and the Code of Ethics
All the violations, also committed through omissive conduct and together with others,
of the orders contained in the herein Model, Prevention Protocols and relative
implementation procedures, and all violations of the provisions in the Code of Ethics,
constitute offences.
Below is a list of examples of conduct that would constitute offences:
a) the unlawful or incomplete drawing up of documentation provided for by the
herein Model, prevention protocols and the relative implementation procedures; b) facilitating the unlawful or incomplete drawing up by others of documentation
provided for by the herein Model, prevention protocols and the relative
implementation procedures; c) the non-drawing up of the documentation provided for by the herein Model, in the
prevention protocols and the implementation procedures; d) the violation or circumvention of the control system provided for by the Model,
carried out in any way, such as, for example, by theft, destruction or tampering with
documentation pertaining to the procedure, obstructing controls, preventing
subjects carrying out controls on procedures and decisions from gaining access to
information and documentation; e) non-notification of the prescribed information to the Board of Vigilance; f) the violation or circumvention of supervision obligations by top-level management
towards the work of his subordinates; g) Violation of obligations regarding attending training programmes, as set out in
point 16.2 below (section B) Training.
15.3 Sanctions and disciplinary measures
15.3.1 Sanctions for employees
The Code of Ethics and the Model constitute a set of regulations which Company
employees must abide by, pursuant to what is provided under arts. 2104 and 2106 of
BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART
Organisation, Management and Control
Model (ex Legislative Decree 231/01) 24 / 30 Impregilo SpA
the Civil Code, and the National Collective Employment Contracts (CCNL), on the
matter of conduct rules and disciplinary sanctions. Therefore, all conduct of
employees, which violates the provisions contained in the Code of Ethics, the Model
and its implementation procedures, constitutes a breach of primary employment
contract obligations and are consequently offences, with the possibility of being the
cause of a disciplinary procedure and the consequent application of the relative
sanctions.
For employees with the role of manual worker, office worker and middle
management, in the case in point, in observance of the procedures provided under
art. 7 of the law no. 300 dated 20 May 1970 (Workers' Statute), the provisions foreseen
in arts.s 99 and 100 of the CCNL for building company and similar employees are
applicable.
With regards to what is forseen in the herein paragraph, labour contracts with
overseas employees including the on secondment staff are governed, in the EU
member states, by the regulations contained in the Convention on the law
applicable to contractual obligations, signed in Rome on June 19 1980, while the
contracts closed after December 17 2009, are governed by the law applicable to
contractual obligations included in the CE regulation no. 593/2008, for employees
outside that area, labour contracts are regulated by local provisions in force.
In full observance of the principles of gradualness and proportion, the type and
extent of the sanctions that can be inflicted are determined on the basis of the
following criteria:
▪ seriousness of violations committed;
▪ duties and role of the persons involved in the deeds;
▪ voluntariness of the conduct or degree of negligence, carelessness or
incompetence;
▪ the employee’s overall conduct, with particular concern for the existence or non-
existence of previous disciplinary action, within the limits allowed by law and by
the CCNL;
▪ other particular circumstances that accompany the disciplinary violation.
Based on the principles and criteria indicated above:
a) the provisions as follows: verbal reprimand, written reprimand, fine and suspension
from work and from remuneration will be applied if the employee violates the
procedures foreseen in the Model or if, while carrying out his activities in the areas
at risk from the perpetration of crimes, his conduct is not compliant with the
prescriptions of the Model itself or the Code of Ethics, using the hypothesis as set
out in letter g), paragraph 2, of art. 99 CCNL and/or violation of art. 2104 of the
Civil Code. In particular, the measure usually applied is that of a fine that does not
exceed the equivalent of three hours’ salary. In the event of serious or repeated
violations as above, but which do not justify firing the employee, the employee
may be suspended from work and from receiving remuneration for up to three
days, while in less serious cases, there may be a verbal or written reprimand.
b) the measure dismissal with notice (for justified reason) will find application if the
employees adopts a non-compliant conduct, during his work in the areas at risk
from perpetration of crimes, with the prescriptions contained in the herein Model
or the Code of Ethics, such as to constitute a considerable breach of contractual
obligations or conduct that is seriously detrimental to production activity, work
organisation and the regular running of work activity (art. 100, no. 2 CCNL), such
as, for example:
BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART
Organisation, Management and Control
Model (ex Legislative Decree 231/01) 25 / 30 Impregilo SpA
- any conduct directed solely at the aim of committing a crime foreseen in the
Decree;
- any conduct aimed at concealing the perpetration of a crime foreseen in the
Decree;
- any conduct that deliberately infringes the specific measures foreseen in the
Model and the relative implementation procedures to protect workers’ health
and safety.
c) the measure dismissal without notice (for just cause) will be applied further to
substantial conduct in the serious and/or repeated violation of conduct rules and
procedures contained in the Model or in the code of ethics, as conduct that
does not permit the employment relationship to be continued, even temporarily
(art. 100, no. 3, CCNL).
15.3.2 Sanctions for executive managers
The role of executive manager is characterised by its outstanding nature of trust. In
addition to having repercussions inside the Company, the Executive manager’s
behaviour, as a model and example for all those who work in the Company also has
effects on the Company’s external image. Therefore, observance of the provisions
contained in the Code of Ethics, the Model and the relative implementation
procedures by the Company’s executive managers is a vital elements of an
executive manager’s work contract.
The department holding disciplinary powers will start up relative procedures against
executive managers who have committed a violation of the Code of Ethics, the
Model or the implementation procedures of the latter, to carry out relative
notifications and apply the most suitable sanctions, in compliance with the contents
of the Executive Managers’ CCNL and, wherever necessary, observing the
procedures set out in art. 7, law no. 300, 30 May 1970.
The sanctions must be applied in full observance of the principles of gradualness and
proportion compared to the seriousness of the deed and guilt or possible malice.
Among other things, on notification the executive manager may also undergo
precautionary annulment of any powers of attorney entrusted to him, and provisions
go as far as the dissolution of his employment contract due to violations that are
serious as to make the relationship of trust with the Company ineffective.
15.3.3 Sanctions for Directors
Impregilo strictly evaluates all violations of the herein Model carried out by those who
fill top-level management roles in the Company, and who for this reason, are more
capable of driving Company ethics and the work of those who work in the
Company towards values of correctness, lawfulness and transparency.
The Board of Directors may apply any suitable measures allowed by law to directors
who have committed a violation of the Code of Ethics, the Model or the
implementation procedures for the latter, including the following sanctions:
a) formal written reprimand; b) pecuniary sanction equal to an amount of two to five times the subject’s
average monthly emoluments;
c) full or part annulment of any powers of attorney.
BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART
Organisation, Management and Control
Model (ex Legislative Decree 231/01) 26 / 30 Impregilo SpA
For the most serious cases, and however when the violation is of such an extent to
damage the Company's trust in the perpetrator, the Board of Directors will summon
the assembly, and propose removal of the individual's appointment.
15.3.4 Sanctions for statutory auditors
If the violation is committed by one or more members of the Board of Statutory
Auditors, the Board of Vigilance must immediately inform the Board of Directors, in
the person of the Chairman and the Managing Director, and the Board of Statutory
Auditors, in the person of the Chairman, if not directly involved, in a written report.
The recipients of the Board’s of Vigilance information may take suitable measures,
according to the contents of the articles of association, including, for example,
summoning the Shareholders’ Meeting, in order to adopt the most suitable measures
foreseen by law.
If the violations are such as to justify removal of appointment, the Board of Directors
proposes to the shareholders that the relevant measures are taken and then
addresses the further duties foreseen by law.
15.3.5 Sanctions for collaborators and external subjects working on contract to the
Company
With regards to collaborators or external subjects who work on a contract basis with
the Company, as set out in point 9 above (section B), the Legal and Corporate
Affairs Director, having consulted the Human Resources and Organisation Director,
and the Area manager in whose area the contract or work is carried out, will
preliminarily determine the sanctions and the application modes for violations of the
Code of Ethics, the Model and relative implementation procedures. For more serious
violations, or for violations which damage the Company’s trust in the person
responsible for the violations, these measures may foresee termination of the
contract. If a violation is committed by said subjects, the Board of Vigilance will
inform the President and the Managing Directors by written report, and also the
Central Corporate Director, the Human Resources and Organisation Director, the
Legal and Corporate Affairs Director and the Area Manager in whose area the
contract or work is carried out. Managers in this category will be subjected to
measures that are determined pursuant to this point.
16. Communication and training
16.1 Communication
For all employees and all subjects with management, administration, and control
roles, the Company guarantees a correct knowledge and disclosure of the Model
and the Code of Ethics.
The Model and Code of Ethics are notified to all Company staff by the Human
Resources and Organisation Function, and to all members of corporate bodies by the
Legal and Corporate Affairs Function, using the most suitable means, including internal
notices or access to the intranet system.
Suitable ways for certifying reception of the Model and the Code of Ethics by the
Company staff are decided by the Human Resources and Organisation Function,
after consulting the Board of Vigilance.
BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART
Organisation, Management and Control
Model (ex Legislative Decree 231/01) 27 / 30 Impregilo SpA
Specific forms of notifying the Model and Code of Ethics to external subjects who must
receive both the latter, as foreseen in paragraph 9 above (section 9) are planned. The
contracts regulating relations with these subjects must provide for clear responsibility
for observing the Company’s working policies, in particular its Code of Ethics and the
acceptance of the Model general principles.
The Code of Ethics is published in its full version on both the Company intranet and on
the Company’s web site. The Model is published in its full version on the Company
intranet and in a shortened form on the web site.
16.2 Training
The Company undertakes to implement training programmes with the aim of
guaranteeing that employees and members of the corporate bodies actually know
the Code of Ethics and the Model.
The training programmes concern the Decree and the relative legislative framework,
the Code of Ethics and the herein Model. The level of training is regulated with a
different level of deepness depending upon the recipients’ position in the Company
and the different level of involvement in sensitive activities. Specific training is provided
for members of the Board of Vigilance and the subjects that the Board refers to when
carrying out its own functions.
Training initiatives may also be carried out remotely using computer systems (e.g.
Video-conference, e-learning).
Staff training for Model implementation purposes is managed by the Human
Resources and Organisation Function. The Board of Vigilance verifies the
appropriateness of training programmes, implementation modes and results.
Participation in training programmes as set out herein is mandatory. Violation of such
obligations, constituting violation of the Model, is subject to the provisions as set out in
point 15 above (section B) the sanction system.
17. General Prevention Protocols
17.1 General Prevention Principles
The protocol system for the prevention of crimes - finalised by the Company on the
basis of indications provided by the Confindustria Guidelines, jurisprudence, and
international best practices – was carried out by applying the following General
Prevention Principles to each sensitive activity, that guide the General Prevention
Protocols as set out in point 17.2 below (section B) and the Specific Prevention
Protocols as set out in point 4 of each Special Part:
▪ Policies and Procedures: The existence of Company regulations suited to providing
principles of conduct, decision rules, and operational modes for the carrying out of
sensitive activities and filing modes for relevant documentation;
▪ Traceability: each operation regarding the sensitive activity must be, wherever
possible, suitably documented; ii) the decision process, authorisation and carrying
out of sensitive activities must be verifiable ex post, also using document support
and the cases and modes for any possibility of deleting or destroying recordings
made must in any case be regulated;
▪ Segregation of duties: separation of activities between the subject who authorises,
who carries out and who controls. Such separation is ensured by the intervention of
several subjects within the same Company macro process, in order to guarantee
independence and objectivity of processes. The separation of roles is also
BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART
Organisation, Management and Control
Model (ex Legislative Decree 231/01) 28 / 30 Impregilo SpA
implemented by using computer systems that only enable certain operations to
identified and authorised persons;
▪ Proxies and powers of attorney: Authorisation and signatory powers assigned must
be: i) consistent with the organisational and management responsibilities assigned,
foreseeing an indication of expense approval limits, where required; ii) clearly
defined and known within the Company. The Company roles to which the power of
committing the Company to certain expenses, specifying limits and nature of
expenses costs, must be defined. Allocating roles must observe the specific
requisites that may be required by law (e.g. delegation and sub-delegation on
employees’ health and safety matters);
▪ Monitoring: This activity is aimed at the periodical/prompt updating of powers of
attorney, proxies for roles and control systems, in compliance with the decision-
making system and with the entire organisational structure. This activity is the
responsibility of the Legal and Corporate Affairs Department, with regards to
Company powers of attorney and the Organisation Function with regards to
proxies. Finally, the protocol foresees the existence of process controls carried out
by Process Managers or by a super-ordinate third-party body.
17.2 General Prevention Protocols
In the context of sensitive activities identified for each type of crime (see the Special
Parts of the Model below), the General Prevention Protocols state that:
a) for all operations, the formation and implementation of Company decisions must
correspond to the principles and prescriptions contained in law provisions, the
Company memorandum of association, the Code of Self-Discipline, the Code of
Ethics, and Company procedures;
b) the Company provisions suitable to providing principles of conduct, decision rules
and operational modes for the carrying out of sensitive activities and filing modes
for relevant documentation are defined and suitably communicated;
c) for all operations:
▪ the management, coordination and control responsibilities within the Company
and the levels of hierarchical dependence, with description of relative
responsibilities are formalised;
▪ the phases of formation of documents can be documented and are
recoverable;
▪ the authorisation levels of document formation are always formalised and
possible to provide proof thereof, as a guarantee of the transparency of the
choices made;
▪ the Company adopts communications tools for the signatory powers awarded
that ensures such knowledge within the Company environment, also by
publication of the proxy and power of attorney system on the Company
intranet;
▪ the allocation and exercising of powers in a decision-making process is
consistent with the positions of responsibility and with the significance and/or
critical nature of the underlying economic operations;
▪ there is no subjective identity among those who take on or implement decisions,
those who must provide accounting evidence for the operations decided and
those who must carry out the controls foreseen by law and by the procedures
considered by the internal control system;
BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART
Organisation, Management and Control
Model (ex Legislative Decree 231/01) 29 / 30 Impregilo SpA
▪ access to Company data is compliant with the Legislative Decree no. 196
dated 2003 and later amendments and modifications, including regulatory
ones;
▪ access to and intervention on Company data is permitted solely to authorised
persons;
▪ confidentiality in transmitting information is guaranteed;
▪ the documents concerning the formation and implementation of decisions are
filed and stored by the competent department, using methods that do not
allow any later modification, unless with specific evidence. Access to filed
documents is only permitted for authorised subjects according to internal
regulations, and the Board of Statutory Auditors, the Auditing Company and the
Board of Vigilance;
d) for each of the processes included in the sensitive activities listed in the herein
Model, a Process manager is identified, in the Special Parts of the Model, except in
Special Part E, due to the specific nature of the subject of work safety. In particular,
the Process Manager:
▪ is formally recognised by the Company organisational system (e.g. internal
proxies, job description, procedures), in observance of any requisites of efficacy
set by the law for the assigning of roles;
▪ has all the necessary tools to pursue the internal objectives of the same process,
observing timescales and principles that regulate it;
▪ can supervise all the main phases of the process involved, coordinating and
activating the various subjects belonging to the organisational units that
participate, or that he believes should take part;
▪ has full visibility and access (direct or indirect) to all relevant information on the
process.
The Process Manager has the specific responsibility of:
▪ guaranteeing that the process is carried out in compliance with internal
dispositions (e.g. Company procedures and guidelines) and the current
legislation in force on the matter;
▪ guaranteeing that all controls are carried out on underlying activities by the
individual subjects who take part in the process;
▪ guaranteeing that the whole process is carried out in observance of the
principles of transparency and traceability, on whose basis each operation must
have suitable document support;
▪ regularly informing the Board of Vigilance pursuant to point 13.2 above (section
B) and to specific operational procedures, and in any case as soon as any
irregularities are found or particular critical situations occur (e.g. violations or
suspect of violations of the Model and the Code of Ethics, cases of inefficacy,
unsuitability and difficulty in implementing control protocols).
e) the relative Internal Managers for Sensitive Activities are identified for each of the
sensitive activities listed in the herein Model, in each of the Special parts of said
Model, except for Special Part E, considering the specific nature of safety in the
workplace. These figures correspond to the competent organisational unit
managers for stated sensitive activities.
In particular, the Internal Manager for Sensitive Activity:
▪ Is formally recognised by the Company organisational system (e.g. internal
proxies, job description, procedures), in observance of any requisites of efficacy
set by the law for the assigning of roles;
BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART
Organisation, Management and Control
Model (ex Legislative Decree 231/01) 30 / 30 Impregilo SpA
▪ has all the necessary tools to pursue the internal objectives of the relevant
activities, observing timescales and principles that regulate them;
▪ can supervise the relevant activities, coordinating and activating the various
subjects who belong to his own organisational unit;
▪ has full visibility and access (direct or indirect) to all information on the relative
activities;
The Internal Manager for the Sensitive Activity has the specific responsibility to:
▪ guarantee that the competent activities are carried out in compliance with
internal dispositions (e.g. Company procedures and guidelines) and the current
legislation in force on the matter;
▪ set up the direct and indirect controls, aimed at guaranteeing the correctness,
truthfulness and updating of the result of activities he is responsible for (e.g.
data, information, documents provided to the Process Manager);
▪ ensure and certify the correctness, truthfulness and update of the result of
activities he is responsible for in observance of the principles of transparency
and traceability, on whose basis each operation must have suitable document
support;
▪ immediately inform the OdV and also the Process Manager, as set out in point
13.2 above (section B), if any particular critical situations occur that regard the
efficacy, adequacy and implementation of preventive protocols;
▪ immediately report any violation (or suspected violation) of the Model, Code of
Ethics and preventive protocols to the Board of Vigilance.
17.3 Protocols on observing debarment sanctions
In the event that debarment sanctions or precautionary measures are applied to the
Company, ex art. 23 of the Decree:
▪ it is forbidden for any to start up any operation that violates the obligations and
bans included in said sanction;
▪ the Process Managers carry out the necessary supervision in order to preliminarily
identify any operations that may constitute a violation of the obligations and bans
as set out in the debarment sanctions and precautionary measures.
If the Process Managers find any characteristics in a certain operation that can be
traced even in part, to a violation, or a potential violation, of obligations deriving from
the debarment sanctions or precautionary measures:
▪ must suspend any activity pertaining to the operation in question;
▪ must immediately send specific information to the Legal and Corporate Affairs
Function, which analyses the operation, also using external legal consultants, to
provide an interpretation and details of the procedure to be followed.
A copy of the information prepared by the Process Managers and the documentation
prepared by the Legal and Corporate Affairs Function is promptly sent to the Board of
Vigilance.
Attachment 1 to the General Part
Table Sensitive Activities / Special Parts