Internal control system
The Sofidel Group adopts an integrated and shared internal control system, based on information tools and flows that, involving many people in the Group, finally arrive at the top management bodies of the company.
In order to strengthen this system, in 2019 the Risk Management & Compliance function was introduced to the company organisational structure, and in 2020 will start a project aimed at formalising the development of strategies, processes and systems for the management, assessment and monitoring of risks that may affect the achievement of company objectives.
All the Group’s employees are required to comply with the Code of Ethics, which sets out the principles underlying fair and lawful business conduct, and internal procedures, issued in accordance with international best practices and local regulations, to ensure that company objectives are met. In addition, the Group's rules, in compliance with the principle of separation of duties and responsibilities between the people deciding, executing and checking activities, ensure the traceability and, therefore, ex-post verifiability of the processes for decision-making, authorisation and performance of the company’s activities. Based on the Organisational, Management and Control Model adopted by Sofidel under Italian Legislative Decree No. 231 of 8 June 2001, updated by resolution of the Board to take into account regulatory and organisational changes, the Supervisory Body has put in place monitoring and control to check on the implementation, efficient operation and observance of the Model. The Business Control Department, the various Management Systems adopted and the new Risk Management & Compliance function carried out various types of checks on company processes, aimed at verifying observance of procedures and evaluating the suitability of the system to ensure risk management and the attainment of company objectives and strategies.
An integral part of the Sofidel Group's internal control system is the Quarterly Report, composed of a dashboard and a descriptive report, prepared every three months by the Legal Representatives of the Group companies. This report is a tool for monitoring the compliance of company processes and activities with the best practices and rules adopted by the Group for risk management in order to achieve company objectives. It is therefore used by corporate functions as a tool for managing various types of company risks. During the year, the Supervisory Body, the Business Control Department and the Risk Management & Compliance function supported company units in the design of controls, contributed to the assessment of their effectiveness and operation, developed a training and information approach to ensure that employees understand their responsibility for compliance and provided assurance on the design and operation of the controls.
In order to further strengthen the fight against corruption and meet the increasingly stringent requirements of local legislators in the various countries in which the Sofidel Group operates, since 2018 an implementation plan for the new international ISO 37001 standard has been adopted. The Group’s Ethics & Compliance Programme, i.e. the management model for the prevention of corruption, has been drawn up. To date, the document has been adopted by the Italian and French companies, which have also appointed the functions responsible for overseeing its implementation and ensuring its constant adaptation and updating.
In Italy and France, training continued to be provided to employees involved in areas sensitive to corruption. System procedures integrated with other management systems were adopted and the Anti-Bribery policy was published.
Control and monitoring activities focused on sensitive activities continued, carried out based on the control plans adopted by the Anti-Bribery Compliance Officers.