Ethics & compliance
management system

The need to maintain and demonstrate a strong corporate culture of ethics and compliance at Alestis was clearly stated by the shareholders in 2015. This will, which has remained unchanged since then, materialized in the creation of the dedicated Ethics and Compliance department.

Since 2015, the area has implemented, developed, reviewed and improved the organization's Ethics and Compliance Management System (SGEC or System), taking as normative references the international standards ISO 19600 and UNE 19601, and assessing the circumstances of its context (internal and external) and stakeholders.

The System has been designed to integrate Ethics and Compliance into the management processes of the company in order to ensure compliance with applicable legal (hard law) and voluntary (soft law) obligations, to identify and prevent risks of non-compliance, and to adopt the appropriate corrective measures.

The EQMS is supported by policies and sub-policies, processes, procedures and guidelines that demonstrate Alestis' ongoing commitment to compliance and self-imposed ethical standards.

The system is designed to integrate ethics and compliance into the company's management processes.

The cornerstones of this system are the Code of Ethics ("Alestis Code") and the Ethics and Compliance Policy (E&C Policy). While their importance remains unchanged, both documents have been revised to adapt them to the context and expectations of Alestis' stakeholders.

As for the E&C Policy, it aims to detail the essential principles that inspire the performance of the E&C function (confidentiality, non-retaliation, absence of value judgments), as well as the values that the organization considers essential in its Code of Ethics. It was first approved by the Board of Directors in June 2015, and the current version dates from November 2021.

The Alestis Code is the basis for developing the set of procedures, guidelines and other rules that govern the organization from an ethics and compliance perspective. Like the E&C Policy, the Code of Ethics was approved by the Board of Directors in June 2015 and revised in November 2021, to be communicated to all members of the Company during the 2022 financial year.

From a formal point of view, the Code of Ethics is defined as a set of binding rules that define the conduct that the Company expects from each of its members, thus establishing an ethical and compliance reference framework. This conduct is based on the values of Responsibility, Innovation, Value Creation, Commitment, Enthusiasm and Excellence, values that are translated into practice in the form of guidelines for the behavior of people, assets, the environment and the company itself.

Aware of the importance of maintaining a supply chain that shares the high level of ethical standards and compliance required by the company itself, Alestis has extended the principles and behavioral guidelines set forth in the Supply Chain Code of Ethics. To this end, the Code of Conduct for Suppliers has been published and introduced to all members of the supply chain in 2022. The principles contained in this Code complete and complement the conditions and requirements imposed by local, national and international regulations, as well as those that Alestis adopts and incorporates as a condition for maintaining a business relationship.

Within the framework of the SGEC's global regulations, the Alestis Crime Prevention Model ("MPD") also stands out for its relevance as part of the system. It is configured as an organizational and management subsystem designed to establish the appropriate monitoring and control measures to prevent the commission of crimes and significantly reduce the risk of their commission. It is based on the principle that "no type of utility or benefit for the organization justifies the commission of acts typical of the criminal system".

The MPD was designed in accordance with the provisions included by the Spanish legislator in the 2015 reform of the Criminal Code. Both the Crime Prevention Manual and the Criminal Risk Analysis were approved by the Board of Directors in 2016 and will be subject to a global and comprehensive review during the fiscal year 2023, motivated both by the change in the internal context of the organization and by external changes, especially of a regulatory nature (increase in criminal acts that could generate criminal liability for the legal entity).

In 2022, specific training on confidentiality and protection of information was given to 89 people in a classroom setting.

Since 2015, the area has implemented, developed, reviewed and improved the organization's Ethics and Compliance Management System (SGEC or System), taking as normative references the international standards ISO 19600 and UNE 19601.