Our commitments: Business Conduct

The principle of due diligence is at the core of Prosegur. It groups and gives coherence to the various elements of internal control that prevent crimes from being committed. It is not just about preparing reports on specific cases or conducting investigations, but also about establishing a corporate culture of extreme responsibility in daily practices that permeates the entire company and ensures that good practices are encouraged and irregularities are avoided, detected and eradicated. Prosegur’s ethical and security framework, which the firm already has in place, fits in with this high level of demand. This ‘architecture’ of Prosegur can be summed up in five infinitive verbs: formalise, introduce, communicate, monitor and safeguard.

At Prosegur, we base part of our operations on crime prevention. They are a kind of customs barriers, controls which prevent situations that can lead to criminality. The barrier works on two levels. On the outer margin are the general preventive controls, whose purpose would be to reduce the generic crime risk. After these come the specific controls, focused on mitigating criminal danger. In 2021, the task of consolidating these specific controls continued to be deepened to guarantee that they satisfactorily cover most eventualities. These are some of the actions carried out: 
•    All Prosegur workers have been made aware of the importance of complying, in their daily work, with the General and Specific Preventive Controls.
•    Employees have been clearly and unequivocally explained the labour consequences, among others, that a violation of the rules of the Code of Ethics and Conduct may entail.
•    The firm condemnation by the company of any behaviour that is illegal or violates its ethical and social principles has been made explicit.
•    The necessary measures continue to be adopted to prevent and intervene in the face of the risk of committing crimes.
•    Controls have been strengthened in those operations liable (hypothetically) to generate criminal risks.
•    Emphasis has been placed on the supervision and control of Prosegur’s behaviour, as well as its policies and procedures.
•    There has been a monitoring and supervision board.
 

Our level of demand in terms of money laundering and terrorist financing is very high due to the activity carried out by the company. The company adapts its performance to each territory where it is present. Obviously, we scrupulously comply with the requirements and guidelines of the European Union. In general, we also follow the recommendations of the Financial Action Task Force (FATF) and the best practices that are applied worldwide in this field. Here, a series of principles are applied to avoid any irregularity, which include: knowledge of the client, analysis of operations, communication of suspicious transactions, development of training plans and continuous collaboration with the regulator. One way to reduce this type of bad practice is permanent vigilance. We constantly prepare an Annual Risk Report (IAR). In it, the risks inherent to the activity are periodically identified and the clients’ activity is analysed, paying particular attention to their possible exposure to money laundering. All these pages generate a detailed diagnosis of business risk levels, which is evaluated by the Committee for the Prevention of Money Laundering. The subsequent step is to submit the conclusions reached to the supervision of the Internal Audit department and the control of external auditors. The reports issued are forwarded to the Governing Bodies of Prosegur and are available to the regulator. Workers also assume their share of responsibility through compulsory annual training in this area.
The system for the prevention of money laundering is based on three pillars:
•    Identification and knowledge of the client.
•    Monitoring of the commercial relationship.
•    System of communication to regulators.
 

The protection of personal data is a corporate requirement. And an ever greater one. This requirement is highly considered by Prosegur. The result is compliance with the standards that apply in this area in all the countries where the company operates. The aim is to protect the fundamental rights and freedoms of natural persons who intervene in the exercise of their activity. Among its regulations, the company has a Data Protection Management System, which complies with the requirements established by Regulation (EU) 2016/679 of 27 April 2016 regarding the protection of natural persons with regard to personal data processing and their free circulation (General Data Protection Regulation - GDPR), and Organic Act 3/2018 of 5 December, on the Protection of Personal Data and Guarantee of Digital Rights (LOPDGDD), and are implemented throughout the organisation. Our Privacy Management System is based on the application of the most rigorous international security and privacy standards (ISO/IEC 27001 and ISO/IEC 27701: 2019). What the company has decided is to express all this information through the Privacy & Compliance Management System (P&CMS) tool. This instrument automatically manages Prosegur’s privacy.