Ethical behaviour and compliance with regulations are essential and particularly critical aspects for reasons intrinsic to Prosegur's activity. We declare our firm undertaking to not use practices that may be considered corrupt in the development of relationships with the group of stakeholders connected to our activity.
Corporate compliance programme
The corporate compliance programme covers any legal aspect that may involve the company. Approved by our Board of Directors, it is overseen by the Compliance Committee, which acts with full autonomy and independence and reports directly to the Audit Committee.
The main commitments of Prosegur's corporate compliance programme are as follows:
The principle of due diligence is at the core of Prosegur. It groups and gives coherence to the various elements of internal control that prevent crimes from being committed. It is not just about preparing reports on specific cases or conducting investigations, but also about establishing a corporate culture of extreme responsibility in daily practices that permeates the entire company and ensures that good practices are encouraged and irregularities are avoided, detected and eradicated. Prosegur’s ethical and security framework, which the firm already has in place, fits in with this high level of demand. This ‘architecture’ of Prosegur can be summed up in five infinitive verbs: formalise, introduce, communicate, monitor and safeguard.
At Prosegur, we base part of our operations on crime prevention. They are a kind of customs barriers, controls which prevent situations that can lead to criminality. The barrier works on two levels. On the outer margin are the general preventive controls, whose purpose would be to reduce the generic crime risk. After these come the specific controls, focused on mitigating criminal danger. In 2021, the task of consolidating these specific controls continued to be deepened to guarantee that they satisfactorily cover most eventualities. These are some of the actions carried out:
• All Prosegur workers have been made aware of the importance of complying, in their daily work, with the General and Specific Preventive Controls.
• Employees have been clearly and unequivocally explained the labour consequences, among others, that a violation of the rules of the Code of Ethics and Conduct may entail.
• The firm condemnation by the company of any behaviour that is illegal or violates its ethical and social principles has been made explicit.
• The necessary measures continue to be adopted to prevent and intervene in the face of the risk of committing crimes.
• Controls have been strengthened in those operations liable (hypothetically) to generate criminal risks.
• Emphasis has been placed on the supervision and control of Prosegur’s behaviour, as well as its policies and procedures.
• There has been a monitoring and supervision board.
Our level of demand in terms of money laundering and terrorist financing is very high due to the activity carried out by the company. The company adapts its performance to each territory where it is present. Obviously, we scrupulously comply with the requirements and guidelines of the European Union. In general, we also follow the recommendations of the Financial Action Task Force (FATF) and the best practices that are applied worldwide in this field. Here, a series of principles are applied to avoid any irregularity, which include: knowledge of the client, analysis of operations, communication of suspicious transactions, development of training plans and continuous collaboration with the regulator. One way to reduce this type of bad practice is permanent vigilance. We constantly prepare an Annual Risk Report (IAR). In it, the risks inherent to the activity are periodically identified and the clients’ activity is analysed, paying particular attention to their possible exposure to money laundering. All these pages generate a detailed diagnosis of business risk levels, which is evaluated by the Committee for the Prevention of Money Laundering. The subsequent step is to submit the conclusions reached to the supervision of the Internal Audit department and the control of external auditors. The reports issued are forwarded to the Governing Bodies of Prosegur and are available to the regulator. Workers also assume their share of responsibility through compulsory annual training in this area.
The system for the prevention of money laundering is based on three pillars:
• Identification and knowledge of the client.
• Monitoring of the commercial relationship.
• System of communication to regulators.
The protection of personal data is a corporate requirement. And an ever greater one. This requirement is highly considered by Prosegur. The result is compliance with the standards that apply in this area in all the countries where the company operates. The aim is to protect the fundamental rights and freedoms of natural persons who intervene in the exercise of their activity. Among its regulations, the company has a Data Protection Management System, which complies with the requirements established by Regulation (EU) 2016/679 of 27 April 2016 regarding the protection of natural persons with regard to personal data processing and their free circulation (General Data Protection Regulation - GDPR), and Organic Act 3/2018 of 5 December, on the Protection of Personal Data and Guarantee of Digital Rights (LOPDGDD), and are implemented throughout the organisation. Our Privacy Management System is based on the application of the most rigorous international security and privacy standards (ISO/IEC 27001 and ISO/IEC 27701: 2019). What the company has decided is to express all this information through the Privacy & Compliance Management System (P&CMS) tool. This instrument automatically manages Prosegur’s privacy.
Code of Ethics and Conduct
Prosegur has a Code of Ethics and Conduct that was approved by the Board of Directors on 23th October 2013 and plans to update this code in 2022.
The Code of Ethics and Conduct sets the guide for the standards of behaviour and good practice of all our professionals in exercising their functions and in their relations with third parties, on aspects such as compliance with the law, respect for human rights and equality and respect among employees. The Code of Ethics and Conduct is a binding instrument, so it must be known and fulfilled by all workers and members of the governing bodies of Prosegur.
In order to detect irregular or illegal conduct, or conduct contrary to the Code of Ethics and Conduct, and to act accordingly by providing the necessary legal coverage, we have an Ethics Channel that allows any interested party, whether a member of the company or not, to report such conduct securely and anonymously through a tool available on the www.prosegur.com website. The Internal Audit Department independently and confidentially coordinates the management, investigation and overall resolution of any communications received.
Much of the future in terms of these types of issues depends on the optimal development and implementation of Artificial Intelligence (AI). 2021 was a very important year technologically. We designed Prosegur’s Responsible AI governance model. A new path emerges around this avantgarde vision, with a beginning: the preparation of the Responsible AI policy, the creation of the AI Committee, the design of the AI methodology and the evaluation of suppliers. Responsible Artificial Intelligence for the company is the set of ethical, moral, regulatory and security values applied to the technological solutions that incorporate this tool. It preserves the rights and freedoms of users who may feel affected by the use of this technology. And it teaches and establishes the limits, the rules of the game. At Prosegur we apply these criteria both to our own developments and in acquiring solutions that use Artificial Intelligence. This policy guarantees corporate solutions or solutions acquired from third parties and, at the same time, respects the ethical values of the Organisation and complies with regulatory requirements.