In the Colombian and global environment there have been risks of corruption, bribery and transnational bribery which can expose companies to illicit relationships that cannot be controlled, therefore, companies have chosen to generate a program that allows to maintain the identification, measurement, control and monitoring by companies through anti-corruption and audit tools with the priority that these risks do not materialize, since these risks can generate reputational, financial and legal damages, among others.
Corruption and one of its most frequent manifestations nowadays, Bribery, undermine the economy of countries, affecting not only their performance but also, in a preponderant way, their reputation, through the loss of confidence of the community in the performance of one of its most outstanding actors: the legal entities that pursue a legitimate profit motive.
These situations have led multilateral organizations such as the OECD (Organization for Economic Cooperation and Development) and national governments, headed by their control bodies, to mobilize towards the creation of legal environments that guide, motivate and finally regulate individuals, both natural and legal, in the ethical development of their cross-border transactions and their relations with public entities.
The Superintendence of Companies has been working hard to control and monitor companies so that they are not used as a means to carry out corruption, bribery and transnational bribery illicit activities that may affect the Colombian economy.
Due to the above and in order to establish guidelines to prevent the materialization of C/ST risks, the Superintendency issued External Circular No. 100 - 000011 of August 9, 2021 and Law 2195 of January 18, 2022.
This program seeks to implement an organizational culture, ensuring compliance with the policies, procedures and guidelines established for the control of C/ST risks.
The counterparties defined by the company are committed to complying with the transparency and business ethics program.
In accordance with the provisions of Circular 100-000011 of August 9, 2021 and Law 2195 of January 18, 2022, the Transparency and Business Ethics Program is defined, which describes the activities with which the company implements the controls for the prevention of the risk of transnational bribery, corruption and corrupt practices based on the guidelines established in the code of ethics and policies defined by ARANDA SOFTWARE ANDINA S.A.S.hereinafter ARANDA SOFTWARE.
Establish the policies and procedures through which ARANDA SOFTWARE determines its ethical and transparent behavior in the exercise of its activity and business, determining the conditions under which it will be able to identify, detect, prevent and mitigate risks related to bribery, transnational bribery and corruption.
This Manual is an instrument for all employees of ARANDA SOFTWARE to use it in the timely performance of their duties, facilitating self-control and execution of processes, allowing preventive identification of the different situations of risk of Corruption and Transnational Bribery to which the company may be exposed.
Likewise, this manual seeks to define the methodologies, procedures and responsibilities that must be taken into account in the operation, in relation to the exposures to the risk of Corruption and Transnational Bribery, as well as in its different stages and exposure limits.
For a better understanding of this manual, the following are the main definitions that were taken as a reference from those established in the law and the different regulations related to the risks of Corruption and Transnational Bribery, such as:
- Law 222 of 1995
- Law 1778 of 2016
- External Circular 100-000011 of 2021 (Chapter XIII of the Basic Legal Circular of the Superintendency of Corporations).
- Law 2195 of 2022
Illegal Activity: It is the systematic, critical and periodic review regarding the due execution of the Transparency and Business Ethics Program.
Advance payment: An agreed percentage of the total value of the contract that is paid to the contractor once the contract has been perfected and the requirements previously established therein have been met, which will be paid before its initiation or during its development.
Associates: those natural or legal persons who have made a contribution in money, work or other goods appreciable in money to ARANDA SOFTWARE in exchange for quotas, parts of interest, shares or any other form of participation contemplated by Colombian law.
Compliance audit: is the systematic, critical and periodic review of the proper execution of the Business Ethics and Transparency Program.
Beneficial owner: final beneficiary means the natural person(s) who ultimately owns or controls directly or indirectly a customer and/or the natural person on whose behalf a transaction is conducted, also includes persons exercising effective and/or final control directly or indirectly, over a legal entity or other unincorporated structure.
Chapter XIII: refers to Chapter XIII of the Basic Legal Circular of the Superintendency of Companies, which includes administrative instructions and recommendations for the adoption of the PTEE.
Conflict of interest: situation in virtue of which a person, by virtue of his activity, is faced with different alternatives of conduct in relation to incompatible interests, none of which can be privileged in attention to legal or contractual obligations.
Contractor: means, in the context of an international business or transaction, any third party providing services to ARANDA SOFTWARE or having a contractual legal relationship of any nature with ARANDA SOFTWARE.
Corruption: refers to the misuse of powers derived from a relationship of authority or trust to obtain an undue advantage, whether in the public or private sector.
Due diligence: periodic review to be done on the legal, accounting and financial aspects related to an international business or transaction, whose purpose is to identify and assess the risks of transnational bribery, national bribery and corruption that may affect or involve ARANDA SOFTWARE and contractors.
Disloyal: disloyalty, treason or breach of due faith.
Employee: Is the individual who is obliged through an employment contract to provide a personal service under subordination of ARANDA SOFTWARE, in exchange for remuneration.
Company: Is the commercial company, sole proprietorship or branch of a foreign company supervised by the Superintendency of Corporations, pursuant to Articles 83, 84 and 85 of Law 222 of 1995.
Extortion: action of compelling another to do, tolerate or omit to do something, with the purpose of obtaining illicit advantage or any illicit profit or benefit, for oneself or for a third party.
Transnational bribery and corruption risk management: refers to the process of identification, analysis, evaluation and treatment of bribery and corruption risks or any other corrupt practices, defined in HRC-PR-01 - Risk Management and Control Procedure.
Law 1474: Is Law 1474 of July 12, 2011, whereby rules are issued aimed at strengthening the mechanisms for the prevention, investigation and punishment of acts of corruption and the effectiveness of public management control and private corruption and unfair administration is established as a criminal offense.
Law 1778: Is Law 1778 of February 2, 2016, by which rules are issued on the liability of legal persons for acts of transnational corruption and other provisions are issued in the fight against corruption. In addition, in its article it establishes the duty of the Superintendence of Companies to promote in the companies subject to its surveillance, the adoption of transparency and business ethics programs, internal anti-corruption mechanisms, internal audit mechanisms and standards, promotion of transparency and mechanisms to prevent the conducts of Transnational Bribery.
Law 2195: Is Law 2195 of January 18, 2022 "Anti-Corruption Law", whereby measures are adopted in matters of transparency, prevention and fight against corruption and other provisions are issued.
Risk Matrix: Is the tool that allows the Entity to identify Corruption Risks or Transnational Bribery Risks.
OECD: Is the organization for Economic Co-operation and Development.
Ethics Compliance Officer: Is the natural person appointed by the General Assembly to lead and manage ARANDA SOFTWARE's Business Ethics and Transparency Program.
Politically Exposed Person or PEP: corresponds to the definition set forth in Article 2.1.4.2.2.3 of Decree 1081 of 2015, as amended by Article 2° of Decree 830 of July 26, 2021.
Compliance policies: are the general policies adopted by the entity to conduct its business and operations in an ethical, transparent and honest manner; and be in a position to identify, detect, prevent and mitigate Corruption Risks or Transnational Bribery Risks.
Corrupt practice: Consists of offering, giving, receiving or soliciting, directly or indirectly, anything of value to improperly influence the actions of another party or for personal gain.
Transparency and Business Ethics Program or PTEE: is the document that includes the Compliance Policy and the specific procedures in charge of the Ethics Compliance Officer, aimed at implementing the Compliance Policy, in order to identify, detect, prevent, manage and mitigate the Corruption Risks or Transnational Bribery Risks that may affect the entity, according to the Risk Matrix, and other instructions and recommendations established by the Superintendence of Corporations.
Foreign public servant: Is as established in paragraph 1° of article 2° of Law 1778.
Bribery: is the act of giving, offering, promising, promising, requesting or receiving any gift or thing of value in exchange for a benefit or any other consideration, or in exchange for performing or omitting to perform an act inherent to a public or private function, regardless of whether the offer, promise, or request is for oneself or for a third party, or on behalf of that person or on behalf of a third party.
Transnational bribery: Is the act by virtue of which, the company, through its employees, administrators, associates or contractors, gives, offers or promises a foreign public servant, directly or indirectly:
(i) Sums of money.
(ii) Objects of pecuniary value.
(iii) Any benefit or advantage in exchange for that public servant performing, omitting or delaying any act related to his or her functions and in connection with an international business or transaction.
Typologies: is a study that analyzes phenomena, sectors, trends or modalities by which acts of corruption, money laundering operations and financing of terrorism are carried out, typologies do not have a direct relationship with the development of criminal, disciplinary and fiscal investigation processes, as they aim at understanding the modus operandi used by the actors involved and not their subsequent resolution before the competent authorities.
ARANDA SOFTWARE frames its corporate management in compliance with six (6) fundamental principles of the PTEE, seeking to generate added value to stakeholders, provided that all activities carried out comply with the regulatory framework and good practices related to good corporate governance and risk management established by the Colombian authorities and qualified foreign entities.
Senior Management recognizes that ARANDA SOFTWARE is prone to the risk of Corruption and Transnational Bribery and therefore is committed to develop activities aimed at creating a culture of risk management by supporting the entity in all stages of the PTEE and providing the necessary tools according to the size and nature of the company.
Within this framework, the following PTEE principles are defined:
6.1. Zero Tolerance for Corrupt Practices
ARANDA SOFTWARE does not tolerate bribery and corruption, nor any other conduct that undermines the ethics and transparency of business and its activities. Therefore, neither the entity nor its counterparties will have the intention to participate, directly or indirectly, in fraudulent practices of bribery and corruption, and will drastically sanction any person who incurs in such practices.
6.2. Honesty
To the extent that all employees are aware of their responsibilities and their labor, ethical and legal obligations, the existing duties of society, the company, the community and the country can be fulfilled. This will require that the commercial and business activities carried out by the company be governed by standards of honesty and legitimacy.
Transparency
This principle seeks that the actions are carried out with good faith, diligence and professional care, permanently ensuring respect for people and compliance with the law, giving priority in their decisions to the principles and values of the company above the particular interest, avoiding any type of conflict of interest.
All actions must always be governed by the general interest and management at all levels must be devoid of any economic interest or personal benefit. Transparent conduct is exempt from payments or acknowledgments to obtain or retain business.
6.4. Loyalty
Without prejudice to the procedures established in ARANDA SOFTWAREall members of the highest corporate body or equivalent bodies, associates, administrators, collaborators, suppliers, contractors and third parties in general, as well as any person who has knowledge of a conduct that constitutes transnational bribery or any corrupt practice related to the company, must immediately report such violations to the Ethics Compliance Officer through the established communication channels. For this purpose, the details of the person who has reported such conduct shall be kept confidential and the channels established in this PTEE Compliance Manual shall be followed.
6.5. Legality
All persons linked to the company are committed to ensuring compliance with the Colombian constitution and laws, as well as with the provisions and regulations issued by the authorities and the rules and policies established by the Company.
6.6. Proportionality
All actions, activities and operations carried out by any of the entity's counterparties must be carried out in a proportional manner, avoiding excessive acts in any of the situations they face at all levels (relationships, operations, discounts, expenses, courtesies, donations, gifts, among others) that imply economic benefits or generate value for the counterparty, the company or third parties.
7.1. Responsibilities
Notwithstanding the functions assigned in the other Compliance Policies, for the purposes of this Program, the Shareholders' Meeting shall have the following functions:
- Ensure the provision of the economic, human and technological resources required by the Ethics Compliance Officer for the development of the Business Ethics and Transparency Program and the related procedures that apply.
- To order the appropriate disciplinary, administrative and legal actions against employees who have management and administrative functions or against partners, when they violate the provisions of the Business Ethics and Transparency Program.
- Evaluate, follow up and, if necessary, require adjustments or modifications to the Transparency and Business Ethics Program.
- Lead an appropriate communication strategy to ensure effective dissemination of the Anti-Bribery and Anti-Corruption Policy and the Business Ethics and Transparency Program to employees, partners, suppliers and contractors and the general public.
- Approve the document that contemplates the PTEE.
- Assume a commitment aimed at preventing the risks of Corruption and Transnational Bribery, so that ARANDA SOFTWARE can conduct its business in an ethical, transparent and honest manner.
7.1.2. Legal Representative
For the operation of the PTEE, at least the Legal Representative or the person acting in his or her stead is required to perform the following functions:
- Submit with the Ethics Compliance Officer, for approval of the Shareholders' Meeting, the proposed PTEE.
- Ensure that the PTEE is in line with the Compliance Policies adopted by the Shareholders' Meeting.
- Provide effective, efficient and timely support to the Ethics Compliance Officer in the design, direction, supervision and monitoring of the PTEE.
- Ensure that the activities resulting from the development of the PTEE are duly documented, so that the information meets the criteria of integrity, reliability, availability, compliance, effectiveness, efficiency and confidentiality.
- The legal representative shall propose the person who will occupy the position of Ethics Compliance Officer, for appointment by the Shareholders' Meeting.
7.1.3 Ethics Compliance Officer
The Ethics Compliance Officer is responsible for the implementation and monitoring of the Transnational Bribery and Corruption Risk Management System. For this purpose, he/she shall perform the following functions:
- Articulate compliance policies with the Transparency and Business Ethics Program.
- Submit to the Assembly reports on its management as Ethics Compliance Officer, on an annual basis, as defined in section 6.1.8.13. Reports.
- Lead the structuring of the Transparency and Business Ethics Program, contained in this Manual.
- Lead periodic bribery and corruption risk assessment activities.
- Inform the Assembly of any violations committed by any employee with respect to the Business Ethics and Transparency Program, so that the corresponding sanctioning procedures may be carried out in accordance with the Code of Ethics and the Internal Work Regulations.
- Select and facilitate ongoing training of employees in the prevention of transnational bribery, during induction and re-induction processes, as defined in section 6.1.8.14 Disclosure and Training.
- Manage the system put in place by the company to receive complaints from any person regarding a case of bribery or any other corrupt practice.
- Order the initiation of internal investigation processes, through the use of its own human and technological resources or through third parties specialized in these matters, when it has suspicions that a violation of Law 1778 of 2016, Law 2195 of 2022 or the Transparency and Business Ethics Program has been committed.
7.1.4 Employees
The main duty of the Employee of ARANDA SOFTWARE is to maintain a strict commitment to the policy of control and prevention of risks in general and in particular the behaviors associated with Corruption and Transnational Bribery set by the company, which will be reflected in the fulfillment of the following duties:
- Apply and comply with the provisions defined in the Transparency and Business Ethics Manual and in the regulatory provisions on which it is based.
- Report any act of bribery and/or corruption within ARANDA SOFTWARE, through the channels provided by the company, as well as cooperate in the investigations that are carried out.
- Participate in the training (induction and re-induction) on the Transparency and Business Ethics Program, to which he/she is summoned.
- For employees involved in the supplier contracting process and in the linking of direct or indirect employees, verify that the documentation provided is complete and matches the information recorded in the supplier knowledge form, ensure that consultation is carried out in binding and restrictive lists and that anti-bribery and anti-corruption clauses are incorporated in the contractual agreements. This is in accordance with internal procedures.
7.1.5 General Counterparties
All of the Company's Counterparties shall be obliged to comply with the functions contained in this Manual, including the following, notwithstanding the fact that some of these functions may also correspond to other bodies or employees of the Company itself:
- Assume at all times a transparent attitude towards the other counterparties.
- Not to offer to the other Counterparties, nor to receive from them, advantages tending to modify the internal procedures in favor of any of the Counterparties.
- Show a behavior in accordance with the law in the performance of their duties.
- Reject and not encourage any acts of Corruption or Bribery towards all Counterparties with whom it interacts.
- To behave ethically and transparently in the management of the Company's human, financial and technological resources.
- Comply with the internal regulations established for contracting and for the acquisition of goods and services.
- Not to conceal any activity related to acts of Corruption or Bribery.
7.1.6 Statutory Auditor
With the issuance of Law 1778 of 2016, the Statutory Auditor was granted oversight powers that exceed those of representing the interests of the partners against the operations that are entered into or executed in the Company. In fact, according to the mandates of Article 32 of the aforementioned Law, the Statutory Auditors acquire the obligation to report to the criminal, disciplinary and administrative authorities, possible acts of bribery and corruption that they may have detected in the exercise of their duties.
7.1.7 Anti-bribery - Anti-corruption Policy
ARANDA SOFTWARE has established conditions to mitigate and control bribery and corruption by defining the HRC-PL-01 - Anti-bribery policy for risk management and compliance, where it is committed to established guidelines to mitigate bribery, transnational bribery and corruption.
7.1.8 Risk Management
ARANDA SOFTWARE defines the HRC-PR-01 - Risk Management and Control Procedure and the HRC-FT-01 - Risk Management Matrix whose scope includes the identification, analysis, evaluation and treatment of the company's risks, addressing bribery, corruption, transnational bribery and any other corrupt practice, likewise, the company defines the HRC-PL-01 - Anti-bribery Policy for Risk Management and Compliance where it is committed to risk management through standardized and controlled tools.
7.1.9 Due Diligence
Counterparts: ARANDA SOFTWARE integrates and standardizes control measures for the identification and knowledge of natural or legal persons prior to establishing a contractual legal relationship of any nature, for this reason in the HRC-PR-02 - Due diligence procedure describes the step by step to know and update the data of their counterparties, in the same way to validate their background and reputation in general.
Changes in shareholder composition: The knowledge of legal entities is an integral part of the identification and control of the members of the company, for this reason the due diligence process must be applied to those who intend to advance any type of business reorganization process such as mergers or acquisitions, see HRC-PR-02 - Due diligence procedure.
New business lines or projects: in each negotiation process and investment analysis, a due diligence on compliance with anti-bribery and anti-corruption rules will be carried out before making a final decision on the investment or merger. Likewise, in the event that the acquisition is finalized
or the merger, ARANDA SOFTWARE will ensure that the acquired company implements, within a reasonable period of time, this Business Ethics and Transparency Program.
Due Diligence performed by ARANDA SOFTWARE is mainly oriented to provide the necessary elements to identify and evaluate the risks of Corruption and Transnational Bribery, which may affect operations, transactions and international contracts or national contracts classified as high risk with (i) private entities of the international and national order, (ii) national and international intermediaries (subcontractors, commission agents, service agents, commercial agents, brokers, etc.) that by virtue of the execution of a contract, a procedure, a license or a payment (including taxes, tariffs, fines, etc.) made to any of our clients, may affect their operations, transactions and international contracts or national contracts classified as high risk.) that by virtue of the execution of a contract, a procedure, a license or a payment (including payment of taxes, tariffs, fines, etc.) made to any national (national, departmental and municipal) and international public entity, participate in such operations (iii) third party beneficiaries of donations, sponsorships and political contributions.
The due diligence activities shall be recorded in writing, in a manner that can be easily accessed and understood by the Ethics Compliance Officer.
In case of a proven finding in the due diligence process of a third party that has been convicted for Bribery and/or Corruption offenses, the company may not have any link with that third party. In case of doubts about the findings, the area concerned should contact the Ethics Compliance Officer for clarification.
7.1.10 Policy on contracts with national or international public entities
In the case of contracts where the third parties are national and/or international public entities, the party responsible for the business must pay special attention to the provisions of the Transparency and Business Ethics Program to guide the conduct to be adopted by employees or third parties (partners, suppliers, subcontractors, commission agents, service agents, commercial agents, brokers, etc.) in the possible relationship with public servants of state entities in strict compliance with the policies and principles set forth in this Manual. An evaluation of the operations and transactions that revolve around contracts entered into with national and international public entities must be carried out.
The Ethics Compliance Officer shall have the authority to audit this type of relationship on a random basis within the company in order to perform a particular evaluation to find findings that allow taking measures to prevent Bribery and Corruption risks.
7.1.11 Policy on formalities or payments to national and international public entities
National and international intermediaries (subcontractors, commission agents, service agents, commercial agents, brokers, etc.) who, by virtue of the execution of a contract, a procedure, a license or a payment (including payment of taxes, tariffs, fines, etc.) made to any national (national, departmental and municipal) and international public entity, participate in such operations.
In cases where procedures, issuance of licenses, payments (including payment of taxes, tariffs, fines, etc.) must be made to public entities (national, departmental and municipal) or international entities, the party responsible for the business or operation must pay special attention to the provisions of the Transparency and Business Ethics Program to guide the conduct that must be taken by employees, partners, suppliers, contractors, subcontractors and third parties in general in the possible relationship with public servants of state entities in strict compliance with the policies and principles set forth in this Manual.
The Ethics Compliance Officer shall have the authority to audit this type of relationship on a random basis within the company in order to perform a particular evaluation to find findings that allow taking measures to prevent Bribery and Corruption risks.
7.1.12 In liaison with domestic and foreign private counterparts
In cases where it is required to do due diligence of third parties such as partners, customers, suppliers, contractors, beneficiaries and third parties in general, outside the linkage processes established by the entity in the Transparency and Business Ethics Program - PTEE, ARANDA SOFTWARE will review the legal aspects (administrative, criminal and disciplinary sanctions), commercial and reputational background, accounting and financial aspects; and possible bad practices of such counterparties.
For the engagement of any third party in the private sector with which domestic or foreign transactions are carried out, due diligence must be carried out by the area interested in the business with the counterparty and other persons involved in the relationship as intermediaries (subcontractors, commission agents, service agents, commercial agents, brokers, etc.).
In case of a finding in the Due Diligence process of a third party convicted for Bribery and/or Corruption offenses, the company may not have any link with such third party. In case of doubts about the findings, the area concerned should contact the Ethics Compliance Officer for clarification.
In order to comply with the policies defined in this section, the procedures established in document HRC-PR-02- due diligence procedure must be followed.
The Ethics Compliance Officer shall have the authority to audit this type of relationship on a random basis within the company in order to perform a particular evaluation to find findings that allow taking measures to prevent Bribery and Corruption risks.
7.1.13 Counterparties for which due diligence will not be performed
ARANDA SOFTWAREdefines that it will not perform due diligence to counterparties such as: Mayors' Offices, Governors' Offices, Public Service Providers, Public Prosecutor's Office, Fuel Sales Companies, Shipping Lines, Restaurants, Chain Stores, Charity and Registry, Notaries, Chambers of Commerce, EPS, Pension Funds, Severance Pay, Compensation Funds, Co-ownership Administrations, Financial Entities, Governmental Entities of Surveillance and Control, Insurers, Companies listed on the Stock Exchange; because understanding the purpose and nature based on the type of transactions or commercial relationship established with them, we consider that they are legal entities that represent a lower risk of Corruption and/or Transnational Bribery for the company since most of them are supervised by a Superintendence and also for the development of our activity we require the services they provide us, mainly those that are part of the public sector mentioned above.
7.1.14 Policies for contracts or agreements with third parties.
All contracts or agreements entered into by the Company must contain clauses, representations or warranties regarding anti-bribery and anti-corruption conduct in matters of compliance, performance, auditing and unilateral termination for engaging in corrupt conduct or transnational bribery. The Legal Department should be responsible for including such clauses in all contracts.
In those cases in which the contract does not contain these commitments in writing, a document containing the provisions established for compliance with the PTEE manual may be prepared, through a document called "Disclosure Letter" in which the supplier or contractor declares compliance with the PTEE manual and the absence of investigations for possible violations of anti-bribery and anti-corruption provisions that may affect the execution of the contract to be entered into, and the status of the same.
Third parties acting on behalf of the company before public or private officials shall know and comply with this Program and shall contractually undertake not to perform any act of corruption and shall allow ARANDA SOFTWARE to monitor or audit their actions in Colombia and abroad.
Contractors acting on behalf of the company before public or private officials must be aware of and undertake to comply with this Program and shall undertake in their contracts to
to refrain from any Act of Corruption and to allow the Company to monitor or audit its actions in Colombia and abroad.
7.1.15 Policy with Operations in countries with high corruption rates
When there are counterparties located in countries with high corruption indexes, they may be classified as high-risk counterparties according to reports published by Transparency International. The Ethics Compliance Officer shall perform random verifications of the due diligence performed with such third parties located in such countries in order to assess whether the counterparty is rated in accordance with its appropriate level of risk, otherwise the Ethics Compliance Officer may change its rating according to his professional judgment in accordance with the principles of prudence and professional care. If necessary, he/she will propose new specific controls to such counterparties.
7.1.16 Third-party payment policy (remuneration and commissions)
Any payment or disbursement of the resources of ARANDA SOFTWARE to its suppliers, contractors and intermediaries, whether domestic or foreign, must be made through banking channels in which it is possible to track all movements and payments, therefore, it is forbidden to make such payments in cash.
All payments made to suppliers, contractors and intermediaries must be supported and documented by the amounts stipulated in the different contractual documents (contracts, purchase orders, service orders, among others), and may be audited by internal and external control entities. These audits shall be aimed at confirming the legality of the payments, the non-diversion of resources, and the non concealment of payments to third parties without documentary justification.
Facilitation payments (Payments given to a public official, business person or third party in general to expedite a procedure or obtain any benefit), are prohibited for any member of the shareholders' meeting, associate, administrator, collaborator, supplier, contractor and third parties in general. Such payments should not be made to public officials, even if they are common practice in a given country.
No employee is authorized to order payments from the Company that are not directly related to the legal, contractual obligations or needs of the Company, that are not adequately supported or that it is not his or her responsibility to order, in which case he or she is exceeding his or her limit of authority. These disbursements include transactions that are made through the cashier's office.
minor. Nor may he receive payments in favor of the Company when in the performance of his duties the receipt of payments has not been authorized.
7.1.17 Mergers and acquisitions policy
ARANDA SOFTWARE will not merge with, nor acquire participation in companies that have been convicted for acts of corruption or transnational bribery. For the above, the Ethics Compliance Officer shall be integrated before any operation of this nature to perform due diligence to ensure that such transaction does not contain any risk for acts of corruption or transnational bribery.
7.1.18 Accounting Records Policy
The Company must keep and maintain records and accounts that accurately and precisely reflect all transactions. Company Employees may not change, omit or misrepresent records to conceal improper activity or that do not correctly indicate the reality or nature of a recorded transaction.
The Company has internal controls to prevent the concealment or disguise of bribes or other improper payments in transactions such as: commissions, fee payments, sponsorships, donations, entertainment expenses or any other item that serves to conceal or disguise the improper nature of the payment originated by bribery or corruption actions.
The Finance area shall verify that the accrual of all accounts payable is supported by an invoice or equivalent document and its attachments. Goods or services received that do not have a valid support will not be authorized for payment until the respective support is received.
7.1.19 Policy on employee behavior with respect to the Business Ethics and Transparency Program - PTEE
The employees of ARANDA SOFTWARE will develop their activities within the framework of compliance with the ethical principles described in this document, which must prevail in all business activities on the operational, administrative and commercial goals, seeking the best development of the corporate purpose, in a framework of transparency and strict compliance with the rules and internal procedures and prevention and monitoring of the risks of Corruption and Transnational Bribery.
It is the duty of ARANDA SOFTWAREits shareholders, its managers, its ethics compliance officer and other related employees, to ensure compliance with the rules aimed at preventing
and control the risk of Corruption and Transnational Bribery, particularly those contained in the legal regulations, with the purpose of not only contributing to the achievement of the State's goals and complying with the law, but also to protect the company's image and national and international reputation.
In reference to the risk of Corruption and Transnational Bribery, all employees:
- They shall know and act in accordance with the above.
- In addition to what is contemplated in this document, it is the responsibility of each employee to report to the Ethics Compliance Officer any unusual or suspicious event or situation that leads him/her to believe that there may be an attempt of corruption and bribery through the different channels provided by the company for such purpose.
- They must put compliance with anti-corruption and bribery prevention standards before achieving business, financial, operational or administrative goals.
- The Ethics Compliance Officer shall provide all necessary support to employees facing a situation of conflict of interest or risk of engaging in corrupt or bribery conduct arising from these business, financial, operational or administrative activities.
- In all cases, employees, collaborators and partners responsible for managing the organization's risk of Corruption and Transnational Bribery must maintain absolute confidentiality on the actions and/or activities of investigation or non-compliance detected by the organization. In no case may customers, employees, directors or other interested parties be informed about reports made on bribery and corruption in which they have been involved.
- They may not warn, alert or disclose to counterparties investigated for possible acts of corruption and bribery. Likewise, the Company shall keep this information and/or documentation confidential.
7.1.20 Policy on extortion
The shareholders, administrators, collaborators, suppliers, contractors and other third parties must reject any direct or indirect request for bribes by a public or private servant, specifically in those cases in which the public or private servant extorts through threats to omit, carry out, accelerate or delay a management in their charge and in relation to an act, business or international transaction in which ARANDA SOFTWARE has a legitimate interest.
It is company policy that associates, shareholders, administrators, collaborators, suppliers, contractors and third parties in general, in consideration of their specific legal relationship with the entity, may not agree to extortion by public or private servants, nor make payments associated with such criminal conduct.
In the event that these extortive behaviors endanger the safety and well-being of associates, shareholders, administrators, collaborators, suppliers, contractors and third parties in general, they must take reasonable and legal measures to safeguard their well-being and safety.
In any case, the Ethics Compliance Officer must be immediately informed of any situation of this type so that he/she may initiate the corresponding actions, particularly so that the legal representative of the Company is informed.
7.1.21 Transparency and Corruption Prevention Management
7.1.21.1 Transparency of information
Financial information and records are the fundamental inputs for the development of processes and the making of the right decisions, and also allow us to demonstrate compliance with our obligations to employees, shareholders, customers, suppliers and regulatory authorities. For this reason ARANDA SOFTWARE guarantees that all records are truthful, valid, complete, accurate and must be in accordance with legal requirements, so that ARANDA SOFTWARE can confirm and retrieve the information in a transparent manner.
In accordance with the above, the statutory auditor's office verifies the financial statements and balance sheets, as well as the accounting movements that may be executed, confirming the veracity of the information recorded and its consistency with the economic, transactional and equity situation of ARANDA SOFTWARE.
All accounting information (records, books, documents) will be available for inspection to ensure that there are no parallel accounts or duplicate accounting.
It is forbidden to issue and/or keep records of non-existent expenses, or of liabilities without correct identification of their purpose, or of transactions that do not contain a genuine and legitimate purpose, in addition to which accounting books or other relevant documents shall not be intentionally destroyed earlier than established by law.
7.1.21.2 Resolution of conflicts of interest
Shareholders, administrators, collaborators, suppliers, contractors and third parties in general must remain loyal to the company and observe the following conduct, which are intended to minimize, manage or eliminate the possible occurrence of a conflict of interest:
- Employees may not have a family relationship with people who have a direct work relationship within the organizational structure of the area and/or in any of the structures of the internal clients with whom they work directly. The above will only be authorized if it is exposed from the selection and hiring process and is authorized by the company's management, the authorization must be registered by e-mail.
- They must avoid any situation in which their own personal or financial interests conflict with those of the Company.
- They must refrain from developing activities for their own benefit within the context of the performance of their duties, to the extent that these conflict with the interests of the Company.
- They must refrain from exploiting, directly or indirectly, any business opportunity that is accessible to the Company, in pursuit of their own benefit or that of third parties involved in acts of bribery or corruption.
- The management of a service for a family member or a third party with personal interests should not be carried out without prior approval from the highest corporate body or a high-ranking employee of the company.
- Discounts or exemptions, or exceptional remuneration of any kind for reasons of friendship or kinship must not be granted without the prior approval of the highest corporate body or a qualified executive.
- Employees must refrain from accepting gifts, presents, offerings, gifts, courtesies, entertainment, attentions, preferential treatment, among others, that may compromise their professional independence and the responsibility of the company. Administrators and employees must refrain from granting, in contravention of legal or statutory provisions, credits or discounts to shareholders, or persons related to them, under conditions that may endanger the solvency or liquidity of the company.
The conflict of interest derived from the aforementioned relationships will be considered a serious misconduct for all legal purposes, as it compromises the personal decision-making judgment of the person who occupies the highest organizational level. It is also considered a serious misconduct for all legal purposes when it is not declared in time or if, as a result of the relationship, the interests, policies or benefits of the organization are contravened.
Notification of conflict of interest situations: it will be an essential obligation for all collaborators to notify human management that they have a sentimental, family, commercial or shareholder relationship that may represent a conflict of interest with the company or with third parties linked to it.
Failure to comply with the aforementioned obligation shall constitute a serious violation of the obligations arising from the contract, and the employer may take the corresponding measures in accordance with the legal regulations in force.
Notification procedure: situations that could constitute a conflict of interest must be notified to their immediate superior and to the Human Resources area as soon as they are perceived and prior to the execution of any action that could be affected by them.
Notification of conflict of interest with suppliers: in the case of those persons who notify that they have a sentimental or family relationship with third parties (suppliers, personnel of government entities with which they have a relationship in the performance of their duties, etc.), the company reserves the right to seek the services of another supplier that offers the same quality, benefits and/or costs of the current one.
In the event that the supplier is a key supplier for the organization or that the termination of the service with the supplier implies a risk or disadvantage or the service contracted is essential for the continuity of the business, the Ethics Compliance Officer and the hierarchical superior must be notified, who together with the Human Resources area must seek the transfer of the collaborator to maintain the business relationship with the supplier, or limit their functions in order to eliminate the conflict of interest.
Exceptions: any exception to these guidelines must be validated by the Ethics Compliance Officer and authorized by the Legal Representative, through a written document describing the exception.
7.1.21.3 Protection of Contractuals
In order to prevent the occurrence of bribery, transnational bribery, corruption and other corrupt practices, commitments must be subscribed in labor contracts, security agreements, contracts and records of knowledge signed by employees, customers and suppliers, respectively.
These contracts must stipulate the origin of the funds, their legality and/or penalties related to misconduct, as well as a plan of action to withdraw from the business when this could be detrimental to ARANDA SOFTWARE. The right of termination of labor or commercial relations must be clearly stipulated in the contracts, knowledge forms and/or service level agreements, in case it is identified that the counterparty incurred or is executing acts of bribery and/or corruption or is being subject to formal investigation - preliminary or final - for the acts mentioned above, by any local or foreign authority.
7.1.21.4 Declaration of employees exposed to increased risk
Exposed employees are those who, according to the nature of their position, perform functions associated with suppliers and customers who are exposed to greater risk, which is why they must sign an additional Yes to the employment contract where the specific clause of knowledge and acceptance of the Code of Ethics and the Transparency and Business Ethics Program is provided. With this, the employee agrees to comply with the provisions of this Program, being informed about the sanctions and consequences that apply at the time of non-compliance.
7.1.21.5 Policy for Delivery and Receipt of Gifts and Entertainment to Third Parties
For the company it is very important to establish the guidelines that determine a lawful conduct regarding the delivery and receipt of gifts and entertainment to third parties, therefore, ARANDA SOFTWARE approved the HGF-PL-02-Policy of delivery and receipt of gifts and entertainment to third parties which was socialized to all staff.
7.1.21.6 Remuneration and commission payments to sales force.
Remunerations and commissions to the sales team have been established since the signing of their labor contracts and their increases will correspond to what is required by law or as authorized by the President's Office. The variable income for commissions must correspond to that authorized by the presidency, as well as the changes that the same scheme undergoes in the course of time. The information on the commission scheme may be consulted by the Ethics Compliance Officer in the Financial area, which are established from the definition of HGF-PL-04 - Sales Policy and HGF-FT-05 - Authorization Matrix.
7.1.21.7 Meals, lodging and travel expenses
Payments for travel expenses are made in accordance with HGF-PL-03 - Expense Reimbursement Policy and HGF-FT-05 - Authorization Matrix. All supporting documents must be retained to determine compliance with the aforementioned procedure.
7.1.21.8 Prohibition of bribery and facilitation payments
Employees of ARANDA SOFTWARE acts of offering, promising or paying; or arranging for a third party to offer, promise or pay, bribes, kickbacks, hidden commissions, lavish gifts, illegal services, excessive entertainment or anything else of value to any person for the purpose of exerting undue influence on the recipient; inducing the recipient to violate his or her obligations; securing an undue advantage for the Company; or rewarding the recipient for any past behavior. Such offers, promises and payments are prohibited even if payments are made personally with your own money without seeking reimbursement from the Company. You also may not receive any improper payment, gift or service.
Likewise, it is forbidden to make facilitation payments that seek to secure or expedite administrative or routine procedures of any authority. In addition, under no circumstances will bribes be given through third parties outside of ARANDA SOFTWAREsuch as external agents, consultants, shareholders, representatives, suppliers or other intermediaries acting on behalf of the company.
7.1.21.9 Antitrust/Competition Laws
In order to ensure competitive behavior that does not generate monopoly or admit certain practices considered harmful to companies, consumers or both, or to those who
violate standards of ethical conduct in general. For ARANDA SOFTWARE it is very important to be aligned with the applicable legal requirements in force.
No employee may share commercially sensitive information with competitors without the prior approval of the President's Office by signing a confidentiality agreement. Employees and Senior Management of ARANDA SOFTWAREemployees and senior management, and anyone acting on behalf of the company, who believe they have been involved in and have knowledge of an activity that may present a problem with applicable antitrust and competition law must report it immediately.
The following are behaviors that the company considers inappropriate and prohibited:
- Agreeing with a competitor to divide or otherwise share the market or customers.
- Agreeing with a competitor on pricing.
- Collaborate or coordinate with a competitor in a competitive bidding process.
- Agreeing with a competitor to boycott another business.
- Discussing commercially sensitive information with a competitor.
Offering, giving, promising, or authorizing money or any material good (cash, gifts, loans, meals, travel, lodging) to any International or National Public Official, or natural person or legal entity, with the purpose of obtaining, retaining or directing business to any person, in order to obtain an undue advantage or benefit.
7.1.21.10 Political Contributions
ARANDA SOFTWARE will not make donations of political character, in the same way it is established that the individual participations of the employees in politics will never involve the use of funds, time, equipment, resources, facilities, the brand or the name of the company.
7.1.21.11 Donations
The company is committed to the development and support of the community, therefore it has established the HGF-PL-01 - Donations Policy, which provides guidelines for the execution of donations in a controlled manner that allows to maintain due diligence to the final beneficiary, managing to keep controlled the risks of corruption, bribery and transnational bribery.
7.1.21.12 Reporting of Transnational Bribery Activities and Other Corrupt Practices
ARANDA SOFTWARE promotes integrity and reputation through ethical and lawful conduct, is one of the main priorities to protect the values and avoid possible damage to the company, therefore it is important that the parties are aware of compliance violations.
Therefore, for ARANDA SOFTWAREit is essential that the corporate culture remains open and oriented to its values. Leading to process leaders, employees, suppliers, customers and other sectors that observe or have knowledge of the materialization of risks such as bribery, transnational bribery and corruption communicate and report them within the organization or otherwise to the competent authorities.
Use whistle-blowing channels in a responsible manner, without abusing their use to direct insults, defamations, or other criticisms that harm another person, without incriminating evidence.
Complainants should only provide information of which they are convinced of its veracity.
Service channels
To report any compliance incident, you can contact the Ethics Compliance Officer through in-person reports, anonymous calls (601) 756 3000 - 321 4699008, suggestion box or oficialdecumplimientoptee@arandasoft.com with the following information:
a. Type of incident.
b. Names of the persons involved.
c. date, time, and place of incident.
d. Frequency of the Incident.
Reports are confidential and you will not have to disclose your identity if you do not wish to do so.
Examples of issues that could be reported include concerns about:
a) Financial reporting.
b) Internal controls (such as fraud).
c) Public disclosure or withholding of records.
d) Price fixing or competition law/antitrust matters.
e) Corruption.
f) Inappropriate payments or gifts (bribery).
The Ethics Compliance Officer monitors and controls the complaints filed by means of HRC-FT-02 - Complaint Control Form.
7.1.21.13 Reports
Annually, the Ethics Compliance Officer will report to the Shareholders' Meeting. This report is made under the EMC-FT-07 - Ethics Compliance Officer Report Format which mentions the evaluation and analysis of the efficiency and effectiveness of the Business Ethics and Transparency Program and, likewise, the respective improvements.
7.1.21.14 Disclosure and Training
The Human Resources area will be in charge of preparing the six-monthly schedule and execution of the dissemination and training of the Business Ethics Program, under the guidance and support of the Ethics Compliance Officer. This schedule is recorded in the HAR-FT-03 format - training schedule.
During the induction process for new employees, everything related to the transparency and business ethics program is included, and this is the evidence of its communication. As for former employees, this should be done during the annual re-induction process in order to promote a culture of ethics. The evidence of the training will be done by generating the format that is downloaded from the online tool, all training activities are evaluated these results are presented to the Ethics Compliance Officer to take action in cases deemed necessary.
7.1.21.15 Internal auditing mechanisms and standards
The Ethics Compliance Officer in the exercise of his duties may schedule and execute audits annually or whenever he determines necessary to validate compliance with the provisions of this program and procedures of the company, leading to identify deviations or potential non-compliance. As evidence of this audit, the format HRC-FT-03 - Audit checklist format is generated. This activity includes the total verification of the implementation and compliance with the policies and procedures established for the PTEE. In the supervision by the Ethics Compliance Officer regarding the management of the Risk of Corruption and Transnational Bribery in relations with State Entities or in national or international Businesses or Transactions in which it participates. ARANDA SOFTWARE. For this purpose, the activities described in the document HRC-PR-03- procedure for events of corruption and transnational bribery, which allows the Ethics Compliance Officer to verify the effectiveness of procedures aimed at preventing any act of corruption or bribery will be performed.
7.1.21.16 Consequences and Penalties
Failure to comply with this program constitutes a violation of the labor (employees) or commercial (suppliers and contractors) contract, therefore, the respective sanctions will be applied, which may even imply the termination of the labor or commercial relationship. Fines, administrative or criminal penalties may also be incurred in accordance with the provisions of Law 2195 of January 18, 2022 and those that modify it.
In the case of employees, and depending on the seriousness of the specific case, the appropriate measures will be applied, acting in accordance with the provisions of the Substantive Labor Code, Internal Labor Regulations and the Code of Ethics. Labor sanctions shall be applied without prejudice to other civil, administrative and criminal sanctions existing in the current regulations that may be applicable against the aforementioned employees, administrators and directors, including, especially, those related to Corruption and Transnational Bribery and those contained in the Colombian Criminal Code and the regulations that add or modify it.
It is the responsibility of ARANDA SOFTWAREto verify that employees, managers and directors comply fully with the instructions given and that any irregularity related to Corruption and Transnational Bribery is immediately brought to the attention of the Ethics Compliance Officer.
7.1.21.17 Archiving and Preservation of Documents
Section 5.1.5.2. of Chapter XIII of the Basic Legal Circular, mentions that "the supports must be kept in accordance with the provisions of Article 28 of Law 962 of 2005, or the rule that modifies or replaces it". Therefore, ARANDA SOFTWARE defines that the supports of the reviews, evaluations and audits of the PTEE, as well as the information of transaction records, due diligences and in general, all documentation related to the implementation and execution of the PTEE, must be organized and kept for at least ten (10) years, ensuring the integrity, timeliness, reliability, confidentiality and availability of the information since such supports may be requested by the competent authorities.
The documentation of the Transparency and Ethics Program includes the Anti-Bribery and Anti-Corruption Policy, procedures, documents related to international business or transactions, reports of the Ethics Compliance Officer, risk matrix, documentation of disclosure and training, control of complaints with their respective supports, among others.
The persons responsible for the documentation of the Business Ethics and Transparency Program within ARANDA SOFTWARE shall ensure its integrity, reliability, availability, compliance and confidentiality, in accordance with the provisions of the document EMC-CP-01 - Preparation of documents and records.
7.1.21.18 Policy Translation
The Transparency and Business Ethics Program documentation does not need to be translated into other languages since the operations generated are at the national level.
Risk management is defined as the process of planning, organizing, directing and controlling the activities related to the identification and analysis of the risks to which the company is exposed, with the purpose of defining an appropriate response that allows mitigating, minimizing, retaining, transferring, sharing, assuming or, in the worst case, eliminating them. Adequate risk management is reflected in assertive decision making and in minimizing the possible materialization of the risk, reducing its possibility of occurrence and/or impact that contribute to the fulfillment of the Company's objectives.
For the above reasons, ARANDA SOFTWARE defined the following C/ST risk management scheme:
8.1 C/ST Risk Identification Stage and its Risk Factors
The main purpose of this stage is to identify the risks for each of the risk factors (country, economic sector and third parties).
8.1.3 Policies for the identification of C/ST Risk and its Risk Factors
The identification of risks shall be carried out by the Leader of each company process with the guidance of the Ethics Compliance Officer. It must be performed taking into account the sources of risk, processes and sub-processes.
- The identification of risks is based on the evaluation of risk factors.
- Risk identification must be carried out prior to the launch of any product, modification of its characteristics, entering a new market, opening operations in new jurisdictions and launching or modifying distribution channels.
- The leader of each process is responsible for managing the risks that, together with the Ethics Compliance Officer, are identified.
- The typologies, which are defined as the processes or methods adopted by corrupt parties to obtain a particular benefit for a third party or for themselves, should be used as a reference for the identification of C/ST risks.
8.1.4 Methodology for the identification of C/ST Risk and its Risk Factors
The identification should include all aspects of risk, whether or not they are under the entity's control, bearing in mind that failure to identify an actual or potential risk reduces the effectiveness of subsequent analyses and limits the organization's management of C/ST risk.
In order to carry out the risk identification process, the policies defined by the Company in this Manual and in the procedures established in document HRC-PR-01 - Risk Management and Control Procedure must be complied with.
8.2 C/ST Risk Measurement Phase
Once each of the C/ST risks has been identified, the frequency of occurrence of the inherent risk must be established for each of the risk factors, analyzing both the frequency of occurrence and materialized events and the impact in case of materialization, in the different aspects analyzed (Financial, Operational, Legal, Reputational and Contagion).
8.2.3 C/ST Risk Measurement Policies
The policies are:
- The measurement of risks shall be performed by the Leader of each company process with the guidance of the Ethics Compliance Officer. It should be performed taking into account the sources of risk and areas of impact.
- The identification of risks is based on the evaluation of risk factors.
- The leader of each process is responsible for managing the risks that, together with the Ethics Compliance Officer, are qualified.
8.2.4 Methodology for C/ST Risk measurement
In order to carry out the measurement of C/ST risks, methodologies have been established that allow the corresponding actions to be taken in relation to the exposure of such risks.
In order to carry out the risk measurement process, qualify them and determine the inherent risk profile, the policies defined by the Company in this Manual and the procedures established in document HRC-PR-01 - Risk Management and Control Procedure must be complied with.
8.3 C/ST Risk Control Stage
For an adequate and effective management of C/ST risks, it is essential to be able to determine, taking into account the cost/benefit, which control is the most appropriate for each exposure window.
8.3.3 Policies for the C/ST Risk Control Stage
The policies are:
- Exposure to C/ST Risks must have at least one control for each risk identified in the previous stage. If there is evidence of risks that are not mitigated by a control, these cases must be reported to the Shareholders' Meeting immediately.
- To ensure the effective operation of the controls, ARANDA SOFTWARE will evaluate them periodically (at least once a year), taking into account the variables of coverage and effectiveness of the Control. This validation is in charge of the process leaders as directly responsible for its implementation and maintenance under the guidance of the Ethics Compliance Officer.
- Depending on the control rating scale, the risks may decrease, the probability of occurrence and/or impact, up to a maximum of two levels according to the methodology.
- Once the inherent risk controls have been applied, the result generates the residual risk profile, which cannot be higher than the "Moderate" category. Otherwise, additional control(s) will have to be generated to mitigate the residual risk, bringing it to the permitted category.
8.3.4 C/ST Risk Control Assessment Methodology
In order to ensure that the controls adequately mitigate C/ST risks, it is necessary to establish methodologies to validate the effectiveness of the control and take the corresponding actions in relation to the exposure of such risks.
In order to carry out the risk measurement process, qualify them and determine the residual risk profile, the policies defined by the Company in this Manual and the procedures established in document HRC-PR-01 - Risk Management and Control Procedure must be complied with.
8.4 C/ST Risk Monitoring Phase
The Legal Representative in conjunction with the Ethics Compliance Officer must perform a general supervision and monitoring of the Business Ethics and Transparency Program, validating its effective, efficient and timely compliance. If these reviews reveal deviations or the need to reinforce the Program, corrective measures and updates to the Program should be adapted as circumstances require.
This will be done through the review of:
- Risk matrix.
- Application of due diligence procedures for suppliers and contractors, employees, partners, shareholders, beneficiaries of donations.
- Presentation of reports by the Ethics Compliance Officer to the meeting.
- Training development.
- Availability of complaint channels.
- Control of complaints.
- Archiving and preservation of documentation, among others.
For this same purpose, the Statutory Auditor shall perform the corresponding analyses and evaluations in order to report to the Shareholders' Meeting any possible acts of bribery and corruption detected in the performance of his duties.
The United Nations Office on Drugs and Crime (UNODC) and the U.S. Department of Justice have established the following typologies (modalities) of bribery and corruption, among which the following stand out:
9.1 General Types of International Bribery
INFLUENCE PEDDLING
The public servant uses his position improperly to pressure the direction of a pre-contractual process and influence the awarding of a bid in favor of a particular bidder. In this way, the principles of objective selection, transparency, accountability, equality and economy, provided for in the public contracting statute, are seriously affected.
The public servant benefits from the payment of commissions and other types of benefits received from the successful bidder in the process.
SOLICITATION OF PUBLIC OFFICIALS AND PAYMENT OF BRIBES "KICKBACKS".
This modality refers to the solicitation of commissions and extortion of contractors by public officials to ignore breaches of contract.
In some cases, the request implies the payment to the public official of periodic commissions or the delivery of a percentage of the sums received for additions to the contract. Such agendas are justified under the pretext that they are indispensable for the optimal fulfillment of the contractual obligations, or that they are the result of unforeseen changes in the conditions of execution of the contract, among other reasons.
The officials involved will be willing to obstruct the auditing processes that may be presented, in order to hide the undue agreement that the parties have. If necessary, they will even share part of their "profits" with the auditors who show interest in participating in the "business".
OFFERING TO PUBLIC OFFICIALS AND PAYMENT OF BRIBES "KICKBACKS".
This typology refers to the payment of "bribes" or kickbacks by a bidder/contractor to public officials who favored a private party in a bidding process and to public officials who omitted their control function.
The individual agrees with public officials the payment of a specific amount as a reward for the direction of the pre-contractual process (through the rigging of the bidding documents and the evaluation of the bids), resulting in its award to a company that does not meet the requested requirements, in flagrant violation of the principles of objective selection, transparency and equality of the public procurement statute.
Subsequently and with the purpose of not being sanctioned for noncompliance, the private individual pays a bribe to an official of a control agency so that the latter does not perform his or her work. Corrupt public servants may receive the bribe payment on behalf of a third party close to them, in kind with assets that can be legally and permanently exploited or renegotiated. They may also set up a trust for administration and payments in order to make periodic payments with the yields produced with the investment made. The main objective is to take advantage of the apparent anonymity provided by the fact that it is a company that makes the payments.
UNFAIR SUPERVISION AND AUDITING
This typology refers to the manipulation of the auditing function carried out by private individuals, with the interest of benefiting a third party.
In this way, the auditors unduly hinder the execution of a contract. To this end, it makes frequent and unnecessary requests or issues erroneous technical concepts, among other practices, in order to pressure the contractor into non-compliance.
CARELESSNESS IN THE EXERCISE OF PUBLIC SERVICE
This modality is presented in the absence of due diligence in the collection management of private companies by a public entity.
In effect, the officers negligently ignore their collection obligations, which generates an unjustified increase in the portfolio owed to the entity.
This omission disregards the mandate to safeguard public resources and the general interest.
PAPER" CONSORTIUMS OR TEMPORARY JOINT VENTURES
Improper use of the figure of consortiums or temporary unions to contract with the public sector in order to benefit during the execution of the contract. This typology refers to the payment of "bribes" or kickbacks by a bidder/contractor to public officials who favored a private party in a bidding process and to public officials who omitted their control function.
The private individual creates a corporate scheme without the patrimonial capacity to contract, resulting in the award to a company that does not meet the requested requirements, flagrantly violating the principles of objective selection, transparency and equality of the public procurement statute. It resorts to fiduciary schemes to leverage third parties whose resources do not have a clear origin and can, through the scheme, disperse resources of advances or payments whose main destination is not necessarily related to the object of the contract.
The trustor beneficiary of the advance orders as payment to third parties, outflow of resources for himself or for members of the corrupt organization, in small and medium amounts, via international transfer or disseminated to many people who do not necessarily have to do with the object of the contract. They can also make physical transfers or shipments abroad to pay from another jurisdiction overdue debts in favor of a "local exporting company" (generally with economic difficulties) to justify the resources.
GHOST" BENEFICIARIES
Manipulation and alteration of databases to obtain resources for persons to whom a service is not being provided. This typology refers to the embezzlement of the State in cases where a payment or transfer is recognized for a person benefiting from a public service, whether provided by public or private institutions.
To this end, the number of people served is "inflated" in order to misappropriate public resources. In some cases, the individuals who incur in these actions benefit from additional bonuses for the care of a certain minimum number of people, which constitutes a strong incentive to continue "inflating" the figure.
Once the State transfers the resources, those involved extract the money through other illicit actions, such as charging for services that have not been rendered, over-billing, etc. To keep up appearances, databases are manipulated and the control function of the service in question is hindered. In some cases, the officials in charge of supervision, monitoring and control even participate in the agreement and benefit financially from part of the resources that are diverted.
Generally, several public servants and private individuals are involved, so the amounts involved in the corruption must be distributed among all those who are part of the corrupt criminal structure. Similarly, criminal corruption or laundering organizations may try to justify the return of foreign currency generated by the fictitious export of services, the provision of which is difficult to quantify, given its intangible nature.
LIGHTLY" ACQUISITIONS
Acquisition of a good or service without due diligence by a public entity. This typology refers to the absence of due diligence in the negotiation and acquisition of a good or service by a public entity, generating a financial detriment to the State in favor of public servants.
Public officials of an entity in charge of providing an essential public service to the community authorize the acquisition of a good or service for a value significantly higher than the market price, evidencing that the procedure to safeguard public resources and the general interest was not fully complied with. These officials subsequently benefit from the payment of commissions granted by the favored bidder.
Then they make temporary investments through their family group or circle of friends, in vulnerable sectors where cash is admitted without much inquiry as to its origin, seeking to give the appearance of legality to these illicitly obtained commissions, i.e., they launder the assets. To this end, funds may be transferred to other jurisdictions, particularly those designated as financial centers.
10.1 International Norms and Standards
- 1996] The Inter-American Convention against Corruption of the Organization of American States - OAS;
- [2004] The United Nations Convention against Transnational Organized Crime.
- [2004] The United Nations Convention against Corruption (UNCAC);
- [1998/2012] OECD Convention on Combating Bribery of Foreign Public Officials in International Business Transactions.
10.2 Colombian Standards
[1995] Article 86, paragraph 3 of Law 222 of 1995 states that the Superintendency of Corporations is empowered to impose sanctions or fines, successive or otherwise, up to two hundred (200) SMMLV, on those who fail to comply with its orders, the law or the bylaws.
[2011] Law 1474 of July 12, 2011, which establishes rules aimed at strengthening the mechanisms for the prevention, investigation and punishment of acts of corruption and the effectiveness of public management control, and establishes private corruption and unfair administration as criminal offenses.
[2016] Law 1778 of February 2, 2016 by which rules are issued on the liability of legal persons for acts of transnational corruption and other provisions are issued in the fight against corruption. In addition, in its article it establishes the duty of the Superintendence of Companies to promote in the companies subject to its surveillance, the adoption of transparency and business ethics programs, internal anti-corruption mechanisms, internal audit mechanisms and standards, promotion of transparency and mechanisms for the prevention of Transnational Bribery conducts.
[2016] External Circular 100-000003 of July 26, 2016, establishes the guide aimed at implementing business ethics programs for the prevention of the conducts provided for in Article 20 of Law 1778 of 2016.
[2018] On July 26, 2018, the Delegate for Economic and Accounting Matters and Coordinator of the Transnational Bribery and Special Investigations Group of the Superintendency of Companies published the practical guide to understanding the fight against international bribery in Colombia.
[2020] Article 7, paragraph 28 of Decree 1736 of 2020 establishes that it is the responsibility of the Superintendency of Companies to "instruct, in the manner it determines, entities subject to its supervision on the measures they must adopt to promote transparency and business ethics in their business practices in order to have internal mechanisms to prevent acts of corruption (...)", so as to have more companies, more employment, and competitive, productive and sustainable companies.
[2021] External Circular 100-000011 of August 09, 2021, fully modifies External Circular No. 100-000003 of July 26, 2016 and adds Chapter XIII of the Basic Legal Circular of 2017, where administrative instructions and recommendations aimed at implementing transparency and business ethics programs through self-control activities and management of corruption risks and transnational bribery risks are established.
[2021] External Circular 100-000012 of August 09, 2021. It contemplates the Policy of Supervision of PTEE by the Superintendence of Companies, which is based on three fundamental pillars: (i) pedagogy; (ii) regulatory compliance, and (iii) timely and early action.
[2022] Law 2195 of January 18, 2022 "Anticorruption Law". Whereby measures are adopted regarding transparency, prevention and fight against corruption and other provisions are enacted.
HRC-PR-01 - Risk management and control procedure.
HRC-PR-02 - Due Diligence Procedure.
HRC-PR-03 - Procedure for corruption and transnational bribery events. - HRC-PR-04 - Ethics Line Procedure.
HRC-FT-01 - Risk Management Matrix.
HRC-FT-02 - Complaint control form.
HRC-FT-03 - Audit Checklist Format.
HAR-FT-03 - Training Schedule.
HGF-FT-05 - Authorization Matrix.
HRC-PL-01 - Anti-bribery policy for risk management and compliance.
HGF-PL-01 - Donation Policy.
HGF-PL-02 - Policy for delivery and receipt of gifts and entertainment to third parties.
HGF-PL-03 - Expense Reimbursement Policy.
HGF-PL-04 - Sales Policy.
EMC-PR-01 - Procedure for the preparation of documents and records}.
EMC-FT-07 - Official compliance report form.
