Organisational Model adopted by SCA HYGIENE PRODUCTS S.p.A. English version 1

Transcription

1 General part Organisational Model adopted by SCA HYGIENE PRODUCTS S.p.A. English version 1 INDEXED GENERAL PART Pag. Premises: definitions 1 1 The Legislative Decree n.231/ Adoption of the model on behalf of the Companies 15 3 Structure of the model 19 4 The predisposition of the preventive control system 23 5 The Supervisory Board Requirements of the Supervisory Board Appointments and revocations Functions and powers of the Supervisory Board Reporting lines to the Supervisory Board Reporting of the Supervisory Board regarding the companies 33 6 The disciplinary system Measures for supervisors, employees and workers Measures for directors Measures for executives and auditors Measures for collaborators and external consultants 35 1 The current document corresponds to the summary of the Organizational and Control Model adopted by the Board of Director of Sca Hygiene Product to comply with the Legislative Decree no. 231/

2 7 Training of the model 35 8 The system of control 37 Premise DEFINITIONS - Sales Agents: those who act in name and or on behalf of SCA on the basis of a mandate or other professional collaboration relationship regulated by Agency Contract; - Technical Assistance: those who act in and or on behalf of SCA on the basis of a mandate or other professional collaboration relationship regulated by a Contract of Technical Assistance; - CCNL: the National Collective Work Contracts applied by SCA. - Code of Ethics: along with rights, duties and responsibilities expressed by SCA and also by the group leader SVENSKA CELLULOSA AKTIERBOLAGET SCA AB, with its office in Stockholm (SWEDEN), with the purpose to promote rules of comportment for people who, with a diverse title, act for or collaborate with SCA (Persons Apical, Employees, Employees with executive qualifications, Collaborators, etc.) - Collaborators: Consultants, Sales Agents, Technical Assistance or collaborators with other titles; - Consultants: those who act in name and or on behalf of SCA based on a mandate or other relationship of professional Consultancy collaboration; - PARENT COMPANY : SCA GROUP Holding BV, with head office in Holland, controlling SCA 100%; 2

3 - Employees: all SCA Employees, in the organised structure and operations of SCA including the employees with executive qualifications; - D.Lgs 231/2001 and or the Decree: the legislative decree n.231 of 8 th June 2001; - Companies: the corporate Group to which SCA belongs and which exercises management and coordination; - Guide Lines: the Coinfindustria guide lines (approved on the date 7 th March 2002 and subsequent updates) and of Assobiomedica (approved 25 th February 2003 and subsequent updates) for the construction of organisational, management and control Models ex D.Lgs 231/2001, approved by the Ministry of Justice; - Organisational Model: the organisational Model, management and control foreseen by D.Lgs. 231/2001; - P.A Public Administration (all public companies, territorial and non, members and the companies organs) - with reference to crimes against the P.A, public officials and persons appointed by the public service (eg. Dealers in the public service, etc), are included; - Sensitive processes: activities in SCA in which the risk of committing Crimes occur (they may have a commercial, financial, technical or corporate nature); - Protocol/Procedure: a specific method to perform an activity or process; - Crimes: the crime case where the discipline foreseen by D.Lgs. 231/2001 is applied; - Risk Assessment: analysis activity of risk aimed at identifying the areas/processes, the sectors of activities and the manner in which they may directly or indirectly connect potential risks in order of the possible commission of crime for which administrative responsibility could result in that of the company; - SCA: SCA Hygiene Products Incontinents S.p.A Legal Office in Capannori (LU), Via della Madonnina n. 37 C.F ; 3

4 - Disciplinary system: along with principles and appropriate procedures that penalize non-compliance of the measures envisaged by the management System for Crime prevention; - Management System for Crime prevention: the part of the general management system which includes the organizational structure, the corporate policies, planning activities, the responsibilities, the procedures, the processes, the necessary resources to implement the policies for Crime prevention; - Persons in apical positions: representatives, of administration or management of SCA or of one its organisational units with financial and functional autonomy, as well as persons who exercise, the management and control of the company. 1.The Legislative Decree n.231/ REGULATIONS On 8 th June 2001, in the execution of the delegation of which art.11 of the L.29 September 2000 n. 300, The Legislative Decree was issued n. 231, effective the following 4 th July (the following Decree), titled: The Discipline of the administrative liability of legal Persons, companies and associations including those without legal status. Thus the Legislator intended to adapt the matter of the internal regulations to be the responsibility of the corporate body in the International Conventions to which Italy already adheres. The Decree has thus introduced a regime of administrative responsibility in the Italian System (equal to in substance the penal responsibility) chargeable to the Corporation for various 4

5 offenses committed, in their own interest or advantage, from diverse categories of subjects: - Persons representative of administration or the management of the company or of one of its organizational units with financial and functional autonomy (Persons in apical position) - Persons exercising the management and control of the company (also considered such Persons in apical position) - Persons subject to the management or the supervision of one of the persons indicated in the two previous points (subordinate persons). Amongst foreseen penalties, the most severe represented by such disqualification measures as the suspension or retraction of licences and concessions, the prohibition of contract the P.A., the legal disqualification to practice the activity, the exclusion or retraction of funding and contributions, the prohibition to promote goods and services. The responsibility foreseen of the Decree, which is joined to that of the person who physically created the fact, aimed however to involve the Corporation in the retribution of some impeachment/crimes committed in their interest or to the own benefit: the Corporation must not respond to the impeachment committed by the physical persons, but by an autonomous illicit administration, referable to the organizational deficiency which arises where the crime factor may be attributable to the organization. The responsibility foreseen by the Decree is set also in consequence of crimes committed abroad, provided that the State of place in which the crime was committed doesn t proceed. The first typology of crime according to the Decree, which requires the administrative responsibility of the Corporation, is that of 5

6 Crimes Committed towards the Public Administration, which are detailed in the art. 24 and 25 of the Decree, or rather: - misappropriation of contributions, funding or other disbursements on behalf of a public body (316 3rd pen.cod.); - defrauding the State o other public body (art. 640, II para.. N.1 pen code); - swindling for obtaining public grants (art nd pen code.); - information technology fraud against the State or other public body (art. 640 ter pen code.); - corruption act for office (art. 318 pen code. Art 321 pen code.), The Decree represents the adaptation of Italian law to certain international conventions already subscribed by Italy: the Convention in Brussels 26 th July 1995 on the protection of financial interests of the European Community; the Convention in Brussels 26 th May 1997 on the fight against corruption of public officials be it in the European Community as well as in the State members; the Convention OCSE of 17 th December 1997 on the fight against corruption of foreign public officials in economic operations and international. - corruption act contrary to official duties (art. 319 pen code. Art. 321 pen code); - corruption in judicial acts (art. 319 ter pen. Code, art. 321 pen code); - incitement to corruption (art. 322 pen code); - corruption of those responsible in the public service (art nd pen code.); - extortion (art Pen code); - embezzlement against the State or other public bodies (art nd pen code); 6

7 - embezzlement, extortion, corruption and incitement to the corruption of members of the bodies of the European Community and Foreign Countries (art. 322 bis pen code.). Subsequently, the Legislator has passed the law n. 48, effective as of 5 th April 2008, on the ratification and implementation of the Convention of the European Council on information technology crime. With such standards, modifications to the penal code have been made on computer crimes and have been introduced in the art. 24 2nd at D. Lgs 231/01, for the criminality of the Company in relation to computer crimes and the treatment of illicit data, as foreseen in art nd, 615 3rd 5th, th and 5 th, nd -5 th, th and 5 th, nd -5 th, th of the penal code. Dealing particularly with the following crimes: -Electronic documents (art nd pen. Code) For the criminality of the falsity regarding both private and public electronic documents, having effectivr evidence. -Unauthorized access to the computer system or data transmission (art rd. pen.cod.) -illegal possession and distribution of access codes and computer system or data transmission (art th pen.cod.) -distribution of equipment, devices or computer programmes to damage or interrupt the computer system or data transmission (art th pen.cod.). -interception, impediment or illicit interruption of computer communication or data transmission (617 4th pen.cod.). -installation of equipment acts to intercept or interrupt computer communications or data transmission (617 5 th pen.cod.) -impairment of information, data and computer programmes (art 635 2nd pen.cod) 7

8 -impairment of information, data and computer programmes used by the State or by other public bodies or however public utilities (635 3rd pen.cod.) -impairment of computer systems or data transmission (art th pen.cod.) -impairment of computer systems or public utility data (art th pen.cod) -computer fraud of the maintenance persons certifying electronic signatures (art th pen.cod.) The Laws n. 94 of 15 th July 2009, n. 99 of 23 rd July 2009 and n.116 of 3 August 2009, besides containing several modifications and integrations to the penal code, have expanded the possibility of administrative liability of the companies introducing the legislative decree in the text on 8 th June 2001, n. 231, article 24 3rd regarding the criminal offence of organized crime. The addition of criminal offences against organized crime in foreseen crimes by D/lgs. 231/01 doesn t represent absolute news, in fact, art. 10 of law 146/2006 already Ratification of the Convention ONU on the battle of transnational organized crime had foreseen several associative rights between alleged crimes in the case in which crimes may have transnational characteristics. Such an introduction and extension even in a national environment responds to the need to reinforce the battle against corporate crimes (for example fiscal fraud, illicit trafficking of waste, etc.) as well as crimes of induction not declared or declared falsely to Judiciary Authorities. With laws of 23 rd November 2001, n. 409, the legislator has introduced art. 25-2nd which aims to punish the crime of falsity in money, cards or public credit and in stamp value. 8

9 The article. 25-2nd has also been modified during 2009 with the aforementioned laws which have modified the list of art, 25-2nd in crimes falsity in money, public credit cards, stamp values, instruments and identifying marks and they introduced article. 25-2nd.1 for rights against industry and commerce. Article. 3 of D.Lgs, n.61/2002, effective since 16 th April 2002, in the section of the company RIGHTS reform, has introduced article 25-3rd, which extends the administrative responsibility to the companies and also to c.d corporate crimes committed in the interest of the society of administrators, general directors, liquidators or persons subject to supervision, at which time should not have happened, should they have supervised their task in compliance to obligations inherent to their assignment. The individual regulations in this specific case, as modified by L.28 th December 2005,n.262: - false communications (art civ.cod.); - false communications to the detriment of the society, to the members of creditors (art civ.cod., in the new formulation provided in Law 28 th December 2005, n.262); - false statement (art civ.cod., repealed by art. 34 of Law 28 th December 2005, n. 262, which however introduced art nd of D.Lgs. 24 th February 1998, n.58); - false statements in reports o in communications of the company in revision (art civ.cod. and nd T.U.F.); - obstruction of inspection (art civ.cod.); - illicit return of capital (art civ.cod.); - illicit distribution of profits and reserves (art civ cod.); - illicit operations regarding shares or the Parent Company (art civ.cod.); 9

10 - transactions to the detriment of creditors (art civ. cod.); - failure to disclose conflict of interest (art nd civ. cod.); - fictitious capital formation (art civ.cod.); - illicit distribution of corporate assets on behalf of liquidators art civ.cod.); - illicit influence on the assembly (art civ.cod.); - insider trading (art civ.cod. Modified by Law 18 th April 2005, n. 62); - obstruction in exercising the functions of public controlled Authority (art civ.cod. Modified by Law 18 th April 2005, n. 62 and by Law 28 th December 2005, n. 262). Following art. 3 of L. 14 th January 2003, n. 7 Ratifications and implementation of the international Convention for the financial repression of terrorism set in New York on 9 th December 1999, has introduced the new art. 25-4th which provides for the punishment of the Companies for crimes with a purpose regarding terrorism or of subversion with a democratic order foreseen by penal code and by the special laws. The law n.7 January 2006 has further introduced art. 25 4th 1 of the Decree, which foresees the administrative responsibility of the corporate crime in the hypothetical case of the practice of mutilation of female genitalia (art nd pen. cod.). Following, the law n.146, of 16 th March 206, which ratified the Convention and the Nations United Protocol against transnational organized crime, adopted by the general Assembly on 15 th November 2000 and the 31 st May 2001, has foreseen the responsibility of the companies for several crimes of transnational nature (art. 416 pen. Code; art nd pen code; art th DPR n. 309/1973; art. 74 DPR n. 309/1990; 10

11 art nd pen code.; art. 12 D.Lgs n. 286/1998; art nd pen code.; art. 378 pen. Code.). The criminal case shall be treated as, when in the realization of the same, involving an organized criminal group and it provides for the imposition of a penalty not less than 4 years imprisonment, as well as the territoriality: be it committed in more than one State; be it committed in one State but having substantial effects in another State; be it committed also in only one State but also a substantial part of its preparation and planning or direction and control having come from another State; be it committed in a State, but having involved an organized criminal group as the protagonist of the criminal activity in more than one State. The art. 25-5th Introduced by art. 5 of L. 11 th August 2003, n. 228, has extended the administrative responsibility of the Body against individual (art. 600, 600 2nd, 600 3rd, 600 3rd, th n.1, 600 5th, 601 and 602 pen.cod.), with particular reference to child pornography. The art. 9 of L. 18 th April 2005, n. 62 (following Community Law 2004) has inserted art. 25-6th aimed at extending the administrative responsibility of the Companies to the new crimes of abuse of privileged information and market manipulation (c.d. market abuse; art. 184 and 185 of D.Lgs. N. 58 of 1998) The Community Law 2004 has also modified the TUF introducing a specific disposition, art th, under which the Company is responsible for the payment of a total equal to the amount of the Administrative penalty imposed for the violations of administrative abuse of privileged information (art.187-2nd TUF) and the manipulation of the market (art rd TUF) committed in its interest or its advantage by: a) persons who are representatives, of administration or a management of the Body or of one of its organizational units with financial independence or functions as well as by individuals who exercise, although in fact the management 11

12 and control of the of the same; b)persons under the direction or supervision of one of the persons in point a). The Law 3 rd August 2007 n. 123: Measures that safeguard health and security at the work place and delegates the Government for the rearrangement and the reform of the regulations in legislation, effective since 25 th August 2007, in the art. 9, marked the introduction of the new article 25 7th (Manslaughter and grievous bodily harm, committed with violence of the safety regulations and regarding hygiene protection and of health at the work place). Pursuant to this position legal persons, the companies and the associations also void of legal personnel, may be fined in relation to crimes of which articles 589 and 590, third para., of the penal code, committed with violence of the safety regulations and regarding hygiene protection and health at the work place, with applications of a financial penalty with not less than one thousand shares and disqualification penalties of which article 9 para. 2 D.Lgs. 231/01, for a period not less than three months and not superior to a year. With the publication on the Official Gazzetta n. 290, ordinary supplement n. 268 of 14 th December 2007 The Legislative Decree 231/07 was issued with the transposition of the Directive 2005/60/CE on the prevention of the use of the financial system for the purpose of money laundering for the proceeds of laundering and terrorist financing. Two new laws on the matter D.Lgs, 231/01 1. The D.Lgs 231/07 introduces (art. 63, co. 3), for all types of Companies, the offenses of receiving stolen good, money laundering, and use of goods or assets of illicit origins amongst those who attain the responsibility of the Company (D.Lgs 231/01, ART. 25 8th). 2. Crimes of money laundering and the use of money, goods or assets from and illicit source were already relevant for the D.Lgs 231/200 but exclusively if implemented transactional (ex art. 10L.146/06). Following the introduction of art. 25-8th, the 12

13 aforementioned crimes together with the stolen goods also become an issue on a national basis. As highlighted above, in 2009 the Legislator once again intervened on D.Lgs 231/01 with the approval on behalf of Parliament of Bills relating: 1. Provisions for the fight against organised crime and the infiltration of mafia in the economy ; 2. Provisions for the development and internationalization of enterprises, regarding energy (cd Development ). In the text of the Legislative Decree 8 th June 2001, n. 231, articles 24-3rd and 25-2nd.1 have been introduced also in the articles: -25-9th concerning crimes relating to breach of copyright; th regarding crimes of induction withholding statements or making false statements to the Judicial Authority 1.2 The Adaptation of the Model of Organization and Management as an evading circumstance of Administrative Responsibility Article 6 of the Decree, introducing the scheme of administrative responsibility, provides however, a specific form of exemption of the responsibilities in the event that: a) the managing company has adopted and efficiently implemented, before the commission the fact, Organizational Models and management designed to prevent crimes and offenses of the type that have occurred; b) the task of supervising the operation and the observation of the Models and also updating them has been entrusted to a Company with autonomous powers of initiative and control; c) Persons who have committed the Crimes and offenses and have eluded these Models fraudulently; d) There has not been omitted or insufficiently controlled on behalf of the organization of which the precedent lett. b) 13

14 The above stated discipline, which recognizes the efficient evasion of the Model adopted by the Company, also applies with respect to the offenses of abuse of privilege administrative information (art. 187-bis TUF) and of market manipulation (art rd TUF) as foreseen by the content referenced in art th, para. 4th of TUF. The Decree provides, as well as, that in relation to the extension of the delegated powers and the risk of the commission of the offenses the Models in which the letter a) must respond to the following requirements: 1.identify the activities where there is a possibility of crimes and offenses being committed (so-called a map of the area at risk) 2.foresee the specific protocol (procedures) concerned with planning the formation and implementation of the decisions of the Company in relation to the Crimes and Offenses 3.identify ways of managing financial resources in order to prevent the commission of these crimes and offenses 4. the obligation to provide information to member of the organization to supervise the performance an the compliance of the Model; 5.introduce the internal disciplinary system appropriate for punishing the lack of respect of indicated measures in the Model. The same Decree foresees that the Models may be adopted, with a guarantee of the requirements stated above, on the base of the code of conduct written by the association of representatives of the communication department in the Ministry of Justice which, in consultation with relevant ministries, may state within 30 days, observations on the suitability of the Models to prevent offenses. Finally, its expected that within the small companies, the supervision task may be undertaken directly by the managing organization. The exoneration system, indicated by law, poses many questions to the interpreter be it on the dogmatic placement of the institutes operating in its field, or on the practical significance that they may have. The point of exoneration from responsibility on behalf of the 14

15 Company passing through the judicial suitability of the internal system of organization and controls must be underlined, where the penal judge is called to begin the criminal proceedings of which the author s matter of the offense is responsible. Therefore, the wording of the models and the organization of the Parent Company must be objective and have a positive outcome regarding the assessment of suitability. This particular final prospective requires the companies to assess the adequacy of their own procedures to the requirements of the aforementioned. 2. Adoptation of the Model on behalf of SCA 2.1 THE ORGANISATIONAL STRUCTURE OF SCA SCA is 100% controlled by Sca Group Holding BV with its office in Holland and belongs to the Svenska Cellulosa Aktierbolaget SCA AB Group with its office in Sweden, which carries out management and coordination. The Companies work in the production, processing and marketing of Tissue paper product related sectors, directed to wholesale sales, the large consumer sector (toilet tissue, kitchen towel, napkins, handkerchiefs, tissue) as well as the production and marketing of sanitary napkins/tampons and baby diapers. They also carry out the activities of marketing health products, personal hygiene and incontinence problems, directed at Aged Homes, Local Health Companies, Hospitals, Pharmaceutical Distributors, and retail. The activities are carried out also with reference to domestic cleaning products and to toilets, supplying related services, socalled Away From Home (A.F.H products not consumed by the family). The legal office and Direction of the Company is situated in Lunata-Capannori (LU), Via della Madonnina n. 37; production takes place in the following locations: SCA Lucca 1, Via del Frizzone - Porcari (LU); 15

16 SCA Lucca 2, Via Bernardini, 9 Porcari (LU); SCA Collodi, Via delle Cartiere, 13 Collodi (PT); SCA Altopascio, Strada Provinciale Romana, Frazione Badia Pozzeveri, Loc. Turchetto Altopascio (LU); The Sales Department takes place in the following locations: SCA Legnano, Via Salvatore Quasimodo, 12 Legnano (MI) for Personal Health Care Sector; SCA Lodi, Viale Europa n. 12 Lodi Vecchio for the Retail sector of Personal Care; The SCA company structure is represented by the organigram attached, in which the company functions are specified where the very organization is articulated. SCA has achieved the certification of quality systems, as detailed as follows: - SGS-COC-1103 Certificate - CERT ABRC/IOP-FLR Certificate - CERT AQ-FLR-SINCERT Certificate E Certificate - SGS-PEFC/COC-0179 Certificate - ICILA-COCPEFC-019 Certificate The single certificates have been listed in attached 2.2 PURPOSE OF MODEL SCA, is sensitive to the needs of assuring fair conditions and transparency in business dealings and of company activities, to protect both their image and position, and the expectations of its shareholders and of their employees jobs pursuing the implementation of the organization model and its management foreseen by the Decree. Such an initiative is employed as a belief that the adoption of the Model, beyond the requirements of the Decree, indicated as optional and not obligatory, may be a useful tool used to increase the awareness of all persons working on behalf of SCA, until the 16

17 completion of their jobs, correct and consistent behaviour, such as to prevent the risk of committing crimes and offenses. In this regard, SCA underlines firstly not to tolerate offensive behaviour, of any kind regardless of purpose, in which such behaviour, even in the case whereby SCA could appear in an advantageous situation, they are however against ethic principles of which it intends to comply in the performance of the Company s mission. The aim of the present Model is the implementation of the procedures already existing and the provision of structured system and set of new procedures as well as controlled activities, to be carried out even in a preventive way (control ex ante) aimed at preventing the commission of Crimes and Offenses. In this regard it should be noted that the main attraction of the procedure currently in place is defined as MICR indicating the complex social activity. In particular, by identifying Areas at Risk and their procedural consequences, the Model is proposed as a purpose to: -determine on behalf of all those persons who work under or for SCA, especially in the same areas at Risk, the awareness to be able to incur, in case of violations of the provisions therein, in a passable penalties offense under criminal and administrative law, not only against it but also against SCA; -reiterate that such offensive behaviour is strongly condemned by SCA in that (even in the case that SCA were to be in an advantageous situation) are inconsistent not only with the law, but also against social ethic principles of the company s mission, which they intend to follow; -allow SCA, thanks to a monitoring action in the Areas at Risk, to promptly intervene in order to prevent or counteract the commission of Crimes and Offenses. Key points of the Model are, aside from the principles previously stated: -the activity of awareness and diffusion of behavioural rules and established procedures at all company levels; -the map of the Areas at Risk of the Group; 17

18 -the attribution of OdV of specific tasks on the effective supervision and functioning of the Model; -to check the documentation of the operations at risk; -to respect the principle of separation of duties; -the definition of authoritative powers coherent with the assigned responsibilities; -to check the companies behaviour, as well as the functioning of the Model with subsequent periodic updates (checking ex post). 2.3 THE GUIDELINES SCA, in the predisposition of the present Organization Model has been inspired by the Guidelines drawn up by the Industrial association: Confindustria (updated version from May 2004), as well as from the Guidelines emanated from Assobiomedica (updated version from November 2004), taking points from Models previously prepared by Companies of national importance, except in making the adjustments due to the very organizational structure of the company. The fundamental points which the guidelines recognize and discuss, in the construction of the Models, are as follows: -Identification of the areas at risk in order to identify in which company areas/sectors the commission of Crimes foreseen are possible from 231/2001; -predisposition of a control system (through the adoption of protocol opportunities) be it reasonably able to prevent or reduce the risk that the Crime committed; -the duty on behalf of the companies functions, particularly those identified as majorly at risk, to supply information to the Supervisory Board (OdV), on the base structured (regular reporting on the implementation of the model), be it to report abnormalities or discrepancies found in the information available. In particular, the Guidelines identify which principal components of the internal control system of the following instruments: -organizational system 18

19 -manual and computer procedures -powers of authorization and signatures; -control systems and management -personnel communication and training; -disciplinary mechanisms; -Code of Ethics. Such components of the internal control system must meet the following principles: -verification, documentation, coherence and congruency of each sensitive operation : there must be an adequate documented support which consents the effective procedures of control at each moment, which attest the characteristics and the reasons for the operation and identify who has authorised, carried out, registered, verified the very operation; -application of the principle of separation of the functions: the function that operates differently from the function that verifies and or approves the same no one must independently manage all the phases of a process; -documentation of controls: the control system must be able to document the performance of controls; -to provide adequate penalty system in case of violation of the regulations, of the rules and of the procedures foreseen by the Model; -identifying the requisites of the Supervisory Board (OdV) these being autonomy and independence, professional and the continuation of the action. In the implementation foreseen in article 6 of the Decree, the task of supervision of the operation and compliance of the model, as well as support updates, is trusted to companies with autonomous powers of initiative and control, formed by a number of 2 persons, of who nominate and are delegated to the Administrative Council in the approval office of the present Organisational Model, which takes on the role of Supervisory Board (OdV). 3. Structure of Model 19

20 3.1 THE MODEL OF SCA The present model is made up of a General Part and of single Special Parts, organized for the diverse typology of crime, specifically covered in the Decree, which SCA runs the risk of committing, in the pursuance of the very activity. The essential components of the Model are illustrated in General Part, with particular reference to: -the predisposition and formalisation of a system control, able to efficiently contrast the commission of crimes, on behalf of persons from SCA -the composition and operation of the Supervisory Board -the diffusion model in the corporate context and the training of personnel -the disciplinary system and the measures to be taken, in case of failure to comply with the requirements of the model. The first Special Part nominated Special Part A finds the application for specific typology of foreseen crimes from art. 24 and 25 of the Decree, or rather for feasible crimes against P.A. The second Special Part nominated Special Part B regarding the c.d. corporate crimes (art. 25-ter of the Decree). The third and the fourth Special Part respectively nominate Special Part C and Special Part D are relative the rights of terrorism and of subversion of the democratic order and of rights against the individual personality (art. 25-4th and 25 5 th of the Decree). The fifth Special Part nominated Special Part E regarding crimes and administrative offenses of market abuse, foreseen by art. 25-6th of the Decree and of art th of TUF. The sixth Special part nominates Special Part F regarding crimes of which articles 589 and 590, third para., of penal code (art th of the Decree Manslaughter and grievous bodily harm committed with violation of the safety regulations and of hygiene and health protection at the work place). The seventh Special Part nominates Special Part G related to computer crimes in art. 24 2nd D.Lgs. 231/01. 20

21 The eighth Special Part nominates Special Part I related to crimes against industry and commerce. The tenth Special Part nominates Special Part L related to laundering crimes, use of cash and assets of illicit origin. The eleventh Special Part nominates Special Part M for crimes in violation of Copyright. The twelfth Special Part nominates Special Part N - for transnational crimes, against organized crimes, smuggling, obstruction of justice. The present model is adopted by the Administrative Board of SCA by resolution on 29 th April The model is drawn up also based on the information SCA receives by the Parent Company. An integrating part of the model is the Code of Ethics attached, specifying that: - The same is written up on the basis of general guidelines, and remains the task of the present Organisational Model of regulating particular aspects - The code of ethics represents an instrument adopted in and autonomous way and susceptible of applications in general terms, on behalf of SCA and of the group to which it belongs, in order to express the principle of company ethics, which SCA and the Group recognize as their own and of which we claim to observe on behalf of all personnel (employees, administrators and collaborators with various titles), as well as third parties who receive assignments from SCA (for example, consultants) or who have relations with SCA of various titles (for example suppliers) - The model instead responds to specific requirements contained in the Decree, designed to prevent the commission of particular types of crimes that, having been apparently committed in the interest or advantage of SCA, may lead to its administrative responsibility, based on under the provisions of the Decree. 21

22 3.2 I THE INSPIRING PRINCIPLES OF THE MODEL In the predisposition/liability of the present Model we have taken into account, beyond the Guidelines in which paragraph 2.3, of the procedures and of existing control systems already in operation in the Company and in the reference Group of the same, detected during the analysis of the activities as well as appropriate measures of crime and offenses prevention and of control of the processes involved in the Areas at Risk. The specific instruments already existing and directed at programming the formation and implementation of company decisions and carry out controls on business activities, also in relation to the prevention of Crimes and the Offenses, the Group has identified: 1. the corporate governance rules adopted in transposition of the Code of conduct of the companies listed and corporate legislation and relevant regulation ; 2. the Code of ethics; 3. the internal control system; 4. the call back procedure MICR; 5. all other documentation related to system control within the Group. The rules, the procedures and principles of which the instruments listed above are not reported in detail within the present Model, and yet are a part of the larger organizational system and control of which the same intends to integrate and where all are addressed depending on to the type of relationship in the group are required to comply. The interested personnel must be periodically updated on the company s procedures adopted regarding the prevention of Crimes and offenses as well as on the evolution of the relevant legislation. 3.2 MODIFICATIONS AND INTEGRATION OF THE MODEL 22

23 The present Model being an act issued by the manager (in accordance with the requirements of art. 6, para. first, lett.to the Decree) the subsequent amendments and additions of substance of the model are the responsibility of SCA s board of directors. 4. The predisposition of the prevention of the control system In planning the control system capable of preventing risk of Crimes committed in line with the requirements of 231/2001, SCA has performed a series of activities adopting the flow for the Management of risk reported as follows: Map of the areas/processes at risk Identification of potential risks System analysis of existing preventative control (Protocol/procedures) Assessment of residual risks Acceptable risk? YES NO THE ACTUAL CONTROL SYSTEM IS ABLE TO PREVENT THE RISKS IN COMMITTING CRIMES PLANNING/ADJUSTMENTS OF THE PREVENTIVE CONTROL SYSTEM(PROTOCOL) 23

24 : IDENTIFYING POTENTIAL RISKS those at risk, SCA has carried out a preliminary analysis in the context of business processes which could result from potential cases of the crime provided for in the Decree Lgs. 231/2001. The elements considered were: - organisational structure and corporate branch network size and economic sector - productive areas - supply of goods and services to P.A. - relations with tax authorities, customs, health and social security - top management employees and individuals related to the company para-subordination relationships (Agents and external Collaborators) a) CONSTITUENT ELEMENTS OF THE MODEL In accordance with the Guidelines, the qualifying elements have been defined as general constituent elements of the present Model: -the company organizational system (SCA Organigram); -the company s procedures and in particular those defined MICR ; -the Group procedures issued by the Head of the executive group and applicable under the Company Group; 24

25 -the M.I.C.R procedures -the system of delegation of powers of attorney existing; -the system of communication to and training of personnel; -the Code of Ethics. Starting with SCA s organigram, it s the Board of Director s task, in collaboration with the Managers and individual functions/divisions/geographic areas, as well as with the help of legal advisors, to identify the major areas exposed at risk, the commission of various crimes under the Decree. By identifying the areas at risk and the subsequent implementation of procedures (protocol), in the special part committed to each of them, the model proposes to provide a structured and organic system, which consents SCA to promptly intervene to prevent or counteract the commission of crimes in the same areas. The most relevant components of the preventive control system are: -the code of ethics, which defines the internal regulation system, aimed at planning the formation and the implementation of decisions made in SCA, in relation to risks crime prevention, to establish general guidelines, to which disciplinary reference must be made and operating modes to be adopted in the sensitive sectors -the adoption of a formal organization system, using tools (company organigram, procedures, reports, etc) suitable to satisfy the requirements of : -Knowledge of internal organizational mechanisms of SCA -formal definition of roles with identification of tasks within each function -clear definition of organizational powers, which must be coherent with assigned responsibilities and with the subsequent reporting lines -clear definition of powers of authorization and signature through a system of delegation of power of attorney, to sign corporate 25

26 documents, thus ensuring a clear and transparent representation of the process of training and implementation of decisions -the adoption of the precise procedures, manual and computerized -identification of management processes and control delegated financial resources in the areas at risk. 5.THE SUPERVISORY BOARD Article 6 of Dlgs 231/2003 has the task of supervising the operation, the efficiency and compliance of the model, as well as it updating, should be entrusted to an organism of the company with independent powers of initiative and control. 5.1 Requirements of the Supervisory Board Autonomy and Independence The Supervisory Board (below also OdV), in carrying out its functions, is related only to the Board of Administration. To this end, provides for the establishment of a direct information channel between the Supervisory Board and the organs of decision and control. The requirements of autonomy and independence are fundamental, so that OdV is not directly involved in management which are subject to their activity control: these requirements are achieved by ensuring their independence and provide a hierarchy activity reporting directly to top management or rather the Supervisory Board. Professionalism The OdV must internally have the technical professional skills appropriate to the functions it must perform. These very 26

27 characteristics, together with independence, guarantee the objectivity of trial. Continuity of action The Supervisory Board must constantly work on supervising the model, with its necessary investigation powers, in order to guarantee the continuity of supervisory activity. Honourable absence due to incompatibility of conflicts of interest and family relationships with business leaders Grounds constituted for ineligibility as a part of the OdV incompatibility to stay in office: -to be condemned with a sentence in the first degree of having committed a crime to which the Decree and or one of the administrative offenses in matters of abuse of the market in TUF -or rather to be condemned with a penalty that brings disqualification, even be it temporary, from public office, or rather temporary disqualification from the executive offices of legal persons Appointments and Revocations SCA has decided that the company, destined to perform the functions of the Supervisory Board: - has a corporate structure: the persons who in turn will compose the OdV will be identified by the resolution of the Board of Directors. Upon the approval of this Organisational Model the Board of Directors will provide the appointment of two members of the OdV. The allocation to office of the OdV and the withdrawl of the same acts are dealt with exclusively by the Board of Directors. The term of office is three financial years and the term is set after the submission of the annual report, to the Board of Directors, for 27

28 the third year. The term may be renewed no more than twice, for which a person may take on the role of member of the OdV of SCA for no more than nine financial years in total. Revocations and Appointments, other than for just cause (negligence, inefficiency, infidelity), also in the event where less occurs, on behalf of one or more members, the requirements of independence, autonomy, impartiality, absence of conflict of interest, necessary for the assignment. The OdV, in its Corporate structure, is required to regulate its internal functioning, by specific regulation of its activities (convening and organizing meetings, recording the same, mode of operation, division of work load, etc). 5.2 The Function and power of the Supervisory Board The following functions are attributed to the Supervisory Board: The supervision of the compliance of the requirements of the model on behalf of the recipients, in relation to different types of crimes covered by the Decree The OdV exercises its power of control attributed by the model, also by the enactment of the internal guidelines: for this purpose the company carries out periodic inspections targeted on specific operations or specific acts in place within the areas at risk, as defined in the special sections of the model. The OdV collects, elaborates and conserves the relevant information, in order to comply with the model and carry out the inspection of the actual presence and the correct completion of and the efficiency of the requested documentation, in accordance with the provisions in each special section of the model for the various typologies of crimes. Furthermore update the information list, including reporting, which must be transmitted by law to the same OdV or kept at their disposition. 28

29 The OdV perform inspections based on the operating principles carried out by SCA, in the areas at risk, and gives evidence in a written report, to be conveyed to the companies in periodical reporting. The OdV conducts internal investigations, in order to accept the merits of the alleged breaches of the requirements of the present model, brought to the attention of OdV by reporting or emerged in the course of the activity of supervision undertaken by OdV. Verify the true efficiency and effective capacity of the model, in relation to the Company structure, to prevent commission of crimes by Decree The OdV updates the identification system, classification and mapping of the areas at risk, in light of the regulatory framework and corporate structure, in order to propose the necessary adjustments to the model, to make it efficient also in relation to corporate and regulatory changes occurring. For this purpose the management and the staff allocated to control activities, in the area of single functions, must report the eventual situations that may expose the company to the crime at risk. The OdV controls that the foreseen elements by the single special sections of the model, for the various typologies of crimes (adoption of standard clauses, performance of procedures, etc), are however adequate and respond to the needs of the supervision stated by the Decree, providing, otherwise, a proposed update of the very elements. Identify and propose the appropriate updates and the appropriate modifications of the model in relation to the changed legislation or to the changed company conditions 29

30 The OdV has the task, in collaboration with its legal consultants, to follow the evolution of the relevant legislation, with particular reference to the changes and integration of the same, as well as update them on developments of pronounced laws, in order to keep the model updated, with present regulatory requirements and interpretations in force. As a consequence of the very activity, the OdV, in collaboration with its legal consultants is where appropriate, with the interested functions, identifies and proposes any necessary updates, and the necessary modifications of the model, the President (and to the CEO), until they submit for approval of the Board. Powers of the Supervisory Board For the performance of duties, the OdV: - has vast powers of inspection and access of company documents - has adequate financial and professional resources, whose allocation is approved annually by the Board of Directors - draws support and cooperation from the various company structures, which could be interested or however involved in control activities - may use external sources who bear the necessary skills for the optimal performance of their duties Collection and conservation of information The Supervisory Board shall ensure the collection of reports received, reports sent and of the results of the investigation activities and of the controls undertaken in the special computer database: this database takes care of updating and with the interior layout, defines the criteria, the access mode and those entitled to access it. Coordination with other functions and allocations of positions In carrying out the tasks of supervision and control, the OdV is supported by a dedicated staff. The OdV draws support from other 30

31 management functions that, in turn may be necessary to perform its activities. 5.3 Reporting lines to the Supervisory Board Besides the documentation required of the single sections of the model, the second procedure therein, all other information, of any kind, even from third parties related to the implementation of the model in the areas at risk within the company, it must be brought to the attention of the OdV, in the terms and in the following mode. Reporting of violations that could result in a liability for SCA Persons required to comply with the model should report to their superiors and or Supervisory Board of any event which could lead SCA to be administrative responsible, in relation to a violation of the law, of the code of ethics or of the procedures stipulated by the model. Regarding the external collaborators, the obligations to provide such information, under the contract is limited to those that are not internally part of SCA. Obligations of reporting requirements related to official acts Corporate officers have the duty to report any information relating to the commission to OdV,to the reasonable belief of commission of crimes. In particular it is mandatory to submit the concerning information to the OdV: - measures and or reports emanating from the Authoritive judicial organ and of the judicial police or from any other authority related to investigation activities for crimes from which Dlgs 231/2001, also against those unknown, whereby investigations involve SCA, or its personnel, or its bodies, or 31