What is Compliance?
Compliance means making business activities comply with legal provisions, regulations, procedures and codes of conduct.
Compliance activities are, therefore, aimed at avoiding misconduct through appropriate rules of conduct, prevention, management and reporting in order to reduce, as much as possible, the risk of serious consequences.
Legislative Decree 231/2001
Decree 231 introduced, for the first time, liability-essentially criminal liability-for companies. This liability is recognized in dependence of certain crimes committed, in the interest or to the advantage of the company, by its directors, managers or employees.
The Management Organizational Model (MOG)
To exclude liability on the part of the company, Decree 231 requires the adoption of the MOG to avert the commission of possible offenses through the implementation of a specific risk assessment program, prevention and control actions as well as an adequate system of sanctions in case of violations or irregularities.
The MOG must be prepared taking into account the specific characteristics of the Company, the activities carried out and the related areas of risk.
What is Whistleblowing
Whistleblowing is a corporate compliance tool through which employees or third parties (suppliers, customers, etc.) can report any wrongdoing encountered while dealing with the Company while maintaining anonymity and confidentiality.
In other words, Whistleblowing makes it possible to report unlawful conduct of the Company, which could potentially lead to criminal hypotheses, cases of corruption or fraud, as well as situations of danger to public health and safety.
Reporting Procedure
This Procedure applies to Ewiva and aims to structure and regulate a system of whistleblowing within the Company’s activities.
In particular, the Procedure implements the provisions of the Whistleblowing Decree, which regulates the protection of whistleblowers by preventing any form of retaliation in relation to them and guaranteeing, at the same time, their confidentiality and anonymity.
The Procedure also complies with the legislation on the protection of personal data and, in particular, with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of individuals with regard to the processing of personal data.
The channel and procedure for reporting are described in the Whistleblowing Policy document.