Internal Control System

The Group has in place an internal control system (the “System”), based on the model provided by the COSO Framework (Committee of Sponsoring Organizations of the Treadway Commission Report - Enterprise Risk Management model) and the principles of the Dutch Corporate Governance Code, which consists of a set of policies, procedures and organizational structures aimed at identifying, measuring, managing and monitoring the principal risks to which the Company is exposed. The System is integrated within the organizational and corporate governance framework adopted by the Company and contributes to the protection of corporate assets, as well as to ensuring the efficiency and effectiveness of business processes, reliability of financial information and compliance with laws, regulations, the Articles of Association and internal procedures.

The System, which has been developed on the basis of international best practices, consists of the following three levels of control:

  • Level 1: operating areas, which identify and assess risk and establish specific actions for management of such risk;
  • Level 2: departments responsible for risk control, which define methodologies and instruments for managing risk and monitoring such risk;
  • Level 3: internal audit, which conducts independent evaluations of the System in its entirety.