ORGANISATION MANAGEMENT AND CONTROL MODEL MOG01 · Attachment A - Presentation of the Crimes and...

Organisation Management and Control Model

MOG01 Rev.0 Page 1 of 41

ORGANISATION MANAGEMENT AND CONTROL MODEL

MOG01



TABLE OF CONTENTS

INTRODUCTION...................................................................................................................................................4

1. ITALIAN LEGISLATIVE DECREE No. 231/2001 ............................................................................................ 6 1.1. THE LIABILITY REGIME INTRODUCED WITH ITALIAN LEGISLATIVE DECREE No. 231/2001 ........................ 6 1.2. ADOPTION OF THE ORGANISATION, MANAGEMENT AND CONTROL MODEL AS A POSSIBLE EXEMPTION

FROM ADMINISTRATIVE LIABILITY ............................................................................................................. 7 1.3. “SOURCES” AND STRUCTURE OF THE ORGANISATION, MANAGEMENT AND CONTROL MODEL ............. 8

2. ADOPTION OF THE ORGANISATION, MANAGEMENT AND CONTROL MODEL ........................................ 11 2.1. IMPLEMENTATION ..................................................................................................................................... 11 2.2. CRITERIA ..................................................................................................................................................... 11 2.3. OBJECTIVES ................................................................................................................................................ 12 2.4. CHARACTERISTICS ...................................................................................................................................... 13 2.5. FUNCTION OF THE ORGANISATION, MANAGEMENT AND CONTROL MODEL ........................................... 13 2.6. STRUCTURE OF THE MOGC ........................................................................................................................ 14

3. SOURCES AND IDENTIFICATION OF THE RISKS ......................................................................................... 15 3.1. IDENTIFICATION OF RISKS AND PROTOCOLS ............................................................................................. 15

4. APPROVAL OF THE MODEL ....................................................................................................................... 17 4.1. APPROVAL OF THE "MODEL" AND ITS ADOPTION ..................................................................................... 17 4.2. MODIFICATIONS, SUPPLEMENTS AND UPDATES TO THE "MODEL" .......................................................... 17

5. SUPERVISORY BOARD ............................................................................................................................... 18

5.1. IDENTIFICATION AND APPOINTMENT OF THE SUPERVISORY BODY .......................................................... 18 5.2. FUNCTIONS AND POWERS ......................................................................................................................... 18 5.3. REPORTING TO THE BOARD OF DIRECTORS ............................................................................................... 21 5.4. POWERS OF THE SUPERVISORY BOARD (OdV) .......................................................................................... 21

6. INFORMATION FLOWS TO THE SUPERVISORY BOARD (OdV) .................................................................. 24

6.1. REPORTS BY MEMBERS OF THE COMPANY OR THIRD PARTIES ................................................................. 24 6.2. OBLIGATIONS OF INFORMATION REGARDING OFFICIAL DEEDS ................................................................ 25

7. CODE OF ETHICS AND LINES OF CONDUCT ............................................................................................... 26 7.1. CODE OF ETHICS ......................................................................................................................................... 26 7.1.1. ADDRESSEES OF THE DOCUMENT ....................................................................................................... 26 7.1.2. OBJECTIVES AND VALUES .................................................................................................................... 26 7.1.3. CLIENTS ............................................................................................................................................... 27 7.1.4. COMMUNITY ....................................................................................................................................... 28 7.1.5. HUMAN RESOURCES ........................................................................................................................... 28 7.1.6. MANAGEMENT OF THE ENVIRONMENT AND SAFETY RELATED ACTIVITIES ....................................... 28 7.1.7. INFORMATION .................................................................................................................................... 29 7.1.8. OBSERVANCE OF THE CODE OF ETHICS .............................................................................................. 30 7.2. LINES OF CONDUCT .................................................................................................................................... 30 7.2.1. INTRODUCTION ................................................................................................................................... 30



7.2.2. PERMITTED BEHAVIOUR ..................................................................................................................... 30 7.2.3. SANCTIONS ......................................................................................................................................... 33

8. THE DISCIPLINARY SYSTEM ....................................................................................................................... 34 8.1. AIMS OF THE DISCIPLINARY SYSTEM ......................................................................................................... 34 8.2. DISCIPLINARY OFFENCES ............................................................................................................................ 35 8.3. PERSONS SUBJECT TO THE DISCIPLINARY MEASURES ............................................................................... 35 8.4. CRITERIA FOR ASSIGNING SANCTIONS....................................................................................................... 35 8.5. ACCESSORY MEASURES OF THE SANCTIONS ............................................................................................. 36 8.6. SANCTIONS PROVISION ............................................................................................................................. 37

9. GENERAL PRINCIPLES OF INTERNAL CONTROL ......................................................................................... 38 9.1. CONTROL ENVIRONMENT .......................................................................................................................... 38 9.2. RISK ASSESSMENT ...................................................................................................................................... 39 9.3. CONTROL ACTIVITIES ................................................................................................................................. 39 9.4. INFORMATION AND COMMUNICATION .................................................................................................... 40 9.5. MONITORING ............................................................................................................................................. 40

10. THE COMMISSIONS AND PROXIES SYSTEM .............................................................................................. 41



INTRODUCTION

The Organisation, Management and Control Model (hereinafter also referred to as “Model”

or MOGC) adopted by GIMA S.r.l. and presented here comprises:

THE GENERAL PART (Public Part MOG 01)

General Part that illustrates the reference principles and guidelines adopted;

Attachment A - Presentation of the Crimes and Offences set forth in Italian Legislative

Decree no. 231/2001 –MOG02

Attachment B - Collection of the Regulations regarding the reference points of MOG 03

Attachment C - The Code of Ethics; CE231

THE SPECIAL PART: MOG 04

Organisational Chart of GIMA srl; ORG 5511 –MOG05

The cases of crimes as of Italian Law 231/2001 and identification of the Top Management

(updated at October 2017); MOG06

Description of the Crimes as of articles 24 and 25 of Italian Legislative Decree 231/2001

considered applicable to GIMA srl; MOG07

2 Confidential parts, managed by the Supervisory Board which contain the specific

internal control procedures divided into the sectors «Governance» (attachment D1-

MOG08) and «Operating Units» (attachment D2-MOG09), which are part of the more

extensive organisation and control system and are by nature reserved for the various

levels of management and the Company's operating units (restricted use);

Permanent Dossier (restricted use)-MOG10

Disciplinary System (restricted use)-MOG11

OdV Regulation (restricted use)-MOG12

* * * * *



REFERENCE STANDARDS “Sources”

As mentioned several times, this MOGC, besides the prescriptions of Italian Legislative Decree

no. 231 of 8 June 2001 "Regulations concerning the administrative liability of legal entities,

enterprises and associations also without legal status in accordance with article 11, law no.

300 of 29 September 2000", takes as reference:

Finance Police Circular no. 83607/2012 - Vol. III; regarding payments abroad;

the Confindustria Guidelines;

the Code of Conduct of the Board of Statutory Auditors prepared by the Italian Association

of Chartered Accountants (CNDCEC);

the articles of the Italian Civil Code regarding accounting and financial statements;

the ISO 9001 Quality Management System certified according to the relative standard;

the ISO 13485 Quality Management System for Medical Devices;

the National Bargaining Agreement for the metalworking and mechanical engineering

industry

the Health and Safety at Work Management System implemented according to the

provisions of Italian Legislative Decree no. 81/2008 and the Guidelines for a health and

safety at work management system (SGSL) UNI INAIL;

Ministerial Decree of 13 February 2014 (Official Gazette no. 45 of 24/2/2014) “Simplified

procedure for the adoption of organisation and management models (MOG) in small and

medium enterprises (SMEs)”;

the Articles of Association of GIMA srl and the definition of Small and Medium Enterprises

as of the Decree of the Ministry of Production Activities dated 18 April 2005 and the

Recommendation of the European Commission 361/2003/CE dated 06 May 2003;

The Sources indicated above are an integral part of this MOGC which is structured as a cogent

pyramidal system of principles and procedures.



1. ITALIAN LEGISLATIVE DECREE No. 231/2001

1.1. THE LIABILITY REGIME INTRODUCED WITH ITALIAN LEGISLATIVE DECREE No. 231/2001

Legislative Decree no. 231 of 8 June 2001, issued by way of implementation of the proxy

contained in Law no. 300 of 29 September 2000, introduced for the first time in Italy the

administrative liability of companies and other entities as a consequence of the perpetration

of some types of crimes, thus abandoning the traditional concept of non-liability of legal

entities (societas delinquere non potest).

The liability of GIMA S.r.l. (which is supplementary to and does not substitute that of the

individual subject that commits the crime) exists if the crime has been committed in the

interest and advantage of the same Company, also in the form of attempted crime or

complicity in crime; it is ruled out, on the other hand, when the crime is committed in the

exclusive interest of the perpetrator.

As regards sanctions, the application of a pecuniary sanction is envisaged for all crimes

committed. In more serious cases, restraining measures are applied such as disqualification,

suspension or withdrawal of authorisations, licenses or permits, prohibition to negotiate with

the public authorities, exclusion or cancellation of loans, contributions or subsidies,

prohibition on the advertisement of goods and services.

With reference to the perpetrators of the crime, the Decree states that the

administrative liability of GIMA S.r.l. exists when the crimes are committed by:

subjects in so-called “top” positions, such as, for example, the legal representative, board

directors, executives, managers and those people that exercise, also de facto, the

management and control of the company;

subjects in so-called “subordinate" positions, typically employees but also subjects outside

the company who have been entrusted with an assignment to be carried out under the

management and surveillance of top management.

Considering the activities carried out by GIMA S.r.l. some of the crimes referred to above

(Organised crime; Forgery of money, public credit cards or revenue stamps and of identification

instruments or signs; terrorism or subversion of democratic order; crimes against the person),

are not considered relevant, as they are only abstractly conceivable.



1.2. ADOPTION OF THE ORGANISATION, MANAGEMENT AND CONTROL MODEL AS A

POSSIBLE EXEMPTION FROM ADMINISTRATIVE LIABILITY

The Decree sets forth that companies must prepare “Organisation, management and

control models”, drawn up and adopted with the specific aim of preventing the perpetration

of the crimes contemplated in the Decree.

The existence of these "Models" prior to the commission of a crime, providing that they

are adequate and effective, relieves the company from liability and avoids the application of

pecuniary and, potentially, restraining sanctions.

In particular, article 6 of the Decree establishes that the company, to be able to benefit

from the exemption, has to demonstrate that:

the board of directors has adopted and effectively implemented an organisation,

management and control model able to prevent the offences of the type committed before

it was committed;

and that:

the task of overseeing the functioning and observance of the "Model" and responsibility

for its updating has been entrusted to an organism of the company holding autonomous

decision-taking and control powers;

the people committed the crime fraudulently, circumventing the organisation and

management model;

there was no or insufficient supervision by the board as of point b).

The Decree also sets forth that these "Models" must meet the following needs:

identify the activities in which crimes can be committed;

define specific protocols aimed at programming the formation and implementation of the

company's decisions regarding the crimes to be prevented;

identify procedures for managing the financial resources required to prevent the crimes

from being committed;

establish obligations to provide information to the board tasked with supervising the

functioning and observance of the "Models";

introduce a suitable disciplinary system which punishes non-observance of the provisions

of the "Model".

In the light of the above, the main aims of the model are to:

Inform subjects working in Gima srl and those with which the company has a collaboration



relationship, in any way and at any level, of the risks of perpetration of crimes of the type

established in Italian Legislative Decree 231/01 and of the fact that the perpetration of the

crimes represents a source of damage for the company as a whole.

Firmly assert that illegal behaviour of any type is absolutely forbidden and resolutely

condemned by Gima as it is not only against the law, but also against the ethical principles

that Gima intends to pursue in the pursuit of its mission.

Set up a suitable preventive controls system in order to rule out the possibility that any

subject operating in the company can justify their illegal conduct pleading ignorance of the

company's directives and, in normal cases, avoiding the perpetration of crimes due to

human error (due to negligence or malpractice) in the evaluation of the company's

directives.

Make possible the intervention of the company with suitable measures to prevent or

obstruct illegal behaviour and consequently the verifiability and documentability of every

operation that is relevant for the purposes of Legislative Decree 231/01; observance of the

principle of segregation of duties, the definition of signing and authorising powers in line

with the responsibilities assigned; communication to the OdV of facts and information that

anyone considers relevant.

The OdV will therefore control the effectiveness and continuous updating of the model

with regards to changes in law and in the company's activities; finally, special attention will be

paid to raising awareness and disseminating to all levels the rules of behaviour and procedures

established in the Code of Ethics as well as the continuous training of Gima's employees.

1.3. “SOURCES” AND STRUCTURE OF THE ORGANISATION, MANAGEMENT AND CONTROL

MODEL

As already indicated in the introduction, this MOGC, adopted by GIMA S.r.l., alongside

the provisions of the Decree, has as its reference point the so-called “Sources”.

The “Sources" indicated above are an integral part of this "Model", which takes the

form, as already stated, of a cogent pyramidal system of principles and procedures that can

be summarily described as follows:

The General Part of the MOGC (MOG01) with three attachments A) List of Crimes as of

Law 231/2001- MOG02; B) Regulations referred to in the MOGC- MOG03; C) Code of Ethics

CE 231- these set forth the general principles (transparency, correctness, loyalty) by which



GIMA srl is inspired in the performance and management of its activities; the same are

therefore presented and published on the company's website www.gima-srl.it.

The Special Part: MOG 04 A) Organisational Chart of GIMA srl MOG05-ORG 5511; B) The

individual crimes as of Law 231/2001 MOG06; C) Description of the Crimes as of articles

24 and 25 of Legislative Decree 231/2001 considered applicable to GIMA; MOG07; D) 2

confidential parts – MOG08 The guidelines for the Governance Bodies: these introduce

specific rules for the purpose of avoiding environmental situations that are favourable for

the perpetration of crimes in general and, specifically, the crimes as of Legislative Decree

no. 231/2001; these translate into an operational handbook of the principles expressed in

the Code of Ethics. The Check-Lists for the Operating Units - MOG09: this is the set of

“tools” aimed at providing a reasonable guarantee of the achievement of the objectives of

operating efficiency and efficacy, reliability of the financial and management information,

observance of laws and regulations, and safeguard of the company's assets against possible

frauds. The internal control system is based on and is characterised by some general

principles, specifically defined in the MOGC, whose field of application extends

transversally to all levels of the organisation. These tools are represented by Check Lists

and Questionnaires on Internal Control, prepared for all of the operating processes and for

the related ones. These check lists and questionnaires have the same structure and control

the series of rules aimed at identifying the main stages of each process, the crimes that can

be committed in each process, the specific controls to reasonably prevent the related risks

of crime, as well as specific information flows to the Supervisory Board in order to highlight

situations of non-observance of the procedures set forth in the organisation models.

The Permanent Dossier - MOG10 regarding the institutional and legal aspect of GIMA srl.

The Disciplinary System -MOG11, fundamental aspect of the Model, which provides for

the existence of appropriate sanctions for infringement of the rules and regulations defined

therein and for the purpose of the prevention of the crimes.

The Internal Regulation of the Supervisory Board-MOG12.

The procedures checked by the internal control questionnaires (Check List) have been

drawn up in the light of three fundamental principles and, specifically:

separation of roles in the performance of the activities entailed in the processes;

the so-called «traceability» of decisions; that is, their constant visibility (for example, by

means of specific recorded evidence), to allow for the identification of precise «points» of

responsibility (key controls) and «justification» of the choices made;

making decision-taking processes objective, in the sense of establishing that decisions are

http://www.gima-srl.it/



not taken based on merely subjective considerations but that reference is made instead to

pre-set parameters.

This MOGC and all of its parts, is therefore completed with the establishment of a

Supervisory Board, which, as set forth by article 6, sub-paragraph 1, point b) of Italian

Legislative Decree no. 231/2001, has autonomous powers of action and control in order to

oversee the functioning, efficacy and observance of the Model, and manage its constant

updating.

This is another condition for the application of the exemption established by the

decree.

All of the above complies with article 6 of the Decree, which, introducing the above-

stated system of administrative liability, does however envisage a specific form of exemption

(exempting function) from said liability, as illustrated in point 1.2.



2. ADOPTION OF THE ORGANISATION, MANAGEMENT AND CONTROL MODEL

2.1. IMPLEMENTATION

GIMA srl, aware of the need to ensure conditions of correctness and transparency in the

performance of its business and of the company's activities, to protect its position and image

and the expectations of its Shareholders and the work of its employees, collaborators and

third parties, has decided to implement the "MOGC" in line with its policies.

This decision was taken in the firm belief that the adoption of this "Model", besides the

requirements of the Decree, which it states are optional and not compulsory, can represent a

valid tool for raising the awareness of everyone who operates in the name and on behalf of

GIMA S.r.l., so that they follow, in the performance of their activities, correct and linear

behaviour such as to prevent the risk of commission of crimes.

The above-stated “MOGC” has been drawn up bearing in mind the “Sources” indicated

in the introduction.

The Sources indicated above are an integral and inseparable part of this "Model".

Again, by way of implementation of the provisions of the Decree, the Board of Directors

of GIMA S.r.l., in implementing the above-stated “MOGC”, has entrusted to the head of the

Supervisory Board (the Chairman of the OdV) the task of overseeing the functioning, efficacy

and observance of the "Model".

2.2. CRITERIA

The "MOGC" is adopted according to the following criteria:

drafting and updating of the "Model";

application of the "Model" and controls on its implementation: to this end the Supervisory

Board is assigned the primary task of performing controls on the implementation of the

"Model" according to the procedures described therein;

coordination of the control functions and verification of the efficacy of the "Model": this is

entrusted to the GIMA S.r.l. Supervisory Board the task of generally promoting and



coordinating controls on the application of the "Model", also using the computer network,

to ensure that same "Model" is implemented correctly.

2.3. OBJECTIVES

GIMA S.r.l. by implementing this MOGC (which consists in specific protocols and

procedures adopted by the Governance bodies and by the individual Operating Units and not

made public for reasons of confidentiality) intends to pursue the main objective of putting in

place a series of principles, processes, policies, procedures and behavioural practices that

create the internal control system, comprising also tools, organisational procedures and

internal controls so that the aims of the Decree are achieved in terms of crime prevention.

This objective is pursued through:

a continuous activity of raising awareness ad correct communication at all levels of the

company; continuous performance of actions for the concrete implementation of the

content of this MOGC, put in place directly by the company functions under the full

responsibility of the Managers of each operating unit;

the definition of clear and effective rules that allow everyone to carry out their functions

and/or duties, behaving and operating in full observance of applicable laws; where,

through the mapping of the areas of activities at risk (Risk assessment), it enables everyone

to act with full responsibility and awareness, following the provisions set forth;

the set up of a Supervisory Board, in direct contact with the Board of Directors, with the

task of monitoring and checking the correct functioning of the "Model" and its observance;

analysis and direct control of all the documentation and reports produced, attesting that

the monitoring activities have been carried out;

the definition of existing duties, authorities and authorisation processes which must be

observed in order to completely fulfil the responsibilities assigned;

constant attention to the continuous improvement of the Organisation, Management and

Control Model through analysis not only of the procedures but also of behaviour and

company practices, intervening in a timely way with corrective and/or preventive actions

where necessary and thus also allowing for the periodic adjustment of the "Model" (Risk

Management).



2.4. CHARACTERISTICS

Italian Legislative Decree no. 231/2001 (article 6), sets forth that the MOGC has certain

«founding characteristics», such that, on the one hand the so-called «exemption» from

liability of the Company can be used in the case of perpetration of the crimes; on the other

hand, these characteristics guide the implementation of the "Model" itself.

To this end the Governance body must:

map the risks: analysis of the company context, processes and practices to highlight in

which area/sector of the company's activity and in what ways damaging events for the

objectives indicated in the decree can occur;

define the internal control system (check-list);

identify procedures for managing the financial resources needed to prevent crimes from

being committed;

establish information obligations to the internal Supervisory Board: set up the internal

Supervisory Board whose aim is to monitor and check the functioning and observance of

the “Model”, and to manage any updates;

systematic and periodic auditing: prepare (and/or adapt ) the internal auditing processes

so that the functioning of the "Model" is checked periodically;

apply an appropriate disciplinary and sanctions system (application of the National

Bargaining Agreement for the metalworking and mechanical engineering industry): in the

case of non-observance of the provisions of the "Model" against any person who has

committed the crime by fraudulently circumventing the provisions of the Model.

The “Model” as of the Decree can therefore be defined as an organic set of principles,

rules, regulations, organisational set-ups and related duties and responsibilities useful for the

implementation and diligent management of the control system and monitoring of sensitive

activities, for the purpose of preventing the commission, including attempted commission, of

the crimes set forth in Italian Legislative Decree no. 231/2001.

The «preventive» aim of the "Model" is fulfilled both for subjects in a «top» position and

for persons subject the direction of others operating in the company.

2.5. FUNCTION OF THE ORGANISATION, MANAGEMENT AND CONTROL MODEL

The aims of the "Model" are to:



make the people who operate in the name and on behalf of GIMA S.r.l., above all in the

Areas at Risk, aware that, in the case of breach of the provisions therein, they can commit

a crime liable to sanctions, on a criminal and administrative level, not only personally but

also for the company;

reiterate that these forms of illegal behaviour are firmly condemned by GIMA S.r.l. since

(even if GIMA S.r.l. could apparently benefit from same) they are in any case contrary not

only to law provisions, but also to the ethical-social principles the company intends to

uphold in the pursuit of its mission;

allow GIMA S.r.l., thanks to the monitoring of the Areas at Risk, to take timely action to

prevent or obstruct the commission of the crimes and offences.

Cornerstones of the "Model", besides the principles already indicated, are:

raising awareness and dissemination to all levels in the company of the rules of behaviour

and procedures implemented;

mapping of the company's Areas at Risk;

assigning the Supervisory Board the specific task of overseeing the efficacy and correct

functioning of the "Model";

ascertaining and documenting the operations at risk;

respecting the principle of the segregation of duties;

defining authorising powers that are consistent with the responsibilities assigned;

verifying the company's behaviour, as well as the functioning of the "Model" with ensuing

periodic updating (ex post control).

2.6. STRUCTURE OF THE MOGC

As specified in the "introduction" which must be considered transposed here.



3. SOURCES AND IDENTIFICATION OF THE RISKS

In the preparation of this "Model", the existing and already implemented procedures

and/or "internal protocols" identified during the analysis of the activities at risk were taken

into consideration. These procedures and internal control systems are able to apply also as

prevention measures, coverage of the Crimes and Offences, control of the processes involved

in the Areas at Risk and as specific tools already existing aimed at programming training, at

implementing company decisions and at carrying out controls on the business activities, also

in relation to the Crimes and Offences to prevent.

GIMA S.r.l. has identified, besides the principles mentioned in points 1.3 and 2.6:

the Code of Ethics; CE231

the Internal Control System or Check List

the sanctioning system as of the applicable National Bargaining Agreement;

any other documentation regarding the control system existing in the company.

The rules, procedures and principles of the tools listed above are not considered in this

first «public» part of the "Model" but form part of the wider organisation and control system

that it intends to supplement and that all addressees are obliged to observe as a function of

their relationship with the company.

The personnel involved must be periodically updated on the company procedures

adopted to prevent the crimes and offences as well as the evolution of the relative law.

3.1. IDENTIFICATION OF RISKS AND PROTOCOLS

The organisation and control model is based on the following activities:

Identification of the risks: that is, analysis of the company context to highlight where (in

which area/sector of the company's activity) and in what ways damaging events for the

objectives of the Decree can occur;

Within the framework of the activity to identify the processes/functions at risk, the analysis

performed regarded the possible ways the crimes can be committed in the various areas

of the company. The analysis, which paves the way for the design of the preventive

measures, aims to exhaustively represent how crimes can be committed within the



company context.

Having completed the analysis stage, the assessment of the potential risks was summarised

in the full map of the company's reality and in the map of potential ways in which the crimes

can be committed in the areas at risk (the risk assessment).



4. APPROVAL OF THE MODEL

4.1. APPROVAL OF THE "MODEL" AND ITS ADOPTION

The "Model", structured as described above, was updated and approved by the Board

of Directors of GIMA S.r.l. with resolution of 29/11/2017.

4.2. MODIFICATIONS, SUPPLEMENTS AND UPDATES TO THE "MODEL"

Any modifications and/or supplements of a substantial and/or formal nature that have

to be applied to the Model must be approved by the Board of Directors before being adopted

and applied.

It the task of the Supervisory Board of GIMA S.r.l. to propose to the Board of Directors

any modifications to the Areas at Risk and/or other supplements to this "MOGC".



5. SUPERVISORY BOARD

5.1. IDENTIFICATION AND APPOINTMENT OF THE SUPERVISORY BODY

By way of implementation of the provisions of the Decree, which in article 6, sub-

paragraph 1, point b) sets as a condition for the granting of the exemption from administrative

liability that the task of overseeing the functioning and observance of the "MOGC" and of

arranging for its updating be entrusted to a body of the company having autonomous powers

of action and control, GIMA S.r.l. has identified as the most suitable subjects to have this duty

and therefore to carry out (according the terminology used in this "Model") the functions of

Supervisory Board (OdV): two external consultants, assisted when necessary by two or more

internal figures offering administrative-tax, ISO9001, ISO13485 and safety and environment

related support.

This choice was based on the fact that the above-stated figures were considered to be

the most suitable to hold the role of OdV given the requirements of autonomy, independence,

professionalism and continuity of action required for this function as well as holding specific

know-how of auditing activities and knowledge of the company's reality.

Moreover, bearing in mind the specific responsibilities of the OdV and of the

professional content required by same, in the performance of the supervisory and control

duties, the OdV of GIMA S.r.l. can, in agreement with the Board of Directors, make use of

external consultants.

5.2. FUNCTIONS AND POWERS

It the task of the Supervisory Board of GIMA S.r.l. to oversee:

observance of the provisions of the "Model" by the addressees, specifically identified in the

individual Attachment or Special Parts regarding the various types of crimes and offences;

the real efficacy and actual capacity of the "Model", bearing in mind the corporate

structure, to prevent the crimes and offences;

the advisability of updating the "Model" when the need to adapt same to changes in the

company's conditions are identified.



On a more operational level, the Supervisory Board (OdV) of GIMA S.r.l. is tasked with:

monitoring the internal control procedures adopted by the Company, bearing in mind that

a primary responsibility of the control of the activities, also of those regarding Areas at Risk,

lies in any case with the operative management and forms an integral part of the company

process ("control of procedures");

activating additional control procedures where a significant shortcoming is identified;

inspecting the company's activities for the purpose of updating the mapping of the Areas

at Risk within the framework of the company's context;

periodically carrying out targeted audits on specific operations or actions carried out within

the context of the Areas at Risk as defined in the individual Special Parts or Attachments to

the "Model";

promoting suitable actions for the dissemination of know-how and understanding of the

"Model" and proposing the drafting of the internal organisational documentation needed

for the purpose of the "Model", containing instructions, clarifications and updates;

gathering, processing and storing the relevant information regarding observance of the

"Model" and updating the check list of information obligatorily transmitted or kept

available;

coordinating with the other company functions (also by means of specific meetings) for

optimal monitoring of the activities in the Areas at Risk; to this end the OdV is kept

constantly informed on the evolution of the activities in the above-stated Areas at Risk and

has free access to all of the relevant company information; the OdV must also be informed

by management of any situations that could expose the Company to the risk of crime or

offences;

controlling the existence, correct management and efficacy of the documentation required

in accordance with the provisions of each «Attachments or Special Parts», check list and

questionnaires of the "Model" for the various types of crime and offence; in particular, the

OdV must be informed of the most significant activities or operations considered in the

«Attachments or Special Parts», and must be provided with the updated information in

order to perform checks and controls;

conducting internal investigations to ascertain alleged violations of the provisions of this

"Model";

checking that the elements as of the individual «Attachments or Special Parts» of the

"Model" for the various types of crimes and offences (adoption of standard clauses,

implementation of the procedures, etc.) are in any case suitable and able to meet the need



to observe the provisions of the Decree, proposing an update, if this is not the case;

coordinating with the managers of the other company functions for aspects related to the

implementation of the "Model" (definition of standard clauses, training of personnel,

disciplinary measures, etc.);

checking the existing system of proxies and powers, recommending modifications in the

case where the power of management and/or qualification does not correspond to the

powers of representation attributed to the representatives of the company;

convening the External Auditor to ask questions regarding the interpretation of the

relevant regulation and the "Model" and for advice and support in taking actions or

decisions;

with the support of the relative functions, periodically checking the validity of the standard

clauses aimed at implementing the sanction mechanisms (such as withdrawal from the

contract with agents, consultants, suppliers or other third parties) if violations of the

provisions are identified;

promptly reporting any critical aspects concerning the existence of any atypical financial

flows and characterised by greater margins of subjectivity compared to that usually

foreseen, proposing suitable operating solutions.

The OdV will be entitled to ongoing information about activities with an impact on the

health and safety of workers and environmental protection.

More specifically, the OdV is attributed the following duties and powers:

with the assistance of the RSPP (Safety Officer), carrying out periodic spot and surprise

checks at the structures considered to be at risk of crime in order to verify that the activities

are generically carried out in compliance with the MOGC adopted and in accordance more

in general with the rules of prevention, with the final aim of ensuring that the "Model" is

effective;

checking the efficacy of the "Model" in an objective way, with regards to the structure and

its capacity to prevent the commission of the crimes as of articles 589 and 590 of the

Criminal Code;

on the basis of the results obtained, activating the competent functions for the

implementation of suggested preventive and/or corrective measures;

asking the Board of Directors to apply the disciplinary sanctions indicated in the case of

violation of the "Model";

checking the correct application of the disciplinary sanctions indicated by the Board of

Directors;



promoting, in all areas/functions, a process to inform workers and spread knowledge and

understanding of the MOGC.

To fulfil its duties, the OdV may make use of the support of all of the Company's

resources.

To allow for the fulfilment of its duties and the exercise of the powers described above,

the OdV has free access to the workplaces and to the Company's documentation.

5.3. REPORTING TO THE BOARD OF DIRECTORS

The Supervisory Board (OdV) of GIMA S.r.l. reports to the Board of Directors.

The OdV of GIMA S.r.l. periodically sends the Board of Directors a written report on the

implementation of the "Model" and on the identification of any related critical aspects,

without prejudice to the tasks assigned to the External Auditor.

More precisely, within the framework of the periodic reporting, the OdV prepares:

annually, a written report on the activities carried out in which all and any critical aspects

and non-conformities identified are indicated along with the related preventive and/or

corrective actions to take, also in order to implement the principle of "continuous

improvement" of the integrated management system;

at a variable and non-defined frequency, a report regarding the critical aspects and/or

non-conformities identified, as a result of information received from the organisation that

leads to the need for urgent corrective and/or preventive actions, considered undelayable

for the purpose of guaranteeing the efficacy of the model.

In any case, the OdV of GIMA S.r.l. may be convened at any moment by the Board of

Directors or may in turn request to be convened to report on the functioning of the "Model"

or on specific situations.

5.4. POWERS OF THE SUPERVISORY BOARD (OdV)

In accordance with the provisions of articles 6 and 7 of Italian Legislative Decree no.

231/2001, the OdV is equipped with:

Independence and autonomy: it must have the highest possible hierarchical status: it is

important that it reports to the company's top management; that is, to the Board of



Directors.

Professionalism: the members of the OdV must have specific technical skills, suitable

knowledge of the provisions of Italian Legislative Decree no. 231/2001, of organisation

models and of the activities entailed in guaranteeing the performance of the auditing

activities described in the above-stated decree.

Causes of ineligibility and revocation: the following represent causes of ineligibility to be a

member of the OdV and of incompatibility with permanence in office:

a) sentence, also at the first level of judgement, or plea deal for having committed one of

the crimes set forth in the Decree;

b) sentence to a punishment that entails debarment, including temporary debarment,

from holding public office or temporary debarment from executive offices of corporate

entities.

Moreover, the following subjects cannot be appointed members of the Supervisory

Board:

c) subjects in one of the conditions of ineligibility or revocation as established in article

2382 of the Italian Civil Code;

d) managing directors or members of the executive committee of the Company or of a

holding;

e) subjects with a management or executive position in the company or in a holding and

have the power to take decisions that can affect the Company's evolution and future

prospects;

f) spouse, common-law spouse, relative to the fourth degree or kin to the second degree

of any of the subjects indicated in points d) and e) above;

g) subjects having professional, commercial or business relationships with any of the

subjects as of points d) and e) above.

Autonomy of control powers in auditing activities:

The OdV must be able to access all of the information and documentation needed to

perform the programmed audits with the aim of carrying out the control activities

established in the “Model”.

To ensure respect of these activities, the OdV is not subordinate to the company's top

management but is a Body having independence over the control activities.

The OdV must oversee observance of the “Model” using powers of investigation and

assessment, using and being assisted by the Company's personnel.



The OdV also has the task of managing the implementation of the "Model" and its

updating.

Non, partial or insufficient collaboration with the OdV represents a disciplinary violation

which must be ascertained by means of a specific procedure.



6. INFORMATION FLOWS TO THE SUPERVISORY BOARD (OdV)

6.1. REPORTS BY MEMBERS OF THE COMPANY OR THIRD PARTIES

The OdV must be provided not only with the prescribed documentation according to the

established procedures but also with all and any other information arriving also from third

parties regarding the implementation of the "Model" in the Areas at Risk.

Specifically, employees and directors are obliged to report to the OdV of GIMA S.r.l.

relevant news related to the life of the Company to the extent to which such news can expose

the Company to the risk of crimes and/or offences or risks that could result in violations of the

"Model" and news regarding non-observance of the rules contained in the "Model" or

regarding the perpetration of crimes and offences.

GIMA S.r.l., in implementing the "Model", will define an effective flow of information

that allows the OdV to be kept up to date on:

any reports regarding the commission of crimes or behaviour that violates the "Model" as

established in the Decree in relation to the activities of GIMA S.r.l. or in any case behaviour

that is not in line with the rules of behaviour adopted by the Company;

within the context of the Areas at Risk, the involvement of the functions in any inspection

activities by public authorities (Judiciary, Finance Police, other authorities, etc.);

changes to the organisation or to the activities that can directly or indirectly affect the aim

of protecting health and safety and the environment;

results of the surveillance activities (monitoring) within the organisation;

results of the reporting activities within the organisation;

occurrence of incidents, accidents, near-misses and/or reports of cases of occupational

diseases;

any measures and/or news arriving from judicial police authorities or from any other

authority from which it can be deduced that investigations are underway, also against

persons unknown, for the crimes as of articles 589 and 590 of the Criminal Code;

any other information regarding the implementation or efficacy of the "Model".

The reports can be in any form (also anonymous) and have as their object any violation

or suspected violation of the "Model"; the OdV of GIMA S.r.l. will act in such a way as to protect



whistleblowers against any kind of retaliation, discrimination or penalization, also ensuring

the confidentiality of the identity of the whistleblower except for the purpose of fulfilling legal

obligations and to protect the rights of the Company or people accused erroneously or in bad

faith.

The OdV of GIMA S.r.l. will assess reports received and any ensuing measures at its

reasonable discretion and responsibility, if necessary interviewing the person who made the

report and/or the person responsible for the alleged violation and justifying in writing any

refusal to make an internal investigation. Should doubts about the correctness of the

behaviour of employees, agents, consultants or suppliers or clients persist, the OdV, in

agreement with the Board of Directors of GIMA S.r.l., will issue any recommendations and/or

measures aimed at the subjects involved.

"Dedicated information channels" will be set up by the OdV of GIMA S.r.l. with a dual

function: that of facilitating the flow of reports and information to the OdV and that of rapidly

solving dubious cases.

6.2. OBLIGATIONS OF INFORMATION REGARDING OFFICIAL DEEDS

Besides reports, including off the record ones, as of the previous section, the Supervisory

Board of GIMA S.r.l. must obligatorily receive information concerning: measures and/or news

received from the criminal police or any other authority, from which it can be deduced that

investigations are underway, also against persons unknown, for the crimes as of the Decree

in question; requests for legal assistance made by directors and/or employees in the case

where legal or administrative proceedings are started for the crimes and offences established

in the Decree in question:

the reports prepared by the managers of the company's functions within the framework of

their control activities and from which facts, actions, events or omissions which are critical

for compliance with the provisions of the Decree can emerge;

news regarding the actual implementation, at all levels of the company, of the "Model"

with evidence of disciplinary procedures adopted and of any sanctions applied (hereby

including measures applied to employees) or decisions to dismiss proceedings with the

related reasons.

If necessary, the OdV of GIMA S.r.l. periodically proposes modifications to the above-

stated list to the Board of Directors.



7. CODE OF ETHICS AND LINES OF CONDUCT

7.1. CODE OF ETHICS

GIMA S.r.l. carries out its activities in a continuously evolving economic, social and

political context in which observance of laws and regulations is of primary importance.

Awareness of ethical and social responsibility vis-à-vis the stakeholders is the main

reason for having expressly set forth the system of values underlying its way of being and

acting.

For this reason the Code of Ethics has been drawn up and its observance by all the

addressees is of fundamental importance for the good functioning, reliability and reputation

of GIMA S.r.l., convinced that ethical behaviour in the performance of its business be pursued

alongside the success of the company.

7.1.1. ADDRESSEES OF THE DOCUMENT

Addressees means:

the members of the Board of Directors (none excluded), and all Employees; everyone who,

for whatever reason, act in the name, on behalf and in the interest of GIMA S.r.l.,

irrespective of the legal qualification of the relationship (agents consultants, suppliers and

third parties in general).

All of GIMA's clients.

7.1.2. OBJECTIVES AND VALUES

The main objective of GIMA S.r.l. is to enhance its value, from all

economic/financial/organisational/functional points of view, for all Stakeholders.

The economic and financial strategies and the ensuing operating behaviour, inspired by

efficiency in the use of the resources, are oriented towards this goal.



GIMA S.r.l., in its pursuit of this objective, scrupulously observes the following principles of

behaviour:

as an active and responsible member of the community in which it operates it is committed

to respecting and ensuring respect within the company and in its relations with the outside

world of the laws in force at the places where it carries out its activities and the ethical

principles commonly accepted and approved in national and international standards in the

performance of business: transparency, correctness and loyalty;

eschews and condemns illegitimate or in any case incorrect behaviour (towards the

community, public authorities, clients, workers, investors, competitors and in any case the

Stakeholders) to achieve its economic objectives that are pursued exclusively through the

excellence of performance in terms of quality and cost effectiveness of the products and

services, founded on experience, attention to the client and innovation;

uses organisational tools aimed at preventing the violation of principles of legality,

transparency, correctness and loyalty by its employees and collaborators and oversees

their observance and actual implementation;

ensures the market, investors and the community in general, albeit while protecting the

competitiveness of the respective enterprises, full transparency of its actions;

is committed to promoting fair competition which it considers functional to its interests

and to that of all of the market operators, clients and stakeholders in general;

pursues excellence and competitiveness on the market, offering its clients quality services

that efficiently answer their needs;

uses resources responsibly, having as a goal that of sustainable development, respecting

the environment and the rights of future generations.

7.1.3. CLIENTS

GIMA S.r.l. bases the excellence of the products and services offered on attention to the

client and its willingness to fulfil their requests.

The aim pursued is that of guaranteeing an immediate, qualified and competent answer

to the needs of the clients, basing its behaviour on correctness, courtesy and collaboration.



7.1.4. COMMUNITY

GIMA S.r.l. intends to contribute to the economic wellbeing and growth of the

community in which it operates by offering efficient and technologically advanced services.

Consistently with these objectives and with the responsibilities assumed vis-à-vis its

Stakeholders, GIMA S.r.l. sees in research and innovation a priority condition for growth and

success.

GIMA S.r.l. looks on favourably and, if opportune, supports social, cultural and

educational projects oriented towards the promotion of human rights and the improvement

of living conditions.

GIMA S.r.l. does not give contributions, benefits or make other endowments to political

parties, trade union organisations or to their representatives or candidates.

7.1.5. HUMAN RESOURCES

GIMA S.r.l. acknowledges the centrality of the human resources, convinced that the

main key to the success of any company is represented by the professional contribution of the

people that work in it, within a framework of loyalty and mutual trust.

The management of employment relationships is oriented towards guaranteeing equal

opportunities and towards favouring professional growth.

7.1.6. MANAGEMENT OF THE ENVIRONMENT AND SAFETY RELATED ACTIVITIES

GIMA S.r.l., aware of the impact, albeit limited, that its activities have on the

environment, is attentive to its protection, undertaking to monitor and contain pollution in

accordance with current law provisions.

GIMA S.r.l. pursues the commitments undertaken, identifying objectives regarding the

containment of environmental aspects / impacts of the activities or services it can keep under

control and which it can influence, and improvement of the resources, avoiding waste and

periodically controlling consumption.

GIMA S.r.l. sets the aim of guaranteeing its commitment to the prevention of accidents

and occupational diseases, pursuing the continuous improvement of its safety performance,



guaranteeing the Company's commitment to compliance with law provisions and other

requirements (company policies, internal standards or specifications, voluntary regulations),

ensuring the participation and consultation of employees and the involvement of external

personnel, contractors and suppliers and adopting the best practices available for the

protection of health, safety and the environment.

GIMA S.r.l. believes in sustainable global growth in the common interest of all of the

Stakeholders, present and future.

GIMA S.r.l. protects health and safety at work and considers respect of workers' right

fundamental in the performance of its business activities.

Without prejudice to compliance with specific applicable laws, GIMA S.r.l. takes into

consideration environmental problems when making its choices.

GIMA S.r.l. in full agreement with this principle, sets the aim of "working in safety"; that

is, guaranteeing respect for accident prevention laws and adopting "safe" behaviour to favour

the protection of people and the environment and requesting that the following rules be

adopted:

respect for the binding obligations of applicable regulations and laws concerning the

protection of health and safety at work and environmental protection;

actively involve workers in questions regarding health and safety at work and sharing with

them the accident prevention objectives;

preserve the protection of health and safety also by means of periodic monitoring at the

workplaces, with the aim of preventing dangerous behaviour;

contribute concretely, through continuous improvement of the production processes, to

respect for health and safety and for the environment;

ensure respect for the rules of the "MOGC" and the Code of Ethics, also through the

application of sanctions against the subjects involved.

7.1.7. INFORMATION

GIMA S.r.l. is aware of the importance that correct information about its activities has

for the market, the investors and the community in general.

Without prejudice to the need for confidentiality required by the performance of the

business, GIMA S.r.l. sets transparency in its relationships with all Stakeholders as its goal.



7.1.8. OBSERVANCE OF THE CODE OF ETHICS

All the corporate boards, management and workers of GIMA S.r.l., as well as all external

collaborators such as agents, consultants, suppliers and third parties in general are required

to comply with the Code of Ethics.

GIMA S.r.l. undertakes to implement the specific procedures, regulations or instructions

aimed at ensuring that the values set forth herein are reflected in the concrete behaviour of

everyone, and of all employees and collaborators, defining, where necessary, specific

sanctions systems for any violations.

7.2. LINES OF CONDUCT

7.2.1. INTRODUCTION

This paragraph illustrates the general lines of conduct in order to avoid creating

environmental situations that can favour the commission of crimes in general and, of these,

in particular, the crimes as of Italian Legislative Decree no. 231/2001.

The lines of conduct identify, albeit not in an exhaustive way, permitted and forbidden

behaviour, specifying in operational terms what is expressed by the Code of Ethics of GIMA

S.r.l.

7.2.2. PERMITTED BEHAVIOUR

The corporate boards and all employees are committed to respecting the laws and

regulations applicable at all places where GIMA S.r.l. works.

The corporate board must know the laws and regulations referred to in Attachment B

to this "MOGC" as well as the ensuing behaviour to adopt.

The corporate boards and all employees are committed to respecting the company

procedures and are inspired by the principles of the Code of Ethics in any decision or action

regarding the management of GIMA S.r.l. as detailed in the questionnaires and check lists of

this "Model" reserved for the Governance boards and the Operating Units.



The function managers of the various Operating Units must ensure that:

an appropriate continuous training and awareness programme regarding questions related

to the Code of Ethics is implemented that includes training on the consequences of non-

observance of laws and regulations that impact GIMA.

The managers of functions that have regular contact with the Public Authorities must:

give their subordinates instructions on the operational conduct to adopt in official and

unofficial contacts with public subjects and third parties depending on the specific nature

of their field of activity, transferring knowledge of the regulation and awareness of

situations at risk of crime;

put in place appropriate mechanisms to trace the official information flows towards the

public authorities and third parties. All agents, consultants, suppliers and in general any

"third party" subject that act on behalf of GIMA S.r.l. are committed to respecting the laws

and regulations applicable at all places where the company operates.

No relationship will be started or will continue with anyone who does not intend to

respect this principle.

The assignment of such subjects to represent and/or act in the interest of GIMA S.r.l.

must be made in writing and include a specific clause that binds the subject to observance of

the ethical-behavioural principles adopted by the Company.

Non-observance of the above indications may lead to the application of disciplinary

sanctions.

All agents, consultants, suppliers and in general any "third party" subject that act or have

relationships with and on behalf of GIMA S.r.l. are identified and selected with absolute

impartiality, autonomy and independence of opinion.

In their selection GIMA S.r.l. assesses their competence, reputation, independence,

organizational skills and capacity to correctly and promptly fulfil the contractual obligations

and assignments entrusted.

All agents, consultants, suppliers and in general any "third party" subject that have

relationships or act on behalf of GIMA S.r.l. work, always and without exception, with integrity

and diligence, fully respecting all the principles of correctness and legality established in the

Code of Ethics adopted by same.

In the case where the state or other public entity or the European Community is asked

for contributions, grants or loans, all of the subjects involved in these procedures must:

respect correctness and truth, using and presenting declarations and documents that are

complete and pertinent to the activities for which benefits can be legitimately obtained;



after obtaining the amounts requested, allocate them for the purposes for which they were

requested and granted.

The managers of the administrative / accounting functions must ensure that every

transaction is:

legitimate, coherent, congruent, authorised and verifiable;

correctly and appropriately recorded to allow for verification of the decision-taking,

authorisation and performance process;

accompanied by documentary support able to permit, at any moment, checks of the

characteristics and reasons for the operation and identification of who authorised,

performed, recorded and controlled the operation and related payment.

All the employees involved in the financial statements preparation activities or in the

preparation of other similar documents must behave correctly, give their utmost

collaboration, guarantee the completeness and clarity of the information provided, the

accuracy of the data and the processing and report any conflicts of interest.

The directors:

in the preparation of the financial statements, or of other similar documents, must

represent the economic, equity and financial situation truthfully, clearly and completely;

promptly answer requests for information received from the Board of Statutory Auditors

and facilitate in any way the control or auditing activities legally assigned to the

shareholders, to other corporate boards or to the external auditors; present to the

Shareholders' Meeting deeds and documents that are complete and correspond to the

accounting entries;

provide the supervisory board with correct and complete information about the economic,

equity and financial situation.

It is obligatory to report to the Supervisory Board, by way of non-limiting example:

any breach or suspected breach of the MOGC and/or of the Code of Ethics and Lines of

Conduct; the reports can also be made in anonymous form;

the measures and/or information arriving from the criminal police or any other authority,

of which official news is received, concerning crimes and/or suspected crimes as of Italian

Legislative Decree no. 231/2001 which risk having an impact on the company.



7.2.3. SANCTIONS

Conduct which is not compliant with the provisions of the Code of Ethics and these Lines

of Conduct will, irrespective of any other criminal proceedings against the perpetrator of the

violation will entail application of disciplinary sanctions as of current law provisions and/or

the collective bargaining agreement.



8. THE DISCIPLINARY SYSTEM

8.1. AIMS OF THE DISCIPLINARY SYSTEM

According to the provisions of Italian Legislative Decree no. 231/2001 (articles 6 and 7)

with reference both to subjects in top management positions and to subjects under the

management of others, for the purposes of this “MOGC”, and bearing in mind the provisions

of article 16 of Ministerial Decree 13/2/ 2014 (Official Gazette no. 45 of 24/2/2014), it is

necessary to define and implement «a disciplinary system able to sanction non-observance of

the measures indicated in the “Model”».

The disciplinary system is a fundamental aspect of the "MOGC", which provides for the

existence of adequate sanctions in the case of violation of the rules and regulations defined

therein and for the purpose of preventing the crimes.

Indeed, the definition of sanctions, duly applied to the violation and equipped with

"deterring mechanisms" applicable in the case of violation of the measures contained in the

"Organisation, Management and Control Model", has the aim of contributing on one hand to

the efficacy of the "Model" and, on the other, to the efficacy of the Supervisory Board's control

activities.

Violations undermine the relationship based of transparency, correctness, loyalty and

integrity forged between GIMA S.r.l. and it collaborators (employees, agents) and also with

consultants and suppliers (third parties in general); consequently, opportune disciplinary

measure will be applied to the subjects involved.

The disciplinary system defined for the purposes of this "Model" is an integral part of

the contractual obligations undertaken by its collaborators employees, agents) and also by

consultants and suppliers (third parties in general).

It is useful to note that the application of the sanctions is separate and fully independent

from the conduction and outcome of any criminal proceedings that should be initiated by the

competent judicial authorities.

Therefore, the judgement passed by GIMA S.r.l. need not necessarily coincide with that

expressed by the criminal court.



8.2. DISCIPLINARY OFFENCES

GIMA S.r.l. has defined procedures to identify and sanction behaviour that represents

or that could favour:

violation/circumvention of the control system;

non-observance of the procedures and provisions of the "MOGC";

non-observance of the obligations as of current law provisions;

perpetration of the crimes as of Italian Legislative Decree 231/2001.

8.3. PERSONS SUBJECT TO THE DISCIPLINARY MEASURES

Anyone who, within the context of the identified roles and responsibilities, work on

behalf of GIMA S.r.l. are subject to this sanctions system. Specifically:

employees (supervisors and workers);

agents;

company management (Board of Directors – Directors – Executives);

Board of Directors / Auditors/ External Auditors;

consultants and suppliers (third parties in general).

8.4. CRITERIA FOR ASSIGNING SANCTIONS

GIMA S.r.l. has defined appropriate ways for selecting, keeping under control and, where

opportune, sanctioning its collaborators (employees) and also consultants and suppliers (third

parties in general) having contractual relationships with the Company, including specific

clauses in the individual contracts that refer to the requirements and behaviour and to the

sanctions applied in the case of their non-observance.

The type and entity of the sanctions applicable in the individual cases of disciplinary

offence vary depending on the seriousness of the case and on the following general criteria:

conduct of the subject (to whom the disciplinary measures apply): wilful misconduct

(intentionality of the conduct) or negligence (misconduct, carelessness, inexperience with

reference to the foreseeability of the event);



level of responsibility / hierarchical, function and/or technical position;

roles and tasks assigned to the employee / agent;

existence of aggravating or attenuating circumstances: in particular in the case of the

existence of disciplinary precedents or not;

any cases of joint responsibility with other subjects that have contributed to the

perpetration of the crime;

overall behaviour of the subject (for example: any precedents), or the existence of

attenuating circumstances (or aggravating ones), taking into due account the person's

professionalism and career in the Company;

relevance of the violation of rules and regulations;

type of consequences (for example: economic damage and/or to the company image,

physical harm to persons and their health, damage to the environment, etc.).

In defining the type and entity of the sanctions GIMA S.r.l. makes reference to the

provisions of the collective bargaining agreement and the statute of labourers as of law no.

300/1970 as amended.

8.5. ACCESSORY MEASURES OF THE SANCTIONS

Without prejudice to the fact that every subject involved in sanctions, according to the

criteria illustrated above, will be given the opportunity, as established in the provisions of

labour law and the judicial and legal system in general, to know the reason for the sanction

and to take note/justify himself, the sanctions system will also include so-called "accessory"

measures; that is, information, training and educational activities for employees who,

repeatedly violating the provisions of the "MOGC" or the Code of Ethics, show that they have

not fully understood the importance that every employee/collaborator must orient his

behaviour and or carry out his professional activities according to constant and full observance

of the principles and values contained in the Code of Ethics, in the Lines of Conduct and in the

"MOGC" of GIMA S.r.l.

The need for "accessory" measures will be established by the Board of

Directors/Employer directly or on the suggestion of the OdV.



8.6. SANCTIONS PROVISION

The sanctions provisions for disciplinary measures (fines) applied to employees will be

allocated to the existing welfare and social security institutions.



9. GENERAL PRINCIPLES OF INTERNAL CONTROL

The Internal Control System using Check-lists is defined as the set of procedures and

protocols overseen by the Board of Directors, by management and by other members of the

company structure and has the aim or providing reasonable certainty that the following

objectives are achieved:

compliance with laws and regulations;

prevention of crimes;

efficacy and efficiency of operations;

reliability of economic/financial information and reporting;

protection of the company's assets.

GIMA S.r.l. requires and imposes on it directors and employees observance of these

principles in all areas, departments and units of the company and demands that Third Parties

comply with same.

The task of supervising the correct and continuous application of these procedures or

protocols is assigned to the Supervisory Board, to the directors and to the

supervisors/managers of the company functions.

Non-reporting to the OdV or non or partial collaboration with this Board represents a

disciplinary offence.

To guarantee the effective implementation of the GIMA S.r.l. organisational system the

company has put in place organisational tools (organisational charts, indications of the

managers of the individual areas, of their powers and responsibilities, descriptions of

authorisation procedures), appropriately distributed within the Company.

The proxies and powers system enables identification of the subjects having

authorisation powers both within and outside the Company.

9.1. CONTROL ENVIRONMENT

The responsibilities and powers of representation must be defined and duly distributed,

avoiding functional overlaps or the allocation of duties that concentrates critical activities in a

single individual.



No important significant operation for an operating unit can be originated/activated

without adequate authorisation.

The operating systems must be consistent with the company's policies and the Code of

Ethics. In particular, the company's financial information must be prepared:

in accordance with laws and regulations, accounting standards and international best

practices;

in accordance with the defined administrative procedures;

within the context of a complete and up-to-date chart of accounts.

9.2. RISK ASSESSMENT

The objectives of the Operating Units must be correctly defined and communicated to

all levels involved in order to illustrate and share the general orientation of same.

The risks linked to the achievement of the objectives must be identified, periodically

monitoring and updating them.

Negative events that can jeopardise the continuity of the operations must be subject to

specific risk assessment and the safeguards must be adjusted accordingly.

Innovation processes regarding products / services, organisations and systems must be

subject to an adequate risk assessment which covers realisation risks, procedures,

organisation, processes, IT systems, etc.

9.3. CONTROL ACTIVITIES

The operating processes must be defined providing for adequate documentary support

(policies, operating standards, internal procedures, etc.) and/or system to ensure that they

are verifiable in terms of congruity, coherence and responsibility.

The operating choices must be traceable in terms of characteristics and justification and

the subjects who have authorised, carried out and verified the individual activities must be

identifiable.

The exchange of information between contiguous stages / processes must envisage

mechanisms (reconcilement / squaring, etc.) to guarantee the integrity and completeness of

the data managed.



The human resources must be selected, hired and managed in accordance with criteria

of transparency and in accordance with the ethical values and objectives defined by the

Company.

The know-how and professional skills available in the Operating Units must be

periodically analysed in terms of congruency with the objectives assigned.

The personnel must be informed and trained to carry out the duties assigned. The

procurement of goods and services for the company's activities must be based on a needs

analysis and appropriately selected and monitored sources must be used.

9.4. INFORMATION AND COMMUNICATION

A suitable system of process / activity indicators and a relative periodic reporting flow

to management must be identified.

The information, administration and management systems must be oriented towards

integration and standardisation.

9.5. MONITORING

The control system is subject to continuous supervision for periodic evaluations and

constant updating.



10. THE COMMISSIONS AND PROXIES SYSTEM

The GIMA S.r.l. commissions and proxies system is characterised by elements of

"certainty" that are indispensable in preventing the crimes and is organised in such a way as

to guarantee the due attention and at the same time the effective continuation of the

business.

“Commissions” means the internal act of attributing functions and duties, reflected in

the organisational communications system.

“Proxy” means the reference unilateral juristic act with which GIMA srl grants a subject

the power to act in the name and on behalf of same company.

The principles for the correct establishment of the commissions and proxies system are:

everyone who has relationships with Public Authorities on behalf of the company must

hold a formal commission for that purpose;

every proxy that entails power of representation must correspond to an internal power of

attorney that describes the relative power of management;

commissions must match each power to the relative responsibility and to an appropriate

position in the organisation chart;

each commission must specifically and unequivocally define the powers delegated,

specifying the limits and subject (body or individual) to which the delegated subject reports

hierarchically;

the delegated person must be granted suitable spending power for the functions granted;

the proxy must expressly state the cases of forfeiture of the powers granted (revocation,

transfer to different duties that are incompatible with those for which the proxy was

granted, dismissal, etc.)

the commissions and proxies must be updated in a timely way.

The OdV periodically controls the commissions and proxies system formalised in the SDP

document and assesses their coherence with the overall system of organisational

communications, suggesting any modifications in the case where the power of management

and/or the qualification does not correspond to the powers of representation granted to the

delegated subject or if there are other anomalies.

Document comprising 41 pages

Date post:	16-Oct-2020
Category:	Documents
Upload:	others
View:	2 times
Download:	0 times

ORGANISATION MANAGEMENT AND CONTROL MODEL MOG01 · Attachment A - Presentation of the Crimes and...

Documents