The report may relate to any form of behaviour, action or omission on the part of a person working for the company, which violates the provisions of the law and which harms or may harm the public interest or the integrity of the Parent Company and/or its Subsidiaries. The report may concern both violations already committed and those not yet committed that the whistleblower has reasonable grounds for believing may well happen.
Such violations may relate to the provisions of both Italian and European Union legislation:
- Violations of Italian law – This category includes, by way of example but not exclusively: criminal, civil, administrative or accounting offences; alleged offences related to the application of Legislative Decree no. 231/2001, and breaches of the standards of organisation and management set out in this same Decree ; contraventions of the law with regard to the prevention of money laundering and financing of terrorism; breaches of the rules in relation to financial brokerage and banking procedures.
- Violations of European Union law – This category includes, but is not limited to:
- Offences that fall within the scope of legislation enacted by the European Union or nation states, or domestic legislation that implements acts passed by the European Union in relation to the following: public procurement; financial services, products and markets, and the prevention of money laundering and the financing of terrorism; product safety and compliance; transport safety; environmental protection; protection from radiation and nuclear safety; food and animal feed safety and the health and welfare of animals; public health; consumer protection; protection of privacy, and the protection of personal data and the security of information networks and systems;
- Actions or omissions that affect the financial interests of the European Union;
- Actions or omissions that affect the internal market;
- Actions or conduct which undermine the object or purpose of the provisions of European Union legislation in the areas outlined in the previous three points.
A report by a whistleblower should include the following:
- Confirmation that he/she intends to keep his identity confidential for the purposes of this report, and that he/she wishes to benefit from the protection offered in the event of any retaliation he/she suffers from making a report within the terms of the whistleblowing regulations. If the whistleblower specifies these terms, then if the report is mistakenly received by an unauthorised person or sent via a channel other than those specifically allocated, it is then incumbent on that person to deliver it by hand to the Head of Internal Audit (within a maximum of seven days);
- The company within the Group to which the report refers;
- The relevant personal data of the whistleblower, indicating the channels where he/she can be contacted for any further discussions. These data are not mandatory as the report can also be anonymous, but if this is the case and if further details are needed, it may be difficult to investigate the report in an effective manner;
- The detailed and verifiable facts (i.e. what happened, when it happened, and where it occurred) and the information and data required for definitely identifying the perpetrators of the illegal action;
- Any conflict of interest between the whistleblower and the content of the report;
- Any way in which the whistleblower bears co-responsibility for the wrongdoings in the report;
- Any items of evidence (including attached documents where available) that can help in assessing the report;
- Any person who works in the same setting, and who helped the whistleblower during the reporting process.
The following annual report on the operation of the internal process is brought to the attention of all our staff. It contains aggregated data on the results of the actions carried out after reports were received: Annual report on the correct functioning of our violation reporting (Whistleblowing) system 2022
We should add that the reporting system also includes the following methods of communication, with the same guarantees of protection as stated above in relation to confidentiality, data processing and retaliation. These can be used under certain conditions, as specified below.