Políticas

Compliance Policy

PT/BREN/US

1. Purpose

To establish a set of guidelines that ensure compliance with legal, regulatory, and normative obligations applicable to CPD Informatica, as well as internal guidelines aligned with NBR ISO 37301:2021 - Compliance Management System and best practices in corporate governance.

This policy aims to foster a culture of compliance and accountability, preventing and mitigating compliance risks, promoting transparency, and ensuring stakeholder confidence in the integrity of the organization's processes and decisions.

2. Scope

This policy applies to all areas of the organization, including employees, suppliers, service providers, business partners, and other stakeholders involved in the company's activities.

It covers all internal and external processes that may impact regulatory compliance and sound corporate governance practices.

3. References

  • 3.1. ABNT NBR ISO 37001:2017 - Anti-Bribery Management Systems.
  • 3.2. ABNT NBR ISO 37301:2021 - Compliance Management Systems.
  • 3.3. COD.SGI.001 - Code of Ethics and Conduct.
  • 3.4. POL.SGI.001 - Anti-Bribery Policy.
  • 3.5. POL.SGI.003 - Human Rights Policy.

4. Definitions

  • 4.1. Compliance: The set of rules, policies, and processes adopted by the organization to ensure its activities are conducted in accordance with applicable laws, regulations, and ethical standards.
  • 4.2. Integrity: The ethical principle that governs the organization's actions, ensuring that our practices are honest, transparent, and aligned with moral and legal values.
  • 4.3. Organizational Culture: The set of values, beliefs, and practices shared by CPD Informatica employees, which influence corporate behaviors and decisions.

5. Guidelines

CPD Informatica reaffirms its commitment to ethics, integrity, and compliance by establishing this Compliance Policy, which aligns with the organization's purpose, values, and strategy.

Adherence to compliance obligations is essential to ensure transparency and accountability across all our activities, strengthening the trust of customers, partners, and other stakeholders.

Our commitment is to provide a solid framework for establishing, monitoring, and continuously improving compliance objectives, ensuring that all activities are carried out in accordance with applicable laws, regulations, and standards.

CPD Informatica requires strict compliance with all obligations and fosters an organizational culture based on integrity, accountability, and adherence to established guidelines.

The organization adopts a management model based on continuous improvement, ensuring that the Compliance Management System is regularly monitored, assessed, and enhanced. This includes periodic reviews, internal audits, training, and process improvements to ensure that compliance guidelines remain up-to-date and effective.

6. Authority and Independence of the Anti-Bribery Compliance Function

The Integrated Anti-Bribery and Compliance Management System operates with an independent structure that has full authority to supervise, monitor, and report bribery risks directly to Senior Management.

The Compliance Officer has full autonomy to conduct investigations, recommend corrective measures, and promote an ethical culture within the organization.

7. Whistleblower Channel and Protection Against Retaliation

CPD Informatica encourages third parties and all stakeholders to report, in good faith, any suspicions or evidence of unethical practices, ensuring confidentiality, protection against retaliation, and proper handling of reports.

The Whistleblower Channel is confidential, accessible to everyone, and allows for anonymous reporting. It guarantees impartiality and due diligence in investigations. Additionally, the organization expressly prohibits any form of retaliation against whistleblowers, reinforcing its commitment to integrity and transparency.

8. Penalties

Non-compliance with this policy will be treated with zero tolerance and may result in disciplinary actions, including termination for cause, termination of contracts with third parties, and the application of appropriate legal measures.

All violations will be rigorously verified, ensuring fairness and equity in the application of decisions.