COMPLIANCE POLICY – Albert Česká republika, s.r.o.
Version 1.0 (December 2021)
1. PURPOSE OF THE DOCUMENT:
This document describes the system of internal company measures and procedures, which responds to potential criminal or unethical behaviour. This system of corporate measures and procedures is part of the corporate culture of Albert Česká republika, s.r.o. (hereinafter referred to as the “Company”), which, in an effort to prevent any unlawful (criminal) or unethical conduct, accepts this document in order to make all reasonable efforts to prevent the commission of the offense and to avert the consequences of the offense, namely in the sense of Act No. 418/2011 Coll., the Act on Criminal Liability of Legal Entities and Proceedings Against Them (hereinafter referred to as “TOPO”).
The Company is a member of the international Ahold Delhaize group and follows its Code of Ethics, which is a key and governing document in the field of Compliance. The Compliance Policy is based on the principles of this Code of Ethics and is in full compliance with it. The Compliance Policy document is the basic internal policy for the Company's Compliance in the environment of the Czech Republic, defines its basics and regulates the individual measures and procedures adopted. The Compliance Policy document contains an expression of the values, goals, principles and rules of Compliance, which are based on the basic principles that guide the Company. These principles are a) We respect each other, b) We follow the law, c) We act ethically in all our relationships, d) We have the courage to speak up.
This document is available to persons bound by the Compliance Policy from the company's computer network. For transparency, it is also accessible to the public, business partners and company´s associates on the Company's website.
2. TERMS AND ABBREVIATIONS
- Compliance – a comprehensive set of internal company´s procedures and policies concerning all activities in the Company, leading to ensuring that persons bound by the Compliance act in accordance with the law.
- TOPO - Act No. 418/2011 Coll., the Act on Criminal Liability of Legal Entities and Proceedings Against Them.
- Persons bound by the Compliance – Board members, directors and managers and all other employees or persons in similar position performing the work tasks and other persons, which are defined in the provisions of § 8 paragraph 1 TOPO.
- Board members – executive body of the Company, especially CEO, CFO, appointed Vice Presidents and Director and other persons according to current state.
- Compliance Officer – the person responsible for Compliance overseeing.
- Compliance Procedre – procedure of the Company executing certain provisions of this Policy.
- Compliance Committee – Compliance body of the Company with competency set in the Compliance Procedure.
- Compliance training – a comprehensive set of training materials that the Person bound by the Compliance is obliged to complete; the list and description is available in Compliance Procedure.
- Compliance Instruments – Company's instruments for contacting Compliance Officer.
- Compliance Incident – suspected breach of Compliance by a Person bound by the Compliance or a third party.
- Compliance Internal Investigation process – the Company 's internal investigation process.
- Code of Ethics - rules of conduct issued by Ahold Delhaize.
- Incident Case Management system – internal records of received notifications and the course of the Compliance Incident investigation.
- The Company crisis plan – the set of rules for resolving cases of the highest priority.
- Urgent action – actions that cannot be postponed within the Compliance Internal Investigation process. In particular, they are carried out in order to prevent the completion of a criminal offense or unethical conduct, to prevent or at least to minimize imminent damage.
- Whistleblower – any person who makes a report of suspected misconduct.
- Investigation group – a working group of designated employees of the Company established to investigate a specific notification. The composition and tasks of the Investigation Group are determined by Compliance Officer in cooperation with the Compliance Committee.
Compliance is a comprehensive set of internal company procedures and policies affecting all activities in the Company leading to ensuring the conduct of persons bound by Compliance in accordance with law. The purpose of Compliance is in particular to prevent the commission of a criminal offense and to avert the consequences of the committed criminal offense, or unethical conduct. The basic pillar for its fulfillment is the formulation of values, principles, goals and rules, thanks to three basic components: a) prevention, b) detection, c) response. Due to the complexity of Compliance, these components complement and overlap.
Compliance ensures the prevention of criminal and unethical conduct and requires that all conduct of persons bound by the Compliance is always in accordance with the laws of the Czech Republic, European Union regulations and other internal regulations of the Company, including regulations issued by Ahold Delhaize, of which the Company is a member.
The Company´s compliance emphasizes effective control and response to the Compliance Incident, in particular by establishing effective mechanisms for impartial and independent investigation of the Compliance Incident and an appropriate comprehensive response to meet Compliance objectives. This impartiality and independence is ensured above all by the emphasis on the protection of the Whistleblower and by a system of maximally independent responsible persons. This impartiality and independence must not be disturbed in any way.
4. COMPLIANCE OFFICER
Compliance Officer function is established. Compliance Officer when solving the Compliance Incidents is directly subordinated only to the Board Members and the Compliance Committee. A Compliance Officer cannot be a Board Member or a member of the Compliance Committee at the same time.
Compliance Officer is responsible for overseeing the Company's Compliance and is the main executive part of the Company's Compliance. He/She is obliged to proceed in such a way that the goals of Compliance are met. He/She shall act independently and impartially and shall be accountable only to the Board Members and the Compliance Committee in respect to the abovementioned. He/She is obliged to maintain confidentiality to any information he/she learns in the performance of his/her duties, with emphasis on the protection of the Whistleblower.
Compliance Officer has the right to request the necessary cooperation from all persons bound by the Compliance. Each person is obliged to provide such cooperation. At the same time, any person bound by the Compliance may contact Compliance Officer at any time for advice on how to proceed through Compliance Instruments.
The purpose of prevention is primarily (1) to prevent the commission of a criminal offense, (2) to prevent unethical conduct and (3) to avoid conflicts of interest. Due to the difficulty of proving illegal and unethical conduct and to repairing the damaged reputation of the Company that such conduct may cause, it is essential to prevent such conduct.
The main measure of prevention is the training of persons bound by the Compliance. Every new employee is required to undergo Compliance Training upon enrollment. Persons bound by the Compliance are then repeatedly trained on current topics at regular annual intervals. Compliance training focuses primarily on getting acquainted with the conditions of criminal liability of legal entities, where the main goal is a thorough acquaintance with the issue of corrupt practices. Furthermore, the Compliance Training deals with the consequences of violations of the Code of Ethics and the Company's internal regulations, with an emphasis on the issue of conflicts of interest. Compliance training may vary in content according to job description. Each Compliance Training also includes a test, which is used to verify the acquired knowledge. Compliance Officer then informs the Compliance Committee about the results of the training (the ratio of trained associates), including a proposal for measures that will lead to the improvement and fulfillment of the Compliance's goals. The possible exception in testing may occur in respect to the Code of Ethics training as this training is managed centrally by the Company’s parent company.
The company places great emphasis on constant monitoring, evaluation and control of the functionality of the Compliance program – i.e. ongoing trainings and the associated potential risks. For this purpose, Compliance Officer monitors the Compliance on a regular basis. At least once a year, Compliance Officer prepares a report on the Compliance's performance in the Company, which is submitted to the Compliance Committee and the Board Members by the end of the first month of the following year at the latest. This Compliance Performance Report includes, in particular, the number of Compliance Incidents, their brief description, information on identified risks, a description of the corrective actions taken and an evaluation of the effectiveness of the Compliance Training with a possible proposal to update them.
As part of the prevention, the Company has set the following goals, which the persons bound by the Compliance are obliged to observe:
a) Act in accordance with the legal order of the Czech Republic and the legal regulations of the European Union;
b) Always act in full compliance with the Code of Ethics and other internal policies of the Company, including global guidelines and policies issued by Ahold Delhaize;
c) Complete Compliance Training;
d) Always act in a way that no criminal offense is committed;
e) The moment the Person bound by the Compliance learns that another person has committed or is committing or is preparing a crime that could be attributed to the Company, to act actively and to act in accordance with the Compliance;
f) In case of any doubts, contact Compliance Officer using one of the forms of Compliance Instruments;
g) Respect the rules for accepting gifts and benefits, i.e. never accept monetary gifts or benefits. For non-monetary gifts or benefits, proceed as follows: i) never accept non- monetary gifts or benefits of worth higher than amount set by Compliance Committee once a year. In case the Compliance Committee does not set the threshold in current year, the last previously set threshold stays in effect; ii) never to accept gifts or benefits in exchange for favours or other benefits or in case the suspicion of abovementioned might occure. In case of uncertainty, the potential gifted reaches out to Compliance Officer.
h) Respect the rules for conflicts of interest, i.e. in particular act in a way that conflicts of interest do not occur at all, prevent and avoid situations in which there may be an impression of conflicts of interest, not disclose sensitive Company data, even to close relatives, if such disclosure could result in a conflict of interest. If the conflict of interest occures, act in a manner that is not influenced by personal interests in making business decisions and not cooperate with a third party if such conduct could result in personal gain. In addition, inform Compliance Officer of any conflict of interest and any personal interests that may arise. The instructions how to report any potential confict of interest are available in the Compliance Procedure.
The main goal in the area of detection is to ensure the detection of activities that are in conflict with Company´s Compliance, using effective mechanisms with the main and primary aim to ensure the confidentiality of the notification and the Whistleblower. The Company will not penalize any notification of Compliance violation unless the Whistleblower demonstrably makes the intent to harm another person through the use of false information. In case of doubt, the notification shall be deemed to have been made in good faith.
The Company´s detection channels are:
a) Web form available on the Company´s website aholdfairplay.cz;
b) email – email@example.com;
c) Fair play phone line;
d) Conflict of Interest form;
e) Internal/external post;
f) Notification made in person;
g) Employee Screening for specific positions.
Compliance Officer checks the detection channels every day. Compliance Officer assigns a number to each notification and registers it properly. In the event that Compliance Officer receives the complaint in person, he/she shall write a record of its receipt and content. Compliance Officer shall inform the Whistleblower of the possibility of anonymity, the confidentiality of the notifications made, the protection provided to the Whistleblower and the subsequent procedure. If the Whistleblower expressly so requests, and unless it is a case of anonymous notification, he/she shall be notified of the conclusions of the examination no later than 90 days from the date of receipt of the notification.
For the purpose of all received notifications, the Company keeps internal records of these notifications (hereinafter referred to as the “Incident Case Management System”). The content of the Case Management System is determined by Compliance Procedure. Such information may be disclosed only to individual members of the Compliance Committee or to individual members of the Investigative Group, provided that the notification does not in any way affect their person. In such case, Compliance Officer may deny access to individual folders. If the notification contains information that is considered personal data, it is handled in accordance with the European Regulation on personal data protection (GDPR).
The main goal of the Compliance response is to properly investigate the Compliance Incident and, if a Compliance violation is identified, to take appropriate corrective action to prevent a recurrence of such a violation.
Upon receipt of the notification, Compliance Officer will assess its severity and place it in one of 3 groups of cases: a) highest priority, b) medium priority, c) low priority.
In the event that Compliance Officer places the notification in the "highest priority" group, he/she is obliged to activate the Company's Crisis Plan and follow it. He/she may deviate from the Company's Crisis Plan only if the notification personally concerns one of the persons listed in the Company's Crisis Plan and who should take further steps within the Company's Crisis Plan.
In order to prevent a Compliance Incident, Compliance Officer may take urgent action, either alone or in cooperation with the Compliance Committee. These include in particular: a) temporary transfer of the Person bound by Compliance to another type of work or removal of his/her specific powers, b) position of the Person bound by Compliance on obstacles on the part of the employer, c) blocking of the Person's bound by Compliance access to internal systems and databases, d) deposit internal data, information and e-mail or telephone communications and prevent their intentional removal or alteration, e) safe storage of original written documents, f) securing funds or other property if there is a reasonable suspicion that it is a proceeds of crime.
In other cases, Compliance Officer proceeds in the standard manner and investigates each individual case of notification according to the Compliance Internal Investigation process.
Compliance Officer decides on the method of investigation in cooperation with the Compliance Committee. In justified cases, Compliance Officer may submit a proposal for further action for decision to CEO, to VP HR or the relevant VP of involved department or another Board Member, if he/she deems such procedure.
An Investigation Group may be set up to investigate the notification received. The composition and tasks of the Investigation Group are determined by Compliance Officer in cooperation with Compliance Committee. Each member of the Investigation Group is obliged to maintain the confidentiality of the findings and in case it is necessary to know the person of the Whistleblower for the investigation of the Compliance Incident, each member of the Investigation Group undertakes to take care of his/her protection in order to maintain his /her anonymity.
The results of the investigation are recorded by Compliance Officer in the electronic file of the case, including the Final Report, which content is determined by the Compliance Procedure.
The basic goals of the Company's corrective measures include in particular:
1) Prevent the recurrence of the Compliance Incident in the future,
2) Take steps to repair the damage,
3) Draw employment consequences for the person who violated the Compliance,
4) Draw commercial-legal consequences for a third party if participated in the breach of Compliance,
5) Communicate to the Company that each Compliance Incident will be investigated and that adequate consequences will be drawn from it.
Corrective actions are subject to approval by Compliance Committee or Board members according to internal and legal requirements. Once the proposed corrective actions have been approved, Compliance Officer will ensure their implementation and monitor compliance. Compliance Officer then informs the Board Members about the results of the corrective measures taken through the Compliance Report.
8. GENERAL PROVISION
This Policy has an implementation period of 3 months and it starts with the policy issuance.