Compliance and risk management
Ethical conduct and management mechanisms
For an organization of the size and extent of the Algar group, it is not enough to establish clear rules of conduct for its employees and provide whistleblowing channels. More than this, it is essential to have the support of structured processes that inform, raise awareness, prevent and oversee. This is precisely the aim of our Compliance Program.
Our Code of Conduct – which underlies the behavior we expect in relationships with various stakeholders – is actively shared with all our employees when the join the Company, as well as once a year. They must formally prove their knowledge of the guidelines each year, ensuring that periodic reviews – like the one carried out in 2017 – do not go unnoticed.
We use internal and external communication to boost the visibility of the Code and we provide specific training on the theme, available to all employees on the internet. On a day to day basis, one can observe the ethical assumptions in the internal policies and procedures applicable to the Company’s different activities, such as staff selection, the contracting of suppliers and sponsorship of projects. Our executives play a crucial role in the Compliance Program, leading by example and practicing what they preach.
Anyone identifying a habit that could be construed as deviating from the Code of Conduct and/or from the laws and regulations, can report the occurrence through the Whistleblowing Channel, managed by independent auditors responsible for evaluating the origin and the criticality of the report. Confirmed deviations are reported to the Integrity Committee, which investigates and deals with the events. We ensure secrecy, preservation of identity and we do not tolerate retaliation of any kind.
Compliance and audits
GRI 102-12 419-1 307-1 416-2
The Algar group monitors the laws and regulations applicable to its business to foster the conformity of its activities. Our policies and procedures abide by the Anticorruption Law (Nº. 12.846/2013), the Bidding Law (Nº. 8.666/1993), the Auction Law (Nº. 10.520/2002) and the Differentiated Public Procurement Regime Law (Nº. 12.462/2011), among others.
In the front line of the work to prevent and counter corruption, we are also signatories to the Business Pact for Integrity and Against Corruption (Ethos Institute). We apply good practices to several areas of the Company, as determine din the clear rules for hiring suppliers, donations and sponsorships of a social, environmental and cultural nature.
An effective and transparent assessment of our internal controls and our compliance with regulations, rules, internal and external policies rests with our Internal Audit, responsible for drawing up an annual plan based on the risks of each business, validating the plan with the Board of Directors, carrying out audits of different processes and, in the event of non-conformities, recommending and monitoring action plans. In a supplementary role, the External Audit evaluates the financial statements, transaction systems and registers, based on Brazilian and international standards that provide inputs for issuing an opinion.
In 2017, there were no cases of non-compliance with rules and regulations, whether involving corruption, the environment or the impacts our products and services have on the health and safety of clients.
Risk management is coordinated by the holding company, which engages in this work with the group companies, and relies on the supervision of the Audit and Risk Management Committee – an advisory body to the Board of Directors. The process covers the identification of risks, attributing value to their actual and potential impact on the business, defining control and mitigation measures, proposing indicators, monitoring and communication with strategic stakeholders. This is a cyclical process that is being continually updated.
One of the instruments that supports the prioritization of risks to be dealt with is the Risks Matrix, which usually discovers the origin of the events and the nature of the risks, in addition to typifying them. Below is a table summarizing risk typification.
|Nature of the risks||Types||How it is perceived||How it is mitigated|
|Strategic||Governance||Perpetuity of the business affected by: errors in the direction taken by the Company; occasional inability to establish rules on institutional relationships, coexistence and shareholder and management succession.||Maintenance of a Family Council; activities of the Board of Directors; constant evaluation of new practices to ensure continuous evolution, under the Office of the Vice-President for People and the Corporate Governance Committee, an advisory body to the Board of Directors.|
|Strategy||Inherent to formulating and executing the corporate strategy in search of value, internal and external risk factors that can prejudice the objectives, primarily those at long-term.||Annual strategic plan review; evaluation and discussion of scenarios, competition and other aspects before defining investments; Office of the Vice-President for Strategy and Innovation, in addition to external consultants assist in this process.|
|Financial||Market||We may have losses due to the volatility of commodity prices, exchange rate and interest rate variation. Commodity prices and exchange rate variation are especially sensitive in the case of Algar Agro, which adopts hedge policies and contracts financial instruments.||We periodically monitor exposure to market risks and compliance with approved limits, besides encouraging automation of risk monitoring controls.|
|Liquidity||Occasionally, we may be unable to honor our obligations, which would cause significant impacts, preventing us from raising fresh funding and raising our financial costs.||To avoid liquidity risk, we monitor daily cash levels and scheduling of financial commitments. The financial institutions with whom we maintain relations and credit limits are defined in the Corporate Financial Investments Policy.|
|Credit||Given the possibility of non-fulfilment of occasional obligations by our counterparties, as well of the chances of failings in our evaluation of limits, guarantees and sureties, our credit risk management is decentralized. Granting credit to our clients involves analysis procedures and enquiries to protection bodies, and each company defines its own policies, rules and programs. One example is the Sentinela program at Algar Agro, which maps its clients’ exposures to credit and prices.||We monitor the default levels at each company at periodic meetings, with the financial areas. The structuring of the Corporate Solutions Center (CSC) also contributes to mitigating these risks.|
|We may be exposed to assessments by inspection bodies – an occasional fine, losses from reparation of damages, assignment of earnings, interdiction of work sites or activities and impacts on our image – if we do not operate according to best practices and in compliance with environmental, labor, tax and regulatory provisions.||It is incumbent on Algar S.A. to consolidate and monitor the Group’s tax burden and its fiscal, labor law, civil and regulatory contingencies, in addition to coordinating the Corporate Tax Management Commission that meets on a quarterly basis. We are facing a small volume of labor and tax contingencies that are recognized on our balance sheets.|
|Operations||Management||We are exposed to risks arising from shortcomings when monitoring the performance of our business, the execution of strategic projects and the attainment of goals and deadlines.||To integrate strategies and operations, we have adopted the Balanced Score Card (BSC) methodology, encouraging managers to engage in joint discussions of the performance of the areas vis-à-vis the strategic objectives, suggesting alternatives when necessary.|
|Processes||We are constantly aware of the risks to our operating capacity, size and obsolescence of assets and facilities, processes and logistics plows that can cause losses or interruptions to operations or compromise the quality of our products and services. Focused on the efficiency of our processes and on reducing losses, operating risk management includes monitoring of indicators and, in certain cases, the performance goals enshrined in the Service Level Agreements (SLAs) with our clients. In the Telecom and Agribusiness sectors, our companies abide by the standards defined by the regulatory bodies, and are subject to penalties in the event of non-compliance.||Worthy of note among the initiatives to minimize these risks are the Check-Mate Project, a two-year program designed at Algar Agro and focused on internal control systems.|
|We are subject to risks like unauthorized access to the Company’s data and information arising from insufficient controls, in addition to violation of policies and terms of responsibility, which can result in external attacks, IT environment crashes, alterations or improper disclosure of information.||Our employees are instructed about the Company’s Information Security Policy, Code of Conduct and Deeds of Liability for the use of information. These documents provide guidelines in the use of e-mails, internet, systems and the corporate network. The purpose of the Corporate IT Committee, coordinated by Algar S.A., is to standardize security practices across all companies. In the case of IT risks, we undertake an across-the-board diagnosis, evaluation and monitoring of risk indicators, according to the degree of criticality. Based on this, we define limits to be adhered to and mitigation actions to improve the controls.|
|People||We may find it difficult to attract and retain qualified talent on
account of factors such as competition and organizational climate.
|The risks of attracting and retaining people, as well as executive development and succession are monitored using turnover indicators and the Annual Climate and Engagement Survey. We are continually taking initiatives to improve the work environment and we periodically review the compensation plan and benefits provided to our employees, in addition to offering a challenging environment.|
|The Environment||Losses arising from sever climatic events and shortage of natural resources.||Also bearing in mind the potential impact on the Company’s image, measures such as taking out insurance policies, drafting of Business Continuity Plans and operations monitoring are adopted.|