Internal control and compliance
Start of main content
Adaptation of the Internal Code of Conduct
With the entry into force of the new standards on market abuse for listed companies, in 2016 the DIA Group updated its Internal Code of Conduct, with which it establishes rules for the management and control of the use of privileged information, treasury stock operations, and the transparent communication of relevant information.
The Internal Code of Conduct imposes obligations and limitations on the people affected and treasury stock managers, in order to protect the interests of its investors and avoid any type of abusive situation, while facilitating the participation of managers and employees in the capital of the company, in strict observance of current legislation.
Download Internal Code of Conduct.
Transparency and the fight against corruption
The DIA Group has developed and implemented a crime prevention model with the aim of establishing the most adequate internal control procedures and policies to prevent illegal offences being committed. In addition to analysing the activities of each business area to evaluate the risk of criminal activity in each one, the DIA Group has a Prevention Manager who reports to the Ethics Committee and to the Regulatory Compliance Manager.
In order to obtain greater control and security, the DIA Group analyses the activities performed by the different business areas and assesses the risk of each activity in regard to the possible commission of offences in terms of probability and impact, taking into account the controls already implemented. In 2016, the crime prevention model was the study of analysis and expert opinion of a consulting firm with experience in the field of forensics. Therefore, the model implemented by DIA has adequate and efficient control measures for preventing and detecting the commission of offences which could result in criminal liability for DIA.
The DIA Group also has an anti-fraud plan, new this year, which has already been implemented in all the countries in which the company operates. In this respect, in each country the company has a fraud risk matrix, which conducts an analysis in terms of frequency and impact and incorporates the existing controls to prevent such conduct. An anti-fraud manager has been designated who, in turn, is responsible for the prevention of offences.
During 2017, specific anti-fraud training will be given to employees in each country.
Control of financial information
The company has an Internal Financial Information Control System Policy (SCIIF) that covers the general description of the system and its objectives, roles and responsibilities, methodology for the development of the internal control of financial information, and risk management.
The SCIIF affects all levels of the organization and its maintenance is the responsibility of the Board of Directors, while its supervision is carried out by the Board’s Audit Committee.
The DIA Group has documented the processes that may be considered to have a risk of material impact on the preparation of financial information, also covering the risk of fraud.
Process Map
During financial year 2016, for the purpose of strengthening the internal control system with an integral vision that not only contributes to reliability, but also to the effectiveness and efficiency of the operations, the “Process Map” of the Group in Spain has been defined.
This map identifies all the Spanish and Corporate processes and sub-processes and was approved by the Group Management Committee and presented to the Audit and Compliance Committee in September.
The "Process Map" provides a unique reference framework for the control and risk systems.
Regulatory Map
In each country where the company operates, the Legal Department has what is known as a “Regulatory Map”, which identifies and details all regulations applicable to DIA, with special attention given to key legislation in the main supply chain processes, which has been classified in six sections:
- Legislation applicable to the product negotiation process, that is, in regard to DIA’s relations with its service and goods providers, competitors, regulatory boards, and brands;
- Legislation applicable to the logistics activity, that is, the exercise of storage, distribution and goods transport activities;
- Legislation applicable to the wholesale and retail business;
- Legislation applicable to commercial premises, urban leases, horizontal property, local taxes, business hours;
- Legislation applicable to DIA’s customer relations, personal data protection, consumption, payment method, advertising and sales promotions;
- Legislation applicable to DIA, as a listed company, in regard to the stock market and Internal Code of Conduct.
The Legal Department, in turn, is responsible for reporting to the rest of the areas or departments of the Company on the content and scope of new features and/or regulatory changes, designing and holding training sessions, either in person or via e-Learning, when the new legislation could have a significant impact on DIA's activity.
To carry out this function, the Legal Department has established a procedure for the monitoring and updating of regulations and communication, which defines the necessary resources, responsibilities and internal and external tools to perform this duty and achieve the twofold objective of having an updated regulatory map and an organization aware of its legal obligations.
This Regulatory Map is revised annually.
End of main content
- Go up
- Download