INTERNAL WHISTLEBLOWING PROCEDURE
Approved by: Board of Directors on 01.12.2023
Introduction
Paragraph 2-bis of Article 6 of Legislative Decree 231/2001, as amended by Article 2 of Law No. 179 of November 30, 2017, mandates the following provisions:
a) One or more channels allowing the subjects indicated in Article 5, paragraph 1, letters a) and b), to submit detailed reports of unlawful conduct relevant under the Decree and based on precise and consistent facts, or violations of the organization’s management and control model. These channels must ensure the confidentiality of the whistleblower’s identity during the handling of the report.
b) At least one alternative reporting channel, using IT systems, ensuring confidentiality of the whistleblower’s identity.
c) A prohibition on retaliation or discriminatory actions, direct or indirect, against the whistleblower for reasons related, directly or indirectly, to the report.
d) Sanctions for those who violate the protective measures for whistleblowers, as well as for those who make malicious or grossly negligent reports found to be unfounded, under the disciplinary system adopted per paragraph 2, letter e).
It must also be noted that discriminatory measures against whistleblowers under paragraph 2-bis can be reported to the National Labour Inspectorate, both by the whistleblower and the trade union indicated by them, for appropriate actions.
Retaliatory or discriminatory dismissal of the whistleblower is null, as is any change in duties pursuant to Article 2103 of the Civil Code or any other retaliatory or discriminatory measures taken against the whistleblower.
In disputes over disciplinary sanctions, demotions, dismissals, transfers, or other organizational measures negatively affecting working conditions following a report, the employer must demonstrate that such measures are based on reasons unrelated to the report.
1. Definition of Internal Procedures
Based on the above, the Internal Reporting Procedures (Whistleblowing) are defined below. They consist of identifying one or more channels that allow the subjects indicated in Article 5, paragraph 1, letters a) and b), to submit detailed reports of unlawful conduct relevant under Legislative Decree 231/2001, based on precise and consistent facts, or violations of the organization’s management and control model, that they have become aware of in the course of their duties.
The report is an act of demonstrating a sense of belonging to the company, through which the whistleblower (the employee making the report) contributes to the identification and prevention of risks and harmful situations for Intarget Group S.r.l. – Società Benefit and, consequently, for all employees. The whistleblowing procedure aims to encourage reporting and protect the whistleblower due to its social function, with the primary goal of preventing or resolving a problem internally and promptly.
1.1 Scope of Reporting
All actions or facts that may constitute a violation of offenses relevant under Legislative Decree 231/2001, based on precise and consistent facts, or violations of the organization’s management and control model, are considered relevant.
The report cannot, in any case, concern personal grievances of the whistleblower or claims and requests related to employment relationships or interactions with supervisors or colleagues, for which ordinary procedures provided by human resources regulations apply.
1.2 Reporting Scope
Reports must be made by the subjects indicated in Article 5, paragraph 1, letters a) and b) of Legislative Decree 231/2001, namely:
a) Individuals who hold functions of representation, administration, or management of the organization or one of its organizational units with financial and functional autonomy, as well as individuals who exercise, even de facto, management and control.
b) Individuals under the direction or supervision of any of the subjects listed in letter a).
By way of example, this definition includes, in addition to directors and the general manager, all those employed by the company under an employment contract (permanent or fixed-term, full-time or part-time, or apprenticeship), coordinated and continuous collaborators, temporary workers, and seconded employees.
Whenever a new subject falls within this scope, the People Operations Management provides the subject with the relevant information as outlined in this paragraph.
1.3 Reporting Methods and Recipients
1.3.1 Appointment of the Internal Reporting System Manager
The Internal Reporting System Manager is responsible for:
- Ensuring the proper functioning of the procedures;
- Reporting directly and promptly to the Board of Directors and the Board of Statutory Auditors on the information subject to the report, where relevant;
- Preparing an annual report on the proper functioning of the internal reporting system, containing aggregated information on the outcomes of the activities carried out following the reports received. This report is approved by the Board of Directors and made available to the staff of the Confidi.
Intarget Group S.r.l. – Società Benefit assigns the examination and evaluation of reports to its Review Body. The Chief People Officer is appointed as the Internal Reporting System Manager, responsible for receiving the reports.
1.3.2 Reporting Methods
The report is submitted, with the contents outlined in the form attached to this procedure, by the reporting party to the designated recipient through one of the following methods:
- By letter, in a double-sealed envelope, to the address Intarget Group S.r.l. – Società Benefit, Via Giuntini n. 25, int. 42, 56021 Cascina (PI) – Loc. Navacchio, addressed to the designated recipient of the report; in this case, both anonymous and non-anonymous reports are possible;
- By sending an email to the dedicated address antonella.deltorto@intarget.net, linked to the designated recipient of the report.
In all cases, the identity of the whistleblower will only be known to the Internal Reporting System Manager and the Reviewer, who guarantee its confidentiality, except in cases where the information is required for investigations or proceedings initiated by the judicial authorities following the report.
1.4 Contents of the Report
The whistleblower must provide sufficient elements to reconstruct the event and verify the accuracy of the reported facts. To this end, the report must include the following:
- Full name of the whistleblower, indicating their professional role, work location, and contact details (unless the report is anonymous);
- Time and location details of when the reported event occurred;
- A clear and complete description of the reported facts;
- The full name or other identifying elements of the individual(s) involved in the reported facts;
- Any other individuals who can provide further information on the reported facts and any documents that can support the accuracy of the report;
- Any other information that can help verify the existence of the reported facts;
- A statement from the whistleblower regarding the absence or presence of a personal interest related to the report.
It is essential that the reported facts are known directly by the whistleblower and not relayed by others.
1.4.1 Reporting Procedures
Once the report has been received, the Internal Reporting System Manager, after verifying its completeness, informs the whistleblower (if not anonymous), using the same method of communication, about the initiation of the examination process and forwards the report to the Reviewer for further assessment.
Following the analysis process:
- If the report is unfounded, the Internal Reporting System Manager will communicate the motivated outcome and the conclusion of the process to the whistleblower (through the same channel used for submitting the report).
- If the report is founded, the Internal Reporting System Manager will inform the whistleblower of the positive outcome of the investigation, and a similar communication will be made (via separate communication) to the reported individual.
During the report analysis process, the Reviewer will assess the significance and severity of the report. During this phase, the Reviewer, in strict compliance with the principles of impartiality and confidentiality, may carry out any activity deemed appropriate, including through other control functions, to investigate the facts leading to the violation.
The severity of the violation is presumed if the reported fact is not manifestly unfounded and could potentially cause significant harmful effects, considering the severity of the violation and its degree of offensiveness or danger. For example (but not limited to), the severity of the violation may be indicated by related criminal or administrative penalties.
The Reviewer promptly informs the Board of Directors and the CEO or General Manager in cases of particularly serious violations, so that they may consider the adoption of appropriate decisions and disciplinary measures under their respective competencies.
At any stage of the process—and without waiting for the final outcome—the Reviewer reports directly and without delay any relevant information from the report to the company’s governing bodies, which take the necessary measures, including urgent actions, if required.
The reporting procedure (from the reception phase to the communication to the company’s governing bodies) must be completed as quickly as possible, following criteria that consider the severity of the violation, to prevent the continued violations from causing further aggravation.
1.5 Decision-making Measures
If the reports require decision-making measures, they are entrusted to the Board of Directors, in consultation with the Review Body.
In cases where the whistleblower is co-responsible for the violation subject to the report, the Board of Directors will consider a privileged treatment for the whistleblower compared to the other co-responsible parties, except in cases where the whistleblower’s conduct is particularly serious.
1.6 Confidentiality Obligations and Whistleblower Protection
1.6.1 Protection of Anonymity
To prevent the fear of negative consequences from discouraging reports, the whistleblower’s identity cannot be revealed without their explicit consent. All individuals receiving or involved in managing the reports are required to protect the confidentiality of this information.
Exceptions include cases where the whistleblower may be liable for slander or defamation under the Penal Code, or cases where anonymity cannot be maintained by law (for example, when the information is required for criminal, tax, or administrative investigations, or for inspections by oversight bodies).
The whistleblower’s anonymity is also guaranteed during disciplinary proceedings if the charge against the reported party is based on separate and additional findings, distinct from the report itself (which may occur when the report is one of several elements revealing the wrongdoing, while the disciplinary charge is based on other facts sufficient to justify the initiation of the disciplinary process). The whistleblower’s identity may be revealed to the CEO and/or General Manager, as well as to the reported party, if the whistleblower consents or if the charge is based entirely or partly on the report, and knowing the whistleblower’s identity is absolutely essential for the reported party’s defense.
The violation of the confidentiality obligation, including the disclosure of information that could lead to the identification of the whistleblower, is considered a violation of this regulation and leads to disciplinary responsibility, without prejudice to further forms of liability under the legal system.
1.6.2 Prohibition of Discrimination
Employees who submit a report under this regulation cannot be sanctioned, dismissed, or subjected to any direct or indirect discriminatory measures that affect their working conditions for reasons related, even indirectly, to the report. Discriminatory measures include unjustified disciplinary actions, workplace harassment, and any other retaliatory action that creates intolerable working conditions.
In severe cases, and where possible, Intarget Group S.r.l. – Società Benefit may consider transferring the whistleblower for environmental incompatibility, with the whistleblower’s prior consent.
If an employee believes they have been discriminated against, they must report it with supporting details to the Reviewer, who, after assessing the merits of the claim, will notify the General Manager of the employee responsible for the alleged discrimination, to allow them to take the necessary actions to restore the situation and/or address the negative effects of the discrimination.
Additionally, any form of retaliation or discrimination affecting the working conditions of those who collaborate in verifying the validity of the report is prohibited.
1.6.3 Data Protection and Document Archiving
To ensure the traceability of the different stages of the reporting process, the Reviewer is responsible for guaranteeing:
- The traceability of reports and related investigative activities;
- The storage of documentation related to the reports and the corresponding verification activities in specific archives (physical/digital), with appropriate levels of security and confidentiality;
- The preservation of documentation and reports for a period not exceeding the time necessary for the purposes for which the data were collected or subsequently processed, while complying with the company’s current privacy procedures.
The processing of personal data of individuals involved or mentioned in the reports is protected under the applicable legal regulations and the company’s privacy procedures.
1.7 Whistleblower Responsibility
This regulation does not exempt the whistleblower from criminal and disciplinary liability in cases of false or defamatory reports under the Penal Code (Articles 368 and 595) and Article 2043 of the Civil Code.
Responsibility in disciplinary and other competent forums also applies to any abuse of this regulation, such as opportunistic reports or reports made solely to harm the reported individual(s) or others, as well as any other improper or intentional misuse of the whistleblowing system.
1.8 Annual Report
The Reviewer prepares an annual report, respecting whistleblower protection, on the proper functioning of the internal reporting systems. This report includes information on the outcomes of activities carried out following the reports received.
This report is approved by the Board of Directors, in consultation with the Review Body, and made available to the staff by December 17 of each year.