The monitoring of the implementation of the Group’s Ethics, Compliance & Privacy policies is based on an annual compliance procedure and a dashboard of some 15 indicators (including the distribution of ethics documentation, training, implementation of ethics policies, etc.).
At each organizational level, Ethics & Compliance Officers produce an annual report on the work and progress accomplished by their entity in this area. This report is submitted to the relevant supervising entity and accompanied by a compliance letter from the manager certifying his or her commitment to the application of the ethics and compliance program within the organization for which he or she is responsible. The consolidated annual compliance report resulting from this process is submitted to the Group’s Executive Committee and to the ENGIE Board of Directors’ Ethics, Environment and Sustainable Development Committee (EESDC).
The respect of ethics principles policies, including especially those relating to prevention of corruption, influence peddling and fraud risks, risk of violation of the embargo policy, of risk of lack of protection of personal data and risk of infringement on human rights, is integrated into the INCOME internal control program. Internal and external audits are performed to assess policy implementation and, where applicable, define areas of improvement.
The Group is also engaged in external audit processes of its ethics and compliance system. In 2015 the Group anti-corruption system was awarded certification by Mazars, an accounting and auditing firm, and ADIT, a business intelligence firm. In 2018, the Group was awarded ISO 37001 certification in respect of its anti-corruption management systems by ETHIC Intelligence. The certification audit was carried out at ENGIE’s group level as well as in operational entities, this scope representing the whole of the Group’s activities, both geographically and in terms of business.