En impregilo generalpart_260811_def
Upcoming SlideShare
Loading in...5
×
 

En impregilo generalpart_260811_def

on

  • 466 views

 

Statistics

Views

Total Views
466
Views on SlideShare
406
Embed Views
60

Actions

Likes
0
Downloads
8
Comments
0

3 Embeds 60

http://www.impregilo.it 34
http://eng.impregilo.it 23
http://192.168.154.4 3

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    En impregilo generalpart_260811_def En impregilo generalpart_260811_def Document Transcript

    • BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012ORGANISATION, MANAGEMENT AND CONTROL MODEL IMPREGILO S.p.A.pursuant to the Legislative Decree no. 231 dated 8 June 2001Organisation, Management and ControlModel (ex Legislative Decree 231/01) Impregilo SpA
    • BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 CONTENTSDEFINITIONS 4GENERAL PART 5 A. THE REGULATION FRAMEWORK 5 1. Introduction 5 2. The underlying crimes 5 3. Criteria for indicting responsibility to the body 5 4. The organisation, management and control Model 7 5. Crimes committed overseas 7 6. The sanctions 7 7. The body’s responsibilities and amending matters 9 B. THE IMPREGILO MODEL 10 1. Purpose of the Model 10 2. Guidelines 10 3. Principles inspiring the Model 11 4. Structure of Model 11 5. Relationship between Model and Code of Ethics 11 6. Corporate Governance System and Organisational Structure 12 6.1 Corporate Governance System 12 6.2 Organisational Structure 12 7. Criteria for adopting the Model 12 8. Significant crimes for the Company 13 9. Model recipients 13 10. Adoption, amendment and additions to the Model 13 11. The Model in the context of the Group 14 12. Board of Vigilance 15 12.1 Function 15 12.2 Requirements 15 12.2.1. Reputation 15 12.2.2 Professionalism 15 12.2.3 Autonomy and independence 15 12.2.4 Continuity of action 16 12.3 Composition, appointment and permanence of role 16 12.4 Removal 17 12.5 Tasks and powers 17 13. Information flows from and to the Board of Vigilance 19 13.1 Information to Corporate Bodies 19 13.2 Information to the Board of Vigilance 20 13.3 Information between Group’s Boards of Vigilance 21 14. Infra-group relations 21Organisation, Management and ControlModel (ex Legislative Decree 231/01) 2 / 30 Impregilo SpA
    • BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 14.1 Provision of services for the companies in the Group 21 14.2 Provision of services carried out by companies belonging to the Group for the Company 22 15. The sanction system 22 15.1 General principles 22 15.2 Violation of the Model and the Code of Ethics 23 15.3 Sanctions and disciplinary measures 23 15.3.1 Sanctions for employees 23 15.3.2 Sanctions for executive managers 25 15.3.3 Sanctions for Directors 25 15.3.4 Sanctions for statutory auditors 26 15.3.5 Sanctions for collaborators and external subjects working on contract to the Company 26 16. Communication and training 26 16.1 Communication 26 16.2 Training 27 17. General Prevention Protocols 27 17.1 General Prevention Principles 27 17.2 General Prevention Protocols 28 17.3 Protocols on observing debarment sanctions 30Attachment 1 to the General Part – Table Sensitive Activities / Special PartsSPECIAL PART A - CRIMES IN RELATION WITH THE PUBLIC ADMINISTRATIONSPECIAL PART B - CORPORATE CRIMESSPECIAL PART C - MARKET ABUSE CRIMESSPECIAL PART D - TRANSNATIONAL CRIMESSPECIAL PART E - CRIMES CONCERNING HEALTH AND SAFETY IN THE WORKPLACESPECIAL PART F - CRIMES OF RECEIVING STOLEN GOODS, MONEY LAUNDERING AND USE OF MONEY, ASSETS OR BENEFITS OF ILLEGAL ORIGINSPECIAL PART G - ACTS OF TERRORISMSPECIAL PART H - CRIMES AGAINST INDIVIDUALSSPECIAL PART I - COMPUTER CRIMESSPECIAL PART J - ORGANIZED CRIME OFFENCESSPECIAL PART K - CRIMES CONCERNING TRADEMARKS AND AGAINST INDUSTRY AND COMMERCESPECIAL PART L - CRIMES CONCERNING COPYRIGHTSPECIAL PART M - INDUCEMENT TO MAKE NO DECLARATIONS OR TO MAKE MENDACIOUS DECLARATIONS TO THE JUDICIARY AUTHORITYSPECIAL PART N - ENVIRONMENTAL CRIMESATTACHMENT 1 - UNDERLYING CRIMESATTACHMENT 2 - ORGANISATIONAL STRUCTUREATTACHMENT 3 - UPDATING OF THE MODELATTACHMENT 4 - IMPREGILO GROUP’S CODE OF ETHICSATTACHMENT 5 - LEGISLATIVE DECREE 231/2001Organisation, Management and ControlModel (ex Legislative Decree 231/01) 3 / 30 Impregilo SpA
    • BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012DEFINITIONS I. Decree: the Legislative Decree no. 231 dated 8 June 2001 and later amendments and modifications; II. Model: the herein organisation, management and control model; III. Code of Ethics: the Impregilo Group’s Code of Ethics (attachment 4); IV. Top-level subjects: people with representational, administration or management positions in the Company or in one of its organisational units, who have financial and functional autonomy, or are actively involved in the management and control of the Company; V. Subordinates: people subject to management or supervision by one of the top- level subjects; VI. Board of Vigilance (OdV): the board, as set out in art. 6, letter b) of the Decree; VII. TUF: the Legislative Decree no. 58 dated 24 February 1998 (Finance Consolidating Act) and later amendments and modifications; VIII. Underlying crimes: the specific crimes identified by the Decree from which the body’s administrative responsibility may arise and, as far as they are equivalent, specific administrative offences may also arise for which the application of the regulations contained in the decree is foreseen; IX. Company: IMPREGILO S.p.A.; X. Companies belonging to the Group: i) the Italian companies and operating enterprises that are directly or indirectly controlled by the Company; ii) the overseas companies and operating enterprises that are directly or indirectly controlled by the Company, which operate in Italy with a permanent organization; XI. Process managers: the process managers to whom the Specific Sensitive Activities report; XII. Internal managers for specific sensitive activities: the organisational unit managers to whom the Specific Sensitive Activities report; XIII. Operating Unit: affiliates and / or projects that manage one or more contracts and/or direct job orders; XIV. UO: Organisational Unit i.e. a group of company resources in charge of manning a set of activities that are homogeneous by content and skills required for them to be carried out, all led by a Manager or by a Director; XV. Sensitive Activities: Company activities within whose realm the risk may arise of committing one of the crimes explicitly stated in the Decree; XVI. Prevention Protocols: protocols aimed at programming the formation and implementation of the body’s decisions in relation to the crimes to be prevented; XVII. Procedure: organisational regulations that describe the roles, responsibilities, decision rules and operational modes for carrying out a company process or a set of activities.Organisation, Management and ControlModel (ex Legislative Decree 231/01) 4 / 30 Impregilo SpA
    • BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PARTGENERAL PARTA. THE REGULATION FRAMEWORK1. IntroductionIn our system, the Decree no. 231/2001 (the Decree) introduces and governs “bodies’”responsibilities for administrative offences resulting from a crime.The bodies to which the Decree is applied are all the companies, associations with orwithout legal status, public economic bodies and private concessionary bodies of apublic service. On the other hand, the Decree is not applied to the State, public territorialbodies, non-economic public bodies and bodies that carry out constitutional functions(e.g. political parties and trade unions).The bodies respond for the perpetration or attempted perpetration of some crimes bysubjects linked to them by functional relationship. Non-observance of the rules containedin the Decree may give rise to sanctions for the body, which may have a strong effect onthe carrying out of said body’s activities.The body’s responsibility does not substitute, but is instead added to the personalresponsibility of the person who has committed the crime.A national register was set up by the Decree which contains the executive rulings andsentences concerning the application of administrative sanctions to the bodies resultingfrom a crime. Each body with jurisdiction over administrative offences resulting from acrime, all public administrations, the bodies appointed to carry out public services wherea certificate is required to carry out any of their functions and the public prosecutor, formatters of justice, have the right to obtain certification of all the body’s existing entries inthe register.2. The underlying crimesThe body can only be called upon to answer for the carrying out of certain crimes (so-called underlying crimes), identified by the Decree, and by laws that expressly refer to theDecree’s subject (see Attachment 1 – Underlying Crimes).3. Criteria for indicting responsibility to the bodyThe perpetration of one of the underlying crimes is only one of the conditions forapplicability of the regulations set out in this Decree.There are, in fact, further conditions that pertain to the way in which the crime is indictedto the body and that, depending on their nature, may be divided into objective andsubjective indictment criteria.The objective criteria require that:▪ the crime was committed by a subject functionally tied to the body;▪ the crime was committed in the body’s interest or to its advantage.The perpetrators of the crime from which the entity’s responsibility may derive can be: a)Subjects with representation, directorship or management roles in the entity or one of itsorganisational units, who have financial and functional autonomy, and also those whocarry out the management and control of the entity , even if only by deed (so-called top-level subjects); b) persons subjected to the management and control of the top-levelsubjects (so-called subordinates).In particular, the top-level subjects category may include directors, general managers,legal representatives, but also, for example, persons in charge of branches or divisions, orOrganisation, Management and ControlModel (ex Legislative Decree 231/01) 5 / 30 Impregilo SpA
    • BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PARTProject Managers with financial and functional autonomy. Also, subjects delegated by thedirectors to carry out company management activities or management of branches mustalso be considered top-level subjects.The subordinates’ category also includes those persons subject to the management andsupervision of the top-level subjects and who, substantially, carry out the topmanagement’s decisions in the interest of the body or, in any case, work under theirsupervision. All the body’s employees, and all those who act in the body’s name, on itsbehalf or in the body’s interest, such as, for example, external collaborators, freelanceinsourcing and consultants may also be included in this category.For the responsibility to be placed on the body, it is also necessary that the crime wascommitted in the body’s interest or to its advantage.In any case, the body will not be liable for the crime, if it was committed in the exclusiveinterest of the perpetrator or third parties.The subjective attribution criteria pertain to the profile of the body’s culpability. The body’sresponsibility exists if proper standards of correct management and control for theorganisation and carrying out of its activity have not been adopted or have not beenobserved. The body’s culpability, and therefore the possibility of applying a reprimand,depends on verification of an incorrect company policy or structural deficits in thecompany organisation that have not prevented the perpetration of one of the underlyingcrimes.The Decree in fact excludes the body’s responsibility if, before the crime is committed, thebody has set up and efficiently implemented an “ORGANISATION, MANAGEMENT ANDCONTROL MODEL” (the Model) which is suitable for preventing the perpetration of a crimeof the type that has then occurred.The Model operates as exempting if the underlying crimes was committed by a top-levelsubject or if it was committed by a subordinate. For crimes committed by top-levelsubjects, the Decree, however, introduces a kind of assumption of the bodys responsibility,as it only foresees its exclusion of responsibility if the body can prove that:▪ the Board of Directors has adopted and efficiently implemented a model suitable for preventing crimes of the very kind then carried out, before the crime was actually committed;▪ the task of supervising the functioning and respect of the Model, and taking care of updating of the latter has been entrusted to a body with autonomous powers of initiative and control (Board of Vigilance);▪ the persons have committed the crime fraudulently circumventing the Model;▪ there has not been insufficient or lack of supervision by the Board of Vigilance.On the other hand, the body only answers for crimes committed by subordinates if it isproved that “the perpetration of the crime was possible due to the non-observance ofmanagement or supervisory obligations” which usually rely upon the company’s topmanagement.However, in this case too, the adoption and efficient implementation of the Model, beforethe crime was committed, excludes non-observance of management or supervisoryobligations and exempts the body from responsibility.Adopting and efficiently implementing the Model, therefore, while not a legal obligation,is the sole instrument available to the body to prove its own non-involvement in the crimeand, finally, to be exempted from the responsibility established by the Decree.Organisation, Management and ControlModel (ex Legislative Decree 231/01) 6 / 30 Impregilo SpA
    • BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART4. The organisation, management and control ModelThe Model therefore operates to exempt the body from responsibility solely if suitable forpreventing the underlying crimes and only if efficiently implemented.The decree, however, does not analytically state the Model’s characteristics andcontents, but limits itself to dictating some general principles and some essential contentelements.Generally speaking - according to the Decree – depending upon the nature and extentof the organisation as well as the type of activity carried out, the Model must foreseemeasures which will guarantee the carrying out of the activity in full observance of the lawand to discover and promptly eliminate risky situations to commit certain crimes.In particular, the Model must:▪ identify the activities in whose realm the crimes can be committed (so-called sensitive activities);▪ foresee specific protocols aimed at programming the formation and implementation of the body’s decisions in relation to the crimes to be prevented;▪ identify the management of the financial resources suitable for preventing the committing of crimes;▪ foresee information provision obligations for the body appointed to supervise the functioning and respect of the models;▪ introduce a disciplinary system that is suitable for sanctioning the non-observance of the measures stated in the Model.With reference to the efficient implementation of the Model, the Decree also states theneed for regular verification and amendments to the Model if any significant violation ofthe provisions are discovered, or if any changes are made to the body’s organisation oractivity.5. Crimes committed overseasAs provided by art. 4 of the Decree, the body can be called upon in Italy to answer forunderlying crimes committed overseas, on the condition that the objective and subjectiveindictment criteria set by the Decree have been met.The Decree however, affects the possibility of pursuing the body for crimes committedoverseas if the following conditions are met:▪ that the government of the place where the crime is committed is not already proceeding against the body;▪ that the bodys headquarters are located in Italy;▪ that the crime was committed overseas by a top-level subject or by a subordinated one, pursuant to art. 5, paragraph 1, Legislative Decree no. 231/2001;▪ that conditions to proceed as foreseen by arts.s 7, 8, 9, 10 of the Penal Code exist.6. The sanctionsThe sanctions for administrative offences resulting from a crime are: pecuniary sanctions,debarment sanctions, forfeiture and publication of the conviction.These sanctions are considered as administrative, even though they are applied by apenal judge.In the event that the body is convicted, a pecuniary sanction is always applied. Thepecuniary sanction is determined by the judge using a system based on “quotas”. Thenumber of quotas depends on the seriousness of the crime, the body’s degree ofOrganisation, Management and ControlModel (ex Legislative Decree 231/01) 7 / 30 Impregilo SpA
    • BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PARTresponsibility, the activity carried out to eliminate consequences of said crime and toalleviate such consequences or to prevent the perpetration of other crimes. Whendeciding the size of a single quota, the judge takes the body’s economic and financialconditions into consideration, in order to ensure sanction efficacy.Cases for reducing the pecuniary sanction also exist. In particular, the pecuniary sanctioncan be reduced by one third to one half if, before the trial is declared open, the body hasfully compensated the damage and has eliminated the harmful or dangerousconsequences of the crime, or if a suitable Model for preventing the perpetration offurther crime has been adopted and implemented.The debarment sanctions are applied in addition to the pecuniary sanction, but only ifexpressly stated for the crime that is being pursued, and on the condition that at least oneof the following conditions exists:▪ the body has gained a significant profit from the crime and the crime has been committed by a top-level subject, or by a subordinate, but only if the perpetration of the crime was aided by serious organisational lacks;▪ in the event of reiteration of offences.The debarment sanctions provided for by the Decree are:▪ debarment from carrying out activity;▪ suspension or withdrawal of authorisations, licences or concessions functional to committing the offence;▪ ban on negotiating with the public administration, except to obtain provision of a public service;▪ exclusion from subsidies, loans, contributions or grants and withdrawal of any of the ones already granted;▪ a temporary or permanent ban on advertising goods or services.Debarment sanctions are usually temporary, but in the most serious cases they mayexceptionally be applied with permanent effect.Debarment sanctions may also be applied as a precautionary measure, i.e. beforeconviction, if serious evidence exists of the body’s responsibility and there are grounded,specific elements that support belief of a tangible danger that offences of the same kindas the one being tried will be committed.However, debarment sanctions are not applied if the body carries out the followingbefore the first instance trial is declared open:▪ it has compensated the damage and eliminated the harmful or dangerous consequences of the crime (or has at least worked effectively to achieve such goals);▪ it has set the crime profit at the judicial authority’s disposal;▪ it has eliminated any organisational lacks that caused the crime, adopting and implementing organisational models that are suitable for preventing the perpetration of new crimes of the same type as the one already committed.The Decree also foresees another two sanctions: forfeiture, that is always ordered bymeans of the conviction ruling and which consists of the State acquiring the price or profitof the crime, or sums of money, assets or other benefits with the same value as the crime’sprice or profit, and publication of the conviction sentence in one or more newspapersindicated by the judge in the ruling and using posters billed in the town where the bodyhas its headquarters.The Decree also foresees applicability of real precautionary measures against the body.In particular:Organisation, Management and ControlModel (ex Legislative Decree 231/01) 8 / 30 Impregilo SpA
    • BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART pursuant to art. 53 of the Decree, the judge can order the seizure of the items for which forfeiture is permitted as set out in art. 19 of the same Decree; as provided for by art. 54 of the Decree, the judge may order seizure of the body’s movable property and real estate or of sums of money or items owed to the body, if there are grounds to believe that the guarantees for payment of the pecuniary sanction, legal costs, and any other amount due to the Inland Revenue do not exist or may be lost.7. The body’s responsibilities and amending mattersThe Decree governs the body’s responsibility system in the event of amending matters:transformation, merger, spin-off and sale of the company.The Decree approves the rule that, in the event of a “transformation of the body,responsibility for the crimes committed prior to the date on which the transformation takeseffect remains”. The new body will therefore be the recipient of the sanctions that wereapplicable to the original body, for deeds committed prior to transformation.In the event of a merger, the Decree establishes that the body emerging from the merger,also by incorporation, is to be held liable for the crimes for which the bodies involved inthe merger were responsible.In the event of a part spin-off, the Decree instead establishes that the spun-off bodysresponsibility for crimes committed prior to the spin-off remains. However, the bodiesbenefitting from the part or full spin-off will be jointly obliged to pay the pecuniary sanctionsowed by the spun-off body, for crimes committed prior to the spin-off. This obligation islimited to the value of the transferred equity.If the merger or the spin-off takes place before the trial to ascertain the body’sresponsibility ends, the judge will bear in mind the original body’s economic conditionswhen deciding the extent of the pecuniary sanction, and not those of the body emergingfrom the merger.In any case, the debarment sanctions are applied to the bodies which have retained thebranch of activity, even only in part, in which the crime was committed.In the event that the company is sold or transferred in the realm in which the crime wascommitted, the Decree states that, except for the alienor body’s benefit of the right ofprior discussion, the transferee is jointly obliged with the alienor body with regards topayment of the pecuniary sanctions, within the limits of the value of the sold companyand within the limits of the pecuniary sanctions that are found in the statutory accountingbooks or which the transferee already knew about.Organisation, Management and ControlModel (ex Legislative Decree 231/01) 9 / 30 Impregilo SpA
    • BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PARTB. THE IMPREGILO MODEL1. Purpose of the ModelThe herein Organisation, Management and Control Model (the Model), adopted on thebasis of the provisions contained under arts.s 6 and 7 of the Decree, constitutes theCompany’s internal regulations, to all effects.Its main objective is to configure a structured system of protocols and organisational,managerial, and control procedures aimed at preventing the perpetration of the crimesprovided by the Decree, in addition to making the controls and Corporate Governancesystem adopted by the company and inspired by the recommendations contained in the“Code of Self-discipline” for companies listed on the stock market, as briefly described inpoint 6.1 below, more efficient.More generally, the Model is the essential instrument for increasing the awareness of allthe employees and all the stakeholders (suppliers, clients, commercial partners, etc),called upon to adopt correct, transparent conduct, in line with the ethical values to whichthe company aspires in pursuing its own company purpose.The provisions contained in the herein Model therefore aim at the confirmation anddiffusion of a company culture set on legality, as the indispensable prerequisite for long-lasting economic success: no illegal conduct, carried out in the interest or for theadvantage of the company, can be considered as in line with the policy adopted by thecompany.The Model is also aimed at the diffusion of a control culture, which must rule all thedecisional and operational phases of the company activity, in full awareness of the riskscoming from the possible perpetration of crimes.The achievement of the afore-said aims is reached by the adoption of measures that aresuitable for improving efficiency in carrying out the company activities and for ensuringcontinuous observance of the law and rules, identifying and promptly eliminating riskysituations. In particular, the goal of an efficient and balanced organisation for thecompany, suitable at preventing the perpetration of crimes, is mainly pursued byintervening on the formation and implementation processes for the companys decisions,on controls, and on information flows, both inside and outside the company.2. GuidelinesWhen drawing up the herein Model, the Company was inspired by the ConfindustriaGuidelines for the drawing up of organisation, management and control models pursuantto the Legislative Decree no. 231/2001, in the final version approved on 31 March 2008and declared suitable by the Ministry of Justice on achieving the target set by art. 6,paragraph 3, of the Decree. The herein Model has also taken the Code of Conduct forconstruction companies and the Model drawn up by the National Association of BuildingConstructors (ANCE), approved on 31 March 2003 and later amendments, intoconsideration.Any differences to specific points in the Confindustria Guidelines and the ANCE indicationsare the result of a need to adapt the organisational and management measures to theactivities actually carried out by the Company and to the context in which it operates.This can, in fact, require some differences to be made compared to the indicationscontained in the trade associations’ Guidelines which, by their very nature, aregeneralised and do not have any binding value. Within the regular Model review andupdating, the Company also takes into account international “best practices”.Organisation, Management and ControlModel (ex Legislative Decree 231/01) 10 / 30 Impregilo SpA
    • BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART3. Principles inspiring the ModelThis Model was prepared with inspiration from some basic principles:▪ the mapping of activities at risk (so-called “sensitive activities”), i.e. those activities in whose context the crimes provided for by the Decree may be committed, as an essential condition for suitable precautionary organisation;▪ the attribution of powers consistent with the organisational responsibilities assigned to subjects involved in the drawing up and implementation of corporate will;▪ transparency and traceability of each important operation, in the realm of activities at risk of crimes being committed and the consequent possibility of ex post verification of Company conduct;▪ attribution to an independent control board (Board of Vigilance) of specific control tasks over the Model’s effective implementation and observance;▪ diffusion of the conduct rules, procedures, and Company policies in the Company, which are compliant with the principles set out in the Model and involvement of all Company levels in its implementation;▪ the need to verify the correct functioning of the Model in the field, and to carry out regular updates on the Model itself, following indications that come from application experience.4. Structure of ModelThe Model comprises a General Part, that describes and governs the overall functioning ofthe organisational, management and control system adopted, aimed at preventing theperpetration of underlying crimes, and some Special Parts, aimed at integrating thecontent in relation to certain types of crime.Whenever considered necessary for a more efficient coordination of the organisationalrules, the provisions contained in the Model are expressly contained in the relevantcompany procedures. No disposition contained in the company procedures can in anyway justify the non-observance of the rules contained in the herein Model.5. Relationship between Model and Code of EthicsThe Code of Ethics of the Impregilo Group, that was adopted by resolution of the Board ofDirectors and that has been successively updated (please see attachment 3) is a differentinstrument to the herein model in nature, function, and content.The Code of Ethics, however, contains the principles of conduct and basic ethical valuesto which the Company aims in pursuing its own goals, and such principles must beobserved by all those interacting with the Company.From this point of view, the Code of Ethics should be considered as a vital foundation forthe Model, as the provisions contained in the latter assume observance of the contents ofthe former, together creating a systematic corpus of internal regulations aimed at thediffusion of a culture of ethics and corporate transparency.The Code of Ethics, referred to herein as a whole, is attached to the Model (Attachment4) and is a fully integral part.Organisation, Management and ControlModel (ex Legislative Decree 231/01) 11 / 30 Impregilo SpA
    • BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART6. Corporate Governance System and Organisational Structure 6.1 Corporate Governance System The herein Model stands alongside the organisational choices made by the Company regarding corporate governance, whose structure aspires to the principle according to which having a system of corporate governance rules, ensuring higher levels of transparency and reliability contemporarily creates higher standards of efficiency. In this perspective, Impregilo adopted a Corporate Governance system in the year 2000, aspiring to the principles and guidelines contained in the Code of Self-Discipline of the Italian Stock Market which has represented Italian Best Practice on corporate governance ever since it was first published in 1998. In compliance with what is foreseen in art. 124 bis and ter of the TUF and art. 89 bis of the Consob Regulations implementing the provisions on issuers, the Company annually publishes a report on its adhesion to the Italian Stock Market’s Code of Self-Discipline and on the observance of consequent undertakings. This report is made available to the public on the Company’s web site in a specific section. 6.2 Organisational Structure In order to implement the herein Model, the Company’s organisational structure, according to which the essential organisational structures, their respective areas of competence and the main responsibilities attributed to each are identified, plays a vitally important role. For a description of the current organisational structure, please refer to Attachment 2 – Organisational Structure.7. Criteria for adopting the ModelThe Model implementation project was commenced by the Company in September 2001,and was completed in January 2003, with approval of the Model by the Board of Directorsand the setting up of the Board of Vigilance. Further to legislative amendments that tookplace after the first adoption of the Model, with the increase in the number of underlyingcrimes, and changes in the Company organisation and the context within which theCompany works, specific Model review and updating projects were started up, with theaid of external consultants. Within it various updates, therefore, the Model has beenadopted with specific resolutions by the Companys board of directors (see Attachment 3- Updating of Model).In agreement with the Decree’s provisions and taking inspiration from the Confindustriaguidelines approved by the Ministry of Justice and the ANCE indications, adoption of theModel and its various updates have brought about the development of specific analysesto identify Company areas where the risk of committing the crimes in question exists,which have also witnessed the involvement of the main functions of the Company.In particular, these analyses were carried out using the following methods:▪ appointment to external consultancy Company aimed at carrying out a preliminary analysis of Company activities at risk, during the drawing up phase of the Model;▪ analysis of the Company’s organisational structure and consequent interviews with the Company management;▪ sharing of crime risk evaluations that emerged with the Company management.With regards to implementation of the Model, analyses aimed at identifying the existinggaps between current procedures and Model provisions were carried out. For thispurpose, specific Action Plans were drawn up, whose progress is subject to monitoring bythe Board of Vigilance.Organisation, Management and ControlModel (ex Legislative Decree 231/01) 12 / 30 Impregilo SpA
    • BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART8. Significant crimes for the CompanyAdoption of the Model as an instrument that can guide the conduct of subjects operatinginside the Company and that can promote lawful, correct conduct at all Company levelshas a positive effect on preventing any type of crime or offence foreseen by the legalsystem.However, in order to fulfil the Decree’s specific provisions, and in consideration of theanalysis of the Company context and Company activities with potential crime risk, theoffences listed in point 2 of each Special Part, which can be consulted for a more preciseidentification, are considered to be significant and are therefore specifically examined inthe Model.9. Model recipientsThe rules set in the Model and in the Code of Ethics are applied to those who holdpositions of representation, administration or management in the Company, or in one of itsorganisational Units with financial and functional autonomy, as well as also to those whomanage and control the Company, also de facto.The Model and the Code of Ethics are also applied to all the Company’s employees,including those who work overseas and all top management or employees of theCompany’s overseas branches.The Model and the Code of Ethics are also applied, within the limits of existing contracts,to those who operate according to mandate or on behalf of the Company, even thoughthey do not actually belong to the same, and those who are in some way linked to theCompany by business relationships that are relevant for the prevention of crime. For thispurpose, the Legal and Corporate Affairs Director, having consulted the Human Resourcesand Organisation Director and the Area Manager of the area to which the contracts orrelations belong, will preliminarily determine the types of legal contract with externalsubjects, to whom the provisions contained in the Model and the Code of Ethics apply,due to the nature of the activity carried out. The Legal and Corporate Affairs Director,having consulted the Human Resources and Organisation Director and the Area Managerof the area to which the contracts or relations belong also determines the methods forcommunicating the Model and Code of Ethics to the external subjects involved, togetherwith the necessary procedures for the respect of the provisions set therein, in order toensure that all the subjects involved know the contents, according to the modes set out inparagraph 16 below.The recipients of the Model and the Code of Ethics must observe all the provisions andprotocols contained therein and all the procedures implemented for the latter, with theutmost correctness and diligence.10. Adoption, amendment and additions to the ModelThe Board of Directors has the exclusive responsibility for adopting, amending andchanging the Model. The Board of Vigilance, in the realm of the powers granted to it incompliance with art. 6, paragraph 1, letter b) and with art. 7, paragraph 4, letter a) of theDecree, has the power to submit proposals to the Board of Directors concerning theupdating and adaptation of the herein Model and must also promptly inform the Board ofDirectors in writing, also by including the information in the six-monthly report as set out inpoint 13.1, of deeds, circumstances, or organisational gaps found in the vigilance activitythat show the necessity or advisability for the Model to be amended or changed.Organisation, Management and ControlModel (ex Legislative Decree 231/01) 13 / 30 Impregilo SpA
    • BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PARTIn any case, the Model must be promptly amended or changed by the Board of Directors,also further to proposal, and after consultation with the Board of Vigilance, when thefollowing circumstances occur:▪ violations or circumventing of Model’s instructions that have proved the inefficacy or inconsistency of the Model for the purpose of preventing crimes;▪ significant changes to the Company’s internal structure and/or the modes used for carrying out the Companys activities;▪ amendments to legislation.Amendments, updates or additions to the Model must always be notified to the Board ofVigilance.The operational procedures adopted as implementation of the herein Model areamended by the competent Company functions, if they prove to be ineffective for thecorrect implementation of the Model’s dispositions. The competent Company functionswill also address amendments or additions to operational procedures required toimplement any reviews to the herein Model.The Board of Vigilance is promptly informed about the updating and implementation ofnew operational procedures.11. The Model in the context of the Group“Companies belonging to the Group” is intended to mean all the Italian companies andoperational enterprises that are controlled directly or indirectly by the Company, and theoverseas companies and operational enterprises controlled directly or indirectly by theCompany that operate in Italy with a permanent organisation.The Company will communicate the herein Model and any later update to thecompanies belonging to the Group using the methods that it considers to be mostappropriate.The companies belonging to the Group will autonomously adopt their own "organisation,management and control Model”, by resolution of their own Boards of Directors,Administrators or Receivers, and under their own responsibility.Each company belonging to the Group must identify its own activities that are at risk ofcrime, and the suitable measures for preventing perpetration of the latter, in considerationof the nature and type of activity carried out and the size and structure of its ownorganisation.When preparing their own Models, the companies belonging to the Group will aspire to theprinciples contained in the herein Model and will acknowledge its contents, except wherean analysis of their own activities at risk shows the need or appropriateness for adoptingdifferent or additional specific prevention measures compared to what it is stated in theherein Model, and in this case they must inform the Company’s Board of Vigilance.Until its own Model is adopted, the companies belonging to the Group will guaranteeprevention of criminal deeds through suitable internal organisational and control measures.Each company belonging to the Group will be responsible for implementing its own Modeland appointing its own Board of Vigilance. In the smaller companies, the function of Boardof Vigilance may be carried out directly by the Board of Directors, pursuant to art. 6,paragraph 4 of the Decree.Organisation, Management and ControlModel (ex Legislative Decree 231/01) 14 / 30 Impregilo SpA
    • BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART12. Board of Vigilance 12.1 Function In compliance with the provisions stated under art. 6, paragraph 1, letter b) of the Decree, a specific corporate body is set up (Board of Vigilance, OdV), with the task of continuously supervising the effective functioning and respect of the Model, and taking care of the update of the same Model, proposing amendments and/or changes to the board of directors in all cases where - pursuant to point 10 (section B) – this becomes necessary. 12.2 Requirements The members of the OdV must possess the requirements of good reputation, professionalism, autonomy and independence as indicated in the herein Model. The OdV must perform the functions allocated to it, ensuring the required continuity of action. 12.2.1. Reputation The members of the OdV will be identified among those subjects with the subjective requirements of good reputation as provided under the Ministerial Decree no. 162 dated 30 March 2000, for the members of a listed companys Board of Statutory Auditors, adopted pursuant to art. 148, paragraph 4 of the TUF. The following are, in any case, reasons for non-eligibility or removal from the OdV: ▪ a conviction (or plea bargaining), even if not yet final, for one of the underlying crimes provided under the Decree or, a conviction (or plea bargaining), even if not yet final, with a sanction that brings about debarment (also temporary) from management roles of legal entities or enterprises; ▪ the issue of a sanction by CONSOB, for having committed one of the administrative offences in the realm of market abuse, as set out in the TUF. Any reform of any non-executive conviction (or plea bargaining) will bring about the overturning of the cause of non-eligibility for election but will not affect any withdrawal from the appointment. 12.2.2 Professionalism The OdV must be composed by subjects with specific skills in inspection activities, in analysing control systems and in legal contexts (especially criminal code), so that the presence of suitable professionalism is guaranteed for the carrying out of the relevant functions. Where necessary, the OdV may also use the aid and support of external experts, for acquiring any specialised knowledge. 12.2.3 Autonomy and independence When carrying out its functions, the OdV acts with autonomy and independence from corporate bodies and other internal control bodies. The OdV is granted with independent financial resources, based on an annual budget, approved by the Board of Directors, and further to proposal by the OdV itself. In any case, the OdV can also ask for additional funds to be allocated, if available funds are not sufficient for the efficient performance of its duties, and may extend its spending autonomy on its own initiative in the event of exceptional or urgent situations, which will then be reported to the Board of Directors. The activities carried out by the OdV cannot be questioned by any other company body or structure.Organisation, Management and ControlModel (ex Legislative Decree 231/01) 15 / 30 Impregilo SpA
    • BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART The OdV must be exclusively or by majority composed of subjects without any other relationship with the Company or with other companies in the Group (except for the role of member of the Board of Vigilance or member of the Board of Statutory Auditors in one or more companies within the Group). Any internal members must not in any case carry out any operational role within the Company or other companies belonging to the Group, and must not hierarchically report to any operational areas manager. When carrying out their duties, the members of the OdV must never find themselves in situations (even potential ones) of conflicts of interest due to any personal, family or professional reasons. Should this situation occur, they must immediately inform the other members of the board and must keep themselves from taking part in any relative decisions. This hypothesis is mentioned in the report in point 13.1 below. 12.2.4 Continuity of action The OdV must be able to ensure the necessary continuity in carrying out its duties, also by scheduling activities and controls, writing minutes of meetings and governing information flows from any company structures. 12.3 Composition, appointment and permanence of role The OdV is a board composed by at least three members, among those: a) two or more members are not employed by the Company; b) one member who is the person in charge of the Company’s Internal Auditing. The OdV is appointed by the Company’s Board of Directors, with a motivated provision that acknowledges the existence of the requisites of reputation, professionalism, autonomy and independence. For this purpose, the external candidates must send their Curriculum Vitae, accompanied by a declaration that states that they possess the above-mentioned requirements. The Board of Directors examines the information provided by the persons interested in the role, or available to the Company, in order to assess whether they actually possess said requirements. On accepting the appointment, the members of the OdV, having read the Model and having formally adhered to the Code of Ethics, undertake to perform their duties ensuring the required continuity of action and to immediately inform the Board of Directors of any occurrence that may affect the upkeep of the above-stated requirement. After appointing the OdV, the Board of Directors will check that the subjective requirements for all OdV members still apply, at least once a year. If any member of the OdV no longer possesses the subjective requirements as required he will immediately be removed from his appointment. In the event of withdrawal, death, resignation or cancellation, the Board of Directors will promptly replace the missing member. In order to ensure full autonomy and independence, the OdV will remain in their appointment for a period of three years, and until the new Board of Vigilance is appointed, regardless of the expiry date or any advance dissolving of the Board of Directors that appointed it.Organisation, Management and ControlModel (ex Legislative Decree 231/01) 16 / 30 Impregilo SpA
    • BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART The Board of Directors appoints the Chairman of the OdV, from those among the members of the OdV who are not Company employees. In its regulations, the OdV can delegate specific functions to the Chairman. 12.4 Removal The removal of the members of the OdV may only take place due to just cause, by resolution of the Board of Directors, having consulted the Board of Statutory Auditors, where "just cause" means serious negligence in carrying out the duties connected with the role, such as: ▪ if information-providing reports of activity carried out are not drawn up for the Board of Directors and Board of Statutory Auditors (see paragraph 13.1 of this section); ▪ if the OdV’s control plan is not drawn up (see paragraph 12.5 of this section); ▪ non-verification of reports that it receives, pursuant to paragraph 13.2 below, concerning the perpetration or presumed perpetration of crimes as set out in the Decree, and violation or alleged violation of the Code of Ethics, the Model or the procedures set out as implementation of the Model;  if OdV meetings are not summoned and held in a six-month period;  if no controls are carried out on the suitability of training programmes, of implementation methods and results (see paragraph 16 of the herein section);  if no reports are made to the Board of Directors and the Board of Statutory Auditors about any changes in the regulation framework and/or significant changes in the internal structure of the Company and/or Modes used to carry out the Company activities that require an updating of the Model;  if the Board of Directors is not informed about disciplinary measures and sanctions that may be applied by the Company, for violation of provisions contained in this Model, of prevention protocols and any relative implementation procedures, and the violation of provisions contained in the Code of Ethics;  if no routine/ad hoc control on specific sensitive activities are carried out, as set out in the OdV’s Verifications Plan. 12.5 Tasks and powers The OdV has autonomous powers of control and initiative within the Company, so that they can carry out the duties contained in the Model in an efficient manner. For this purpose, the OdV has its own rules, contained in the Board of Vigilance Regulations, which is notified to the Board of Directors. The OdV has no management or decision-making powers concerning the carrying out of the Company activities, organisational or modification powers of the Company structures and no sanction-ordering powers. The OdV has the task of supervising over the functioning and observation of the Model and is responsible for any updates to the latter. For this purpose, the Board of Vigilance has been assigned the following tasks and powers: a) to verify the efficiency, effectiveness and adequacy of the Model for preventing the perpetration of the crimes set out in the Decree, proposing any updates to the Board of Directors, as foreseen in point 10 above (section B); b) based on information flow analysis and any reports it receives pursuant to points 13.2 and 13.3 below (section B), to verify the observance of the Code of Ethics, rules of conduct, prevention protocols and procedures foreseen in the Model, highlighting any differences found in conduct;Organisation, Management and ControlModel (ex Legislative Decree 231/01) 17 / 30 Impregilo SpA
    • BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART c) to periodically carry out inspections, following the modes and dates indicated in the OdV regulations and specified in the OdV’s Verification Plans, of which the Board of Directors is informed; d) to promptly propose the adoption of sanctions as set out in point 15 below (section B) to the body or the function holding necessary disciplinary power; e) to monitor the definition of staff training programmes using the group’s Model and Code of Ethics of the Impregilo Group, as set out in point 16.2 below (section B); f) to supply the information to the corporate bodies in compliance with what is defined in point 13.1 below (section B); g) to freely access any organisational unit without needing to provide notice, to request and acquire information, documents, and data considered necessary for carrying out its tasks as set out in the Model; h) to access all the information concerning the activities at risk of crime, as listed in the Special Parts of the Model; i) to request and obtain information or production of documents concerning activities at risk of crime, wherever necessary, from directors, the Board of Statutory Auditors and the external auditing company; j) to request and obtain information or the production of documents concerning activities at risk from collaborators, consultants, agents and external representatives and generally from all subjects who must observe the Model, on the condition that this power is explicitly stated in contracts or mandates that link the external party to the Company; k) to receive information provided in compliance with the contents of points 13.2 and 13.3 (section B), for performing its own supervisory duties on the working and implementation of the Model; l) to request and obtain information from the Boards of Vigilance of the other companies in the Group; m) to use the help and support of Internal Auditing function, and of any external consultants for particularly complex problems, or that require specific skills. The OdV carries out its own functions in coordination, when necessary, with the departments concerned for the aspects regarding the interpretation and monitoring of the reference regulation framework of the Model, and for specific matters provided by the sector legislation . The OdV also works in coordination with the Company functions involved in the activities at risk for all aspects regarding the development of procedures for the implementing of the Model. With reference to Italian operating units and overseas branches of the Company, the Board of Vigilance is in charge of: - verifying that the Model is effectively implemented and respected, in conformity with the annual audit plan approved by the ODV itself; - supervising that the Code of Ethics is handed over to local, overseas and/or on secondment employees; - coordinating with the Human Resources and Organisation Function regarding training of employees on secondment in overseas operating units. The members of the OdV, and the subjects that the Board uses, for any reason, must observe the obligation of confidentiality on all the information they learn about while carrying out their duties. The OdV carries out its functions in full observance of the laws in force, and theOrganisation, Management and ControlModel (ex Legislative Decree 231/01) 18 / 30 Impregilo SpA
    • BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART employees’ individual rights.13. Information flows from and to the Board of Vigilance 13.1 Information to Corporate Bodies The OdV reports to the Board of Directors, also via the Internal Control Committee, except when otherwise stated in the herein Model. Whenever considered as necessary and using the methods stated in the OdV regulations, the OdV will inform the Chairman of the Board of Directors and the Managing Director about significant circumstances and facts of their own function or about any urgent critical factors in the Model which have emerged while carrying out supervisory activities. The OdV will draw up a written report to the Board of Directors and Board of Statutory Auditors once every six months, which must contain the following information, in addition to any other information considered appropriate at that time: a) a summary of the activities carried out in the six-month period by the OdV; b) a description of any problems that have arisen regarding operational procedures for implementing the Models provisions; c) a description of any new activities at risk from individual crime; d) a statement of reports received from internal and external subjects, including anything discovered directly, about the presumed violation of provisions contained in the Model, in prevention protocols and in relative implementation procedures, and also violation of the provisions found in the Code of Ethics, and the result of any consequent controls which were carried out. In the event of violations of the Code of Ethics or the Model by a member of the Board of Directors or the Board of Statutory Auditors, the OdV will then make the necessary notifications as set out in point 15.1 below (section B); e) information about the perpetration of any significant crimes for the purpose of the decree; f) if the Board of Directors is not informed about disciplinary measures and sanctions that may be applied by the Company, for violation of provisions contained in this Model, of prevention protocols and any relative implementation procedures, and the violation of provisions contained in the Code of Ethics; g) an overall evaluation of the functioning and efficacy of the Model with any proposals for additions, corrections or amendments; h) reporting about any changes in the regulation framework and/or significant changes in the internal structure of the Company and/or modes used to carry out the Company activities that require an updating of the Model; i) reporting of any conflicts of interest that exist or are potential, as set out in point 12.2.3 (section B) above; j) a statement of costs incurred. The Board of Directors and the Board of Statutory Auditors have the right to summon the OdV at any time, in order to receive information about its duties’ activities.Organisation, Management and ControlModel (ex Legislative Decree 231/01) 19 / 30 Impregilo SpA
    • BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART 13.2 Information to the Board of Vigilance All recipients of the Model must inform the Board of Vigilance of any information which may be useful for the carrying out of the verifications on the correct implementation of the Model. In particular: ▪ If Internal Managers for Sensitive Activities should find realms for improvement in the definition and/or application of prevention protocols as set out in the herein Model, they should promptly draw up and send a descriptive memorandum of the motivations underlying the highlighted areas of improvement. ▪ The Process Managers and/or Company bodies/organisational Units, in compliance with their respective organisational empowerments, must inform, on a biannual basis, the Board of Vigilance in writing of any information as follows: - the issue and/or update of organisational documents; - the evolution of responsibilities for the functions with activities at risk; - the Company proxy and power of attorney system and any update thereto; - the main elements of extraordinary operations started up and completed; - stipulation or renewal of service and infra-group service agreements; - the reports issued by the Functions/Control Bodies (including the Auditing Company) on their verification work, from which facts, deeds, events or omissions may emerge that are critical for observance of the Decree’s provisions or the provisions contained in the Model and the Code of Ethics; - disciplinary proceedings started up due to violation of the Model, dismissal orders for such proceedings and relative motivations, application of sanctions for violation of the Code of Ethics, the Model or procedures set up for implements of the latter; - possible misalignment observed during the protocols’ implementation foreseen in the Special Parts of the Model and/or Company procedures. ▪ All the employees and members of the Company’s corporate bodies must promptly report the perpetration or alleged perpetration of the crimes stated in the Decree, of which they become aware of, and also any violation or presumed violation of the Code of Ethics, the Model or procedures set up to implement the latter, of which they become aware of. ▪ Collaborators and all external subjects, identified as per the contents of point 9 above (section B), must directly inform the Board of Vigilance about any violations as stated above, regarding the activity carried out for the Company, on the condition that said obligation is specified in the contracts that tie said subjects to the Company. ▪ All the employees and members of the Companys corporate bodies can clearly ask the Board of Vigilance about the correct interpretation/application of the herein Model, prevention protocols, relative implementation procedures and the Code of Ethics of the Impregilo Group. In order to ensure the regular observance of the provisions as set out in this section, 13.2, the electronic mail address odv@impregilo.it has been set up, dedicated to communications to the Board of Vigilance by employees, members of the Company’s corporate bodies and external collaborators. If access to the computer system is not possible or not available, notifications can be made orally or by internal correspondence, to the Internal Auditing Manager, in his role as member of the Board of Vigilance. In the event that the notifications are made orally, the Internal Auditing Manager, in his role as member of the OdV, will write a report about the meeting. InOrganisation, Management and ControlModel (ex Legislative Decree 231/01) 20 / 30 Impregilo SpA
    • BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART any case, the Internal Auditing Manager, will promptly inform the other members of the OdV. Notifications are kept by the OdV according to the modes indicated in the Board of Vigilance Regulations. The Company adopts suitable measures so that confidentiality about the identity of the person sending information to the OdV is guaranteed. Any form of reprisal, discrimination or penalisation against those subjects who make notifications to the Board of Vigilance in good faith are forbidden. The Company reserves the right to take any action against anyone who makes untruthful notifications mala fide. Violation of the obligation of providing information to the OdV as set out in the herein point, which constitutes a violation of the Model, will be sanctioned in compliance with the provisions as set out in the point 15 below (section B), which represents the sanction system. 13.3 Information between Group’s Boards of Vigilance Each company in the Group will appoint its own autonomous and independent Board of Vigilance. The Company Board of Vigilance may request information from the Boards of Vigilance of the other companies in the Group, if such information is necessary for the carrying out of its own control activities. The Boards of Vigilance (OdV) of the companies in the Group will draw up a report for the Company OdV every six months, pointing out any relevant facts that have emerged during their own activities, disciplinary sanctions applied and any significant amendments made to their own Model. The OdV of the companies in the Group will promptly inform the Company OdV in the event of a violation of their Model, their Code of Ethics and their preventive protocols. The Company OdV refers the information as set out in this point to the Company Board of Directors, in the report as set out in point 13.1 (section B).14. Infra-group relations 14.1 Provision of services for the companies in the Group The provision of services by the Company for companies belonging to the Group, that might involve sensitive activities as set out in the Special Parts below, must be regulated by a written agreement; a summary report on the status of the agreements is periodically sent to the Company’s Board of Vigilance. In particular, the service agreements, as in the point above, must provide for: ▪ the obligation for the company receiving the service to certify the lawfulness and completeness of the documentation or information communicated to the Company, for the purpose of carrying out the services requested; ▪ the power for the Board of Vigilance of the company receiving the service to request information from the Company Board of Vigilance, i.e. – after informing the latter - to the Company functions, for the correct carrying out of supervision. When providing services as set out in this section, the Company must observe the code of ethics and the contents of its own Model and procedures established for the latter’s implementation. If the services provided are considered as sensitive activities not considered in its own Model, the Company will produce suitable rules and procedures for preventing the perpetration of crimes, after consulting the OdV.Organisation, Management and ControlModel (ex Legislative Decree 231/01) 21 / 30 Impregilo SpA
    • BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART 14.2 Provision of services carried out by companies belonging to the Group for the Company The provision of services, carried out by companies belonging to the Group for the Company, that may involve sensitive activities as set out in the Special Parts below, must be regulated by a written contract; a summary report on the status of the agreements is periodically sent to the Company’s Board of Vigilance. In particular, the service agreements, as in the point above, must foresee: ▪ the obligation for the Company to certify the lawfulness and completeness of the documentation or information provided for the purpose of carrying out the services requested; ▪ the power for the Company Board of Vigilance to request information from the Board of Vigilance of the company providing the services, i.e. – after informing the latter - to the functions of the company providing the services, for the correct carrying out of its supervisory tasks. The agreements must establish that the company belonging to the Group which provides the services will have a model and procedures that are suitable for preventing the perpetration of crimes and administrative offences.15. The sanction system 15.1 General principles The sanction system described below is an autonomous system of measures, aimed at safeguarding the observance and effective implementation of the Model and the Code of Ethics, fixing the awareness in the minds of Company staff and any type of Company collaborators of the Companys desire to pursue any violation of the rules established for the correct carrying out of the Company business. The application of sanctions set by the Model does not substitute or suppose the infliction of further, sanctions of another kind (criminal, administrative, tax), which may derive from the same deed. However, if the violation committed also configures a hypothesis of a crime that may be notified by the judicial authorities, and the Company cannot reach a clear reconstruction of the facts using the verification instruments at its disposal a, it may await the result of judicial investigations to adopt any disciplinary measures. Observance of the dispositions contained in the Code of Ethics and the Model applies to any type and nature of labour contracts, including those for executive managers, project-based contracts, part-time contracts etc, and also any type of insourcing contracts. The disciplinary procedure may be started up on the OdVs initiative, which also carries out an advisory role during its entire procedure. In particular, the OdV, having become aware of a violation or alleged violation of the Code of Ethics or the Model, will immediately undertake the necessary controls, ensuring confidentiality of the subject against whom proceedings are being taken. If it is ascertained that the violation was committed by a Company employee (meaning any subject linked to the Company by an employment contract), the OdV will immediately inform the holder of the disciplinary power and the Central Corporate Director. If the violation concerns an executive manager of the Company, the OdV must inform the Board of Directors, as a representative of the Chairman and the Managing Director in writing, in addition to the Central Corporate Director and the holder of disciplinary power.Organisation, Management and ControlModel (ex Legislative Decree 231/01) 22 / 30 Impregilo SpA
    • BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART If the violation is committed by a Company Director, the Board of Vigilance must immediately inform the Chairman of the Board of Statutory Auditors, and the Board of Directors, in the person of the Chairman and the Managing Director, if not directly involved, in writing. If the violation is committed by a Member of the Board of Statutory Auditors, the OdV must immediately inform the Board of Directors, in the person of the Chairman and the Managing Director, and the Board of Statutory Auditors, in the person of the Chairman, if not directly involved, in a written report. If a violation is committed by collaborators or external subjects who operate by mandate of the Company, the Board of Vigilance will inform the President and the Managing Director by written report, and also the Central Corporate Director, the Human Resources and Organisation Director, the Legal and Corporate Affairs Director and the Area Manager in whose area the contract or mandate are carried out. The bodies and functions departments holding disciplinary power, will start up the procedures they are responsible for notification of and any application of sanctions. The sanctions for violating the dispositions contained in the Code of Ethics and the herein Model are adopted by the bodies who are responsible due to the powers and attributions awarded them by the articles of association or by the Company’s internal regulations. 15.2 Violation of the Model and the Code of Ethics All the violations, also committed through omissive conduct and together with others, of the orders contained in the herein Model, Prevention Protocols and relative implementation procedures, and all violations of the provisions in the Code of Ethics, constitute offences. Below is a list of examples of conduct that would constitute offences: a) the unlawful or incomplete drawing up of documentation provided for by the herein Model, prevention protocols and the relative implementation procedures; b) facilitating the unlawful or incomplete drawing up by others of documentation provided for by the herein Model, prevention protocols and the relative implementation procedures; c) the non-drawing up of the documentation provided for by the herein Model, in the prevention protocols and the implementation procedures; d) the violation or circumvention of the control system provided for by the Model, carried out in any way, such as, for example, by theft, destruction or tampering with documentation pertaining to the procedure, obstructing controls, preventing subjects carrying out controls on procedures and decisions from gaining access to information and documentation; e) non-notification of the prescribed information to the Board of Vigilance; f) the violation or circumvention of supervision obligations by top-level management towards the work of his subordinates; g) Violation of obligations regarding attending training programmes, as set out in point 16.2 below (section B) Training. 15.3 Sanctions and disciplinary measures 15.3.1 Sanctions for employees The Code of Ethics and the Model constitute a set of regulations which Company employees must abide by, pursuant to what is provided under arts. 2104 and 2106 ofOrganisation, Management and ControlModel (ex Legislative Decree 231/01) 23 / 30 Impregilo SpA
    • BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART the Civil Code, and the National Collective Employment Contracts (CCNL), on the matter of conduct rules and disciplinary sanctions. Therefore, all conduct of employees, which violates the provisions contained in the Code of Ethics, the Model and its implementation procedures, constitutes a breach of primary employment contract obligations and are consequently offences, with the possibility of being the cause of a disciplinary procedure and the consequent application of the relative sanctions. For employees with the role of manual worker, office worker and middle management, in the case in point, in observance of the procedures provided under art. 7 of the law no. 300 dated 20 May 1970 (Workers Statute), the provisions foreseen in arts.s 99 and 100 of the CCNL for building company and similar employees are applicable. With regards to what is forseen in the herein paragraph, labour contracts with overseas employees including the on secondment staff are governed, in the EU member states, by the regulations contained in the Convention on the law applicable to contractual obligations, signed in Rome on June 19 1980, while the contracts closed after December 17 2009, are governed by the law applicable to contractual obligations included in the CE regulation no. 593/2008, for employees outside that area, labour contracts are regulated by local provisions in force. In full observance of the principles of gradualness and proportion, the type and extent of the sanctions that can be inflicted are determined on the basis of the following criteria: ▪ seriousness of violations committed; ▪ duties and role of the persons involved in the deeds; ▪ voluntariness of the conduct or degree of negligence, carelessness or incompetence; ▪ the employee’s overall conduct, with particular concern for the existence or non- existence of previous disciplinary action, within the limits allowed by law and by the CCNL; ▪ other particular circumstances that accompany the disciplinary violation. Based on the principles and criteria indicated above: a) the provisions as follows: verbal reprimand, written reprimand, fine and suspension from work and from remuneration will be applied if the employee violates the procedures foreseen in the Model or if, while carrying out his activities in the areas at risk from the perpetration of crimes, his conduct is not compliant with the prescriptions of the Model itself or the Code of Ethics, using the hypothesis as set out in letter g), paragraph 2, of art. 99 CCNL and/or violation of art. 2104 of the Civil Code. In particular, the measure usually applied is that of a fine that does not exceed the equivalent of three hours’ salary. In the event of serious or repeated violations as above, but which do not justify firing the employee, the employee may be suspended from work and from receiving remuneration for up to three days, while in less serious cases, there may be a verbal or written reprimand. b) the measure dismissal with notice (for justified reason) will find application if the employees adopts a non-compliant conduct, during his work in the areas at risk from perpetration of crimes, with the prescriptions contained in the herein Model or the Code of Ethics, such as to constitute a considerable breach of contractual obligations or conduct that is seriously detrimental to production activity, work organisation and the regular running of work activity (art. 100, no. 2 CCNL), such as, for example:Organisation, Management and ControlModel (ex Legislative Decree 231/01) 24 / 30 Impregilo SpA
    • BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART - any conduct directed solely at the aim of committing a crime foreseen in the Decree; - any conduct aimed at concealing the perpetration of a crime foreseen in the Decree; - any conduct that deliberately infringes the specific measures foreseen in the Model and the relative implementation procedures to protect workers’ health and safety. c) the measure dismissal without notice (for just cause) will be applied further to substantial conduct in the serious and/or repeated violation of conduct rules and procedures contained in the Model or in the code of ethics, as conduct that does not permit the employment relationship to be continued, even temporarily (art. 100, no. 3, CCNL). 15.3.2 Sanctions for executive managers The role of executive manager is characterised by its outstanding nature of trust. In addition to having repercussions inside the Company, the Executive manager’s behaviour, as a model and example for all those who work in the Company also has effects on the Company’s external image. Therefore, observance of the provisions contained in the Code of Ethics, the Model and the relative implementation procedures by the Company’s executive managers is a vital elements of an executive manager’s work contract. The department holding disciplinary powers will start up relative procedures against executive managers who have committed a violation of the Code of Ethics, the Model or the implementation procedures of the latter, to carry out relative notifications and apply the most suitable sanctions, in compliance with the contents of the Executive Managers’ CCNL and, wherever necessary, observing the procedures set out in art. 7, law no. 300, 30 May 1970. The sanctions must be applied in full observance of the principles of gradualness and proportion compared to the seriousness of the deed and guilt or possible malice. Among other things, on notification the executive manager may also undergo precautionary annulment of any powers of attorney entrusted to him, and provisions go as far as the dissolution of his employment contract due to violations that are serious as to make the relationship of trust with the Company ineffective. 15.3.3 Sanctions for Directors Impregilo strictly evaluates all violations of the herein Model carried out by those who fill top-level management roles in the Company, and who for this reason, are more capable of driving Company ethics and the work of those who work in the Company towards values of correctness, lawfulness and transparency. The Board of Directors may apply any suitable measures allowed by law to directors who have committed a violation of the Code of Ethics, the Model or the implementation procedures for the latter, including the following sanctions: a) formal written reprimand; b) pecuniary sanction equal to an amount of two to five times the subject’s average monthly emoluments; c) full or part annulment of any powers of attorney.Organisation, Management and ControlModel (ex Legislative Decree 231/01) 25 / 30 Impregilo SpA
    • BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART For the most serious cases, and however when the violation is of such an extent to damage the Companys trust in the perpetrator, the Board of Directors will summon the assembly, and propose removal of the individuals appointment. 15.3.4 Sanctions for statutory auditors If the violation is committed by one or more members of the Board of Statutory Auditors, the Board of Vigilance must immediately inform the Board of Directors, in the person of the Chairman and the Managing Director, and the Board of Statutory Auditors, in the person of the Chairman, if not directly involved, in a written report. The recipients of the Board’s of Vigilance information may take suitable measures, according to the contents of the articles of association, including, for example, summoning the Shareholders’ Meeting, in order to adopt the most suitable measures foreseen by law. If the violations are such as to justify removal of appointment, the Board of Directors proposes to the shareholders that the relevant measures are taken and then addresses the further duties foreseen by law. 15.3.5 Sanctions for collaborators and external subjects working on contract to the Company With regards to collaborators or external subjects who work on a contract basis with the Company, as set out in point 9 above (section B), the Legal and Corporate Affairs Director, having consulted the Human Resources and Organisation Director, and the Area manager in whose area the contract or work is carried out, will preliminarily determine the sanctions and the application modes for violations of the Code of Ethics, the Model and relative implementation procedures. For more serious violations, or for violations which damage the Company’s trust in the person responsible for the violations, these measures may foresee termination of the contract. If a violation is committed by said subjects, the Board of Vigilance will inform the President and the Managing Directors by written report, and also the Central Corporate Director, the Human Resources and Organisation Director, the Legal and Corporate Affairs Director and the Area Manager in whose area the contract or work is carried out. Managers in this category will be subjected to measures that are determined pursuant to this point.16. Communication and training 16.1 Communication For all employees and all subjects with management, administration, and control roles, the Company guarantees a correct knowledge and disclosure of the Model and the Code of Ethics. The Model and Code of Ethics are notified to all Company staff by the Human Resources and Organisation Function, and to all members of corporate bodies by the Legal and Corporate Affairs Function, using the most suitable means, including internal notices or access to the intranet system. Suitable ways for certifying reception of the Model and the Code of Ethics by the Company staff are decided by the Human Resources and Organisation Function, after consulting the Board of Vigilance.Organisation, Management and ControlModel (ex Legislative Decree 231/01) 26 / 30 Impregilo SpA
    • BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART Specific forms of notifying the Model and Code of Ethics to external subjects who must receive both the latter, as foreseen in paragraph 9 above (section 9) are planned. The contracts regulating relations with these subjects must provide for clear responsibility for observing the Company’s working policies, in particular its Code of Ethics and the acceptance of the Model general principles. The Code of Ethics is published in its full version on both the Company intranet and on the Company’s web site. The Model is published in its full version on the Company intranet and in a shortened form on the web site. 16.2 Training The Company undertakes to implement training programmes with the aim of guaranteeing that employees and members of the corporate bodies actually know the Code of Ethics and the Model. The training programmes concern the Decree and the relative legislative framework, the Code of Ethics and the herein Model. The level of training is regulated with a different level of deepness depending upon the recipients’ position in the Company and the different level of involvement in sensitive activities. Specific training is provided for members of the Board of Vigilance and the subjects that the Board refers to when carrying out its own functions. Training initiatives may also be carried out remotely using computer systems (e.g. Video-conference, e-learning). Staff training for Model implementation purposes is managed by the Human Resources and Organisation Function. The Board of Vigilance verifies the appropriateness of training programmes, implementation modes and results. Participation in training programmes as set out herein is mandatory. Violation of such obligations, constituting violation of the Model, is subject to the provisions as set out in point 15 above (section B) the sanction system.17. General Prevention Protocols 17.1 General Prevention Principles The protocol system for the prevention of crimes - finalised by the Company on the basis of indications provided by the Confindustria Guidelines, jurisprudence, and international best practices – was carried out by applying the following General Prevention Principles to each sensitive activity, that guide the General Prevention Protocols as set out in point 17.2 below (section B) and the Specific Prevention Protocols as set out in point 4 of each Special Part: ▪ Policies and Procedures: The existence of Company regulations suited to providing principles of conduct, decision rules, and operational modes for the carrying out of sensitive activities and filing modes for relevant documentation; ▪ Traceability: each operation regarding the sensitive activity must be, wherever possible, suitably documented; ii) the decision process, authorisation and carrying out of sensitive activities must be verifiable ex post, also using document support and the cases and modes for any possibility of deleting or destroying recordings made must in any case be regulated; ▪ Segregation of duties: separation of activities between the subject who authorises, who carries out and who controls. Such separation is ensured by the intervention of several subjects within the same Company macro process, in order to guarantee independence and objectivity of processes. The separation of roles is alsoOrganisation, Management and ControlModel (ex Legislative Decree 231/01) 27 / 30 Impregilo SpA
    • BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART implemented by using computer systems that only enable certain operations to identified and authorised persons; ▪ Proxies and powers of attorney: Authorisation and signatory powers assigned must be: i) consistent with the organisational and management responsibilities assigned, foreseeing an indication of expense approval limits, where required; ii) clearly defined and known within the Company. The Company roles to which the power of committing the Company to certain expenses, specifying limits and nature of expenses costs, must be defined. Allocating roles must observe the specific requisites that may be required by law (e.g. delegation and sub-delegation on employees’ health and safety matters); ▪ Monitoring: This activity is aimed at the periodical/prompt updating of powers of attorney, proxies for roles and control systems, in compliance with the decision- making system and with the entire organisational structure. This activity is the responsibility of the Legal and Corporate Affairs Department, with regards to Company powers of attorney and the Organisation Function with regards to proxies. Finally, the protocol foresees the existence of process controls carried out by Process Managers or by a super-ordinate third-party body. 17.2 General Prevention Protocols In the context of sensitive activities identified for each type of crime (see the Special Parts of the Model below), the General Prevention Protocols state that: a) for all operations, the formation and implementation of Company decisions must correspond to the principles and prescriptions contained in law provisions, the Company memorandum of association, the Code of Self-Discipline, the Code of Ethics, and Company procedures; b) the Company provisions suitable to providing principles of conduct, decision rules and operational modes for the carrying out of sensitive activities and filing modes for relevant documentation are defined and suitably communicated; c) for all operations: ▪ the management, coordination and control responsibilities within the Company and the levels of hierarchical dependence, with description of relative responsibilities are formalised; ▪ the phases of formation of documents can be documented and are recoverable; ▪ the authorisation levels of document formation are always formalised and possible to provide proof thereof, as a guarantee of the transparency of the choices made; ▪ the Company adopts communications tools for the signatory powers awarded that ensures such knowledge within the Company environment, also by publication of the proxy and power of attorney system on the Company intranet; ▪ the allocation and exercising of powers in a decision-making process is consistent with the positions of responsibility and with the significance and/or critical nature of the underlying economic operations; ▪ there is no subjective identity among those who take on or implement decisions, those who must provide accounting evidence for the operations decided and those who must carry out the controls foreseen by law and by the procedures considered by the internal control system;Organisation, Management and ControlModel (ex Legislative Decree 231/01) 28 / 30 Impregilo SpA
    • BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART ▪ access to Company data is compliant with the Legislative Decree no. 196 dated 2003 and later amendments and modifications, including regulatory ones; ▪ access to and intervention on Company data is permitted solely to authorised persons; ▪ confidentiality in transmitting information is guaranteed; ▪ the documents concerning the formation and implementation of decisions are filed and stored by the competent department, using methods that do not allow any later modification, unless with specific evidence. Access to filed documents is only permitted for authorised subjects according to internal regulations, and the Board of Statutory Auditors, the Auditing Company and the Board of Vigilance; d) for each of the processes included in the sensitive activities listed in the herein Model, a Process manager is identified, in the Special Parts of the Model, except in Special Part E, due to the specific nature of the subject of work safety. In particular, the Process Manager: ▪ is formally recognised by the Company organisational system (e.g. internal proxies, job description, procedures), in observance of any requisites of efficacy set by the law for the assigning of roles; ▪ has all the necessary tools to pursue the internal objectives of the same process, observing timescales and principles that regulate it; ▪ can supervise all the main phases of the process involved, coordinating and activating the various subjects belonging to the organisational units that participate, or that he believes should take part; ▪ has full visibility and access (direct or indirect) to all relevant information on the process. The Process Manager has the specific responsibility of: ▪ guaranteeing that the process is carried out in compliance with internal dispositions (e.g. Company procedures and guidelines) and the current legislation in force on the matter; ▪ guaranteeing that all controls are carried out on underlying activities by the individual subjects who take part in the process; ▪ guaranteeing that the whole process is carried out in observance of the principles of transparency and traceability, on whose basis each operation must have suitable document support; ▪ regularly informing the Board of Vigilance pursuant to point 13.2 above (section B) and to specific operational procedures, and in any case as soon as any irregularities are found or particular critical situations occur (e.g. violations or suspect of violations of the Model and the Code of Ethics, cases of inefficacy, unsuitability and difficulty in implementing control protocols). e) the relative Internal Managers for Sensitive Activities are identified for each of the sensitive activities listed in the herein Model, in each of the Special parts of said Model, except for Special Part E, considering the specific nature of safety in the workplace. These figures correspond to the competent organisational unit managers for stated sensitive activities. In particular, the Internal Manager for Sensitive Activity: ▪ Is formally recognised by the Company organisational system (e.g. internal proxies, job description, procedures), in observance of any requisites of efficacy set by the law for the assigning of roles;Organisation, Management and ControlModel (ex Legislative Decree 231/01) 29 / 30 Impregilo SpA
    • BOARD OF DIRECTORS’ MEETING – 26TH MARCH 2012 GENERAL PART ▪ has all the necessary tools to pursue the internal objectives of the relevant activities, observing timescales and principles that regulate them; ▪ can supervise the relevant activities, coordinating and activating the various subjects who belong to his own organisational unit; ▪ has full visibility and access (direct or indirect) to all information on the relative activities; The Internal Manager for the Sensitive Activity has the specific responsibility to: ▪ guarantee that the competent activities are carried out in compliance with internal dispositions (e.g. Company procedures and guidelines) and the current legislation in force on the matter; ▪ set up the direct and indirect controls, aimed at guaranteeing the correctness, truthfulness and updating of the result of activities he is responsible for (e.g. data, information, documents provided to the Process Manager); ▪ ensure and certify the correctness, truthfulness and update of the result of activities he is responsible for in observance of the principles of transparency and traceability, on whose basis each operation must have suitable document support; ▪ immediately inform the OdV and also the Process Manager, as set out in point 13.2 above (section B), if any particular critical situations occur that regard the efficacy, adequacy and implementation of preventive protocols; ▪ immediately report any violation (or suspected violation) of the Model, Code of Ethics and preventive protocols to the Board of Vigilance. 17.3 Protocols on observing debarment sanctions In the event that debarment sanctions or precautionary measures are applied to the Company, ex art. 23 of the Decree: ▪ it is forbidden for any to start up any operation that violates the obligations and bans included in said sanction; ▪ the Process Managers carry out the necessary supervision in order to preliminarily identify any operations that may constitute a violation of the obligations and bans as set out in the debarment sanctions and precautionary measures. If the Process Managers find any characteristics in a certain operation that can be traced even in part, to a violation, or a potential violation, of obligations deriving from the debarment sanctions or precautionary measures: ▪ must suspend any activity pertaining to the operation in question; ▪ must immediately send specific information to the Legal and Corporate Affairs Function, which analyses the operation, also using external legal consultants, to provide an interpretation and details of the procedure to be followed. A copy of the information prepared by the Process Managers and the documentation prepared by the Legal and Corporate Affairs Function is promptly sent to the Board of Vigilance. Attachment 1 to the General Part Table Sensitive Activities / Special PartsOrganisation, Management and ControlModel (ex Legislative Decree 231/01) 30 / 30 Impregilo SpA