Ethics and compliance
03.

Ethics and compliance

Our greatest commitment

The ethics culture is at the core of all GEB processes, and is undergoing a transformation to become one of our corporate attributes. We have a mature model in place that we decided to further evolve in 2020.
Landscape of nature, a mountain and a rainbow in the background.

GEB photography contest Photo by our employee Paula Torres Holguín

Why is it important?

(103-1)

The standards on ethical behavior in the actions of our employees are essential for the creation of value and the generation of trust with partners and stakeholders.

We are committed to a policy of zero tolerance towards fraud, money laundering, terrorist financing and corruption. For this reason, we promote a culture of transparency and of the identification of risks in our administrative management, as well as with our stakeholders, as a differentiating element in GEB’s sustainability strategy.

(102-16) Our stakeholder relations are framed in our Code of Ethics and corporate values, as follows:

Transparency
We manage our company in an objective, clear and verifiable manner.
Respect
We interact recognizing collective interests, individual diversity, sustainability of natural resources and institutions.
Integrity
We act with firmness, righteousness, honesty and consistency.
Equity
We act with justice, fairness and impartiality, seeking to cause positive and inclusive social impact.

How we manage it

(103-2) (102-16)

The Ethics and Compliance Program is aligned with the Group’s new corporate strategy established in 2020, to contribute to the consolidation of transparency and efficiency in the established Governance Model. We achieved this thanks to the following:

  • The consolidation of an independent department that focuses on corporate risk management, and an Ethics and Compliance Program adjusted to international standards and aligned with the organization’s nature as a Corporate Group.

  • The independence and autonomy of human, technological and economic resources necessary to fulfill our responsibilities in accordance with applicable local and international legislation.

In 2020, the Ethical Channel received a total of 13 reports, 30 % more than in 2019.

Also, one of the key priorities of the new strategy is to strengthen comprehensive risk management, which provides a frame of reference to perform the activities required for adequate risk management, always seeking transparency in relations and defining clear procedures and mechanisms for action.

In order to assure compliance and preserve the integrity of the Internal Control System, we continue to apply the Control Architecture Model based on the Three Lines of Defense, which defines the responsibilities involved in the system.

Three Lines of Defense
Gráfica Tres línea de defensa

Click on the image to expand it.

First line: It is performed by the employees. It enables the identification and management of risks (control/self-control) and the implementation of corrective actions to address any shortcomings in processes and controls.

Second line: It supervises and monitors the effectiveness of the first line controls. It also advises, assists, prevents, institutionalizes, detects (investigates), reacts and executes the corporate defense program, performed through the Compliance Officer of the Group and each of our companies.

Third line: It is responsible for providing independent assurance through internal audit activities carried out by the Group’s general auditor.

Other audits: We are subject to periodic audits by the Group’s general auditor (internal audits) and by the statutory auditor (Circular Letter 029 / 2014 of SFC); the latter include a review of the duties fulfilled by management and the compliance officer in connection with the Comprehensive System for the Prevention of Money Laundering and Terrorism Financing and compliance with regulations on the prevention of and control of money laundering and terrorist financing (ML/TF).

We report to the following corporate bodies: CEO Committee on Processes and Learning, Ethics and Compliance Committee, GEB Audit and Risk Committee, audit and risk committees of the subsidiaries and non-controlled companies, and the Board of Directors of GEB, which receives the periodic official compliance report.

(Own) (102-17) Events reported through the Ethical Channel
Event Number Status: Review in progress Status: Closed
Work issue 5 0 5
Accounting fraud 0 0 0
Misappropriation of assets 0 0 0
Corruption and bribery 3 1 2
Money laundering 0 0 0
Intellectual property violations 0 0 0
Other 5 0 5
Total 13 1 12

Additionally, through the Ethical Channel we received 24 inquiries and ethical dilemmas from GEB managers and employees, which were processed in a timely manner with the corresponding recommendations.

The Ethical Channel is the tool through which Grupo Energía Bogotá guarantees the rights of all shareholders, managers, employees, contractors and other stakeholders to report any situations they consider to be potential events related to fraud and/or corruption and unethical behaviors at GEB, aimed at managing and conducting corporate affairs in a transparent and sustainable manner. In addition, the channel allows making inquiries to solve ethical dilemmas with assurance that the channel is confidential, safe and reliable. An independent expert third party manages the Channel.

Our achievements in 2020

(103-3)

Grupo Energía Bogotá has not had any confirmed cases of corruption or bribery against the Company in the last three years.

  • We received recognition from the Global Compact Network Colombia for our good practices in connection with the Ethical Channel for managing reports and conflicts of interest.

  • We began the process of reviewing and reformulating the roles of each area, with advice from an international firm that specializes in compliance matters, and an external local consultant, with the aim of defining a model that will enable us to evolve, advance and adjust to the requirements of the business and its associated risks, to achieve an updated Ethics and Compliance Program in accordance with international standards.

  • We updated, approved and disseminated among the affiliates the strategic risks of fraud and corruption, taking into consideration the best practices of the Inter-American Development Bank and Transparencia por Colombia, among other bodies. We are also aligned with the SOX matrix of financial controls.

  • (205-1)We assessed 100 % of the processes at GEB Corporate and Transmission in terms of risks of corruption. In addition to the assessment, we have carried out the processes related to the identification of risks and controls, assessment of inherent and residual risk, as well as monitoring the implementation of the internal controls. The following are the most significant risks we have identified related to corruption:

    1. Misappropriation of the organization’s funds to favor third parties

    2. Inadequate control in establishing and managing framework contracts and purchase orders.

    3. Unauthorized access to technological applications and/or infrastructure systems.

    4. Failure to detect in a timely manner any conflicts of interest of contracted personnel and in goods and services contracting processes.

    5. Weaknesses in the goods and services contracting processes (prior studies or superficial and feasibility studies, targeted request for bid documentation, insufficient technical capacity of contractors, filtered information).

    6. Relations or contracts with third parties included in ML/TF control lists that may produce impairment of image or lead to penalties from regulatory agencies.

  • We performed 18,837 validations in the control lists for individuals and legal entities that maintain business relations with the Group (suppliers, employees, rights of way lessors, leases, among others), using a software that enables reliable queries in such lists and other databases that give warning on such risks.

  • (205-2) Through our Ethics and Compliance Program, we provided training, both face-to-face and through e-learning, to 96 % of our employees and nine members of the Board of Directors on anti-corruption policies and procedures, the Ethical Channel and conflicts of interest, the System for the prevention and control of money-laundering and the financing of terrorism, transparency and access to information, data protection, management of transnational bribery and supervision authorities and their focus themes in 2020. The totality of GEB employees and Board members were informed through internal communication channels. All suppliers registered in SAP Ariba have been informed on these corporate guidelines, a total of 1,047 in 2020. (annexes 205-2).

  • Every employee filled out a virtual form with their annual adhesion to the Code of Ethics and Statement of Conflicts of Interest.

  • (205-3) (206-1) We had no confirmed cases of corruption by employees or suppliers, and no lawsuits or public proceedings related to corruption, fraud, money laundering or terrorist financing. Also, there were no reports of violations to the Code of Ethics or related to anti-competitive behavior or restrictive practices.

  • We strengthened the methodology for measuring and assessing the Group’s reputation for the effects of better decision-making.

  • We provided advisory to the affiliates regarding the Ethics and Compliance Program through periodic meetings and monitoring of performance indicators.

  • We updated and disseminated the GEB Control Architecture Model, using as reference the updated Three Lines of Defense Model published by the Institute of Internal Auditors.

Our challenges for 2021

Our Internal Control System is based on the standard of the Committee of Sponsoring Organizations of the Treadway Commission (COSO, for the Spanish original), through which we monitor the application of the corporate instructions, the prevention, detection and investigation of situations associated with fraud and corruption.

  • Materialize the new strategy of the Ethics and Compliance Program to:

    1. Improve the program’s effectiveness based on risk prevention and management methodologies.

    2. Align the compliance activities of our Group and its related parties.

    3. Integrate the redesigned strategy with corporate governance, the Control Architecture Model and the strategic objectives.

    4. Promote ethical behaviors and build a corporate culture of compliance.

    5. Strengthen the mechanisms for risk mitigation and prevention by reinforcing the compliance culture and due diligence processes.

  • Strengthen the program to ensure compliance with applicable local and international laws and to incorporate best international practices, the control and monitoring activities between the first and second lines of defense of the Control Architecture Model, and the due diligence processes to prevent exposure to reputation risks and strengthen the use of data analytics in compliance processes.

  • In the medium and long term, strengthen the Ethics and Compliance Program at GEB affiliates based on the experience of redefining the role of compliance and its program at the corporate level.