1. Objective:
At Itera we develop technological solutions responsibly, acting ethically, transparently and committed to quality, legality and sustainability. We promote fair, inclusive and safe working conditions, respecting human rights. We protect information and resources through practices that ensure their confidentiality, integrity, and proper use. We reject any form of bribery and extend our responsibility to social, environmental impact and ethical supply chain management.
2. Scope:
All iterants are responsible for ensuring compliance with the policy in the exercise of their functions no matter where they are located or their role. It is applicable to others acting on behalf of It Era, any project, deal, contract or negotiation with customers/business partners/businesses and suppliers whether in the public or private sector.
3. Roles and responsibilities:
Role | Responsibilities (See details in the IMS (Integrated Management System) User Manual) |
---|
Governing Body | - Understands, complies with, and applies the requirements of the integrated management system according to their role.
|
Director of Human Talent | - It has the authority and independence of the anti-bribery compliance function. The responsibility for compliance will continue to reside with the iterants.
It oversees this policy, advises iterants, and executes sanctions in accordance with the corresponding sanctions matrix.
|
Senior Management | - Establishes, reviews and ensures legal and operational compliance with this policy. Analyze risks and advise and make decisions.
|
Leaders or Directors | - Ensures compliance with the Integrated Management System (IMS) in its areas, respects standards of conduct when conducting negotiations, and provides advice.
|
Iterating | - They are aware of and apply this policy and the processes related to their role. They participate in training.
Respect standards of conduct.
|
Key Commitments:
4. Human Rights and Working Conditions
- PROHIBIT CHILD LABOR, FORCED LABOR AND VIOLENCE: It is forbidden to hire minors and any form of forced labor, servitude or exploitation. All forms of violence, harassment, harassment or ill-treatment, whether physical, verbal, psychological or sexual, are also rejected. Ensure a safe, respectful, and dignified work environment.
- ENSURING DIVERSITY, INCLUSION, EQUALITY AND NON-DISCRIMINATION: To guarantee a work environment free of discrimination based on gender, age, sexual orientation, religion, ethnic origin, disability or any other condition. Promote the inclusion of people in vulnerable situations. Respect free expression and promote coexistence with respect, tolerance and cultural diversity.
- ENSURING WORKING CONDITIONS AND SAFETY AT WORK: To provide a safe, healthy and fair working environment, in accordance with current legislation. Promote risk prevention and work-life balance.
5. Security and National Security Scheme (ENS)
- ACCESS ONLY NECESSARY SYSTEMS AND DATA: Collect and retain only relevant personal data that is necessary for legitimate purposes. Ensure they are accurate and up-to-date. To process data in a lawful, fair and transparent manner. Obtain consent if they are used for purposes other than the original ones.
- PROTECT ITERA AND CLIENT INFORMATION AND RESOURCES: Safeguard the confidentiality, integrity, availability, authenticity and traceability of information. You are prohibited from disclosing or extracting or using information or resources without authorization. Its exclusive use must be ensured for authorized commercial purposes, safe storage and improper use must be avoided. Installation of unauthorized, pirated, or unlicensed software is prohibited. Follow SECURITY CONTROLS when sending emails, downloading files, or using the internet to avoid cyber threats.
- FOLLOW THE ACCESS AND PASSWORD POLICY: Apply multi-factor authentication when possible. Create, change, and protect strong passwords to prevent unauthorized access, loss, destruction, or alteration.
- TAKE CARE OF ITERA’S PHYSICAL ASSETS: Protect equipment, devices, and documents from theft, loss, and damage. Follow measures such as blocking unused workstations, keeping desks clean, and restricting access to sensitive areas and network. Ensure rapid recovery of services in the event of a disaster or contingency.
6. Quality
- MEET QUALITY, PERFORMANCE, AND DEADLINES: Fulfill quality and performance commitments in products and services, meeting internal requirements and customer expectations. Respect operation and service level agreements, ensure their satisfaction and respond quickly to their needs.
SYSTEMATIZE PROCESSES AND USE INDICATORS: Establish controls and key indicators to measure performance, facilitate informed decisions, and activate continuous improvements in services.
7. Environment
- MINIMISE ENVIRONMENTAL IMPACT AND PROMOTE SUSTAINABLE PRACTICES: Foster a culture of sustainability at work, optimizing the use of digital tools, reducing energy consumption and emissions. Prioritize using efficient equipment, energy-efficient configurations, and sustainable cloud solutions that reduce carbon footprint and improve environmental performance.
8. Artificial Intelligence
- OPTIMIZE WITH AI RESPONSIBLY: Apply AI solutions to improve internal and customer processes, increasing efficiency, reducing time and costs, and driving innovation, adapted to each need.
- ETHICAL, TRANSPARENT AND RELIABLE USE: Develop fair, explainable, and unbiased solutions. To treat data in a lawful, fair and transparent manner, facilitating its understanding and auditing by users and interested parties.
- GUARANTEE QUALITY, SAFETY AND TRACEABILITY: Protect the confidentiality, integrity, and availability of data and systems. Ensure quality, version control and traceability of processes, avoiding unauthorized uses.
- CLEAR AND ACCOUNTABLE GOVERNANCE: Define roles and responsibilities in AI decisions, prioritizing the well-being of users and stakeholders, with technical, legal, and organizational oversight.
9. Anti-bribery
- ZERO TOLERANCE FOR BRIBERY: It is forbidden to offer, give, ask for, or accept bribes in any activity, relationship, or transaction. Evaluate risks related to incentives, bonuses or compensations, always with the approval of the leader and the Director of Human Talent.
- GIFTS, HOSPITALITY AND INVITATIONS: Only reasonable care (up to $1,000 per BL per year) is allowed, unrelated to business decisions. Any exceptions require approval by mail from the Director General and notification to Administration. It is forbidden to offer/receive cash or pay personal expenses. Trips must be justified, with an itinerary and prior notice to the leader or Director of Human Talent. It does not apply to gifts or internal invitations.
- DONATIONS AND EVENT SPONSORSHIP: Only to legal organizations for business, social, or educational purposes. It is forbidden to donate to individuals or for political purposes or to make contributions before, during or after contractual decisions. Due diligence must be carried out on the organization, documented and ensure traceability. Risk-free, contributions up to USD $2,000 per year are allowed without prior authorization. Approval from the Director General is required in case of bribery risk or special concerns. Political participation only in a personal capacity, outside working hours and without representing Itera.
- NO FACILITATION PAYMENTS: It is forbidden to make payments to speed up procedures, even with one’s own resources. Report requests to the Director of Human Talent.
- KEEP RELIABLE RECORDS: Accurately record all expenses, payments, and business relationships. Falsification or omitting of information is prohibited.
- COMPLY WITH FINANCIAL AND NON-FINANCIAL CONTROLS: Apply them in commercial and legal processes, purchases and sales. View in-process financial controls in Accounting and Finance and non-financial in Vendor Management.
- CONDUCT DUE DILIGENCE, MONITORING, AND THIRD-PARTY TRAINING: Require business/business partners, customers, or suppliers to act with similar ethical standards to Itera, communicating their obligations and providing training through contracts, emails, or the IMS Policy for Suppliers and Third Parties. Leaders, Legal and Commercial must assess bribery risks in any transaction, project, activity or relationship. Verify legitimacy (documents requested by Legal), reputation (reports or press, disqualification lists), links with officials, payment structure, experience and conditions. Document the level of risk in CRM for customers or in the Dossier List for suppliers. Keep records of supplier selection, see formal Decision Making process. Supervise suppliers with audits or evaluations. If there is a high risk, demand anti-bribery controls, without impeding the relationship if they are attended. Attend to alerts such as links with officials, lack of experience, suspicious payment conditions, rumors of criminal behavior or refusal to sign anti-corruption clauses. Do not hire without a contract or pay in cash. Payments only to the counterparty, in places associated with the service.
- PERFORM DUE DILIGENCE, SUPERVISION AND TRAINING OF PERSONNEL AND IN MERGERS OR ACQUISITIONS: Human Talent and the corresponding Director must assess bribery risks in positions prior to hiring, promotion, or transfer under the Retention and Succession Plan. Verify values (through tests), job references, qualifications, and competencies (job descriptions). Ensure that every iterant signs the certificate of compliance with this policy in Bizneo. In procurement, integrate Itera controls and policies from the outset through training, third-party review, and audits. All iterants must cooperate.
- DECLARE CONFLICTS OF INTEREST: Inform the leader and Director of Human Talent. Solve by avoiding affected purchases, removing those involved or looking for alternatives. Avoid paid or unpaid external activities that affect performance or generate conflict (e.g., collaborating with competitors or regulators).
10. Service Management and General Aspects
- ENSURE AWARENESS AND IMPLEMENTATION OF POLICY AND PROCESSES: All iterants must read, understand and apply this policy, as well as the internal processes, employment contract, NDA, personal data processing manual (only applicable to ES) and privacy notices. Delivery Force, Human Talent and the Anti-Bribery Compliance Officer, Director of Human Talent They must establish and keep updated an annual training and communication plan that ensures the understanding, implementation and continuous improvement of the policy and processes. Human Talent is responsible for documenting training, keeping records (evaluations, attendance lists, training DBs) and ensuring that each iterant — including senior management and governing body — signs the certificate of compliance with the policy (Bizneo).
- COMPLY WITH REGULATIONS AND ETHICS: Act with integrity and professional ethics, complying with all applicable laws and regulations, including information security, data protection, environment, anti-bribery, and other rules in the jurisdictions where we operate. Responsible, honest and consistent conduct with Itera’s values and commitments is expected.
- ENCOURAGE PARTICIPATION AND CONTINUOUS IMPROVEMENT: Active participation in SGI activities such as drills, practical exercises, quarterly challenges, reviews by senior management and training on topics such as security, quality, service, personal data, AI, bribery and sustainability among others is expected. We promote a culture of collaboration, open communication, teamwork and innovation, promoting the use of sustainable technologies and good practices. We are open to suggestions that contribute to improving our practices. Itera periodically evaluates its objectives through the Measurement and Analysis Plan, the Challenge Agreements and the review of senior management to ensure continuous improvement and effectiveness of the IMS.
- PROVIDE EVIDENCE OF COMPLIANCE AND DUE DILIGENCE: Provide evidence of compliance when required by Itera, as well as collaborate in audits, supervisions, and monitoring. Participate in due diligence procedures by delivering the requested information.
11. Consequences of non-compliance
- Itera reserves the right to conduct audits, periodic evaluations, or due diligence processes to verify compliance with this policy, IMS requirements, and applicable regulations, both internally and with suppliers (at least once a year, depending on the Audit Program).
- Failure to comply may result in corrective measures and, in serious cases such as bribery, corruption or unacceptable risks that cannot be mitigated, disciplinary sanctions will be applied, including dismissal, as well as legal action or complaints to the competent authorities (Matrix of Sanctions in the Disciplinary Process, Attention to Complaints or Concerns).
- Itera strictly prohibits any form of bribery or corruption linked to their professional activities. In the case of suppliers, if serious conduct or unacceptable risks are identified in acts performed by, on behalf of, or for the benefit of your organization, Itera may immediately suspend, terminate, or postpone the business relationship, transaction, project, or activity, and take legal action as appropriate.
12. Validity
- This policy is effective immediately and compliance with it is mandatory for all parties involved. It is available in the corresponding language for the entire organization through the process sites and in the footer of the Itera website. Itera invites its employees to share it with business partners and suppliers, promoting commitment to legal, ethical and responsible practices, as well as openness to listen to their concerns and suggestions.