SACE Group Code of Ethics and organizational, management and control model 231/2001

The SACE Code of Ethics represents the values, purpose, vision, mission, commitments and strategic pillars of the SACE Business Plan. The Code also defines the criteria for conduct, which represent the guiding criteria for preventing unethical behavior, formulated using SACE values as a reference. The target audience of the Code of Ethics are: the Corporate Bodies, SACE people, customers and the Community. These individuals are required to respect and comply with the provisions of the Code of Ethics. Finally, the Code also outlines the mechanisms for reporting any violations and the procedures for its implementation.

The Code of Ethics is a separate document from the Model, although related to it, as it is an integral part of the prevention system adopted. All SACE Group companies have also adopted an Organization, Management and Control Model in accordance with the provisions of Legislative Decree 231/2001.

The Models of each Company consist of a General Part, which provides an overview of the reference regulatory provisions and the guiding principles on which the entire Model is based, and a Special Part based on specific Protocols, documents that regulate the company activities at risk of crime, recalling within them the types of offenses abstractly configurable in the performance of each activity as well as the control measures aimed at preventing their commission.

The adoption of Model 231/01 represents a key element of SACE's commitment to ensure transparency, integrity and accountability within the company and to promote a corporate culture based on ethical principles and regulatory compliance.

All employees, collaborators and stakeholders are therefore called upon to actively contribute to compliance with the provisions of the Model and to report any violations thereof through the whistleblowing channels made available.

For more details, the SACE Group Code of Ethics and the 231 Models of SACE Group companies can be found at the following links:

• SACE
• SACE BT
• SACE FCT
• SACE SRV

Anti-money laundering and export control

SACE has a specific control function dedicated to analysis activities in the area of Anti-Money Laundering & Export Control and has implemented specific control measures, including the adoption of specific policies and internal regulations.

In detail, in line with the adopted framework, SACE carries out specific due diligence activities of supported transactions (both with respect to the counterparties directly or indirectly involved in the transactions and with respect to the underlying) by requesting declarations and commitments to support the analysis activities.

For further details, please refer to the Anti-Money Laundering and Export Control disclosure.

Anticorruption

SACE is committed to preventing and combating corruption. Indeed, during its due diligence activities, SACE also assesses corruption profiles (both domestic and international) by acquiring appropriate statements and commitments to support its analytical activities.

SACE raises awareness among its stakeholders (exporters, insured parties, and other involved parties) about the obligation to comply with applicable anti-corruption regulations, including those of the country in which these parties conduct their activities.

In case of non-compliance with these obligations, SACE reserves the right to suspend or withdraw its support. In certain cases, SACE also conducts enhanced due diligence by identifying measures to prevent and manage corruption and related risks.

Finally, enhanced due diligence measures can be activated based on the assessment of the competent department, even outside the identified case studies.

For further details, please click here >>

Whistleblowing

SACE and the companies of the Group provide all their employees, collaborators, consultants, and other stakeholders with a platform ("whistleblowing") for reporting facts or circumstances that may help ascertain the commission of violations.

Violations can consist of administrative, accounting, civil, or criminal offenses, violations of Model 231, the Code of Ethics, internal regulations, both corporate and Group, anti-money laundering regulations, as well as TUF, CAP, and MAR (related to SACE and SACE BT).

Reporters must refer to facts they have become aware of in their own work context. In compliance with Legislative Decree 24/2023 on whistleblowing, SACE and the companies of the Group ensure the confidentiality of the whistleblower's identity and provide protection against any retaliatory action or discriminatory behavior due to the report. Except where confidentiality is not legally opposable, the companies have appointed an external entity, called the Identity Custodian, who ensures the preservation of the whistleblowers' names separately from the contents of the reports, without knowing either. The custodian, upon motivated request from the Report Manager, if strictly necessary for the verification activity, can associate name and content through encrypted codes provided by the IT procedure.

Please refer to the "Policy for the Management of Reports," along with the privacy notice related to data processing, at this link>>.

In summary, the policy provides:

Who can report?

Anyone who holds representation, administration, or management functions, or exercises, even de facto, the management and control of corporate activities, all employees regardless of their contractual status, those who cooperate and collaborate with the Group Companies - in any capacity - in pursuing their objectives, and - more generally - anyone who has connections with them even by virtue of different legal relationships (e.g., suppliers, consultants, collaborators, partners, candidates, former employees, etc.).

What to report?

Violations of national or European Union legislative provisions, or internal provisions that they have become aware of in a public or private work context. In any case, any report transmitted through the reporting channels listed in this policy will still be considered within the limits of its relevance and verifiability.

How to report?

• IT platform accessible from any browser (including mobile devices) at the following address: https://sace.pawhistleblowing.it/#/ , which allows written reports. This tool offers the widest guarantees of confidentiality for the whistleblower;
• An oral channel, through a phone call to the number 06 6736 333, which will allow recording a voice message.

Who will receive the report?

The manager of the internal reporting channels is identified as follows:

• For SACE: in the figures of the OdV and the Chief Audit Officer of SACE;
• For the Group companies: in the figures of the OdV, the Chief Audit Officer of SACE, and the Head of Audit of each Group company.

How is the whistleblower protected?

The confidentiality of the whistleblower's identity is always guaranteed. Additionally, the whistleblower's consent is expressly required to communicate their report to third parties other than the managers in order to investigate the report.

The whistleblower is protected from potential retaliatory measures.

External reporting channel (ANAC)

Reports to ANAC can only be sent if:

• The internal report has not received a response;
• There is a well-founded reason to believe that the internal report would not have effective follow-up or would expose the whistleblower to retaliation;
• The internal reporting channels do not comply with the standards set by the current legislation;
• There is a need to report retaliations suffered.

External ANAC channel: whistleblowing.anticorruzione.it

 Access to the documents

To consult the Regulation for accessing documents, click here>>