In order to guarentee compliance with legislation and at the same time monitor and control the risks, the system is divided into a network of protected areas (resources, technologies, instruments and competencies), partially interconnected according to the objectives/risks to be monitored and designed to ensure the achievement of control objectives.
The trend in the competition situation on the markets where the Acea Group operates requires growing attention to the matter of compliance with antitrust law and the regulations concerning consumer protection.
Acea believes that competition and consumer protection is a core value for company business activities and pursues its objectives in obersvance of the rules regulating the market. Consistent with the principles set out in the Code of Ethics, the Group specifically abstains from collusive and abusive practices and, more generally speaking, from any practice that might impede the correct functioning of market mechanisms and imply detriment to consumers.
Acea has, therefore, adopted a specific "Antitrust Compliance Programme", with a view to both enhancing internal controls intended to ensure compliance with market and consumer protection legislation and to promoting the development of a corporate culture, oriented towards respect for free market values and fair competition.
In this connection, on 13 December 2018 the Acea Spa Board of Directors approved:
The Compliance Programme, implemented in every Group company under the responsibility of the Company Antitrust Liaison Officer, provides for a series of activities, including:
Each Company’s Antitrust Contact Person receives specific training and support from the Holding Company Contact Person.
Following the entry into force of European personal data protection Regulation 679/2016 ("GDPR") on 25 May 2018 and the Italian transposition legislation (Legislative Decree no.101/2018 amending Legislative Decree no.196/03) subsequently introduced only in September 2018, Acea launched an adjustment programme to identify - giving priority to core processes - the activities to be undertaken to achieve the highest possible level of compliance and, for the same purpose, to give the company a Privacy Governance Model, that is consistent, integrable with and functional to the existing internal control system.
A Data Protection Officer (DPO) was appointed at Group level, supported by an ad hoc structure (DPO Office), contactable at the following address: email@example.com. Some "privacy control units" were also identified to act as internal reference and liaison points with the DPO Office.
The adjustment programme launched, and currently being improved on, integrated numerous initiatives and activities, including:
In 2020, the Model was tested, reviewed and enhanced with methodological analysis and risk assessment tools and its roll out in the subsidiaries accompanied. The processes considered potentially high risk for the rights and freedom of individuals were subjected to Data Protection Impact Assessment. Moreover, the procedure in terms of analysis, definition and monitoring of the conditions for entrusting to third parties activities which also involve personal data processing is increasingly thorough.
For the sustainability of its operations, Acea acknowledges the fundamental nature of the following values:
For this reason, in November 2020 Acea senior management approved the new Management Systems and Sustainability Policy, which sets out the principles, values and commitments undertaken by the company, including them as part of the framework for the pursuance of sustainable development. This policy is an integral part of the Management Systems compliant with ISO 9001, ISO 14001, ISO 45001 and ISO 50001 standards. In October 2020, the Chief Executive Officer approved the new infection control and prevention policy following the decision to obtain certification for the infection prevention management system (Biosafety Trust Certification).
In order to ensure that the management systems always reflect changes in the internal and external context, Acea analyses the situation and expectations of its stakeholders.
Management of quality, environment, safety and energy are central aspects of our corporate policies, as shown by the number of Group companies that have implemented certified integrated management systems.
Certified Management Systems within Acea Group (as at 31/12/2020)
||X||Biosafety Trust certification|
|Acea Ato 2||X||X||X||X|
|Acea Ato 5
||UNI CEI EN ISO/IEC 17025:2005
Accreditation of analysis laboratory
UNI CEI EN ISO/IEC
Accreditation supervisory body
||X||UNI CEI 11352|