PROGRAMA DE COMPLIANCE
Entenda como garantimos conformidade legal, integridade e boas práticas na gestão da instituição.
1. Presentation
1.1 Commitment to Ethics, Transparency and Integrity
The Institute for Socio-Emotional Development of the State of Rio de Janeiro - IDAS, is a private, non-profit Third Sector institution, with the aim of promoting social well-being by achieving a more positive perspective on life. IDAS was recognized as a public utility by Ordinary Law No. 4,034, of October 3, 2022.
According to Paulo Modesto (1998), “Third Sector is the set of private legal entities for public purposes, not for profit, formed voluntarily by private individuals, auxiliaries of the State in the pursuit of activities of relevant social content, which invest in non-refundable social works ”.
The implementation of integrity programs is extremely important for Third Sector organizations, since they act effectively and beneficially to achieve important objectives, in addition to ensuring compliance with applicable laws and regulations. These programs contribute to the prevention and/or identification of irregularities, corruption and fraud, which strengthens the Institution's credibility and transparency before society as a whole, including donors, sponsors, employees and regulatory sectors.
O termo “compliance” tem sua origem no verbo em inglês “to comply”, que significa agir de acordo com as regras. Consiste na adoção de políticas e diretrizes éticas para a gestão de negócios, com o objetivo de combater, evitar, detectar e tratar qualquer comportamento inadequado ou não de conformidade legal que possa ocorrer. Isso inclui a prevenção de práticas ilegais ou vantagens ilícitas para diretores, representantes, parceiros ou demais membros da Instituição.
The Integrity Program is the set of mechanisms created to prevent, detect and combat the practice of harmful acts or corruption, as well as to promote the implementation of ethical principles, codes of conduct and the adoption of integrity policies and procedures, with a view to creating an upright institutional environment and preventing the involvement of the institution, its employees or managers in harmful acts against the institution itself and against the public administration. The definition of the program and the pillars that support it are enshrined in article 56 of Decree No. 11,129/2022, which regulated Law No. 12,846/2013, known as the Anti-Corruption Law, in the following terms:
Art. 56. Para fins do disposto neste Decreto, programa de integridade consiste, no âmbito de uma pessoa jurídica, no conjunto de mecanismos e procedimentos internos de integridade, auditoria e incentivo à denúncia de irregularidades e na aplicação efetiva de códigos de ética e de conduta, políticas e diretrizes, com objetivo de:
I – prevenir, detectar e sanar desvios, fraudes, irregularidades e atos ilícitos praticados contra a administração pública, nacional ou estrangeira;
II – fomentar e manter uma cultura de integridade no ambiente organizacional. Parágrafo único. O programa de integridade deve ser estruturado, aplicado e atualizado de acordo com as características e os riscos atuais das atividades de cada pessoa jurídica, a qual, por sua vez, deve garantir o constante aprimoramento e a adaptação do referido programa, visando garantir sua efetividade.
Still on legislation, published in October 2017, in the state of Rio de Janeiro, Law nº 7.753/17 establishes the requirement to implement an integrity program for all companies that enter into a contract, consortium or agreement with any body of the Public Administration of the Rio de Janeiro, setting value limits as criteria for its implementation. It is important to highlight art. 4 and its items:
Art.4 The Integrity Program will be evaluated, regarding its existence and application, according to the following parameters:
I – Comprometimento da alta direção da pessoa jurídica, incluídos os conselhos, quando aplicado, evidenciados pelo apoio visível e inequívoco ao programa;
II – Padrões de conduta, código de ética, políticas e procedimentos de integridade, aplicáveis a todos os empregados e administradores, independentemente de cargo ou função exercidos;
III – Padrões de conduta, código de ética e políticas de integridade estendidos, quando necessário, a terceiros, tais como, fornecedores, prestadores de serviço, agentes intermediários e associados;
IV – Treinamentos periódicos sobre o Programa de Integridade;
V – Análise periódica de riscos para realizar adaptações necessárias ao Programa de Integridade; VI – Registros contábeis que reflitam de forma completa e precisa as transações da pessoa jurídica;
VII – Controles internos que assegurem a pronta elaboração e confiabilidade de relatórios e demonstrações financeiras da pessoa jurídica;
VIII – Procedimentos específicos para prevenir fraudes e ilícitos no âmbito de processos licitatórios, na execução de contratos administrativos ou em qualquer interação com o setor público, ainda que intermediada por terceiros, tal como pagamento de tributos, sujeição a fiscalizações, ou obtenção de autorizações, licenças, permissões e certidões;
IX – Independência, estrutura e autoridade da instância responsável pela aplicação do Programa de Integridade e fiscalização de seu cumprimento;
X – Canais de denúncia de irregularidades, abertos e amplamente divulgados a funcionários e terceiros, e de mecanismos destinados à proteção de denunciantes de boa-fé;
XI – Medidas disciplinares em caso de violação do Programa de Integridade;
XII – Procedimentos que assegurem a pronta interrupção de irregularidades ou infrações detectadas e a tempestiva remediação dos danos gerados;
XIII – Diligências apropriadas para contratação e, conforme o caso, supervisão, de terceiros, tais como, fornecedores, prestadores de serviço, agentes intermediários e associados;
XIV – Verificação, durante os processos de fusões, aquisições e reestruturações societárias, do cometimento de irregularidades ou ilícitos ou da existência de vulnerabilidades nas pessoas jurídicas envolvidas;
XV – Monitoramento contínuo do Programa de Integridade, visando seu aperfeiçoamento na prevenção, detecção e combate à ocorrência dos atos lesivos previstos no art. 5º da Lei Federal nº 12.846 de 2013; e XVI – ações comprovadas de promoção da cultura ética e de integridade por meio de palestras, seminários, workshops, debates e eventos da mesma natureza.
Following this perspective, the program offers several management and control tools to foster integrity and organizational compliance. This involves ensuring compliance with laws, rules, policies and internal guidelines, in addition to other regulations applicable to the institution's activity. At the same time, the program encourages the adoption of ethical standards, making both internal and external audiences aware of the importance of preventing activities and behaviors that could put the organization at risk of non-compliance.
The Integrity and Compliance program is an indispensable tool for managers of Third Sector organizations, who find support in making safer decisions and achieving their social objectives in an agile way. Thus, through its preventive approach, the program is able to significantly reduce the risks of corruption in the organization and, in the case of deviations or non-compliance, it acts quickly to identify, hold accountable and correct failures, ensuring effective action.
This Compliance Program was built based on the principles and guidelines established in the legislation and in our Code of Ethics, with the purpose of fostering and maintaining a culture of integrity in the Institution.
Avançando nesse compromisso, o IDAS apresenta o seu Programa de Compliance, que está firmemente apoiado em seu Código de Ética e Conduta.
2. Pillars of the Compliance Program
The Compliance Program relies on the commitment of Management and is based on 3 pillars: Prevention, Detection and Correction.
2.1 Prevention
Considerado o pilar mais importante, contempla a análise dos riscos de conformidade, abarcando aqueles relacionados à fraude e corrupção, lavagem de dinheiro, conflitos de interesses e demais práticas de inconformidades ou atos ilícitos, tais como Violação aos Direitos Humanos, Privacidade e Proteção de Dados, Segurança da Informação, Aspectos Regulatórios, Propriedade Intelectual, e demais violações ao Código de Ética aos quais a IDAS está sujeita, a fim de identificar, avaliar e reduzir os riscos.
O pilar da Prevenção engloba as seguintes subdivisões:
2.1.1 Identification of risks
It consists of mapping the areas of greatest risk, such as contracting suppliers and/or service providers, managing contracts, managing financial resources, and other related matters.
2.1.2 Risk assessment
Based on risk identification, the probability and potential impact of each risk is assessed in relation to the Institution's objectives. This assessment will be carried out using a risk matrix, which will allow the prioritization of risks according to criticality.
2.1.3 Preventive controls
Based on the risk assessment, the Compliance Officer, together with the Executive Board, defined preventive controls to minimize or eliminate the identified risks. These controls include policies and procedures, training, ongoing monitoring, internal audits and other preventive actions.
2.1.4 Communication and training
It is important to ensure that all employees, suppliers and other stakeholders are aware of compliance policies and procedures. In this way, the Compliance Program provides for on-site and online training and the dissemination of notices.
2.1.5 Continuous monitoring
To ensure the effectiveness of implemented controls, it is essential to continuously monitor compliance with compliance policies and procedures. This will be done through internal audits, periodic reviews of policies and procedures, process reviews and other monitoring activities.
2.1.6 Continuous review and improvement
Finally, the Program prompts the Institution to periodically review the compliance program to ensure its effectiveness and make the necessary adjustments. This review includes feedback from employees, evaluation of preventive controls implemented and other activities for continuous improvement of the compliance program.
3. Detection
3.1 Reporting Channel
The Reporting Channel is the means by which anyone can report any irregularities, such as control failures, internal and external fraud, corruption, in addition to possible breaches of IDAS' ethical principles.
The e-mail channel will be the main vehicle for receiving complaints, to be disclosed on the IDAS website and attached to communications on the Institution's physical premises. Complaints and reports received by other means, such as correspondence, telephone and social networks will also be gathered for analysis by the Compliance Sector.
It is essential for the reporting channels to function and their effective use by employees, assisted persons and individuals, compliance with the rules of confidentiality and prohibition of retaliation by those who have something to report, and the reporting can be made anonymously.
3.2 Integrity Due Diligence
Integrity Due Diligence is a process that seeks to assess the integrity risks associated with an organization, including its activities, partnerships and relationships with third parties. For IDAS, Due Diligence will ensure transparency, ethics and compliance with applicable laws and regulations in all aspects of the Institution.
The risk assessment must be carried out comprehensively and carefully, involving the identification of possible problems related to corruption, money laundering, conflicts of interest and other threats to integrity. This assessment must be carried out systematically, seeking to identify critical points, their main challenges and good practices that can be adopted to minimize risks.
In addition to risk assessment, Integrity Due Diligence includes other important steps, such as reviewing internal policies and procedures, reviewing contracts and agreements with suppliers, checking the reputation of partners and donors, and carrying out periodic due diligence assessments Diligence to ensure that IDAS maintains the same standard of integrity over time.
After the Integrity Duo Diligence opinion, the Board of Directors and other responsible parties will have an important decision-making support mechanism.
4. Correction / Remediation
It is imperative that the integrity policies and procedures include a clear definition of disciplinary measures to be taken in cases of non-compliance with the rules, encompassing employees, partners, management and contracted third parties. These measures aim to reinforce the importance of the Compliance Program with employees, preventing it from being just a formal set of rules that are ineffective in mitigating fraud and corruption.
To ensure their effectiveness, it is essential that such measures are widely disseminated and applied, through various channels, such as posters, minutes of meetings, training and circulars. Rigorous application of these measures contributes to improving organizational culture and enhancing transparency in IDAS' relationships with donors and other stakeholders.
The Compliance Program provides for some sanctions and penalties in case of non-compliance with Ethical and Integrity obligations: warning, suspension or termination of the contract, depending on the seriousness of the misconduct.
5. Final Provisions
In order to act in partnership with the Public Administration, the Institution undertakes to observe, among other regulations, Law No. 13,019/2014, which establishes the legal regime for partnerships between the public administration and civil society organizations. In order to enter into a partnership term, in turn, observe the requirements of Law nº 9.790/1999 and, for the formalization of a management contract, we pay attention to the provisions of Law nº 9.637/1998.
To this set of rules, it is important to add the already mentioned Law nº 7.753/17 (RJ), which provides for the mandatory implementation of Integrity Programs for all organizations that enter into contracts, consortia, agreements or partnerships with any body of the Public Administration, under penalty of imposition of fines and other penalties.
The Compliance Program goes through all acts of management, fundraising, relationship with the Government, administration and human resources, accounting regulation, rendering of accounts, extinction, allocation of assets and so on.