Anti-Bribery and Anti-Corruption Policy

Anti-Bribery and Anti-Corruption Policy

1. Objective Establish the anti-corruption and anti-bribery conduct standards that all company personnel must follow regarding interactions with officials, suppliers, and stakeholders as applicable in activities related to service delivery.

2. Scope It is generally applicable and mandatory for personnel executing activities in various processes, as well as suppliers, officials, and any stakeholder identified by the company within the Anti-Bribery Management System.

3. Definitions

No.	Concept	Description
01	Legal Department	The department within the company responsible for continuity, support, and follow-up on legal matters.
02	Employee	All personnel providing subordinate services to the company.
03	Integrity Committee	The body responsible for establishing minimum bases for prevention, attention, investigation, and implementation of sanctions regarding bribery, corruption, personal data protection, labor equality, and non-discrimination.
04	Legislation	Set of laws, regulations, and other norms by which a State or a specific activity is regulated.
05	Anti-Corruption Legislation	Set of laws, regulations, and other norms that regulate or are relevant in the prevention and combat of corruption and bribery, which are positive and in force in the Mexican Republic.
06	Compliance Officer	The person responsible for monitoring the proper implementation and functioning of the applicable normative and legal framework documentation of the organization, as well as managing the complaint channel regarding conduct, activities, or behaviors carried out by personnel, suppliers, shareholders that cause them to incur an infraction.
07	Damage	Personal or patrimonial harm or detriment.
08	Misrepresentation	Can originate from fraud or error, may result from lack of accuracy in data compilation and processing, omission of accounting records, or incorrect estimates.
09	Bribery	Offering, promising, giving, accepting, or requesting an undue advantage of any value, directly or indirectly, or regardless of its location, in violation of applicable law, as an incentive or reward for a person to act or refrain from acting in relation to the performance of that person’s duties.
10	Third Parties	Refers to any natural or legal person outside the company.
11	Influence Peddling	Crime committed by a public official, authority, or any individual who influences another official or authority, taking advantage of the powers of their position, hierarchical relationship, or any other situation, to obtain a resolution or advantage in certain circumstances that may directly or indirectly generate an economic benefit for themselves or a third party.

4. Development The company is committed to the highest ethical standards in the businesses it participates in and in the provision of its services.

Therefore, the company complies with all applicable anti-corruption and anti-bribery laws in Mexico and in the places where it provides services. It complies with international treaties in which Mexico aligns with the Federal Penal Code, the Law of Acquisitions, Leases, and Services of the Public Sector, the Law of Public Works and Related Services, and the Federal Anti-Corruption Law in Public Contracting, as well as the applicable correlating laws in States and Municipalities (collectively, the “Anti-Corruption Legislation”).

Consequently, the company prohibits any person representing it directly or indirectly (including its suppliers) from offering, promising, authorizing, providing, demanding, or accepting money, gifts, loans, commissions, awards, services, benefits, or anything else to or from any person or public servant as an incentive to commit an illegal act or in any way contravene this Anti-Corruption Policy and the Anti-Corruption Legislation, thereby obtaining an undue advantage for themselves or for a third party with whom they have a relationship. Thus, the use of funds for activities that contravene this Anti-Corruption Policy is equally prohibited.

Company officials and suppliers assume the responsibility to ensure that third parties with whom they interact in business development and service provision comply with this Policy and applicable legislation.

4.1 Specific Guidelines 4.1 Implementation of the Anti-Corruption Policy The Legal Department must develop specific activities and communicate the established guidelines to operational areas, officials, and, where applicable, suppliers, third parties, and stakeholders of the company, implementing Preventive and Corrective measures. In the case of third parties and suppliers, the Integrity Committee will instruct the contact areas to execute this policy, conducting audits from time to time.

4.1.2 Preventive Measures The Integrity Committee must inform operational areas, officials, and, where applicable, suppliers, third parties, and stakeholders of the company that there will not only be a formal commitment to the application of the policy but also an internal conviction to comply with it. As an immediate consequence, the conduct of illicit business will be prevented.

4.1.3 Training The Training Department must schedule courses for employees and stakeholders of the company regarding compliance with this Anti-Corruption Policy.

Within a year, all employees, officials, suppliers, third parties, and stakeholders must participate in at least one training course.

4.1.4 Open Doors The Integrity Committee, the Compliance Officer, and the areas in contact with personnel, suppliers, and third parties must provide access to the AX-GAL-02 Mechanism to prevent, address, and sanction applicable illicit acts of corruption and bribery so that they can ask questions and make inquiries regarding the application and compliance with the Anti-Corruption Policy.

If the inquiry is received by someone other than the personnel, that person must transmit it to the Compliance Officer, or in their absence, to any member of the Integrity Committee to provide an institutional response aligned with the principles contained herein.

The head of the Integrity Committee is the Compliance Officer, and the contact email is [email protected].

4.1.5 Reporting to the Company Employees, officials, suppliers, third parties, and stakeholders assume the responsibility to report to any member of the Integrity Committee, or in the absence of any member of the Integrity Committee, to the Compliance Officer, any activity that violates or could violate this policy or applicable legislation.

The report can be made by any person who identifies themselves with an official document and describes the incident as detailed as possible, along with the evidence and convincing means they deem appropriate to the email [email protected]. The report must include the following requirements, which are essential to issue a final ruling on the submitted report:

Information about the person filing the complaint (Name, Business Unit, Position, Contact Information, Immediate Supervisor’s Name and Position)
Information about the person against whom the complaint is filed (Name, Business Unit, Position, Contact Information, Immediate Supervisor’s Name and Position)
Identify the type of conduct or behavior the complaint refers to (bribery, money laundering, reviewable acts, or lawful acts)
Frequency of occurrence, start dates, and the last recorded date
Detailed description of the facts, actions, or behaviors that motivate the complaint
Mention if one or more persons witnessed the events

To this end, the company has implemented a reporting system through the email [email protected], where anyone can report to the company’s Integrity Committee any activity that violates or could violate this policy or applicable legislation. It is important to state within this paragraph that the complainant may request anonymity within the same report, a request that the Integrity Committee must respect and comply with during the investigation process until it is necessary to lose such anonymity, providing immunity and protection against any person involved in the report or who could have any detriment within it.

Upon receiving the report, the Compliance Officer must convene a session with all members of the Integrity Committee to initiate the internal investigation process established within the AX-GAL-02 Mechanism to prevent, address, and sanction applicable illicit acts of corruption and bribery, with the aim of obtaining sufficient information to determine whether there is a potential violation of this Anti-Corruption Policy and applicable legislation.

If necessary, the company will hire external lawyers to advise on determining the existence of a potential violation of this policy. If a determination cannot be made with the available information or if the existence of a potential violation is determined, corrective measures will be carried out according to the AX-GAL-02 Mechanism to prevent, address, and sanction applicable illicit acts of corruption and bribery.

Know Your Suppliers and Partners When contracting third parties as suppliers and partners, the area within the company that conducts negotiations and contracting must gather information about them regarding compliance with applicable Anti-Corruption and Anti-Bribery Legislation, including their Anti-Corruption Policy, and invariably inform the Integrity Committee.

In the respective contract, third parties will be made aware of this Anti-Corruption Policy via email and must declare under oath that they, shareholders, and administrators have not been subject to any disqualification or sanction for non-compliance with applicable Anti-Corruption and Anti-Bribery Legislation.

Suppliers must be warned that a false declaration regarding non-compliance with the policy or applicable legislation will result in the immediate termination of the respective contract without liability for the company, with the third party being responsible for damages caused to the company by such termination and any damage or detriment that could be caused to the company by such non-compliance in relation to third parties or any Authority.

The information gathered and the declarations of third parties must be updated every three years.

4.1.6 Maintenance of Books and Records The company, in compliance with Chapter 27, Article 27.3, paragraph 6 of the Free Trade Agreement, regarding the maintenance of Books and Records, Financial Statements, and Accounting Standards, prohibits the following acts:

Establishing off-the-books accounts
Conducting unofficial or inadequately identified transactions
Recording non-existent expenses
Entering liabilities with incorrect identification of objects
Using false documents; and
Intentional destruction of accounting documents before the legally stipulated time.

4.1.7 Identification of Prohibited Activities and Risks The activities in which the company, its employees, officials, suppliers, third parties, and stakeholders must place special emphasis to comply with the Anti-Bribery Management System and this Policy are:

Prohibited Activities:

Bribery of public servants.
Influence peddling over public servants.
Misrepresentation and concealment in accounting records regarding bribes and other acts.
Use of external agents, consultants, and other intermediaries in bribery or influence peddling schemes.
Payments to expedite processes and procedures (“facilitation payments”).

Risk Activities:

Travel, entertainment, and gifts for public servants.
Charitable donations and community payments.
Handling cash, petty cash, certain payments to suppliers, and other similar high-risk transactions.
Corruption risk in mergers and acquisitions.
Customs.

4.1.8 Identification of Company Officials and Suppliers Involved in Prohibited and Risk Activities The accounting area, as well as external accounting advisors, must report to the company’s Integrity Committee any expense that, in their consideration, could constitute a prohibited or risk activity according to the previous classification and the logic of this Policy.

In this way, the company can exercise special care in the activities of people who, due to the nature of their functions or expenses, could carry out prohibited or risk activities.

4.1.9 Surveillance Mechanisms The Preventive Measures that are part of this Policy act as a mechanism to monitor compliance and discourage the conduct or promotion of illegal business by employees, officials, suppliers, third parties, and stakeholders of the company.

Employees, officials, suppliers, third parties, and stakeholders of the company are an important part of the surveillance mechanisms and internal policing efforts, and they must assume their responsibility to report any irregularity.

Additionally, the participation of the company’s Integrity Committee is vital to monitor the behavior of employees, officials, suppliers, third parties, and stakeholders.

4.1.10 Sanction Finally, as a preventive measure, the Integrity Committee and the Compliance Officer must inform the company’s officials, suppliers, third parties, and stakeholders that, in case of violation of this Policy, disciplinary measures deemed appropriate will be applied, including termination of the labor, professional, or commercial relationship and, as appropriate, reporting the matter to the competent authorities and all those contemplated by applicable Anti-Corruption and Anti-Bribery Legislation.

4.1.11 Corrective Measures Based on Chapter 27 of the Anti-Corruption, Article 27.5, Paragraph 2, of the Free Trade Agreement and other applicable regulations, the Integrity Committee and/or the Compliance Officer must implement Corrective Measures aimed at identifying activities that could potentially constitute a violation of this Policy or applicable legislation, investigating them to their fullest extent, applying the corresponding sanctions, and establishing a knowledge base for the continuous improvement of the Anti-Bribery Management System.

To this end, the following applicable activities must be carried out:

4.1.12 External Investigations Once the Integrity Committee determines a potential violation of the Anti-Corruption Policy or if it has not been possible to determine whether there is a potential violation, external lawyers will be hired at the discretion of the Integrity Committee and upon recommendation from the legal department to conduct the relevant investigations. These lawyers will deliver a report of the findings with supporting documentation, making a legal determination of the case under investigation.

As part of the investigation, interviews will be conducted with employees, officials, suppliers, third parties, and stakeholders of the company who are suspected, as well as other individuals determined by the external lawyers.

The purpose of the interviews is twofold: to obtain information on whether the practices of employees, officials, suppliers, third parties, and stakeholders comply with Anti-Corruption Legislation, and to instruct them on the institutional channels for internally reporting activities that could be considered violations of applicable Anti-Corruption and Anti-Bribery Legislation.

Additionally, as part of the investigation, documentation and information exchanges where records of activities in contravention of this Anti-Corruption Policy may exist will be reviewed.

4.1.13 External Audit If necessary, at the discretion of the Integrity Committee and upon recommendation from the legal department, an external accounting audit will be conducted to help identify the route and use of money in contravention of the Anti-Corruption Policy.

The conclusions of the external audit will be incorporated into the report prepared by the external lawyers with the results of their investigation.

4.1.14 Reporting to Authorities The report and supporting documentation on the activities investigated by the external lawyers will be analyzed by the legal department and the Integrity Committee, who, together with the external lawyers and depending on each particular case, will develop a strategy to report the investigated facts to the competent authorities when applicable, informing the General Management.

4.1.15 Sanction Reduction Program In case any authority initiates an administrative investigation procedure against the company, the company commits to collaborating in obtaining and identifying information and, if applicable, to submitting to the sanction reduction program established in applicable Anti-Corruption and Anti-Bribery Legislation.