Whistleblowing

In accordance with regulatory provisions, illimity Bank has established an internal system designed to enable internal/external parties to report (through a whistleblowing process) actions and facts that may constitute a breach of Italian and/or European legislation applicable to the activity carried out by the Bank. At the same time the internal system guarantees the confidentiality of the personal data of the whistleblower, the party allegedly responsible for the breach and any other parties mentioned, as well as safeguarding the whistleblower from retaliatory and/or discriminatory conduct.

The whistleblowing must contain a detailed description of the breach and an indication, where possible, of the rules that are considered to have been breached, any other information that may be useful in performing a verification of the contested facts and lastly an email address of the whistleblower in order to receive a receipt confirmation and the specific code required to monitor the progress in the web tool @Whistleblowing.

More specifically, in this context breach shall mean any:

• unlawful administrative, accounting, civil or criminal action;
• contrary conduct to the internal and external laws and regulations applicable to the activity carried out by illimity Bank, including those contained in the Bank’s Organisation, Management and Control Model (OMCM), and in the integrity manual discussing the illimity Group’s identity, values, commitment, persons and resources (“illimity way”);
• unlawful acts that fall within the scope of European Union law, relating to financial products and markets the prevention of money laundering and terrorist finance; personal data protection; and network and information system security;
• actions or omissions regarding consumer protection;
• actions or omissions regarding state aid;
• actions or omissions that harm the financial interests of the European Union.