The Code of Ethics Código de Ética became effective as of July 25, 2005 with the aim of providing a wide range of guidelines on accepted individual or business behavior. It applies to the Directors, Managers and employees of IRSA and its subsidiaries. The Code of Ethics that governs our activity, complying with the laws of the countries where we operate, can be viewed on our website www.irsa.com.ar. An ethics committee made up of Managers and members of the Board of Directors is responsible for resolving issues related to the Code of Ethics.
ETHICS COMMITTEE
We have an Ethics Committee focused on the administration and resolution of issues related to the Company’s Code of Ethics. This committee has two bodies, one made up of Managers and a second made up of Directors.
All employees can agree to make complaints by phone, mail, mail or in person, with any of its members. Those who communicate can do so anonymously, and the information is treated confidentially.
Queries or complaints received by the Committee are recorded, analyzed or resolved.
WHISTLEBLOWER CHANNEL
IRSA makes the following channels available to report anonymously and under strict confidentiality any alleged irregularity related to our company: a) Telephone: 0-800-999-4636 / 0-800-122-7374; b) Web: www.resguarda.com/IRSA and c) E-mail: etica.irsa@resguarda.com
INVESTOR RELATIONS AND INFORMATION DISCLOSURE
The Investor Relations team is exclusively dedicated to meeting the needs and inquiries of current and / or potential investors, providing them with the required information, giving equal treatment to all, without distinction.
SAME TREATMENT FOR ALL SHAREHOLDERS, LOCAL OR INTERNATIONAL
The Company does not make a distinction among shareholders, all receive the same treatment. Through the banks custodians of ordinary shares and ADRs, the Company promotes the participation in the Shareholders Meeting of local and foreign shareholders, institutional and retail, providing explanatory information in advance of each of the points that will be discussed at the Shareholders’ Meeting.
SIMULTANEOUS COMMUNICATIONS TO THE MARKET BOTH IN ENGLISH LIKE IN SPANISH
In addition to the publications in the different control organizations (CNV, BYMA, SEC), the Company communicates all its relevant events
through an email distribution system that reaches a significant number of current and / or potential investors and analysts. Investor´s channel and disclosure of information.
Likewise, in each presentation of the interim and annual financial statements, the Company issues a “Press Release” for the investor
market and subsequently conducts a conference call with online presentation where investors and analysts can contact Company
officials directly and ask questions in real time.
UPDATED WEBSITE WITH COMPLETE INFORMATION AND DIRECT ACCESS TO INDEPENDENT WHISTLEBLOWER HOTLINE
The company has a website (www.irsa.com.ar) through which shareholders and other investors, current and / or potential, can find out about all the relevant events of the company and at the same time contact the Investor Relations department to obtain information and
receive a response on all kinds of consultation related to the Company.
ACTIVE ROLE OF LOCAL AND INTERNATIONAL CONFERENCES (IN VIRTUAL FORM DURING 2020 AND 2021). THE COMPANY PERIODICALLY ORGANIZES A DAY OF INVESTORS AND ANALYSTS IN NEW YORK.
The Company participates in local and international conferences of fixed and variable income and periodically organizes an Annual Investor Day in New York City, in which our President and top management meets with investors and reviews the annual results and perspectives of the Company.
During this year, IRSA PC has participated in the virtual Investors Conferences organized by the Banks that cover the company because of the COVID-19 pandemic.
OUR COMPLIANCE MODEL
The company has a Compliance model that manages the risks to which it is exposed. The model used to fulfill this function articulates five areas under the same management that together offer the security framework according to the risk profile of the society. Below is a description of the main functions of each of them:
1. Corporate Governance
Like any Public Company, to protect the interests of our shareholders, it must be ensured that the model of design, integration and operation of the governing bodies of the company allow it to consolidate in the market due to its transparency The purpose of the Corporate Governance Management is to evaluate and consolidate the appropriate management and control structures, to set up the necessary committees to make decisions and to comply with the laws and regulations to which the Company is subject. In the adopted model of Corporate Governance, the following principles are pursued:
•Protection and fair treatment of all shareholders.
•Transparency in transactions and adequate exposure of the relevant facts of the Company
•Appropriate treatment of third parties involved: suppliers, customers and employees.
•Adequate supervision of the management team by the Board.
As a demonstration of the foregoing, we refer Exhibit I of this Annual Report, which includes the Report on the Corporate Governance Code, in accordance with the provisions of the CNV regulations.
2. Process Quality
The company documents its policies and procedures, that previously develops and validates with the management team. As a whole, referrals constitute the documentary model that is communicated to all employees, managing to conserve and transmit knowledge as well as assessing its effective compliance and laying the foundations for its continuous improvement.
3. Security of the information
For information security, we understand the process by which the Company protects information and data in terms of confidentiality, integrity and availability.
The area of Information Security has the vision of offering best security practices with the aim of providing the adequate mechanisms for the protection of its computer assets and information systems; and minimize the risks to which the Organization is exposed by achieving an environment of protection.
The pillars are:
• Security (Confidentiality of sensitive information).
• Continuity (Availability of systems and information).
• Data (Integrity of information).
Based on these, a Strategic Information Security Plan has been designed with a focus on strengthening, aligning and adding value to maximize the level of the security framework applied, based on international standards.
4. Risk Management and Internal Audit
It is the area responsible for carrying out the following activities:
I. Risk assessment
II. Control design review
III. Control compliance review
IV. Special projects
I. Risk assessment:
It involves collaborating with those responsible for the area in analyzing operational, regulatory, and reputational risks that are relevant to the achievement of the objectives. It also includes the task of documenting risks, assigning them a value (risk level) and considering the internal or external factors that cause them.
II. Control design review:
It consists of assisting the area managers to establish the necessary controls (preventive / detective) for each process and thus reduce risks to an acceptable level. Likewise, the adequate separation of incompatible functions (custody of assets, authorization, registration) is addressed.
III. Control compliance review:
The task consists in running independent and objective tests to verify operational compliance with previously defined controls, to determine if the controls are present and functioning properly.
The area runs the following type of reviews:
• Cross-sectional reviews: end-to-end reviews of the processes, verifying that the operating areas have internal controls and procedures to mitigate the risks under their responsibility.
• Occasional reviews: verifications of the key controls of a particular activity to verify the degree of compliance by theresponsible areas.
IV. Special projects:
They are collaborative works with other areas to solve complex problems or mitigate the appearance of new risks.
Annually, the area submits the Internal Audit Plan to the Audit Committee with the planned reviews, which may vary in scope and frequency depending on the risk assessment, aligned with the business objectives and the priorities of the parties.
interested parties and ends with the issuance of reports that are delivered to the responsible managements, the General Manager, and the Audit Committee. The area also holds regular meetings with the Audit Committee.
Companies listed in the US Securities and Exchange Commission (SEC) are required by the Sarbanes-Oxley Act (SOX) to issue a certification on their accounting statements and financial information. The area plans, executes and coordinates the annual SOX Certification process, to ensure that the financial statements adequately reflect the economic reality of the company. Management uses the Integrated Internal Control Framework issued by the Committee of Sponsoring Organizations of the Treadway Commission (“COSO 2013 Report”) to evaluate the effectiveness of internal controls over financial reporting.
