Risk & Compliance

We offer a new approach to managing compliance risks at our clients, aimed at preventing, detecting and responding to the legal challenges they face in an ordered and systematic way. We use a methodology designed in accordance with recognized international standards, supported by a technology solution, CORE, which simplifies the work and reduces the time necessary to manage compliance.

Some of our credentials

Corporate responsibility

Assessment of corporate responsibility and management of compliance. Master Plan.

Risk and Compliance

Assessment of corporate responsibility and management of compliance. Master Plan

Client:

FRINSA

Period:

2016-2017

Location:

2016-2017

Activities performed:

Aim: corporate management in the area of corporate responsibility and compliance management, from a risk management approach.

The main tasks, performed in conjunction with a multidisciplinary team from Garrigues, included:

  • Assessment of the institutional situation and corporate management of material aspects.
  • Due diligence review of relevant areas from a legal standpoint.
  • Risk map
  • Preparation of Master Plan.

Contact persons:

Roberto García Polo
Environmental, social & governance (ESG) risks

Management of ESG risks in the supply chain of Gas Natural Fenosa.

Risk and Compliance

Management of ESG risks in the supply chain of Gas Natural Fenosa

Client:

GAS NATURAL FENOSA (GNF)

Period:

2015

Location:

Spain

Activities performed:

Aim: to reinforce ESG aspects in the management of the Group’s suppliers to ensure they are considered a risk factor, at the same level as other risk factors (operating, quality, health and occupational risk prevention, and legal risks).

The main tasks included:

  • Definition of an ESG risk methodology specific to GNF.
  • Preparation of an ESG risk map, by supplier subtype.
  • Development of specific questionnaires to analyze ESG risks.
  • Review of GNF’s codes and policies in order to integrate environmental, social and governance aspects with respect to its suppliers.

Contact persons:

Laura Santiago
Criminal risk management systems

Design and implementation of criminal risk management systems and corporate compliance systems.

Risk and Compliance

Design and implementation of criminal risk management systems and corporate compliance systems

Client:

Multiple clients in a range of sectors (confidential)

Period:

2010-2017

Location:

Spain

Activities performed:

Aim: to prevent the commission of criminal offenses at organizations and improve their defense options by complying with the conditions or requirements for exemption or reduction of the Company’s criminal liability in criminal proceedings, all of the above with a multidisciplinary team of expert criminal lawyers from Garrigues and consultants from G-advisory.

The main tasks included:

  • Knowledge of the organization and preparation of a preliminary risk map.
  • Training on criminal matters and preparation of the definitive risk map.
  • Installation of and training on the compliance management tool (CORE).
  • Preparation of the management system and its constituent documents.
  • Support for the implementation of the criminal risk management systems.

Contact persons:

Roberto García Polo
Laura Santiago
Criminal risk management systems

Support for implementation of the Group’s criminal risk management system.

Risk and Compliance

Support for implementation of the Group’s criminal risk management system

Client:

Antolín Group

Period:

2016-2017

Location:

Spain

Activities performed:

Aim: to prevent the commission of criminal offenses at organizations and improve their defense options by complying with the conditions or requirements for exemption or reduction of the Company’s criminal liability in criminal proceedings, all of the above with a multidisciplinary team of expert criminal lawyers from Garrigues and consultants from G-advisory.

The main tasks included:

  • Knowledge of the organization and preparation of a preliminary risk map.
  • Training on criminal matters and preparation of the definitive risk map.
  • Installation of and training on the compliance management tool (CORE).
  • Preparation of the management system and its constituent documents.
  • Support for the implementation of the criminal risk management systems.

Contact persons:

Roberto García Polo
Laura Santiago
Compliance

Design and implementation of the General Regulatory Compliance System at AENA.

Risk and Compliance

Design and implementation of the General Regulatory Compliance System at AENA

Client:

AENA

Period:

2017

Location:

Spain

Activities performed:

Aim: to design and implement a General Regulatory Compliance System at AENA, review the functioning of the Corporate Compliance Model, provide the entire organization with the necessary training and raise awareness, all with the participation of a multidisciplinary team with extensive experience in this area made up of professionals from the Garrigues Group.

The main tasks included:

  • Review of the general regulatory framework, corporate policies and code of conduct of Aena’s corporate governance system and preparation of the necessary documents.
  • Analysis of the regulatory compliance risks and existing controls associated with them.
  • Additional necessary controls, supervision and reporting.
  • Training and communication of the System.

Contact persons:

Laura Santiago
CORE Tool

Garrigues and G-advisory technology solution for compliance management.

Risk and Compliance

Garrigues and G-advisory technology solution for compliance management

Client:

Multiple clients

Period:

2016-2017

Location:

Spain

Activities performed:

CORE (Control del Riesgo Empresarial -corporate risk monitoring)- is a software tool for risk and compliance management that simplifies and reduces the work needed, both during the design of the management system and in the later stages of its life cycle.

CORE helps:

  1. Integrate the management of all types of risks and monitoring procedures (legal, environmental, operational, regarding the supply chain, etc.) in a single platform.
  2. Identify the persons responsible for each type of risk, monitoring, country, location, business unit, etc.
  3. Provide guidance in the risk identification and analysis process and standardize assessment methods through the use of specific questionnaires tailored to each type of risk.
  4. Monitor the actions established in the management system, assigning a status, person responsible and timescale for each of them, with the possibility of creating delegated actions and personalized alerts.
  5. Simplify document access and management for the documents generated in the system, by associating the policies and procedures, and the templates or records arising in connection with them, with the risks, monitoring procedures and actions.
  6. Simplify communications through automatic notification of the assignment of responsibilities or proximity of deadlines, as well as management of manual email distribution lists.
  7. Prepare reports from predesigned internal reporting templates and export information to Excel spreadsheets in a structured way, for the preparation of specific reports (statistics, indicators, etc.).

Contact persons:

Roberto García Polo
Laura Santiago