1.9. Establishment, appointment and composition of the Supervisory Board

The Supervisory Board (hereinafter SB) is single-subject, as specifically approved (see CircularGdF 83607/2012) for “small entities.”

The member shall be selected from individuals with a professional profile qualified in matters relevant to Decree 231/2001.

The Supervisory Board is appointed by the Sole Director for a term of 3 years, unless otherwise determined, and has autonomous powers of initiative and control.

The Sole Administrator appoints the SB and assigns the SB’s annual compensation and annual expense budget, which may be used by the SB at its discretion in the performance of its assigned duties for external consulting expenses, travel, operational activities, and services requested from external entities.

The SB cannot hold management, executive or supervisory positions that create situations of conflict of interest.

The basic requirements are:

1. autonomy: The Supervisory Board has decision-making autonomy. The Body is autonomous with respect to the entity, that is, it is not involved in any way in operational activities, nor is it involved in management activities. In addition, the Body has the ability to carry out its role without direct or indirect conditioning by controlled entities. The activities carried out by the Supervisory Board cannot be reviewed by any other corporate body or structure. The Body is also autonomous in the regulatory sense, that is, it has the ability to determine its own behavioral and procedural rules within the scope of the powers and functions determined by the Administration. The SB is entrusted with a budget within which it can move autonomously and independently. The amount allocated to the budget will be defined from year to year by the entity in relation to the activities planned and prospected by the SB for supervisory purposes. The SB at the time when it sees the need to use the budget for certain supervisory activities, it will notify the company of the reason for which it intends to proceed in such activities, but it will be the company itself that will request the estimates and quotations. The SB will be presented with the “technical and professional” evaluation of the professionals involved in such activities (curricula vitae).
2. independence: it is a necessary condition not to be subject to any subservience ties to the Entity. Independence is achieved through proper and appropriate hierarchical placement: the SB reports directly and solely to the Administration.
3. professionalism: The Supervisory Board must be professionally capable and reliable. Technical and professional skills appropriate to the functions it is called upon to perform must therefore be guaranteed; legal, accounting, business, organizational and auditing skills are presupposed. In particular, specific skills in inspection and consultancy activities must be guaranteed, such as, for example, skills related to statistical sampling, risk analysis and assessment techniques, interviewing and questionnaire processing techniques, and fraud detection methodologies. These characteristics combined with independence ensure objectivity of judgment.
4. continuity of action: In order to give the guarantee of effective and constant implementation of the Model, the Supervisory Board operates seamlessly. The Supervisory Board, therefore, in the operational solutions adopted, guarantees a prevailing, though not necessarily exclusive, commitment that is nevertheless suitable for effectively and efficiently carrying out its institutional tasks.

The following cases are grounds for ineligibility and/or disqualification of members of the SB:

• One of the circumstances described in Article 2382 Civil Code;
• one of the situations in which the autonomy and independence of the individual component is seriously compromised;
• having a final criminal conviction for the crime referred to in the predicate offenses pursuant to Legislative Decree 231/01, including in the form of the application of the sentence on the agreement of the parties pursuant to Article 444 of the Code of Criminal Procedure.

The members of the SB also reserve the right to withdraw from the position by giving written notice by registered mail with return receipt within 30 days.

The appointment must stipulate the duration of the appointment, which is for a fixed term with the possibility of renewal. The Supervisory Board ceases its role by resignation, supervening incapacity, death or revocation.

The Supervisory Board can be revoked:

• In case of repeated failure to perform duties, or unjustified inactivity;
• in the event of the imposition of disqualification sanctions against the Entity due to the inactivity of the member of the SB;

• when violations of the Model by obligated parties are found and there is failure to report such violations and to verify the suitability and effective implementation of the Model in order to propose any changes;
• Should any of the above causes of ineligibility arise after appointment. Revocation is decided by the Sole Administrator.

In the event of resignation, supervening incapacity, death or revocation of the members of the Supervisory Board, the Sole Director will make appropriate decisions without delay.

1.10. Powers and duties

The Supervisory Board has its own internal regulations containing a description of how to carry out the tasks entrusted to it.

The Supervisory Board will meet periodically with company management and any internal contact persons as needed from time to time in the course of Supervisory activities.

The SB is entrusted with the task of supervision:

• on compliance with the Model by corporate bodies, employees, and to the extent provided for by consultants, suppliers, partners, and service companies;

• On the effectiveness and adequacy of the Model, in the prevention of crimes, in relation to the corporate structure;
• on the appropriateness of updating the Model, where there is a need to adjust it in relation to changed business, regulatory and/or socio-environmental conditions, urging the relevant bodies to this end, in accordance with the provisions of the Model itself.

More specifically, in addition to the tasks already mentioned in the previous paragraph, the SB is entrusted with the activities:

1. of verification:

1. • Collection, processing and storage of relevant information regarding compliance with the Model;
   • conducting reconnaissance of the company’s activities for the purpose of monitoring and possible updating of the mapping of sensitive activities;
   • periodic performance of targeted audits of certain transactions or specific acts carried out by FRABEMAR SRL, especially in the context of sensitive activities, the results of which must be summarized in a special report to be illustrated in the report to the deputy corporate bodies;
   • implementation of the control procedures set forth in the Model also through the issuance or proposition of internal (regulatory and/or informational) provisions;
   • activation and conduct of internal audits, liaising from time to time with relevant business functions to acquire additional elements;
   • Coordination with other company functions for the best monitoring of activities in relation to the procedures established in the Model.
2. of update:
   • interpretation of relevant regulations in coordination with the Company’s external legal advisors and verify the adequacy of the Model to these regulatory requirements;
   • Periodically updating the list of information that must be kept available to him,
   • assessment of the needs for updating the Model, including through special meetings with the various corporate functions involved;
   • monitoring the updating of the corporate organizational chart, where the organization of the entity as a whole is described with the specification of areas, structures and offices, and their functions.
3. educational
   • Coordination with human resources for the definition of training programs for personnel and the content of periodic communications to be sent to managers, employees and corporate bodies, aimed at providing them with the necessary awareness and basic knowledge of the regulations set forth in Legislative Decree 231/2001;
   • Preparation and continuous updating, in cooperation with the competent function, of the space in the company’s intranet-internet containing all information related to Legislative Decree 231/2001 and the Model;
   • Monitoring of initiatives to disseminate knowledge and understanding of the Model and preparation of internal documentation necessary for the purpose of its effective implementation, containing instructions for use, clarifications or updates thereof.
4. sanctions:

1. • reporting any violations of the Model to the Administration and the department that will consider the application of any sanction;
   • coordination with the relevant corporate functions to consider the adoption of any sanctions or measures, without prejudice to the competencies of those functions for the imposition of the adoptable measure and the related decision-making process;
   • Update on the outcomes of filing or imposition of sanctions.

By reason of the tasks entrusted, the Administrative Body is in any case the only corporate body called upon to carry out a supervisory activity on the adequacy of the intervention of the SB, since the management body is in any case ultimately responsible for the functioning and effectiveness of the Model.

The SB has, as required by law, autonomous powers of initiative and control in order to supervise the functioning and observance of the Model, but it does not have coercive or intervention powers to modify the corporate structure or sanction managers, employees, corporate bodies, consultants, service companies, partners or suppliers; these powers are delegated to the corporate bodies or relevant corporate functions.

In order to carry out its inspection activities, the SB has access, within the limits set by the Privacy legislation (as resulting in light of EU Regulation 2016/679) to1 and the Workers’ Statute), to all company documentation that it deems relevant as well as to IT and information tools related to activities classified or classifiable as at risk of crime.

The SB may make use not only of the help of all the Company’s structures, but, under its direct supervision and responsibility, of external consultants with specific professional expertise in the field, to carry out the technical operations necessary for the control function. These consultants must always report the results of their work to the SB.

The autonomy and independence that must necessarily characterize the activities of the SB have made it necessary to introduce certain forms of protection in its favor, in order to ensure the effectiveness of the Model and to prevent its control activities from generating forms of retaliation to its detriment (think of the hypothesis in which the investigations carried out by the SB may reveal elements that trace the crime or attempted commission of the crime or violation of this Model back to the top management of the company). Therefore, decisions regarding promotions, transfers or disciplinary sanctions relating to members of the SB are attributed to the exclusive competence Of the Administrative Body.

1.11. Information obligations to the Supervisory Board

The Supervisory Board must be informed, by means of appropriate reports, by managers, employees, corporate bodies, consultants, suppliers, partners and service companies about events that could give rise to FRABEMAR SRL’s responsibility under Leg. 231/2001.

The following general requirements apply in this regard:

• employees forward to the Supervisory Board any reports of the commission, or reasonable belief that crimes are being committed;
• managers shall report to the SB any violations committed by employees, corporate bodies, suppliers, service companies, consultants and partners, of which they become aware;
• whistleblowers must be guaranteed against any form of retaliation, discrimination, or penalization, and in all cases the strictest confidentiality of the whistleblower’s identity will be ensured, without prejudice to legal obligations.

There are two channels by which a FRABEMAR SRL manager and employee makes a report of a violation, or alleged violation:

1. The first is to report to one’s immediate supervisor;
2. the second, also anonymously, is to report directly to the SB.

Reports are made by employees and managers, including anonymously, directly to To the SB through:

1. e-mail to the e-mail address “solari.231@studiolegalesolari.it”, to which access is restricted to the SB only.

All individuals who are not employees of FRABEMAR SRL, such as consultants, suppliers, partners, service companies, fall under the second method of reporting, therefore making their report directly to the SB.

Reports come to the SB via an e-mail address “solari.231@studiolegalesolari.it” to which access is restricted to the SB only.

The SB evaluates the reports received, even anonymously, that present factual elements, takes any inspection actions and informs the functions involved of the result; any measures resulting from the inspection are applied by the relevant functions involved in accordance with the provisions of the Sanctions System.

In addition to the reports of general violations described above, managers and employees must obligatorily and immediately transmit to the SB information concerning:

1. Requests for legal assistance made by managers and employees in case of initiation of legal proceedings for crimes;
2. reports prepared by the managers of other corporate functions of FRABEMAR SRL as part of their control activities and from which facts, acts, events or omissions with profiles of criticality with respect to compliance with the rules of Legislative Decree 231/2001 might emerge;
3. news of the sanction proceedings carried out and any measures imposed or of the measures of dismissal of such proceedings with the relevant reasons, if they are related to the commission of crimes or violation of the Model’s rules of conduct or procedures;
4. The findings of inspections ordered by internal control functions or internal commissions from which responsibility for the commission of crimes under Legislative Decree 231/2001 is derived;
5. Notices of commencement of proceedings by the judicial police;
6. requests for legal assistance proposed by shareholders, directors, managers for the commission of crimes relevant under Legislative Decree 231/2001;
7. communications regarding changes in organizational structure, changes in delegated powers and powers;
8. The minutes of the Assembly and Board meetings;
9. changes in risk areas;
10. The implementation of operations considered risky according to the relevant regulations;
11. Contracts concluded with the PA and disbursement of public funds and contributions to the Company.

In addition, by the relevant corporate functions, it must be constantly informed:

• On the aspects of the company’s activities that may expose FRABEMAR SRL to the risk of committing one of the offenses provided for in Legislative Decree. 231/2001,
• On the relationships with service companies, suppliers, consultants and partners working on behalf of FRABEMAR SRL within the scope of sensitive activities,
• On the extraordinary operations undertaken by FRABEMAR SRL.

The reporting obligations, as well as the related sanctions in case of non-compliance with the Model, concerning non-employees of FRABEMAR SRL, such as consultants, suppliers, partners and service companies, are specified in special documents signed by these individuals or in clauses included in the contracts that bind these individuals to FRABEMAR SRL.

1.12. Reporting violations of the Model

Managers, employees of the company and recipients in general report in writing to the SB of the presence of possible violations or the commission of sanctioned offenses.

The SB undertakes to ensure the utmost confidentiality on the identity of the reporter in the handling of the report and to protect from any form of discrimination, retaliation, and penalization those individuals who make, even anonymously, such reports for conduct that has violated the Model or otherwise not in line with it. The SB evaluates at its discretion reports, even anonymous ones, that present factual elements, asking for any information. The reason for filing is given in writing by the SB.

1.13. The reporting activity of the SB to other corporate bodies

The reporting activity of the SB is always concerned with:

• • The activity carried out by the SB office,
  • The implementation of the Model,
  • any critical issues that have emerged both in terms of behavior or events internal to FRABEMAR SRL and in terms of the effectiveness of the Model.

The SB reports directly to the Administrative Body on an urgent basis and on a semi-annual and annually.

The SB shall prepare:

1. semi-annually, a written report for the Administrative Body on the activity carried out during the reporting period, the controls performed and the outcome of those controls;
2. annually, a plan of planned activities and budget request.

If the SB detects critical issues referable to any of the above organs, the corresponding report is to be addressed promptly to one of the other organs.

Meetings with the bodies to which the SB reports must be minuted, and copies of the minutes must be kept by the SB and the bodies involved from time to time.

The SB must, in addition, coordinate with the relevant functions present for the various specific profiles and/or consultants, more specifically with:

• the Company’s external legal advisers for everything related to the interpretation of relevant regulations, to determine the content of contractual clauses and commitment statements for directors, officers and auditors;
• the administrative function for corporate obligations that may be relevant to the commission of corporate offenses and for monitoring the results of the activity carried out pursuant to Legislative Decree 231/2001; also for control regarding compliance by consultants, suppliers, partners and service companies with administrative and accounting procedures within the scope of sensitive activities;
• the human resources function with regard to staff training and in the event of organizational changes that impact the mapping of sensitive activities;
• General Management regarding any disciplinary proceedings.

Whenever it deems it appropriate, the SB may coordinate with the useful corporate function to obtain as much information as possible or to carry out its activities to the best of its ability.

1.14. Operational and financial autonomy

To ensure the autonomy in the performance of the functions assigned by the SB, in the company’s Model of Organization has provided that:

• the activities of the SB do not have to be authorized in advance by any body;
• the SB has access to all information related to the company including information on computer support, and can directly request information from all personnel;
• failure to cooperate with the SB constitutes a disciplinary offense;
• the Supervisory Board has the power to dispose independently and without any prior consent of the financial resources allocated by the Administrative Body in order to carry out the assigned activity.