Investors

Compliance Program

Logo_Compliance_ROMICOMPLIANCE PROGRAM OF ROMI S.A.

Compliance is to comply with and enforce rules and regulations, whether internal or external, assumed voluntarily or imposed on the organization’s activities.

The Compliance Program (“Program”) of Romi S.A. and its subsidiaries (“Company”) establishes guidelines for the prevention, detection, and correction of inadequate practices or practices that violate Laws, Standards, and external and internal Regulations, encouraging the reporting of irregularities, as well as guiding and demanding ethical and responsible conduct from its members, gaining relevance as an instrument of corporate governance.

1. PURPOSE

The Company’s Compliance Program has the following purposes:

(i) Continuously seek to comply with Laws and Regulations, as well as with the Company’s internal rules;

(ii) Increase and facilitate the monitoring of obligations and risks to act preventively;

(iii) Contribute to the dissemination of the Company’s Fundamental Principles and Values, contained in the Code of Ethics and Business Conduct;

(iv) Clarify the roles and responsibilities regarding the different Compliance activities and disseminate the culture;

(v) Ensure the existence and effectiveness of the Whistleblowing System;

(vi) Offer subsidies for the leadership to apply the Compliance principles; and

(vii) Protect the Company’s reputation and image.

2. COMPLIANCE PRINCIPLES

The Company’s pillars and main Compliance mechanisms are:

(i) Senior management commitment – Management’s direct and unconditional performance, including the Executive Board and the Board of Directors.

(ii) Risk Assessment – Risk assessment involves, among other measures, interviews with employees, document analysis, taking into account the special characteristics of the Company’s business, including whether there are transactions with the public administration and outsourcing;

(iii) Code of Ethics, Policies and Regulations – Documents containing the main foundation of the Compliance Program, including the ethical and legal practices that must be complied with by all Employees, Members of Management, Committees, and Fiscal Committee, Interns, Young Apprentices, Suppliers, Service Providers, and Shareholders, as well as any third party acting on behalf of Romi (“Employees”).

(iv) Internal controls – Mechanisms and procedures for implementing the Code of Ethics, Policies, and Regulations, in order to ensure, among other things, that accounting and tax records and controls are in accordance with the Company’s business and with the legislation;

(v) Training and communication – Must include all Employees and be carried out constantly in order to ensure the application and success of the Compliance Program;

(vi) Whistleblowing System – Mechanism aimed at reporting (including anonymously) suspicions of inappropriate, illegal, and unethical conduct;

(vii) Internal investigations – Investigations of acts or facts in order to determine improper conduct and its related aspects;

(viii) Due Diligence – Verification, from the point of view of the Compliance Program, of company partners, who may be contracted third parties to provide services or supply products; and

(ix) Auditing and monitoring – Continuous verification and certification of compliance with the Compliance Program, that is, whether all the company’s activities are in compliance with the Legislation, the Articles of Incorporation, the Code of Ethics, Policies, Regulations, and Compliance procedures.

3. COMPLIANCE PROGRAM

3.1. The Program is aimed at all Employees. It also applies to subsidiaries located abroad, subject to the respective local laws and good international practices.

3.2. The Program consolidates the following: Code, Policies, and Regulations:

(i) Code of Ethics and Business Conduct;

(ii) Anti-Corruption and Bribery Policy;

(iii) Policy for Related-Party Transactions;

(iv) Appointment Policy;

(v) Compensation Policy;

(vi) Risk Management Policy;

(vii) Disclosure Policy;

(viii) Dividend Policy;

(ix) Negotiation Policy;

(x) Social Investment Policy;

(xi) Diversity and Inclusion (“D&I”) Policy

(xii) Board of Directors Bylaws;

(xiii) Fiscal Committee Bylaws;

(xiv) Executive Board Bylaws;

(xv) Committees Bylaws;

(xvi) Risk and Audit Committee Bylaws;

(xvii) Executive Ethics Committee Bylaws;

(xviii) Internal Audit Bylaws.

4. PENALTIES

Any violation of the provisions of this Program shall be submitted to the Company’s Executive Ethics Committee or, as provided in the Code of Ethics, Policies, and Regulations, to the Board of Directors, and the applicable penalties must be adopted, without prejudice to the penalties provided for in the current legislation.

5. APPROVAL, TERM OF EFFECTIVENESS, AND AMENDMENTS

5.1. This Program was approved by the Company’s Board of Directors at a meeting held on December 10, 2019, and will become valid on March 2, 2020, for an indefinite period, until a resolution to the contrary is approved, which can be found on the company’s website: https://www.romi.com/investidores.

5.2. The Legal and Compliance Department will be responsible for proposing, together with the Internal Audit, to the Executive Ethics Committee, recommendations for improving the Compliance Program, aiming at permanent updating. The Committee, in turn, may submit such changes to the Board of Directors for deliberation.

5.3. The Committee is responsible for establishing, impartially, criteria for the treatment of situations not provided for in the Program, resolving controversial situations, resolving ethical dilemmas, and guaranteeing uniformity of the criteria used to resolve similar cases.