CODE OF CONDUCT ON THE PREVENTION OF CORRUPTION AND RELATED INFRINGEMENTS

SURFORMA, S.A.

June 2022

SURFORMA, S.A. ("the Company") conducts its business according to high standards of responsibility and professional ethics, guided by the principles of integrity, transparency, honesty, loyalty, accuracy, and good faith.
The Company has adopted a regulatory compliance programme to prevent, detect and sanction acts of Corruption and Related Infringements, carried out against or through the Company, which, in compliance with Decree-Law 109-E/2021, of 9 December (“General Corruption Prevention Framework” or “GCPF”), comprises the following (referred to together as the “Regulatory Compliance Programme”):

(i) a plan for the prevention of risks of corruption and related infringements (“risk prevention plan, RPP”);
(ii) this Code of Conduct on the Prevention of Corruption and Related Infringements ("the Code"),
(iii) a training programme, and
(iv) a reporting channel and the respective Whistle-blowing Regulations.

1. Object

1.1. This Code establishes the set of principles, values, and rules of action, across all its activities, in matters of professional ethics and prevention of Corruption and Related Infractions, as set forth in the GCPF.

1.2. For the purposes of this Code, the following terms and expressions shall have the meanings set out below, when beginning with a capital letter, either in the singular or plural:

a. Employees and Members of the Governing Bodies (together, "Employees"): all Company employees, including members of its governing bodies.
b. Corruption and Related Infringements: the crimes of corruption, undue receipt and offer of advantage, embezzlement, graft, extortion, abuse of power, misfeasance, trading in influence, money laundering, or fraud in obtaining a subsidy, grant, or credit, provided for in the Criminal Code, approved in annex to Decree-Law 48/95, of 15 March, in its current wording, in Law 34/87, of 16 July, in its current wording, in the Code of Military Justice, approved in annex to Law 100/2003, of 15 November, in Law 50/2007, of 31 August, in its current wording, Law 20/2008, of 21 April, in its current wording, and Decree-Law 28/84 of 20 January, in its current wording. Also covered are the versions of the aforementioned bills of law in force at any given time and other laws that may regulate matters which, by their nature, should be considered to be covered in future.
c. Partners: third parties acting on behalf of the Company, its suppliers and customers.

2. Scope of Application

This Code covers the practices that, in accordance with the law, concern private entities, all Employees, and all Partners (with respective adaptations).

3. Regulatory Compliance Officer

3.1. The Regulatory Compliance Officer ("RCO"), appointed by the Company, monitors and controls the execution of the Regulatory Compliance Programme, without prejudice to the powers legally conferred on other Company bodies or Employees.

3.2. The Regulatory Compliance Officer carries out his or her duties independently and with autonomy in decision-making, having access to internal information and to the technical and human resources necessary for the performance of his or her duties.

3.3. The Regulatory Compliance Officer shall provide all necessary clarification on the application of the Code.

4. Prevention of Corruption and Related Infringements – Rules of Conduct and Behaviour

4.1. The Company shuns any practice of corruption, bribery, or related offences, whether active or passive, and other forms of undue influence or illicit conduct, imposing strict compliance with these principles in all its internal and external relationships, whether with private or public entities.

4.2. All Employees must comply with applicable national and international rules on combating corruption and related infringements, and any behaviour that may constitute a crime of corruption or any related infringement as defined in the law is expressly forbidden. In particular, it is expressly forbidden to any Employee to:

a. accept any advantages or offers in return for preferential treatment from any third party in order to influence an action or decision;
b. offer or accept, under any circumstances and regardless of value, cash, cheques and other legally restricted assets;
c. influence the decisions of business partners in any way that is illegal or appears to contravene applicable regulations;
d. obtain any benefit or advantage for the Company, for him or herself, or for Partners, through unethical practices or practices contrary to the duties of the position, namely through corrupt practices, undue receipt of advantage, or trading of influence.

4.3. In the exercise of the Company's activity, should there be any interactions with public officials, administrative officers, government agents and other public bodies, such interactions must be guided by the highest standards of integrity and transparency, as well as by strict compliance with all applicable legal rules and ethical duties, and with the provisions of this Policy.

4.4. It is strictly prohibited to make political donations or contributions, in cash or in kind, under any circumstances, charged to and/or on behalf of the Company or in such a way that it appears to be charged to or on behalf of the Company, to political parties, candidates to political office, or organisations or individuals associated with them whose mission is primarily political.

4.5. For the purposes of this Code, offers may only be made that fall within the scope of conduct that is socially appropriate and conforms to custom. A benefit is considered socially acceptable if it is offered as a token of politeness and good manners in accordance with local custom and practice, to the extent that the benefit is related to the professional activity and is not given with the intention of persuading, obtaining preferential treatment, or obtaining unlawful advantage for the recipient or to influence his or her behaviour unduly.

5. Hiring Partners

5.1. In order to ensure that the Partners contracted by the Company respect this Code and the existing legislation on the prevention of corruption and related infringements, the Company has defined a set of principles and rules, without prejudice to the application of legal standards or any other applicable internal rules, that must be observed in contracting processes.

5.2. Thus, for the purposes of the foregoing paragraph, the following principles in particular shall be observed:

a. Contracting Partners presupposes a legitimate need for the goods or services to be procured; b. The choice of potential suppliers is based on objective, clear, impartial criteria, and made public in a transparent way;
b. The choice of potential suppliers is preceded by an analysis of the level of exposure to the risk of corruption;
c. The conditions accepted by the Company (including price and payment conditions) are in line with market practices (unless justified by a legitimate reason).

6. Breaches of the Code

6.1. Breaches of the rules set out in this Code by any Employee will be considered a serious infringement, which, depending on the degree of fault of the offender and the seriousness of the infringement, may result in the start of disciplinary proceedings and the application of one of the following disciplinary sanctions:

a. Unrecorded reprimand;
b. Recorded reprimand;
c. Financial penalty;
d. Loss of annual leave;
e. Suspension from work with loss of pay and seniority;
f. Dismissal with just cause.

6.2. In the case of breaches of this Code by Partners, there may be grounds for the application of penalties and/or termination of the contract, proportionate to the infringement.

6.3. Breaches of the Code may also lead to administrative or civil liability for offenders, and, depending on the seriousness of the infringement and the culpability of the offender, give rise to criminal sanctions.

6.4. The crimes of Corruption and Related Infringements referred to in this Policy are punishable by fines and imprisonment up to a maximum of 12 years, depending on the legal framework.

6.5. The Regulatory Compliance Officer shall draw up a report for each infringement committed, stating clearly which rules have been breached, the sanction applied, and the measures adopted or to be adopted by the Company within the scope of its internal control system.

7. Internal Reporting Channel

7.1. The Company has an Internal Reporting Channel and follows up on reports of acts of Corruption and Related Infringements, pursuant to the provisions of Law 93/2021, of 20 December 2021, which transposes Directive (EU) 2019/1937 of the European Parliament and of the Council, of 23 October 2019, on the protection of persons who report breaches of Union law.

7.2. The receipt and forwarding of complaints follows the procedure applicable to complaints set out in the Whistle-blowing Regulations, available at www.surforma.com.

8. Training

8.1. The Company is responsible for implementing an internal training programme on the content of this Code for all Employees, with a view to raising awareness and understanding of all the rules and procedures around the prevention of Corruption and Related Infringements.

8.2. The training provided shall be adapted to the duties performed by the Employees in question, taking into account the different degrees of exposure to the risks identified.

9. Validity, Review and Publicity

9.1. This Code takes effect on the date of its approval by the Board of Directors and must be revised every 3 (three) years and whenever any change occurs that would justify such a revision, namely in the Company's organic or corporate structure.

9.2. The latest version of this Code is published through the Company's intranet and at www.surforma.com.