COMPLIANCE WITH LAWS
AND REGULATIONS

Ethics exist in a close relationship with compliance with laws and regulations.

At all times, every employee must ensure their strict adherence to laws and regulations, as well as to any contractual obligations arising during the course of their work.

BEST PRACTICES

  • With your manager, discuss the Legal knowledge required by your position;

  • If your position requires it, learn at least the basics of the relevant laws and regulations;

  • Make use of the legal monitoring* tool of your company if available, and/or ask your Legal Division;

  • Comply with applicable delegations**.

BE AWARE

If the legality of a document is in question, follow the procedures:

  • Discuss the issue with your manager and colleagues in your Division;

  • Depending on the issue, reach out to the Legal Affairs & Insurance Division, the Group Ethics & Compliance officer, and/or your HR manager.

STRICTLY FORBIDDEN

  • Offer or receive money, gifts, kickbacks, commissions or anything of value;

  • improperly win business or gain a contract.

* for more information about the legal monitoring tool, please contact your legal division
** for more information about applicable delegations, please ask your manager or contact your legal division
For example:

I have just been promoted to a new position. My new job involves the management of the wildlife hazard on the airport, and my team just let me know that we must comply with a specific regulation that I am not familiar with.

What should I do?

You should discuss the situation with your manager, and ask your legal division to provide the relevant information.

For example:

I am a Terminal Security Manager. A public official has informed me that my procedures must allow State agents to proceed through the security checkpoint area on the basis of their uniform alone and without having to show a badge. Although I cannot find anything relating to this in the applicable regulation,I comply with the request as it comes from one of a government department.

Is my decision correct?

If this type of exemption is not provided for by law, a State official is not empowered to ask for it. Complying with the official’s request would break the law and endanger the company. You should reach out to the Legal Affairs Division, who can tell you whether such a law exists and assist you in framing a response for the official making the request.

COMBATING FRAUDULENT
BEHAVIOUR

Fraudulent behaviour is any act of deception designed to gain an improper or illegal advantage.

Fraudulent behaviour may be subject to prosecution. Examples include theft, extortion, embezzlement, abuse of trust, fencing, concealment, money laundering, corruption (see chapter Preventing corruption), offence of favouritism, unlawful taking of interest, misappropriation of public funds, insider dealing or the misuse of company assets, and usurpation of identity / of office.

BEST PRACTICES

Every employee should be proactive in preventing fraudulent behaviour.

  • Enforce all applicable instructions and procedures;

  • Protect the company’s assets and inventory (facilities, equipment, etc.);

  • Track all actions and retain all supporting documents.

BE AWARE

  • In cases of suspected fraud, be sure to inform your manager, the Legal Affairs Division, or the Group’s Ethics & Compliance officer.

STRICTLY FORBIDDEN

  • Agreeing to ignore the company’s procedures.

For example:

I am an accountant. One Friday at 4 PM, I get a phone call from someone claiming to be the Chief Executive Officer, instructing me to make an immediate funds transfer to an account, and giving me the details of the account.

Should I comply?

This could be an attempted fraud, commonly known as “CEO fraud”. I must make sure I follow the correct procedure, including letting my manager know and starting all required validation processes.

For example:

I am away on mission and would like to bring a present back for my kids. I use my Groupe ADP bank card to pay for it.

Is this acceptable behavioir?

This is a abuse of trust. A business bank card may only be used for work-related purposes.

PREVENTING
CORRUPTION

Corruption consists of procuring an advantage (gifts, hospitality, money, information, services, and so on) for any public or private person in order to induce them to act or refrain from acting. Corruption can be active (on the corrupter’s part) or passive (on the part of the person being corrupted).

Intent alone can be enough to qualify as an offence!

Those involved (those corrupting and those corrupted) are not the only ones liable: the company and its representatives are also liable in such cases. Furthermore, corruption damages their reputation. In order to effectively prevent corruption, the following principles must be learned and applied by all employees:
No compromise with compliance.

Groupe ADP will always be on the side of ethical employees who refuse to take part in any form of corruption or bribery.

BEST PRACTICES

  • Carry out daily operations with openness, equity and honesty, and in compliance with Groupe ADP's standard operating procedures;

  • Let our partners know about our commitment to fight corruption;

  • In cases of suspected or attempted corruption, inform your manager or the Group’s Ethics & Compliance officer;

  • Refer to the Responsible Lobbying charter which provides guidance on the representation of interests.

BE AWARE

  • Feeling indebted after having received some advantage or benefit from a partner;

  • Dealing with intermediaries (or business ‘introducers’) without communicating our commitments against corruption or enshrining them contractually;

  • Accepting or offering a gift or hospitality without analysing the context.

STRICTLY FORBIDDEN

  • Offering or accepting bribes, gifts, hospitalities, services etc. in order to obtain a call for tenders or in exchange for confidential company information;

  • Agreeing to use an intermediary specified by a client or prospect in order to secure a contract;

  • Approving receipt of a service or order greater than what was actually provided/ delivered in order to obtain a benefit from the provider, either for oneself or for others;

  • Considering a business relationship (see procedure on third party assessment) without first checking up on the third party in question (suppliers, customers, etc.);

  • Making facilitation payments in order to ease or speed up obtaining authorisations.

THE SINGLE EXCEPTION TO THESE PRINCIPLES:
a margin of tolerance applies when a person’s physical safety- or his or her relatives - is threatened. If this should happen, you should immediately inform your manager, HR manager, the Legal Affairs Division or the Ethics & Compliance Officer.

For example:

I am a baggage process expert. An equipment supplier for baggage handling systems offers me VIP seats for a major sports event if I provide them with technical data regarding our handling systems.

Is this acceptable?

This is bribery attempt that is punishable by law and by Groupe ADP.
I refuse the offer. I also inform my manager or the Ethics & Compliance officer.

For example:

I work at an airport. A local airline manager offers me a free plane ticket or upgrade if I agree to hire his son.

Is this acceptable?

This is bribery attempt that is punishable by law and by Groupe ADP. I refuse the offer. I also inform my manager or the Ethics & Compliance officer.

RISKS FOR A WORLDWIDE BREACH

FOR THE COMPANY

  • From € 5 million to 30% of the company’s turnover (french Sapin2 law)

  • Being excluded from certain market awards (e.g. by the World Bank)

  • Prohibitions against borrowing

  • Damage to the company’sreputation

FOR EMPLOYEES

  • Up to 10 years in prison

  • A fine of € 1million (french Sapin 2 law)

  • Forfeiture of civil rights

  • Being prohibited from working in the relevant domain for more than 5 years

GUARDING AGAINST GIFTS,
HOSPITALITIES AND BENEFITS

Gifts and hospitalities can easily be seen as attempts to bribe or corrupt. They must therefore remain a rare occurrence. Situations like these can expose employees and the company to the same risks.

While maintaining good relationships can occasionally lead Group employees to offer or accept gifts or hospitalities, it is essential that the context of such situations be carefully examined.

BEST PRACTICES

  • Analyse the context in which gifts or hospitalities are offered or accepted, using the 4 criteria presented below;

  • Give preference to advertising gifts or to those whose value is purely symbolic;

  • During professional gatherings, Groupe ADP may fund transport and lodgings if it is useful and beneficial for business;

  • Always ask your manager for approval for all gifts/hospitalities whose value is > € 200*.

BE AWARE

  • Avoid all gifts or hospitalities that might lead an outside observer to question the integrity of the giver or the recipient;

  • Avoid all gifts or hospitalities that might affect the impartiality of any decisions an employee must make in the interests of Groupe ADP.

STRICTLY FORBIDDEN

  • Accepting: any amount of money, even as a loan or a guarantee, or the free provision of moveable assets or property, equipment, trips or other service provided by a third party, either for oneself or for one's family, friends, or colleagues;

  • Accepting any kind of gift or hospitality that places you in the giver’s debt in any way;

  • Accepting any gift or hospitality during a strategically-important time (e.g. a call for tenders).

* Total value of all gifts or hospitalities (see Gifts & hospitalities procedure)
- Ask Ethics & Compliance Department through the platform (https://alert.groupeadp.fr).

INDICATORS
4 criteria for context analysis:

  • 1

    Reach out to the Legal Affairs Division to find out whether local laws have a specific framework.

  • 2

    Note the strategic context, if present: neither accept nor offer gifts/hospitalities during calls for tenders, voting periods, negotiations, and so on.

  • 3

    Keep things on a professional level and do not cross over into private life. The following are examples of non-professional situations:

  • Any hospitality which includes friends or family who are not directly involved in the project.

  • When time at seminars and professional events includes more free time than job-related time.

  • 4

    Establish whether the value of the gifts/hospitalities is reasonable.

  • Reciprocity test: am I authorised to provide the same value of gifts/ hospitalities within the parameters of my job?

  • Whether a gift/hospitality is reasonable may also be evaluated based on local laws and income levels, a criterion that is particularly important when one is abroad. As an example, it might be 5 - 10% of an average wage in the other country.

  • When evaluating value, take into account all other gifts/hospitalities in the past (total them by year or by quarter - see graphic below).

SUMMARY

DETECTING AND DEALING
WITH CONFLICTS OF INTERESTS

Conflicts of interests arise when the personal interests of an employee or person close to them compete with an employee’s job description or mission as set out by the company. The employee can no longer be relied on to make impartial professional decisions. While a conflict of interests is not an offence, it often arises from a sensitive situation that may lead to actual offences.

A conflict of interests can arise at any time and in any situation: in dealings with an external partner, within a team, when recruiting someone you know, etc.

BEST PRACTICES

  • Carry out your duties at work in the sole and strict interests of the company, and never based on personal interest;

  • Know how to spot a potential or emerging conflict of interests;

  • Report any actual or suspected conflict of interests to your manager or Ethics & Compliance officer, and decide together on the best way to deal with the situation in order to minimise the risk to the employee and the company.

BE AWARE

  • Be aware of your friends, family, or employees who might have business or personal relations or even financial interests with a Groupe ADP supplier, competitor, or customer;

  • In some public situations (e.g. elected mandate), be sure to avoid taking part in decisions relating to Groupe ADP, its subsidiaries or its joint ventures.

STRICTLY FORBIDDEN

  • Concealing a conflict of interests that could be damaging to the Group or an employee;

For example:

I am involved in selecting a supplier. My brother works for a company that is applying.

What should I do?

Depending on the job my brother has with that company and the financial stakes involved, there may be a conflict of interests. The only way to decide whether the situation is acceptable or not is to discuss the situation honestly and openly with your manager, to find a solution that will protect you and Groupe ADP.

For example:

In my spare time, I am the vice-chairman of an airport neighbours' association. In my work at Groupe ADP, I am responsible for working on a new runway project.

What should I do?

Groupe ADP respects the private lives of its employees and indeed encourages them to take part in community life and associations. However, if you think your involvement with the airport neighbours' association is leading or might lead to a conflict with the interests of Groupe ADP, you must let your manager know about it. Your manager or your Ethics & Compliance officer will advise you on the best way to proceed.

SAFEGUARDING PERSONAL
DATA AND INFORMATION

Daily operations within Groupe ADP require the sharing and processing of a wide range of company-specific data, activities, statistics and studies. This body of information is a valuable asset. The company is at risk when data is leaked, incorrectly processed or poorly managed.

Our data assets must be protected to ensure the company's future growth and competitiveness. It is vital that we protect and manage the Group’s sensitive and confidential data, whatever its type, form, or location.

To this end, Groupe ADP has developed a Group Data Protection Policy*. All employees are responsible for implementing it on a daily and systematic basis. All employees must be actively involved in complying with the policy.

* for more information, please contact the Division in charge of Safety and risk management.

SPECIAL CASE:
PERSONAL DATA

Any information which may be used to identify a specific individual (e.g. first & last name), or which allows a person to be identified by cross-referencing several data points (phone number, registration number, badge number, etc.) is considered personal data. A subset of this is considered sensitive or confidential data (biometric data, health information, etc.).

The use of such personal data must comply with all applicable regulations, especially with the requirements of the European General Data Protection Regulation (GDPR).

PENALTIES FOR FAILING TO PROTECT PERSONAL DATA UNDER EUROPEAN REGULATION

Common offences:
2% of the Group’s consolidated turnover. Applies to: breach of duty by the processing manager and sub-contractor, failure to comply with obligations by the company responsible for monitoring adherence to the code of conduct.

Failure to comply with basic principles, personal rights, or obligations during data-transfers to other countries or to international organisations: 4% of the Group’s consolidated turnover for the previous year.

BEST PRACTICES

  • Maintain the highest levels of discretion and confidentiality when dealing with company- related data, whether inside or outside the company;

  • Assess the confidentiality of the information contained in a given document and record its level on that document, using the Group's 4-tier confidentiality scale (public, restricted, confidential, highly confidential). See also the Group’s data protection policy*;

  • Make sure your surroundings are secure when working on confidential information, using only company equipment and never doing such work in public places;

  • When communicating CONFIDENTIAL or HIGHLY CONFIDENTIAL information (whether verbally, in writing, or digitally), make sure you are communicating only with known and identified persons; if such persons are not part of Groupe ADP or if the data is HIGHLY CONFIDENTIAL, make sure you obtain a confidentiality agreement;

  • Store and destroy the documents you deal with based on their confidentiality level (reinforced cupboard, shredder, etc.).

Protecting personal data:

  • As soon as you begin a project, identify the personal data you will be dealing with as part of your work;

  • Follow the local regulation and internal rules about data protection (record, collect...);

  • Your data protection actions should be proportional to the level of confidentiality of the data, including in cases of transmission;

  • Purge data from your personal storage media as soon as the data is no longer in use.

BE AWARE

  • Follow Group guidelines and rules when you work at home;

  • Follow Group regulations when away on mission.

Protecting personal data:

  • Immediately inform your legal division, or data protection officer, or your IT if you suspect or know of data theft or loss (e.g. on a USB stick), or if data have been altered (e.g. hacking).

STRICTLY FORBIDDEN

  • Disclosing information, documents or files of any kind, including current or planned projects or studies, in particular industrial, commercial, financial, technical or other operations, or any secrets and processes relating to the business of any Groupe ADP company, in any form, without legitimate reason and without applying appropriate protective measures;

  • Disclosing specific information on social media about projects you are working on or have worked on.

Protecting personal data:

  • Not respecting the terms of local regulation or internal rules about personal data protection.

* for more information, please contact the Division in charge of data protection.

Computers and data protection

1

PASSWORDS

Use complex passwords, avoid using the same password in several places, never reveal a password

2

SAVING AND BACKUPS

Only save your work data on the company’s storage media

3

UPDATES

Apply any updates required by the Information Systems Division to your devices as soon as possible

4

FLASH DRIVES

Try to avoid the use of flash drives / USB sticks and never use them to store confidential data (high risk of loss or malware propagation);
use the sharing platform by existing company tool for file transfers

5

EMAIL

Report all suspect messages to your division in charge of data protection*, and examine all links and attachments before clicking on them

6

DOWNLOADING

If in doubt, ask your division in charge of data protection*, to check download links for safety

7

ROAMING

Never store work data on your PC; always use the storage options provided by the company; use privacy filters

8

SEPARATING WORK/ PERSONAL USES

Keep your work and personal uses separate, including email, devices, storage, etc.

9

MALWARE

Immediately turn of your workstation if it behaves oddly and contact IT support

* For France : flashvir@adp.fr.

UPHOLDING THE PRINCIPLES
OF FREE COMPETITION

Open, unhindered competition is a basic requirement for healthy and loyal business relations.

Competition law forbids price-fixing, contract-sharing, and strategic information sharing between competitors, as well the abuse of a dominant position.

It requires that economic actors competing for the same contract be treated equally.

In its relations with its business partners, Groupe ADP bases its behaviour on the principles of loyalty, transparency and non-discrimination.

In purchasing, Groupe ADP applies very specific rules that regulate public contracts.

Ignorance or lack of understanding of these rules exposes employees and the company to heavy administrative, civil or even criminal penalties.

BEST PRACTICES

  • Always treat our partners fairly (suppliers, customers, businesses, etc.) by providing every stakeholder with the same information.

BE AWARE

  • Report to your manager if you suspect prohibited collusion between competitors (e.g. bidders in a call for tenders who decide to engage in price fixing);

  • Never offer rebates, discounts or financial benefits of any kind without following the proper procedure;

  • When in doubt, consult with your manager, the Legal Affairs Division, or your Ethics & Compliance officer in order to assess any potential risk and decide how to move forward.

STRICTLY FORBIDDEN

  • Directly or indirectly disclosing strategic information to competing airports;

  • Directly or indirectly facilitating the disclosure of confidential business information between competing customers, trade operators or suppliers.

For example:

At a conference, a colleague from another airport let me know that he would like discuss airport best practices with me. As this seems like a useful idea, we decided to send each other information emails every month.

Is this acceptable?

Disclosing current or future, specific and non-aggregated, confidential and non-public business information relating to commercial secrecy is strictly forbidden and may lead to disciplinary action. Such data includes strategies on pricing, costs, and business policies with respect to other airlines.

Discuss the matter with the Legal Affairs Division and get their advice.

For example:

A new airline area is being built. In order to make the best possible use of resources, the feasibility studies are being conducted with airline Y who will set up in this new area.

Should Groupe ADP inform other airlines of this project?

Groupe ADP is free to make airport sites and facilities available at its discretion. However, this allocation must be made under conditions of fair competition between the various airlines. It is therefore important to consult with all airlines in order to avoid accusations of favouritism or discrimination.

PENALTIES

FOR THE COMPANY

  • Up to 10% of global consolidated turnover

  • Annulment of the contract or of the disputed clauses

  • Damages and interest claims

  • Exclusion from calls for tenders

  • Damage to reputation

FOR EMPLOYEES

  • For severe cases, up to 4 years in prison

  • 75,000 euros in fines

RESPECTING OUR EMPLOYEES,
COLLEAGUES AND PARTNERS

Respecting our employees improves their well-being and contributes to our success. With this in mind, it is particularly important to fight against discrimination and harassment.

Treating our partners with the same respect enhances collaboration and trust.

BEST PRACTICES

  • Being attentive to our employees and colleagues and treating them fairly;

  • Creating an environment that fosters trust and dialogue in order to better manage sensitive issues within our teams. For example: encourage direct discussion rather than emails as soon as possible, write clear and courteous emails, limit the amount of email sent outside work hours except in emergencies;

  • Be respectful: treat work colleagues, partners and customers in a way that is consistent with the Group's major commitments;

  • Inform your manager or Ethics & Compliance officer in cases of harassment or discrimination;

  • Inform our partners of the broad lines of our ethical commitments and be ready to discuss these issues with them.

BE AWARE

  • Keep an eye out for hints and indications that colleagues may be in an uncomfortable situation;

  • Detect and escalate any instances when our partners deviate from our ethical principles.

STRICTLY FORBIDDEN

  • Direct or indirect discrimination, particularly during the hiring or promotion process;

  • Acting in ways which might be experienced as harassment or sexist behaviour.

For example:

A colleague decided not to select a particular supplier, although that supplier seems to meet all of our requirements. Given the frequent comments I have heard him make, I suspect his decision has something to do with the company manager’s nationality.

What should I do?

Discrimination based on skin colour, nationality or ethnicity is unacceptable and prohibited. You should report the issue to your manager, to the relevant HR contact, or to your Ethics & Compliance officer.

For example:

My line manager, constantly criticises and belittles the work of a colleague, who have completely lost their self-confidence despite having been recognised for their competence in the past.

What can I do?

An important part of a manager’s role is to encourage and motivate his or her team, which also requires them to treat each colleague with objectivity and fairness. A manager sets the example and is expected to treat members of their team - individually and as a group - with respect and equity.

If you witness or are the victim of mental and/or sexual harassment, do not keep it a secret. Please discuss the issue with your HR representative or Ethics & Compliance officer.

PENALTIES UNDER FRENCH LAW

DISCRIMINATION

  • Up to 3 years’ imprisonment and a fine of € 45,000

HARASSMENT

  • Up to 3 years’ imprisonment and a fine of € 45,000

DEALING WITH
SENSITIVE SITUATIONS

Never remain alone in sensitive situations

Ask yourself the following questions:

To whom should you talk?
And how do you reach them?

If you have questions or would like to report a breach of the Code of Conduct, please contact:

  • 1/

    Your managers

  • 2/

    The relevant department for the issue in question: Human Resources Division, Legal Affairs Division, etc.

  • 3/

    The Ethics & Compliance officer, using the whistleblowing platform at https://alert.groupeadp.fr

    (See also the Whistleblowing Charter)

Reasons to use the alert system

The good image of the Group is vital to its growth and performance. Through what they say and how they behave, every employee contributes in some way to the Group’s reputation.

Reporting issues allows the Group to employ a progress-making approach while protecting its own and its employees’ interests.

Am I protected if I use the whistle- blowing system?

The system is designed to protect whistleblower acting selflessly, in good faith and who have had personal knowledge of the facts, by guaranteeing that their identity and information will be kept confidential. The whistleblower is protected both during and after the investigation of their report. Any breach of this confidentiality by those responsible for dealing with alerts may lead to sanction.

Everyone has a right to use the whistleblowing system without needing a manager’s prior approval or knowledge. Any attempt to interfere with or prevent a whistleblowing report may lead to sanction.

However, the frivolous (bad-faith) use of the whistleblowing system may be subject to disciplinary action.

Summary