Compliance training
Legislative Decree no. 231/2001
The online course “The Decree 231 in business ethics” continued to be delivered in 2023. It describes, through the stories of its protagonists, the general contents of Legislative Decree no. 231/2001 and the tools adopted by Poste Italiane to comply with the principles and provisions established by the Decree itself. The course falls within the scope of compulsory training and is therefore intended for all Poste Italiane Group staff. The training initiative deals with general topics of Decree 231, which are also of interest to the Subsidiaries; however, it remains the responsibility of each Subsidiary to evaluate any further training needs on this subject, considering the specific activities carried out by its employees and the operational and organisational peculiarities of the Company itself. In addition, with regard to training initiatives aimed at the Poste Italiane Group’s managerial figures, specific training events were held on the topics of Legislative Decree no. 231/01 “The types of corruption offences” and “Market protection and corporate offences” were introduced.
“The GDPR: General Data Protection Regulation”
Since 2019, the Group has been delivering the online course “The GDPR - General Data Protection Regulation”, which provides an overview of the new features introduced and the obligations established by the General Data Protection Regulation EU 2016/679, focusing on the principle of accountability and the security measures that the data controller and data processor must adopt in order to ensure the protection of personal data. The course ends by outlining the relevant supervisory authorities, means of redress and sanctions in the event of a breach of the Regulation. The initiative is intended for all Poste Italiane Group staff, as part of the mandatory training programme. In addition, for the resources that hold the role of Data Processing Delegate, of Compiler to support the delegate and their collaborators involved in the activity of keeping the processing register, the Company has organised training workshops on the subject of “Data Processing” delivered through webinars that provide an overview of the organisational and regulatory aspects of the GDPR, focusing in particular on the management of data processing, and aim to strengthen accountability and specific knowledge on the subject of personal data processing. As of March 2022, the online course “Privacy Protection in the Post Office” is being delivered to all personnel working in Post Offices.
IT security
Like in previous years, the Group continued the delivery of the online course “Cybersecurity”, which illustrates the topic of cybersecurity, highlighting its importance in relation to the many aspects of professional life on which it can impact. The initiative is intended for all Poste Italiane Group staff. With regard to specialised technical training for resources working in Information Security, a training plan on IT Methodologies and IT Best Practices was delivered in 2023. The new online course “Fraud management” was also launched in 2023, course progressively aimed at the entire Group population and for which the first accessible training format was used.
Integrated Compliance and Antitrust
Since May 2021, Poste Italiane has been delivering the training webinar entitled “New Group Compliance Programmes - Integrated Compliance and Antitrust Compliance” aimed at the Group’s management figures. In addition, the Company has started delivering the online course “Group Integrated Compliance”, which promotes awareness of the guiding principles of the “Integrated Compliance Programme” adopted by Poste Italiane.
The course presents the main corporate regulatory tools through the analysis of the reference guidelines and contributes to promoting and disseminating a corporate culture that is aware and attentive to the issue of compliance, which represents a strategic objective and a fundamental value for the Company. The training initiative is intended for resources working in the Group’s central and territorial staff functions. The training offer also includes an additional online course called “Competition and Consumer Protection Compliance” for the same target group.
Anti-corruption
In 2023 was the start of the new version of the online course “The Integrated Management System: the Rules of the Game”, an anti-corruption training activity which, in continuity with previous editions, is intended for all Poste Italiane Group staff and describes the integrated Quality and Anti-Corruption Management System with which Poste Italiane has equipped itself, focusing on the provisions of the reference legislation on the subject and focusing attention, through the description and analysis of concrete cases, on the good practices to be followed to ensure quality and prevent corruption.
Anti-money laundering and anti-terrorism
In the year 2023, in line with the regulations of the financial and insurance sector, the usual ESMA/IVASS induction and refresher training programmes were provided, with particular focus on the topics of Anti-Money Laundering, Credit Protection Insurance policies, supplementary pensions and Ethics. For the Group Anti-Money Laundering function, a professional course was delivered with the aim of further deepening the knowledge of the pillars of AML regulation.
Sustainability and corporate policies
In this area, the Group continued with the provision of two courses in 2023 in continuity with the previous years: “Business and Human Rights Protection”, an online training programme open to all employees and aimed at promoting the knowledge and dissemination of the guiding principles adopted by the UN Human Rights Council. The course contents are produced and certified by SIOI (Italian Society for International Organisation), which can be taken through digital learning.
“Document Management”, a course intended for all Poste Italiane Headquarters personnel, down to the third organisational levels, which describes the “Document Management” procedure, essential to ensure that Poste Italiane’s Corporate Regulatory System achieves its objectives. The Regulatory System regulates both the reference principles, architecture and life cycle of regulatory documents and the roles and responsibilities of the various players involved in the document management process. It is therefore fundamental that these players, when drafting or updating company documents, know and apply the rules defined by the “Document Management” Procedure.
Transport safety and dangerous goods
The Group has organised “Air Security” training courses aimed at the resources involved in ensuring - for air freight - that security checks are carried out on cargo or mail in accordance with the regulations and in liaison with ENAC. In particular, they are made up of “Initial Training” and “Periodic Update Training” separated according to the activities/role performed.
In addition, in order to ensure the safety of employees driving HGVs, the Group organised “CQC - Carte Qualificazione Conducente” training for them. Again, the course consists of an “Initial Training” (CQC issue) and a subsequent “Periodic Update”.
Finally, with a view to ensuring regulatory compliance of the services provided by Poste Italiane with regard to the transport of dangerous goods, the company provided courses on “Dangerous Goods”. Organised training is differentiated according to the mode of transport. For air transport, the “Dangerous Goods Regulation” course was delivered, a specific training activity to support resources in the proper handling of dangerous goods.
With regard to road transport, on the other hand, the course “ADR: European Agreement concerning the international carriage of dangerous goods by road” was organized.
Integrated management system
The online course “The Integrated Management System: the Rules of the Game”, which provides an overview of the Poste Italiane Group’s Integrated Management System and focuses on the application of the fundamental rules to improve the quality of its services and prevent corruption, promoting greater awareness and improving skills and the quality of work to achieve the company objectives, was delivered to all Group staff in 2023.
We also highlight the launch in February 2023 of the online course “How to best prepare for a Management Systems Audit”. The course illustrates the purpose of a Company Management Systems Audit and provides guidance on how to carry out this important audit.
Business continuity management
In November 2023, the BIA course for Business Continuity Roles, Responsibilities and Workflows on GRC Archer was delivered in webinar mode. The course, dedicated to about 140 resources working in different corporate functions, aimed at illustrating the new Business Impact Analysis methodology for business continuity implemented on business processes according to the new methodology derived from the Group CM/BCM/IM Model.