Share in shareholders & investors

Compliance

The Compliance function of Telefónica Group, which reports to the Board of Directors through the Audit and Control Committee, is aimed at managing preventive and reactive environments related to compliance with (a) law (b) Telefónica’s internal rules, both in the Corporation and in the operating businesses (Countries and Businesses), in general and with focus in specific sensitive matters depending on the circumstances.

Operating model

The Compliance activity is structured around two areas:

  • Prevention, aimed at strengthening the compliance culture and reducing the likelihood of improper conduct.
  • Response, which sets out the protocols to act upon indications of non-compliance and to manage potential breaches.
Compliance is everyone's job at Telefónica. Prevention; Detection; Reaction-Response. Detailed description of the infographic in the text below

Scope of action

Alongside the safeguarding of integrity and international sanctions regimes, Telefónica identifies several key areas for the implementation of its Compliance model, including:

Integrity and sanctions

Fiscal

Labor

Privacy and protection of personal data

Specific financial regulations, rules on anti-money laundering and Finance of Terrorism

Sustainability, Supply Chain and Human Rights

Relations with competitors

Regulated areas in terms of Compliance

Compliance with specific sector regulations and customer focus

Security

Artificial Intelligence

Integrity and international sanctions

Integrity is a cross-cutting pillar of Telefónica’s Compliance model. It encompasses the prevention of corruption and bribery, as well as the commitment to act in accordance with demanding and non-negotiable ethical standards.

The Group maintains a zero-tolerance policy towards corruption.

Policies

Our Anticorruption Policy prohibits any form of public or private corruption, whether active or passive, and sets out the guidelines for the giving and receiving of gifts and hospitality. In the case of gifts or hospitality offered to public officials and employees, this is specifically regulated by the Public Sector Relationships Policy, which provides employees with the Public Officials Gifts and Hospitality Tool for their registration.

The integrity regulatory framework is complemented by the Conflicts of Interest Policy, which provides employees with the Conflicts of Interest Tool* to report situations where there is a risk of a conflict arising, as well as by the Corporate Policy on the Comprehensive Disciplinary Programme.

In addition, we have rules, policies and criminal or administrative prevention models in those countries where local legislation provides for the criminal or administrative liability of legal entities for certain offences or, in some cases, administrative infringements. In the case of Spain, we have a Criminal Compliance Policy.

Training and awareness

At Telefónica, we consider training and awareness to be key elements in strengthening and consolidating a solid compliance culture, preventing improper conduct and, where necessary, ensuring its appropriate reporting and management through the channels established for this purpose. Therefore, as part of our Compliance model, we provide regular training to our employees from the moment they join the company, in areas such as corruption prevention, criminal compliance, privacy and the prevention of harassment, among others.

With regard to the members of the governing, management and supervisory bodies, Telefónica provides specific training programmes tailored to the particular characteristics of each company.

Third-party due diligence

The Group applies assessment processes for suppliers and business partners in order to ensure compliance with ethical and regulatory standards. To this end, it relies on measures such as the collection of self-declarations, the inclusion of specific contractual clauses and the application of risk analysis protocols.

Internal Information System

Telefónica has an Internal Information System adapted to Law 2/2023, which allows potential breaches of regulations or corporate principles to be reported confidentially and anonymously, if so desired.

The system guarantees the protection of the reporting person, as well as those who may have participated in the investigation by providing evidence or key testimony, and ensures the confidentiality of communications.

Access to the whistleblowing channel

Certifications

The Group holds certifications in the field of compliance, including:

  • ISO 37001: Anti-Bribery Management Systems
    Telefónica de España, S.A.U, Telefónica Móviles España, S.A.U, Telefónica Soluciones de Informática y Comunicaciones de España, S.A.U. y Teleinformática y Comunicaciones, S.A.U
  • UNE 19601: Criminal Compliance Management System
    Telefónica, S.A.
    Telefónica de España, S.A.U, Telefónica Móviles España, S.A.U, Telefónica Soluciones de Informática y Comunicaciones de España, S.A.U. y Teleinformática y Comunicaciones, S.A.U

* The data of third data subjects provided through these tools are the responsibility of the Telefónica Group entity to which the communication is addressed. Such data will be processed in the legitimate interest of assessing compliance with processes related to corporate rules and policies, as well as for the purpose of managing your request and/or query. Third data subjects may contact the controller and exercise their rights by writing to [email protected]. Such third parties may consult additional information on the processing of their data in the Privacy Policy.