At the heart of our ESG and business strategy is a strong culture of good Corporate Governance and regulatory compliance. This is achieved through a process of monitoring and controlling of our operations by applying the knowledge and experience of the members of the Board of Directors, the Advisory Board, the management team, the internal audit team and the compliance team. Our strong culture of compliance keeps us as a benchmark and at the forefront of our sector, with zero tolerance towards corruption and any violation of the laws and internal regulations that govern our activities.We have the best mechanisms to adopt the best practices, principles and recommendations related to Corporate governance and regulatory compliance standards. In fact, ethics, integrity, respect for the law, transparency and honesty are fundamental principles that we highlight and defend in our ethical and behavioural culture, which reaffirm and highlight our direct and absolute rejection of any irregularity.

Our activity is also designed so that each person within the company strictly complies with the legislation in force in each country and region where we operate.

ANTI-CORRUPTION POLICY
‍
At GLOBAL GAMING we take the view that fraud and corruption have a very significant negative impact on the fair development of society.In line with this premise, our Anti-Corruption Policy emphasises the explicit prohibition of all forms of corruption and bribery, understood as anything of tangible or intangible value that is offered, promised, paid, authorised or given to a third party for the purpose of unlawfully influencing a business decision or gaining an improper advantage in the activity of Group companies. Bribes can be in the form of payments, gifts, trips, entertainment, job offers, contacts, debt or donation forgiveness, among others.

Our Code of Conduct establishes the following principles with the goal of preventing corruption at all levels:
‍
1. Promoting integrity 
2. Business courtesies
3. Conflicts of interest 
4. Facilitation payments
5. Fair competition
6. Relationships with third parties and intermediaries
7. Money laundering
8. Transparency assurance
9. Bribery
10. Contributions to NGOs
11. Processing confidential information
12. Record of transactions
13. Corruption between individuals
14. Disclosure.

We promote a culture of integrity within our Group, as well as with our suppliers and collaborators. By providing training and promoting ethical conduct, we can prevent unlawful behaviour that is contrary to our Code of Conduct.

Gifts, courtesies, invitations to events, among others, will be based on our internal policy and in no case will they influence the willingness or objectivity of people outside our Group to obtain any improper business benefit or advantage.

We respect the participation of our employees in activities outside the Group, as long as they are carried out within the applicable legal framework and do not compete or conflict with their obligations as our employees, nor are they used to carry out corrupt practices.

Unofficial and improper payments to public officials are expressly prohibited for obtaining licences, certificates and other services to which they have a legitimate right by ordinary procedures to expedite the performance of an action in their favour.

We are fully, fairly and honestly committed to competing in markets, thus promoting free competition, which is in best interest of our consumers, users and society in general. In collaborating with non-profit organisations we do so by ensuring a clear mutual benefit and never as a means of concealing acts of corruption or bribery.

Our employees and managers maintain relationships with customers, partners and/or suppliers, based on code of ethics of the highest standard of professionalism. We demand ethical principles in our contractual agreements, including anti-corruption standards.

We process the information of our customers, business partners, shareholders, investors and employees with the utmost discretion and confidentiality, strictly following our Personal Data Protection Policy, which is publicly available on our corporate website.

CRIME PREVENTION MODEL

In addition, we have a Crime Prevention Model (CPM), developed according to best practices and high-level national and international standards.The CPM is regularly analysed by external auditors, who have confirmed the adequacy and operational effectiveness of the associated controls according to the identified risks. Therefore, we have all the control measures to prevent and detect possible criminal acts that could be committed in each of the business units and corporate departments, depending on the activity that is carried out.In general, we use the Crime Prevention Model of the GLOBAL GAMING HOLDING to identify the main criminal risks likely to affect the Group, narrowing the scope and focusing it on Corruption.

The main risks identified are:

1. Corruption in business affairs
2. Illegal funding of political parties 
3. Bribery
4. Influence peddling
5. Money laundering
6. Terrorism financing.

These risks are associated with the main activities of the Group with the objective of preparing a Criminal Risks and Controls Matrix on which to base the Model. It includes as the main assessment variable the adequate operation of the controls associated with the CPM. Therefore, we have all the control measures to prevent and detect possible crimes that could be committed.

During one working day we actively participated as panellists on the topic of coordination between Compliance, Audit and Internal Control, demonstrating the value that the Compliance Officer brings to the organizations.in each of the business units and corporate departments, depending on the activity carried out.

The probability of occurrence - The magnitude of the impact.

In addition to the Matrix, for the Crime Prevention Model itself to be effective, it is also necessary to have an Assessment Model, where the identified criminal risks can be assessed and classified.Finally, each identified and assessed risk has assigned a series of cross-divisional and other specific controls in order to mitigate its inherent risk to a residual risk located within the risk aversion limits defined by the Group.

CYBERSECURITY AND PRIVACY

The programme has four main objectives: 
1. avoid fraud
2. protect the data processes
3. prevent data leaks
4. guarantee business continuity and recovery.

In this regard, the cybersecurity measures we have implemented cover several fundamental aspects to ensure the strictest control. All these measures are complemented by carrying out drills and exercises to prepare for adverse situations.

Regarding our network, we highlight the implementation of state-of-the-art firewalls, as well as the Intrusion Detection System (IDS) and tools that provide a Zero Trust approach, all connected to the most critical sectors for the company. User management is another key point for GLOBAL GAMING security, strictly establishing a categorisation of profiles and adapting a vision of the least possible privilege throughout the company.

Leading solutions have also been implemented in other areas of security, such as the EDR solution, a leader in most published quadrants, or monitoring systems that allow for anomalous behaviours to be detected, acting automatically via playbooks created for each specific situation. and allowing for a rapid response to prevent their unintended spread. All of this is operated by a team that is highly qualified and continuously trained to adapt their knowledge to the changing reality we face.

The organisation also conducts ongoing audits of its servers and applications, including new ecosystem additions. Critical projects are also audited by third party companies, and the results have been satisfactory, confirming the good work done by the organisation.