Transparency

RGPC - General Scheme for the Prevention of Corruption

i3S, IBMC and IPATIMUP

Last update: 21/02/2025

The General Scheme for the Prevention of Corruption (RGPC), created by Decree-Law No. 109-E/2021, of 9 December, determines the mandatory implementation of a Regulatory Compliance Program, which includes a risk prevention plan, code of conduct, training program, implementation of a whistleblowing channel and the designation of a regulatory compliance officer, by all services and legal persons of the direct and indirect administration of the State and private entities, employing 50 or more workers.

In line with the seven priorities set out in the National Anti-Corruption Strategy, the RGPC is intended to strengthen institutional practices of integrity and transparency, build a stronger ethical culture, as well as prevent and detect the risks of corruption and related infractions.

In turn, Law 93/2021, of 20 December, transposing Directive (EU) 2019/1937 of the European Parliament and of the Council, of 23.10.2019, established the general regime for the protection of whistleblowers, imposing the legal obligation to implement a whistleblowing channel, having adopted the same threshold of 50 or more workers.
Since June 2022, i3S/IBMC/Ipatimup, in compliance with the new RGPC, has been developing intense work towards the preparation and implementation of its Regulatory Compliance Program. In this context, i3S/IBMC/Ipatimup maintains the policy of trust and transparency on the way it develops its activities and relates to third parties, which has always characterized it, a policy that is now unfolding and shaping itself through various instruments and mechanisms, namely:

1. Code of Conduct for the Prevention of Corruption:
(content only available in Portuguese)
It defines the principles and values by which all i3S/IBMC/Ipatimup employees must guide their professional conduct. It is reviewed every 3 years, or whenever there is a substantial change in the organization that justifies it.

2. Risk Prevention Plan (“RPP”):
(content only available in Portuguese)
It identifies, by area, the main risks of corruption and related infractions in the institution, classifying them, and lists the specific preventive and corrective measures to be adopted to reduce the probability of their occurrence. It also defines the impact of previously identified risks. The RPP is reviewed every 3 years, or whenever there is a substantial change in the organization that justifies it.
The annual implementation report of the RPP for the year 2024 can be found here

3. Whistleblowing channel:
The whistleblowing channel is managed internally, by a dedicated team, and with regard to the submission of complaints via the platform, only the receipt of complaints is carried out through an external platform. In any case, independence, impartiality, confidentiality, data protection, secrecy and the absence of conflicts of interest are guaranteed.

The channel complies with the provisions applicable to the Protection of Personal Data in force, as well as the best computer security practices, namely restricting access to unauthorized persons.

The whistleblowing channel is open to the submission of complaints not only by employees, but also by any people or entities linked to i3S/IBMC/Ipatimup in their professional activity.

4. Whistleblowing Policy:
(content only available in Portuguese)
The Whistleblowing Policy establishes rules applicable to the procedure for receiving, processing, resolving and registering complaints received by i3S/IBMC/Ipatimup and can be consulted at: Whistleblowing Policy

5. Compliance Officer (i3S – Claudio Sunkel; IBMC – Mónica Sousa; IPATIMUP – José Carlos Machado)
The Compliance Officer is responsible for the implementation of the Regulatory Compliance Programme, and is responsible, in particular, but not limited to, for coordinating the work of surveying and systematising the ethical values of i3S/IBMC/Ipatimup, as well as the most appropriate indications of conduct with a view to its compliance, as well as the work of surveying the risks of corruption and related infractions and corresponding risk analyses and identification of preventive measures. The Compliance Officer is also responsible for monitoring, controlling, supervising, coordinating, reviewing and disseminating the RPP, as well as the Code of Conduct and other instruments.

6. Training and Communication Programme for Integrity:
Both the RPP and the Code of Conduct and their updates to the instruments are disseminated by the i3S/IBMC/Ipatimup community and published on the i3S/IBMC/Ipatimup websites.

i3S/IBMC/Ipatimup ensures that training actions are carried out for all employees, in a transversal way, and with a greater focus, on those who work in the highest risk areas identified in the RPP.

For further information on this matter, please see: