Where Ideas Grow


GRPC - General Rules for Preventing Corruption



Last update: 07/06/2022

The GRPC of i3S was created to settle the growing concerns of institutions to prevent and combat corruption and fraud in its various ways, as well as the legal novelties in this area.

Corruption is a behaviour that seriously harms society, the economy and the development of institutions, public and private, damaging companies and citizens. At the same time, it creates mistrust in the institutions and their agents and collaborators, as well as in the democratic functioning of society itself. The prevention of corruption and scientific misconduct is also done by making everyone aware of the importance of acting and guiding our work activity by strict ethical behaviour.

The GRPC aims to strengthen institutional practices of integrity and transparency, to build a stronger ethics culture, as well as to prevent and detect the risks of corruption in the use of public and private funds.

To achieve this goal, the i3S GRPC has created several instruments and mechanisms, namely:

  1. A Compliance Officer;
  2. A Code of Conduct;
  3. A Risk Prevention Plan for corruption and related breaches - RPP
  4. An internal report channel;
  5. A Whistleblowing Policy;
  6. An evaluation committee;
  7. Dissemination, training and awareness actions.


a) Compliance Officer:
In addition to implementing the GRPC and its supporting documents, it is also in charge for receiving and forwarding internal complaints, excluding scientific misconducts reports. These ones are received by the Coordinator of the Responsible Conduct for Research Unit. In case of constrains, and only in this case, there is a substitute who receives and follows up the complaints and reports. The person in charge for receiving the complaint ensures independence, impartiality and autonomy in the follow-up. The wholeness and integrity of the complaint, the confidentiality or anonymity of the Whistleblower and third parties mentioned is also guaranteed.

b) Code of Conduct:
Defines the principles and values by which all i3S employees (latu sensu) should guide their work performance. It is revised every 3 years, or whenever there is a substantial change in the organisation that justifies it.

c) RPP:
Identifies the major areas of risk of corruption in the institution by ranking them and clearly defines the specific preventive and corrective measures to be taken in order to reduce the probability of occurrence. It also defines the impact of the risks previously identified. The RPP is reviewed every 3 years, or whenever there is a substantial change in the organisation that justifies it. The Compliance Officer is also the person in charge for the execution, supervision and audit of the RPP according to the law.

d) Report channel:
The internal report channel is managed by an external Software Company that provides full guarantee of confidentiality of the whole process and protection of the Whistleblower identity. Only the person in charge (or whoever replaces him/her) to manage the complaints has full access to the information. The internal IT technician in charge does not have access to the content of the complaints.
The report channel accepts complaints from employees and any persons or entities linked to i3S in their work-related activity.
It ensures the Data Protection Policy in place, as well as the best IT security practices, namely restricting access to unauthorised persons.

e) Whistleblowing Policy:
The Whistleblowing Policy sets out the principles by which complaints and Whistleblower protection are defined in accordance with Law No. 93/2021 of 20 December, the Whistleblowing Law.

f) Evaluation Committee:
The evaluation Committee has 3 members:

  1. i3S Director
  2. Coordinator of the Responsible Conduct for Research Unit
  3. An honorary Researcher, or equivalent (suitable person)

The Evaluation Committee is responsible for the internal control and evaluation system. For these duties, it may choose to consult external legal or audit services.
In addition to the control and evaluation tasks, the Evaluation Committee will also receive a report on each complaint process and its follow-up, where the breaches are identified, the penalty applied, as well as the measures adopted or to be adopted.

g) Dissemination, training and awareness-raising actions:
All documents and updates of the GRPC are disseminated by the i3S community and published on the website. Training will be provided to all employees and specific training will be provided to those who work in the high-risk areas identified at the RPP.