Management of Compliance Risks
The detection process makes it possible to identify potential situations of fraud, corruption and ML/TF. This is a fundamental process in the management of these risks, as it enables the identification of potential events in our processes, operations, practices and transactions, so we can act appropriately in the analysis of situations.
Ecopetrol makes available to the public and its other stakeholders, all the tools that allow them to communicate to the Company all events or suspicion any of these situations. Detection comprises:
- Reports: Occurs when a person reports to the company on an event that they know of or regarding suspicion that an event may occur of fraud, corruption, money laundering, terrorist financing or an event that goes against the code of ethics, using any of our receiving channels. (Click here for more information)
- Audits: Are performed primarily to identify weaknesses in processes, which gaps can potentiate the occurrence of fraud, corruption and/or ML/TF events.
- Internal Control System (ICS): Ecopetrol has financial and nonfinancial controls that were identified based on the COSO (Committee of Sponsoring Organizations of the Treadway Commission) internal control methodology. These controls are tested regularly by those responsible for the process and by the Internal Audit area in order to identify control weaknesses.