Search for:

In brief

In a recent decision, the Superintendence of Companies determined that an Excel-based risk matrix of the Self-Control and Integral Management System of Money Laundering, Terrorism Financing and Financing of the Proliferation of mass-destruction weapons risks (SAGRILAFT) and of the Business Transparency and Ethics Program (PTEE) was insufficient because it did not allow to individualize, measure, assess and mitigate the risks identified.


Comments

Considering the decision of the Superintendence of Companies, it is important that companies, when preparing a risk matrix, ensure that it allows:

  • Assess, monitor and mitigate the identified risks.
  • Measure the likelihood of the inherent and residual risk of each identified risk factor and the impact in case of materialization.
  • Mitigate risks; to do so, the company must describe the controls applicable to the management of each risk.

In depth

The Superintendence of Companies imposed a fine to an e-commerce platform for, among other conducts, not having a risk matrix that would allow it to identify, measure, assess, mitigate and monitor the identified risks, in accordance with the provisions of Chapter X (SAGRILAFT) and XIII (PTEE) of the Basic Legal Circular of the Superintendence of Companies.

In accordance with the provisions of the Superintendence:

  • The platform had an Excel file with the label “Risk Matrix” that did not allow, under a practical use, to show the individualization, measurement, assessment and mitigation of the identified risks.
  • The Excel file submitted by the platform was not sufficient to be considered as a risk matrix, in accordance with the provisions of Chapters X and XIII.
  • Risk matrices are considered the backbone of compliance programs because they include risk identification and management. For the structuring the SAGRILAFT and PTEE it is relevant to analyze how risky or exceptional situations affect corporate strategies and objectives .

Two fines, each one for COP 353,997,972 (c. USD 90,000), were imposed for failure to comply with obligations applicable to SAGRILAFT and PTEE, of which COP 200,000,000 (c. USD 51,000) were related to the lack of an adequate risk matrix.

Spanish version

Author

Angelica Navarro is a partner in Baker McKenzie's Bogota office. She served as an advisor to the superintendent of Industry and Commerce on antitrust and merger control. Prior to that, she was an adviser to the director of the National Protection Unit, where she was in charge of the formulation and execution on protection and human rights programs. Previously, she worked as an associate at a legal services firm and an in-house attorney from the Mexichem Colombia company. She was selected by Global Competition Review, along with clients and colleagues to be included in the 2017, 2018, 2019, 2020, 2021 and 2022 Who's Who Legal: Competition – Future Leaders publication as one of the most outstanding lawyers in the right of free competition under 45 years of age. Angelica was also recognized by Legal 500 in 2017, 2018, 2019, 2020 and in 2021 as a "Next Generation lawyer" in competition law.

Author

Carolina Pardo joined Baker McKenzie in 1994 and is a Partner of the Firm since 2008. She is currently a member of the Global Steering Committee for the Firm’s TMT industry group and of the Global Steering Committee for the Firm’s Investigation, Compliance and Ethics Group. She was a member of the Global Steering Committee for the Firm’s Global Antitrust and Competition from 2016 and until 2020 and is currently a member of the Latam's Antitrust Steering Committee.
She graduated as a lawyer and a specialist in International Contracts Law from Universidad de los Andes in Bogotá. She obtained a LL.M. with emphasis in International Private Law and Competition Law from the London School of Economics and Political Science.
Over 25 years, she has advised major national and international clients on matters related to compliance with data protection, competition and consumer law rules. She has represented clients in investigations and submissions related to data protection and competition matters in Colombia and has successfully coordinated and prepared white paper proposals to national authorities on behalf of major industrial groups in Colombia.
In 2016 Global Competition Review selected her as one of the 100 most influential women in antitrust. The last two Superintendents of Industry and Commerce have selected Carolina as a Non-Governmental Advisor to the Colombian Antitrust Regulator.

Author

Carlos Ignacio Arboleda is a Lawyer graduated from Pontificia Universidad Javeriana in Bogota. He holds a post-graduate course in Competition Law and Free Trade from the same University and earned an LL.M. degree from the University of Chicago.
Carlos has 10 years' professional experience as external counsel to national and international companies in antitrust and competition matters.

Author

Luis Alberto Castell is a Lawyer from the Pontificia Universidad Javeriana in Bogotá, with a specialization in Competition and Free Trade Law from the same university and a Master of Laws (LLM) in International Business from Queen Mary University of London.
Luis has more than 10 years of experience. He began his professional practice in the financial sector and has been specializing in the fields of competition law and corporate compliance. He was an advisor to the Superintendent of Industry and Commerce on matters related to antitrust and mergers and was part of the specialized group for the protection of competition in public procurement processes (Bid Rigging) of said entity. He was also part of Shop IV on Mergers of the Federal Trade Commission (FTC) of the United States of America as an International Fellow.
For more than three years he has been part of the Corporate Compliance team at Baker McKenzie, handling matters related to personal data protection, corporate compliance (prevention of corruption and prevention of money laundering and terrorist financing) and competition.

Author

Paula joined the firm in 2022, after working in consumer and competition area at a boutique law firm located in Bogotá, where she also gained experience in Intellectual Property and Corporative Law affairs. She is a lawyer from Universidad de los Andes (2021) and has a post-graduate degree in Market Regulation from Universidad Externado de Colombia.
Paula has special interest and experience in competition and consumer law, regulatory affairs and intellectual property law. She is currently part of the Antitrust & Competition team, where she advises different clients on matters regarding competition law, data privacy, consumer protection law and corporate compliance.