Internal Control Model

We have an internal control model designed to meet the highest standards of quality and regulatory compliance. To achieve this objective, we have implemented a series of tools that are highly effective and reliable. These include:

Policies and procedures we have a clear and detailed set of policies and procedures that ensure consistency in the way we manage our day-to-day operations.

Qualified team We have a highly trained and experienced team in the implementation and maintenance of internal control systems, which ensures effective management of risks and opportunities.

Crime Prevention Model (CPM) We have developed a CPM in which we identify and document the criminal risks that may arise from our activity, as well as the definition and implementation of controls and mechanisms that enable us to prevent or detect illegal conducts.

Internal Control over Financial Reporting (ICFR) We have a ICFR that comprises a set of controls over the financial processes, with the aim of mitigating the risks that may have a significant impact on the financial information reported internally and to third parties.

Mechanisms for money laundering prevention We have the main mechanisms in place to comply with the requirements established by the regulations for the prevention of money laundering, including a Prevention Manual, an OCI (Internal Control Body), a representative before SEPBLAC and evaluations of the main customers in formal and economic terms by an external advisor.

Mechanisms for personal data protection We have different policies to guarantee the correct treatment of personal data, and these are evaluated periodically.

All tools are regularly evaluated and audited by an independent external team to ensure their effectiveness and efficiency.

In addition, we have several committees that ensure the achievement of the company’s objectives. These are:

Executive Committee

Composed of the Management Team. It supports the Chief Executive Officer in the operational and performance oversight of the Company.

Compliance Committee

Composed of the Chief Financial Officer, the Senior Corporate Finance Manager and the Senior Compliance & ESG Controller. It ensures that the organization complies with all applicable laws, regulations, policies and standards both internally and externally, guaranteeing the correct functioning of the Crime Prevention Model. It is also responsible for promoting ethical and responsible behavior in all the company’s operations and activities through the dissemination of the Code of Ethics.

ESG Committee

Composed of a multidisciplinary team: an Executive Director and Chief Financial Officer; Chief Operation Officer; Chief Marketing Officer; Chief Development Officer; Environmental Head; Head of Regulatory Compliance; and ESG Head. It oversees Castellana Properties’ commitment to compliance with the ESG Strategic Plan, monitoring the same.

Innovation Committee

Composed of the Chairman of the Board, the Chief Executive Officer, the Chief Innovation Officer, the Chief Investment Officer, and the Chief Marketing Officer of Castellana properties, in addition to the General Director, the Treasury Director, the Head of Customer Analytics and the Marketing and Communications Director of Vukile. It monitors the Company’s innovation projects.

CapEx Committee

Consists of the Chief Executive Officer, Chief Financial Officer, Chief Operating Officer, Chief Development Officer, Asset Managers, Senior Corporate Finance Manager and Financial Controller. It monitors the budget of CapEx projects, detecting deviations and proposing solutions.

Financial Committee

It is composed of the Chief Financial Officer, Senior Corporate Finance Manager and Accounting Finance Manager. It ensures sound economic and financial management of the Company, cashflow control and analysis and search for financing. It is also responsible for maintaining an appropriate compliance culture, developing, and maintaining the Internal Control System and developing the ESG strategy and its implementation.