top of page
Revisión del acuerdo legal

Compliance Programs

Compliance Programs

There are many definitions to determine what Compliance is, although at ASTRYA we consider it appropriate to propose a concept that brings together the main aspects of each of them.

Compliance is a function of organizations, exercised independently, through a single or collegiate body, with autonomous powers of initiative and control. It is legally entrusted with the supervision of the organization's organizational and management model, whose objectives are the implementation of an ethical culture and the establishment of policies, procedures and controls for the prevention, detection and management of compliance risks. Risks are understood as those that may arise, both from non-compliance with the obligations that the organization must comply with (laws and regulations), and those that it voluntarily chooses to comply with (codes of conduct, standards, internal policies and procedures). Failure to comply with these obligations may result in the application of sanctions (regulatory risk), the deterioration of the reputation (reputational risk) or an adverse impact on the results or on the expectations of business development (operational risk).

In Spain, Compliance acquired importance as a result of la  Organic Law 5/2010 , which incorporated the criminal liability of legal persons into our legal system and, especially, from la_cc781905-5cde- 3194-bb3b-136bad5cf58d_ Organic Law 1/2015 , which configures the Compliance Models as a requirement for legal entities to see their criminal liability exempted.


Whistleblowing Channel      _cc781905-5cde-3194-bb5bcf18-bb3b3

Complaints Channel

A Whistleblower Channel is the Confidential Channel through which employees, suppliers, collaborators and other third parties who have a relationship with the organization can communicate suspicions of illegal conduct or conduct contrary to current legislation, the Code of Ethics or the rules, procedures and internal policies of the organization.

At ASTRYA we have a specialized tool, through our alliance with IDBO, to effectively implement a reporting system in your organization.

This  Whistleblowing Channel Software, in 3 languages,  automates the registration, receipt and follow-up of the complaint, and facilitates the fulfillment of the obligations by the organization. It is also a complete and intuitive tool that helps to manage possible investigations, internal or external, by the person in charge of the Channel.

Who should have implemented a Complaints Channel?

  • All organizations  with 50 or more workers, whether in the public or private sector.

  • Subjects bound by the PBCyFT Regulations.

  • Those organizations that are required to have an Equality Plan.

  • Educational and/or sports entities in which minors are present.

  • Organizations that require certification in ISO 37001, 37301 and UNE 19601.

  • To participate in certain tenders and receive European funds.

  • All organizations that have Criminal Regulatory Compliance Programs.

  • Public entities in urban centers with more than 10,000 inhabitants.


Equality Plans in the Company

equality plan


The   Organic Law 3/2007   for the effective equality of women and men, establishes the obligation to prepare and apply Equality Plans for companies that have 50 or more workers, establishing the following deadlines:

  • Companies with more than 250 workers: They must have implemented the Equality Plan.

  • Company with 151 – 250 workers: They must have implemented the Equality Plan from March 7, 2020.

  • Companies with 101 – 150 workers: The deadline for the implementation of the Equality Plan is March 7, 2021.

  • Companies with 50 – 100: The deadline for the implementation of the Equality Plan ends on March 7, 2022.


The implementation of a gender equality plan is not an option, but a legal obligation whose non-compliance can lead to sanctions of up to €187,515.00, without prejudice, likewise, to the reputational damage and the damage caused to the brand and image of the organization. .



Money laundering

The authorities of the States, in their fight against money laundering and the financing of terrorism, have increased regulatory pressure, establishing specific regulations that will be applicable to certain subjects, entities and organizations that, due to their activity, are especially likely to be configured as vehicles or channels for carrying out such activities.

In Spain, the  Law 10/2010  on the prevention of money laundering and the financing of terrorism, and its implementing regulations, includes a series of obligations and measures that must be fulfilled by certain obligated subjects.

The applicable regulations require that the internal control procedures be based on a prior analysis of the risks related to money laundering and the financing of terrorism.

At ASTRYA we identify and assess the risks of the regulated entity by type of customer, country or geographic area, product, service, operation and distribution channel, taking into account variables such as the purpose of the business relationship, the level of customer assets , the volume of operations and the regularity or duration of the business relationship.

The Risk Report will reflect the result of these tasks.


PBCyFT Audit

External Audits

 examenexternal or money laundering prevention audit is defined as that procedure that is carried out on an annual basis and that aims to review and assess the internal control measures and bodies adopted in the area of the obligated subject.

In particular, in accordance with the provisions of el  art. 28 of Law 10/2010 , the examination must focus on the following aspects:

  • Description of existing internal control measures, such as policies and procedures regarding due diligence, information, document retention, internal control, risk assessment and management, communication.

  • Assessment of its operational effectiveness, by checking the following aspects: suitability based on the level of risk of money laundering, rationality of its design and practical operation.

  • Proposals for improvement or rectifications that are considered appropriate.

College Library


Training Service

We develop our training programs with the strictest legal rigor, in accordance with current regulations and adapted to the different levels and responsibilities of each organization's work area.

Online courses for companies: our digital tool provides everything you need to reinforce the knowledge of the members of your organization, without having to travel, adapting to their professional and personal agendas. We have an elearning solution for companies that you need.

We develop our own content, so our experts will be at your disposal both in online business training, blended training and face-to-face training for companies; and will help you to accurately monitor your training planning through the tool.

bottom of page