Transparency and business ethics

The business activities of Ferrovial and its administrators and employees are based on the highest standards of integrity, transparency, respect for legality and Human Rights.

Ferrovial performs its activities under the principles of integrity, honesty and avoidance of all forms of corruption, respecting and promoting transparency at all times, in accordance with the provisions of the company’s Code of Business Ethics.


In March 2019 Ferrovial, S.A. was certified by AENOR (Spanish Standards and Certification Association) for its Crime Prevention Model in accordance with the UNE 19601 reference standards “Penal compliance management system” and UNE-ISO 37001 “Antibribery management systems.”

Together with Ferrovial, S.A. and, as part of its Crime Prevention Model, the companies of its Group also obtain certification: Ferrovial Agroman, S.A., Ferrovial Aeropuertos España, S.A and Cintra Infraestructuras España. S.L.

These certifications guarantee the commitment of Ferrovial and its group of companies to ensure regulatory compliance and crime prevention, responding to the regulatory requirements of markets, customers, stockholders and investors and other stakeholders, and position the company with a high ethical standard and commitment to best corporate governance practices.


“Our complete commitment to the ethics and integrity of the people who make up Ferrovial has positioned us a benchmark in the market for being a serious company that is commited to its stakeholders” Rafael del Pino, Chairman.

The Ferrovial Code of Business Ethics*, which is applicable to all Group companies, establishes the basic principles and commitments to which said companies and their administrators, managers and employees must adhere.

These principles are embodied in a number of commitments toward stakeholders in Ferrovial’s professional activity and are reflected in policies and procedures aimed at fostering professional performance in accordance with ethics, integrity and compliance with pertinent legislation. Highlights of the regulations include:

The Board of Directors Regulations*; the Internal Conduct Regulations in the Securities Markets*; Compliance Policy*; the Crime Prevention Model; the Anti-Corruption Policy*; the Policy on Control and Risk Management; the Human Rights Policy*, the Health and Safety Policy*; the Corporate Responsibility Policy*; the Competition Policy; the Quality and Environment Policy*; the Procedure for approving and monitoring sponsorship and patronage actions and donations; Corporate Procedure on the Ethical Mailbox; Corporate Procedure on Representation Expenses; due diligence procedure to ensure the ethical integrity of Partners; due diligence procedure to ensure the ethical conduct of Suppliers; due diligence procedure governing the selection, hiring and mobility of Candidates.

All employees adhere to the principles and commitments contained in the Code of Ethics. They commit to comply with it and enforce it upon external collaborators who perform activities on behalf of Ferrovial.

 *Available at


Ferrovial has a Compliance Model in place that aims to provide a transversal process spanning the entire company for monitoring and controlling compliance risks under the principle of zero tolerance toward criminal acts. This due diligence framework embodies the company’s firm commitment to observing applicable law and to applying the highest ethical standards when going about its business. The management and analysis of how the Model works is the responsibility of the Compliance and Risk Division, whose independence and effectiveness has been reinforced, providing it with new resources and it reports directly to the Audit and Control Committee.

The Compliance Model is described in the Compliance Policy and its main objective is to foster a culture of business ethics across the organization and permeating all decision-making processes in order to shape and guide the conduct and intentions of directors, managers and employees and erect a common and standard framework for monitoring, controlling and managing compliance risks (especially measures to prevent criminal conduct). The policy also develops the different phases of the Compliance Model in place at the company and stipulates the competencies and remit of its governance and management bodies and those of its employees in relation to regulatory compliance.

The phases in which the Compliance Model is structured cover the phases of a continuous improvement cycle:

1. Identification and evaluation of risks.

  • Identification of compliance risks based on the company’s activities.
  • Assessing risks based on their impact and probability of occurrence.

2. Establishment and update of processes and control tools.

  • Identification of the monitoring and control measures implemented to avoid or mitigate the occurrence of risks.
  • Periodic evaluation of control measures to detect possible shortfalls or areas of improvement that require specific action plans.

3. Raising awareness and training.

  • Training for company employees and executives in the principles and commitments included in the Code of Ethics, in the Compliance Policy and the other policies that support the Model.
  • Due diligence of third party collaborators, who must know and share ethics and integrity policies.

4. Detection of and response to possible irregularities.

  • Reception, assessment and investigation of detected breaches and application of appropriate corrective and/or disciplinary measures.

5. Supervision of the Model by the Audit and Control Committee.

6. Information to the company’s governing bodies.

  • Information on how the Compliance Model works and monitoring the action plans put in place to ensure their continuous improvement.
  • The Compliance Model includes a Crime Prevention Model designed to prevent or significantly reduce the risk of committing criminal acts, especially those that would lead to the company being held criminally liable, in accordance with Organic Law 1/2015 reforming the Criminal Code.

7. Verification of the effectiveness of the Compliance Program.

  • The Compliance Model includes a Crime Prevention Model designed to prevent or significantly reduce the risk of committing criminal acts, especially those that would lead to the company being held criminally liable, in accordance with Organic Law 1/2015 reforming the Criminal Code.


Ferrovial has an Anti-Corruption Policy that governs the behavior of all administrators, managers and employees, and their collaborators, in the development of the business, under the principle of “zero tolerance” with any practice that could be qualified as active or passive corruption or bribery.

The policy requires strict compliance with pertinent anticorruption laws, notably the Spanish Criminal Code (and that of the other jurisdictions in which Ferrovial operates), the US Foreign Corrupt Practices Act and the UK Bribery Act.


Training for employees in the values and principles enshrined in the Code of Ethics and the Compliance Policy is one of the cornerstones of the company’s Compliance Model. During 2019, the online training plan on the Code of Business Ethics and Compliance Policy (Prohibited Behaviors) and the face-to-face course on anticorruption matters continued according to the level of risk exposure of certain groups, including the Management Committee. The training volume of these courses amounted to 4,923 hours, accumulating more than 12,000 hours in the last two years.


Ferrovial has an Ethics Channel as a complement to other internal communication channels. Its purpose is to facilitate the reporting of any possible irregularity, noncompliance or conduct that is not in keeping with the ethics, legality and policies that govern Ferrovial. The channel is accessible to employees through the intranet and for any interested counterpart through the website, and allows communications to be made anonymously and confidentially.

A total of 57 reports were filed in 2019, 34 of which were anonymous and 23 made by name. All complaints give rise to an investigation by the Management Committee, guaranteeing confidentiality and anonymity (if applicable), the rights of those involved and the absence of reprisals of any kind. The Management Committee regularly informs the Audit and Control Committee of the communications received and the steps taken. No investigated case has had a significant impact on Ferrovial from a criminal, financial or reputational point of view. No need for revisions to company policies and procedures has been identified from the cases investigated.