Advances in the Implementation of the Registry for Integrity and Transparency of Businesses and Entities

Recently, the Anti-Corruption Office (OA) has made progress in implementing the Registry for Integrity and Transparency of Business and Entities (“RITE” or “Registry”), designed to contribute with greater transparency to the development and improvement of integrity programs, the exchange of best practices, and the promotion of interactions among private parties and between private parties and the public sector.

Through Resolution No. 25/2022, issued on December 16, 2022, the OA approved:

1. the RITE Regulation
2. the RITE Information, Privacy, and Confidentiality
3. the design and development of the RITE and its website, www.rite.gob.ar

Bear in mind that registration before the RITE is voluntary for companies, although it could be required as a necessary condition to enter into specific contracts with certain entities of the Federal Public Sector.

Please find below a summary of the most relevant provisions of the regulation and the Privacy Policy.

1. RITE Regulation

The purpose of the regulation included as Annex 1 to the Resolution is to establish the rules for the use and operation of the RITE and its toolbox, as well as to regulate the responsibilities of users and their relations with the Administration.

1. Powers of the Administration

The OA's Transparency Policy Planning Directorate (the “Administration”) will be responsible of managing the RITE. In addition to overseeing the operation of the RITE, managing access requests, receiving queries, and assisting, the Administration may modify, restrict, or expand the extent of the information or documentation to be provided in the different modules of the Registry; or create new modules, as well as publish statistical data regarding the RITE.

The regulation clarifies that the Administration will not be responsible for the truthfulness of the information or documentation provided by the users to the RITE, and that it will not have the obligation to review it.

2. Rights and Duties of the users

The regulation establishes the obligation of all users to act in good faith, to upload true information and documentation, to obtain the express consent of the persons whose information is uploaded to the RITE, and to use the information obtained for the RITE's own purposes.

On the other hand, the Regulation lists a series of rights and duties that each type of user will have in relation to the platform.

Main users (registered users who completed the classification module and were categorized) will have more powers: they will be able to access and consult the information of other companies’ modules, upload their company’s information and documentation, download their data to share it with third parties, and access the complete material in the toolbox. Users with a lower level of participation in the RITE will have access to less material.

3. User Registration

Access to the content of the Registry requires prior registration. To do so, companies must create  main user profiles providing the company's tax ID number (CUIT), which will be validated through the tools given by the Argentine Tax Authority (AFIP), and others set by the Administration. Main users or their legal representatives may revoke the permission granted at any time.

To complete the registration process, main users must:

1. grant conformity with the Regulation and with the Privacy Policy;
2. execute the affidavit of truthfulness and of the updated nature of the information and documentation provided; and
3. complete the categorization of the company in the Classification Module.

Once the registration process has been completed, users may access the modules listed below.

4. Operation of the Registry. RITE modules

The modules of the Registry are:

1. Classification Module
2. Integrity Program Module
3. Due Diligence Module
4. Consultation Module
5. RITE Direct Channel Module.

To complete each module, some specific information and documentation must be uploaded, as established in the Regulation. The user must also answer different types of questions.

The Registry will besides be organized in three levels, according to the progress of the Integrity Programs of each company: Initial, Medium, Advanced. Also, each company category has three levels of progress in the RITE,  depending on its status as micro/small, medium, or large business.

In general terms, other companies registered in the RITE and the public sector can view the information uploaded in the different modules, except for the information included in the Due Diligence Module, whose access may be restricted by the users.

In fact, users themselves may control the information and documentation provided by other users and inform the Administration of the existence of false or incorrect information.

Additionally, there is a "Toolbox" section containing training material aimed at enhancing the development and improvement of the elements of the Integrity Program and the integrity policies of the companies. Using this toolbox is not mandatory; it is up to each company to use it, adapt it to its needs, use it as a guide, or use the company’s own resources.

Users or representatives must, as a rule, update the information and documentation provided to the Registry every year.

Please note that the Federal Procurement Office (General Communication ONC No. 18/2022) and the OA (OA-DPPT Circular No. 4/2022) have recently interpreted that, in those procedures where the submission of an Integrity Program is required as a condition for entering into a contract, such condition can be fulfilled by submitting the document downloaded from the platform, identified as "RITE Report/Presentation". For more details on this, please see our article “New Guidelines to Evidence an Integrity Program to Enter into Contracts with the Argentine State”.[MVFT1] 

5. Consequences of non-compliance

 

1. If the company signs up but does not show activity within six months, an informative text will appear, stating that the company "has not provided information on its Integrity Program".

 

2. Failure to update the information/documentation will imply that the questions will be considered not answered and the user will go back in the level bar.

 

3. Uploading false information or committing abusive actions (such as damaging the reputation of a member company) will be subject to sanctions: (a) a warning, or (b) a reprimand and its publication, depending on the importance of the breach and the damage caused.

When the facts are serious enough to require a different type of response, the Administration will start the corresponding proceedings before the corresponding authorities.

2. RITE's Information, Privacy and Confidentiality Policy

The purpose of the Privacy Policy is to establish the terms and conditions regarding the accessibility, confidentiality, and protection of the data provided by companies to the RITE.

This policy includes provisions on the processing of the information and data provided, obligations of the users and of the Administration regarding this information, principles managing it, and the processing of personal data.

The data provided within the framework of the RITE is considered personal data and, therefore, must be processed in accordance with the provisions of Law No. 25326 on Personal Data Protection. The data subjects may exercise their rights of access, rectification, suppression, and confidentiality in connection with their personal data.

The Law No. 24766 on Confidentiality of Information and the Law No. 27275 on the Right of Access to Public Information and its complementary rules are also applicable.

The Privacy Policy also states that registered entities may access the information of other companies proportionally to the level of information they have decided to share. On the other hand, users not registered in the RITE will only be able to access the list of registered companies and entities and the level of progress of their integrity programs, but not the information or documentation uploaded by them.

The Due Diligence Module establishes that confidentiality will be the general principle; those who are registered and want to access the information provided by other users in this module must obtain the consent of the company owning the data. This rule does not apply to the Administration and the entities of the Federal Public Sector authorized by the Administration.

Likewise, Annex 1 contains the model of "affidavit and consent for the use of data" that each company must execute to give its conformity and consent to the Regulation and the Privacy Policy, and to give its explicit and informed consent regarding the handling of personal information and data.

3. Final remarks

The issuance of the Regulation and the Privacy Policy allows companies interested in the RITE to know in depth how it will work and to evaluate the convenience of registering.

To access the Resolution, click here. To see the Annexes, click here (both in Spanish).