Framework 231 review support for an Insurance Group

Insurance Group with more than 1 Billion in premium income operating in non-life and life business

The Supervisory Board, following the updating of the Company’s Organization and Control Model pursuant to Legislative Decree 231/01, requested the support of MACFIN to revise its internal control system.

This control framework is defined in the GRC system and consists of elements such as the taxonomy of business processes, organizational structure, and 231-sensitive activities. The scope of intervention involved the analysis and evaluation of approximately 550 elements surveyed in ARIS.




Impact analysis

aimed at assessing the completeness and consistency of the 231 control framework defined in the GRC system, in order to identify the need for any subsequent adjustments and additions, including within internal regulations (company procedures and flowcharts).

GRC system integration

aimed at reviewing the 231 relevance, for certain activities/controls and their matching with Sensitive Activities


Review of activities and controls 231

the activities focused on the analysis of the information contained in the GRC system, in order to assess the completeness, as well as the correct identification of the controls designed to guard against crime risks

Definition of a Base-line controls and completeness analysis

analyses were conducted to assess the completeness and correctness of the controls in the GRC system, compared to a taxonomy of "key" 231 controls. This taxonomy of controls was prepared on our professional expertise in insurance and similar contexts, integrated with leading practices

Integration into the GRC system

activities had the objective of verifying 231 relevance for specific activities and controls, which at the time of project set up did not have this classification.


Comprehensive mapping of the company's internal control system

defined in the GRC system and corporate regulations (Regulations, Policies, Code of Conduct and Behavior) for the benefit of Level II and III Control Functions and the Supervisory Board

Assurance for the Supervisory Board

on the completeness and integrity of the 231 control framework


Would you like to have more information about our services and solutions? Enter your data and we will contact you as soon as possible. 

    I'd like to talk about:

    Altri Casi di Successo

    Caso Framework Player Internazionale Gaming

    Setting the "231" Framework of an International Gaming Player

    Industry & Services | ESG, Risk & Compliance

    Caso framework GDPR società pubblica

    Setting the "GDPR" Framework of a State-owned company

    Non-Profit & Public | ESG, Risk & Compliance

    About Macfin