{"clientID":"2b71d197-0c21-4234-ba98-2689b888f985","signature":"664610f33aa0503128c41216cec8b65f079ea4ee9ece982d6c7d6715d0fc4e88","encryption":"68cad83b4246825bd81d4bc1059d4620","keyID":"183b753b-7f28-af43-f453-4bd93774f44a","user":"C1AAFC8C323DFDA567B3CD7D0E48C3DD","clientIDSh":"1d9f34e6-7f26-427f-a9d8-0fa45b27a1ca","signatureSh":"664610f33aa0503128c41216cec8b65f079ea4ee9ece982d6c7d6715d0fc4e88","encryptionSh":"68cad83b4246825bd81d4bc1059d4620","keyIDSh":"16eb5dfd-e4eb-6b7e-4294-8fc82de1428e","userSh":"C1AAFC8C323DFDA567B3CD7D0E48C3DD"}

Certifications

In order to prove the consistency of our processes with the best domestic and international standards, Intesa Sanpaolo obtained various types of certification from recognised external organisations.

CERTIFICATION SCOPE OF APPLICATION
 
ISO 26000
International standard to which the bank adheres since 2014 dedicated to the integration of social responsibility in corporate practice. The areas covered by ISO 26000 are: governance of the organization, human rights, worker protection, environment, fairness of management practices, issues relating to customers, community involvement and development
ISO 37001 International standard of reference for organisations in relation to the prevention of corruption and operational tool that adds to the anti-corruption measures already envisaged, at the regulatory level, by individual countries. The certification has been active since 2019 for Intesa Sanpaolo and since 2022 for the Group's banking, financial and insurance companies.
UNI ISO 45001:2018 Since 2017 the Occupational Health and Safety Management System has undergone an annual inspection by an independent third party which certifies its compliance with current legislation and industry standards. In 2018 has been extended to all branches and in 2019 the transition from the previous standard (BS OHSAS 18001) to the current one has been made.
UNI CEI EN
ISO 50001:2018
Energy Management System (SGE) certification. Certification active since 2012
UNI EN ISO 14001:2015 Environment management system certification. Certification active since 2005
UNI ISO 45003:2021 Certification of the process for managing risks from work-related stress, robberies and aggressive and discriminatory behaviour.
GEEIS-Diversity
Gender Equality European & International Standard is an international certification of the Arborus Association issued through Bureau Veritas and aimed at evaluating the commitment of organizations to include and foster all forms of diversity. The certificate, obtained in June 2021, refers to all the banks and companies of the Group in Italy. 
ISO PDR 125:2022 Certification for gender equality envisaged by the National Recovery and Resilience Plan (NRRP). Intesa Sanpaolo obtained the certification issued by Bureau Veritas thanks to the involvement and commitment of the top management towards the diversity and inclusion initiatives, the Principles on Diversity & Inclusion, the D&I Strategic Plan for the enhancement of diversity as essential components for the growth of the Group, and the work of the D&I Operating Committee.
ISO 27001
The ISO / IEC 27001: 2013 standard specifies the requirements for a correct definition, implementation, management and improvement over time of an Information Security Management System. In particular the certifications are related to the perimeters BancaIdentity, Electronic Signature on Digital Tablet, Retail Internet Banking, Online BranchCorporate Internet Bankingapplications to support business processes overseen by the Financial and Market Risks Department, cooperation and constellation services.
ISO 20000 (Conservation according to law)
The International standard ISO / IEC 20000-1: 2018 specifies the requirements for defining, implementing, maintaining and continuously improving a Service Management System (SGS), which an organization must have in order to provide high-quality IT services. Intesa Sanpaolo has decided to include the Standard Conservation service in its SGS, and in particular for the “conservation of IT documents”, based on the new AgID regulation.
ISO 22301
The standard regulates the business continuity management model of processes and related resources according to the criticality necessary to deal with scenarios of unavailability of people, offices or IT services.
eIDAS (Trust Services)
The EU eIDAS Regulation 910/2014 (Electronic IDentification Authentication and Signature) aims to provide a regulatory basis at EU level for trust services and electronic identification instruments of member states.
PCI PIN Security
PCI PIN Security includes a comprehensive set of requirements (based on industry standards) for the secure management, processing and transmission of personal identification data (PIN) during card transaction processing payment machines participating in the online and offline International Circuits at automatic teller machines (ATMs and CSAs) and point of sale terminals (POS), to which Intesa Sanpaolo periodically certifies the relative compliance.
EURIBOR The Corporate Governance Code issued by EBF and its annex define the general rules and safety levels applicable to the calculation process of the Euribor index, as well as the specific rules applicable to banks that contribute to the calculation of the Euribor index.
TARGET TARGET is the ECB's European system comprising the T2 (Real Time Gross Settlement -RTGS), TIPS (Instant Payments) and T2S (Securities Settlement).
CAI The creation of an IT archive, defined as the Interbank Alarm Center, is required in Legislative Decree no. 507 of 12/30/99. The subsequent Regulation of the Governor of the Bank of Italy of 29/01/02 defines the requirements that the Banking Institutions must comply with to ensure the security of the information system of the archive itself.
SIAnet Security Programme The SIAnet Security Programme is a programme introduced by NEXI with the aim of raising the security level of the payment network. The SIAnet Security Programme defines and annually updates the security requirements for participants.
SWIFT CSP
The Customer Security Programme (CSP) is a programme introduced by SWIFT with the aim of raise the security level of the payment network. It defines and annually updates the framework of security requirements for BICs (Bank Identifier Codes) active on the network.
{"toolbar":[{"label":"Refresh","url":"","key":"update-page"},{"label":"Print","url":"","key":"print-page"},{"label":"Request for Annual Reports","url":"/en/investor-relations/request-for-annual-reports","key":"business-budget"},{"label":"Financial Calendar","url":"/en/investor-relations/financial-calendar","key":"financial-calendar"},{"label":"Press Kit","url":"/en/newsroom/PressKit","key":"press-kit"},{"label":"Send CV","url":"https://jobs.intesasanpaolo.com/go/Open-positions-ISP-Company-ISP-%28EN%29/9382701/","key":"send-cv"}]}