MetLife has a well-defined, robust and competent organizational structure for the performance of its functions, which is divided into Business Lines or Sales Channels, Functional and Support Areas, whose roles and responsibilities are described below:

Main Business Lines

Individual Government: Independent agents oriented mainly to government officials for the sale of the Met99 individual life product, typically through payroll deductions. 

Individual Private: Independent agents oriented to individuals based on referrals from private sector clients for the sale of individual products, mainly Life and Major Medical Expenses, with a personalized approach tailored to each client's needs.

Benefits for Private Sector Employees: Brokers and independent agents focused on companies and organizations in the private sector for the sale of group and collective Life and Major Medical Expense products.

Government Employee Benefits: Business line focused on government entities for the sale of group and collective Life and Major Medical Expenses products, where the sale is mainly made through public bids.

Functional and Support Areas

Operations: Area in charge of policy administration, collections, agent and client management, which is responsible for the following functions: 

•  Policy issuance and administration (new policies, renewals, maintenance and services) and collection management, investment administration and accounting control. 
• Sales force compensation. 
• Attention and management of benefit payments to clients, beneficiaries and intermediaries when a claim occurs under medical or life insurance products and its accounting control. 
• Customer service through all interaction channels: contact center (including voice, chats, emails, SMS, portals, social networks), branded service centers, corporate service centers (private and government employee benefits and branches nationwide), hospital modules. 
• Management of customer non-conformities, as well as interaction with the customer/user protection entity (CONDUSEF).

Actuarial: Experts in defining, creating and executing actuarial models for projections, reserves, pricing, business plan and determination of actuarial assumptions (mortality, lapses, morbidity). Responsible for monitoring product profitability and providing proactive information on key indicators and in partnership with finance, and are responsible for most regulatory and corporate reporting and analysis.

Product Development and Management: Experts in creating and/or modifying the company's products, responsible for their economic viability, product strategy, and defining selection parameters consistent with the company's risk appetite. Ensuring ongoing compliance with applicable regulations and the corresponding registrations for each of the products.

Finance: Corporate division specialized in management and decision making for financing, capital, investment, taxes, expenses, forecasting and business plans. Its main function is short and long term financial planning, as well as ensuring timely and accurate financial reporting. Additionally, they are responsible for contracting and administration of suppliers and corporate services.

This department includes the function of the Anti-Money Laundering Compliance Officer, who must coordinate the implementation and supervision of applicable anti-money laundering laws and regulations, as well as MetLife's global anti-corruption policy.

Information Technology (IT): Department responsible for implementing strategic solutions through technological tools to ensure that the company runs smoothly.

Information Security: Area responsible for protecting personal data collected, stored, transmitted and processed by MetLife from unauthorized use, disclosure, destruction or other security threats, whether internal or external in nature, by establishing administrative, physical and technical security measures to ensure sufficient, reliable, consistent, timely and relevant information.

Human Resources: Responsible for implementing policies, tools and practices related to the Employee Value Proposal (EVP) and providing advice on the attraction, deployment, development, compensation and wellness of our talent.

Legal: Area responsible for overseeing the legal aspects that the Company requires for its proper functioning, ensuring strict compliance with applicable regulations, as well as providing advice and solutions in four main areas: Corporate and Contracts, Litigation, Bids and Products, and Personal Data Protection (Privacy).

Strategy: Area specialized in strategic and competitive analysis, responsible for defining and monitoring the company's strategy in coordination with the different corporate and business areas. Supporting the company's key decisions such as the strategic project portfolio and building strategic transformation capabilities such as data management and analysis.

Marketing: Area responsible for defining, developing and implementing marketing and execution strategies through integrated value proposals, corporate and sales force events and customer experience designed to create a competitive advantage.

Government Relations: Area responsible for leading the government relations strategy in order to support executive leaders and business lines in building and maintaining permanent and close communication channels with government officials, regulators and Congress.

Communications: Area in charge of the Company's internal and external communication and positioning, in key issues and initiatives such as crisis prevention and management with the media, stakeholders and opinion leaders.

Independent areas which report directly to the Region and MetLife Global

Ethics & Compliance: Area that is part of the second line of defense, responsible for strengthening integrity and compliance risk assessment culture; advising the different areas of the company on initiatives, strategies and controls related to integrity issues, as well as ensuring compliance with laws, regulations, policies and ethical principles.

Risk: Area that is part of the second line of defense, responsible for managing risks that may affect the organization in order to prevent, mitigate and control risk factors in the company, on multiple fronts and especially in the Financial, Operational and Labor areas.

Audit: Area responsible for the third line of defense, its main function is to examine and evaluate adequate and efficient application of internal control systems, as well as potential opportunities for improvement, to ensure that the company complies with applicable regulations, standards, policies and procedures.

Delegation of Authority Policy

MetLife has a Delegation of Authority policy at the Latin American level, which provides specific guidance on responsibilities from the Regional President to Regional and Local Executive Leaders who are empowered to operate within specific financial and risk ranges, aiming to deliver results around the growth of the business while always performing consistent with the Company's values and business integrity.

MetLife has an effective Corporate Governance System comprised of the Shareholders' Meeting, the Board of Directors and the Regulatory Committees: Investment, Risk Management, Reinsurance, Communication and Control, Audit Committee and Credit Committee.

The shareholders' meeting, the board and the committees are responsible for developing policies and analyzing the best control procedures that allow us to achieve our business objectives more efficiently, in line with the rules that regulate us.

MetLife has working groups with the participation of the company's executive leaders, which function as forums for the exchange of ideas, cooperation and collective communication to make collective decisions effectively and in an articulated manner. These decisions directly influence compliance with regulations, the correct operation of the company and the benefit of our customers.

These groups handle issues related to: Communication Materials, Products, Sales Force Incentives, Business Risk Assessment, Underwriting, Fraud Prevention, Payment of Customer Benefits and Homologated Customer Payment Criteria.

In the company there are working groups with specific Executive Leaders for Diversity and Inclusion and to manage and report issues related to risks or non-compliance with the Company's Code of Conduct.

Specifically, the Ethics & Compliance working group oversees compliance and adherence to the policies referenced in this document, monitors indicators and trends in this area, makes decisions on related cases and generates actions to improve controls that help minimize compliance risks at MetLife.

This working group meets at least twice a year and includes representatives from the Business Lines, Legal, Risk, Human Resources and the Ethics & Compliance area.

Our policies and procedures establish the behavioral standards within an organization and indicate the responsibilities of employees and the company. The policies and procedures protect the rights of both and contribute to compliance with the Laws, Regulations, Standards, Procedures and Provisions in force that regulate us, which, by way of example but without limitation, are mentioned below:

• Political Constitution of the United Mexican States
• General Law of Administrative Responsibilities, Article 25.
• Federal Labor Law.
• Law on Insurance and Bonding Institutions.
• Law on Insurance Contracts.
• Federal Law for the Protection of Personal Data in Possession of Private Parties.
• General Law of the National Anti-Corruption System.
• General provisions referred to in Article 140 of the General Law of Insurance Institutions and Mutual Insurance Companies (currently Article 492 of the LISF).
• Regulations for Insurance and Bonding Agents.
• NOM-035-STPS-2018 on psychosocial factors.
• Single Insurance and Surety Directive
• General Provisions on sound practices, transparency and advertising applicable to Insurance Institutions.

MetLife ensures effective and efficient functioning of the Internal Control System (ICS) based on the "Three Lines of Defense" model of the "COSO" International Model: 

• The first line of defense, corresponds to the business lines and functional areas of the company. As its name suggests, it is the first line of defense responsible for risks and accountability, and identifies, measures, mitigates, evaluates and reports any risk related to its function or operation. 
• The second line of defense is formed by the independent control areas: Ethics & Compliance and Risks. Their main function is to supervise and advise the first line of defense in making decisions aligned with laws and internal policies. The second line of defense conducts monitoring and supervision of processes and business and shares the results with the first line of defense to improve opportunity areas, if identified; likewise, the second line of defense reports to regulatory committees or working groups with executive leaders any risks it identifies. 
• The third line of defense is formed by the Audit Area, which independently ensures the established controls, validating their strength and issuing objective and independent opinions. 

It is a general guide to risks and events that may occur and impact MetLife's operation at a Global level, in which Compliance Risks and Operational Risks are combined:

a) Regulatory Non-Compliance

b) Financial Crimes

c) Inadequate Customer Management

d) Disruptions in the operation of the business

e) Inadequate handling of customer information and privacy

f) Inappropriate employee relationship practices

g) Failures in Information Technology and Cyber Security

h) Inadequate market practices

MetLife ensures that the evaluation of its ICS is carried out continuously and aligned with MetLife's Global Operational and Compliance Risk Taxonomy, related to MetLife's business and activities in Mexico. This is done through an "Annual Monitoring and Testing Plan" validated and supervised by our Head Office through its specialized units (Anti-Corruption, Anti-Money Laundering, Anti-Money Laundering, Sales Practices and Privacy).

The scope of the monitoring includes process walkthroughs, review of controls, including in some cases "on-site" visits to our business partners.

The execution, results, action plans and improvements identified during risk monitoring are recorded and managed through MetLife's Global GRC-Open Pages platform, shared and validated with the Area or Line of Business leaders for the implementation of controls to mitigate any future recurrence.

Using the "GRC-Open Pages" platform, the second lines of defense record and jointly evaluate the residual assessment of Compliance and Operational Risks with the Area or Line of Business leaders.

The residual assessment of Compliance and Operational Risks and the follow-up of action and improvement plans are presented to the Audit Committee.

At MetLife, we have a culture of zero tolerance for corruption and are committed to transparency and accountability, conducting business fairly, honestly and openly.

Our global anti-corruption policy establishes guidelines and procedures designed to mitigate the risks of Corruption and Bribery, promote integrity, transparency and "doing the right thing" as an integral part of our corporate culture, and maintain steady progress on our reputation for trustworthiness. As such, Bribery or Corruption is strictly prohibited in business transactions, whether with the public or private sector, that are intended to unduly influence any act/decision/transaction or gain any advantage on behalf of MetLife. 

MetLife considers the U.S. Foreign Corrupt Practices Act ("FCPA"), the U.K. Bribery Act, local anti-corruption laws, among others.

In accordance with MetLife's Global Policy, the company's operations in each country have processes and controls in place to deter, prevent and detect potential acts of Bribery or Corruption.

MetLife has programs in place to ensure that (i) employees are familiar with applicable anticorruption laws; (ii) a robust anti-corruption compliance program is maintained; (iii) ongoing training is provided to executive leadership and all employees; (iv) employees are kept up-todate on any changes to the anti-corruption compliance program and/or regulatory provisions; (v) risk assessments are conducted in accordance with MetLife's global compliance risk management policy; and (vi) establishes global oversight of MetLife's anti-corruption compliance program.

MetLife takes reasonable steps to ensure that business partners and third parties understand that they too are expected to act with the highest standards of probity and integrity in any activity or related business on behalf of MetLife and encourages all MetLife employees and third parties to immediately report through whistleblower channels knowledge or even suspicion of any situation involving an act of Corruption or Bribery.

The policy that establishes the guidelines and directives regarding this issue in the company can be found in the Methods and Procedures database under MLM-POLG-477 

As a leader in the financial services industry, MetLife is keenly interested in avoiding any conflicts of interest associated with gifts and entertainment. The occasional exchange of modest gifts and entertainment can help build relationships with suppliers, vendors and other third parties. However, offering or accepting gifts and/or entertainment with the intent to influence a decision or gain an improper advantage is unethical and contrary to good business management.

It is MetLife's policy that employees may give and receive gifts and business entertainment that are lawful and appropriate in connection with their work, provided they are of nominal value and do not impair their judgment or that of others, or even give the appearance of doing so. MetLife prohibits the giving or receipt of cash as a form of gift.

The policy that establishes the company's guidelines and directives regarding this issue can be found in the Methods and Procedures database under MLM-POLG-477. 

MetLife Associates may come into contact with Government Officials as a result of their work activities. Associates are strictly forbidden from engaging in any activity with Government Officials or any other person at the request of a Government Official that could somehow be construed as Bribery. Associates must also remember that offering or accepting gifts and entertainment for a Government Official is subject to applicable local regulation and must not be offered for the purpose of influencing the official.

All gifts and entertainment received and given must be reported by employees through the global "Gifts and Entertainment" tool for authorization depending on the amount, which may in some cases require approval from area management levels. Ethics & Compliance periodically performs a validation of expenses vs. records in the system to ensure that gifts and entertainment are being reported by employees and aligned with the policy.

The policy that establishes the guidelines and directives regarding this topic in the company can be found in the Methods and Procedures database under MLM-POLG-477.

MetLife has controls and procedures in place to ensure due diligence of third parties considering that the acts of intermediaries, agents, brokers, consultants, distributors, subcontractors or joint venture partners and suppliers could involve the company if they offer or accept kickbacks in the performance of services they provide to MetLife.

MetLife has the following protocol for evaluating third parties when doing business:

- Generating transparent contracts with intermediaries or other third parties, including their subcontractors, that: 

• ensure a clear business need for the service to be contracted 
• ensure that the third party has the necessary expertise and will perform the function honestly 
• evaluate the risk of contracting the third party considering warning signs such as inadequate benefits in relation to public officials, excessive considerations, excessive incentives, inappropriate or lavish gifts or entertainment, unsubstantiated work contracting, exceptions to processes, among others 
• establish contractual provisions that ensure compliance of the third party's function within the regulations in force for the contract 

The company has processes and authorization procedures for contracts to ensure that the above points are complied with.

Ethics & Compliance performs periodic monitoring of contracts made with third parties in order to ensure compliance with the anti-corruption policy and clauses according to the level of risk identified.

Additionally, during 2016 MetLife created and consolidated a "Working Group with executive leaders on Business with Third Parties" which is composed of the executive leaders of the responsible areas and aims to analyze, evaluate and mitigate the risk of corruption in all Models or Ways of doing Business in the different channels and sales figures of the company. Once reviewed, it is authorized or denied to proceed with the business and controls are defined if necessary.

The policy that establishes the guidelines and directives related to this issue in the company can be found in the Methods and Procedures database under MLM-POLG-477.

MetLife makes contributions to projects and initiatives that promote the Company's values through donations and sponsorships. A donation to an organization or sponsorship of an event can be an important expression of good corporate citizenship. However, Donations or Sponsorships can also be used to disguise bribery.

Employees are prohibited from making charitable contributions or sponsoring any event that may, because of its value or frequency, create (even an appearance of) a conflict of interest for MetLife. In order to ensure that all donations or sponsorships are transparent and appropriate, they must be authorized by the company's executive leadership and the Global Anti-Corruption Unit and are recorded in the global Gifts and Entertainment system, for which Ethics & Compliance periodically monitors donations and sponsorships to ensure that they comply with the approval process and that there is evidence that they were designated for their intended purpose.

In addition, to mitigate the risks involved in donations and sponsorships, due diligence is performed on all organizations that will receive such donations and sponsorships, ensuring that there are no conflicts of interest.

The policy that establishes the guidelines and directives regarding this issue in the company can be found in the Methods and Procedures database under MLM-POLG-477.

MetLife constantly interacts with government entities and officials and therefore has a policy that establishes guidelines for any interaction MetLife employees may have with such officials.

Our policy covers a wide range of employee interactions with government officials and ensures compliance with applicable laws, the company's reputation and consistent messaging at all levels of the company. These interactions may require prior approval from Global Government Relations and Global Ethics & Compliance.

The policy that establishes the guidelines and directives regarding this topic in the company can be found in the Methods and Procedures database under MLM-POLG-477.

The Company has measures in place to identify any potential conflict of interest that may arise during the performance of any activity of associates, sales force and related third parties. This is done through the Annual Conflict of Interest Disclosure Program in which associates at least once a year certify, through the global "COI Disclosure Tool", if they may have perceived and/or possible conflict of interest. All affirmative responses are reviewed by the employee's leader with Ethics and Compliance oversight to determine if a monitoring plan needs to be created and if it is necessary to escalate the case to executive leadership.

Additionally, prior to the start of the relationship with an employee and/or sales force, the company can detect any potential conflict of interest through a questionnaire to allow for better decision making and the establishment of additional controls if necessary. 

MetLife has global and local guiding principles, standards and procedures designed to ensure that MetLife and its employees comply with applicable laws and regulations on: antimoney laundering, combating the financing of terrorism, and trade and economic sanctions programs.

Our policy protects MetLife and its employees from being used by money launderers, terrorists and other criminals for illicit purposes by having programs in place that continuously train employees to identify money laundering and terrorist financing risks and behaviors.

The main controls of the Money Laundering and Terrorist Financing Prevention program are as follows:

a) Risk management program.

b) Know your customer.

c) Monitoring and reporting of relevant operations.

d) Monitoring of customer activity and operations.

e) Filing suspicious activity reports with applicable regulators.

f) Collaboration for law enforcement in relation to the requirements of any governmental body on legal processes related to money laundering.

g) Compliance with the global sanctions program.

h) Training in accordance with the provisions of the global regulation and policies.

i) Management of customer information

The policy that establishes the guidelines and directives related to this topic in the company can be found in the Methods and Procedures database under MLM-POLG-067

MetLife is committed to its clients and associates to provide the highest quality services and products in the market, which is why it has implemented a comprehensive plan to prevent, detect and investigate fraud that may occur in the company. MetLife takes fraudulent acts very seriously and will always adopt appropriate measures to the extent permitted by law, with a zero-tolerance commitment regarding any act of this nature.

Associates are responsible for reporting any conduct that may be indicative of fraud through the established reporting channels. In addition, the company has a Fraud Prevention Working Group with Executive Fraud Prevention Leaders, which analyzes the cases and determines the actions to be taken, as well as the cases that need to be reported to the Risk Management Committee. 

Cases of actual or potential fraud are reported to the Global Investigation Unit through a case management system.

The policy that establishes the guidelines and directives regarding this issue in the company can be found in the Methods and Procedures database under MLM-POLG-800.

Privacy Policy

MetLife's Global Privacy Policy establishes the minimum standards designed to mitigate privacy risks; it maintains administrative, technical and physical security measures to protect personal data against damage, loss, alteration, destruction or unauthorized use, access or processing, in order to comply with the company's privacy policy and any applicable local privacy laws and regulations.

MetLife employees must act consistently, ethically and with due care when working with personal information as clients, employees and business partners provide MetLife with personal information on a day-to-day basis. They rely on MetLife to protect, limit the use of that information and respect their privacy. MetLife is committed to meeting these expectations by being a trusted steward of the personal information provided to the Company because there is a fundamental link between personal data protection and client trust.

MetLife has a Privacy Notice, available on its website and through the channels through which it has contact with the owners of the information; the purpose of the Notice is to notify the owners of the data the information that is collected from them and for what purpose; such treatment is subject to the consent of the owner.

The company is committed to meeting these expectations by being a trusted steward of the personal information provided under the following principles:

a) Limiting the collection and use of personal information.

b) Providing transparency in the collection and use of personal information.

c) Offering choices about personal information.

d) Affording access to personal information and other rights of data subjects.

e) Limiting the retention of personal information.

f) Maintaining security safeguards.

g) Restricting the personal information that is shared with third parties.

h) Upholding Accountability.

MetLife grants privacy rights, in accordance with applicable local regulation, in connection with the Company's information processing activities when collecting your personal information. That is why we have mechanisms in place to comply with the Federal Law for the Protection of Personal Data in Possession of Individuals and to respond to all requests for ARCO (Access, Rectification, Cancellation and Opposition) rights exercised by the owners of the information.

MetLife must prevent possible data breaches (loss or unauthorized destruction; theft, loss or unauthorized copying; unauthorized use, access or unauthorized processing, or damage, alteration or unauthorized modification). MetLife must also document and maintain personal data incident management procedures to identify, report and prevent recurrence in order to minimize the potential harm that could result. 

The policy that establishes the guidelines and directives on this topic can be found in the Methods and Procedures database under MLM-POLG-795.

Information Security 

MetLife has strict controls related to information security, which is considered an essential component of privacy compliance. In that regard, Information Security is fundamental to protecting personal data collected, stored and processed by MetLife from use, disclosure, destruction or other security threats, whether internal or external.

To protect against the risk that MetLife's personal information may be compromised by internal and external security threats, the Company relies on security measures to protect data from damage, loss, alteration, destruction or unauthorized use, access or processing. These measures can be classified as: administrative security measures, physical security measures and technical security measures.

MetLife documents and maintains personal data incident management procedures to inform on the identification, reporting and prevention of personal data incidents in order to minimize the potential harm that can result from personal data incidents.

The policy also states that before transferring MetLife personal information across international borders, MetLife shall ensure that a valid and secure data transfer mechanism is in place as required by law and maintain the necessary data transfer mechanisms in an auditable manner.

To comply with the policy, MetLife establishes measures to ensure that employees receive training and to raise awareness of the potential privacy risk arising from new business products, initiatives and projects in order to establish appropriate internal controls. 

The policy that establishes guidelines and directives on this topic can be found in the Methods and Procedures database under MLM-POLG-746.

All of MetLife's sales activities must comply with the basic principle of fair client dealing, which is why a key MetLife value is to place the client at the center of everything we do.

Matching each client's needs with the right product is critical to ensuring that we treat clients fairly, that we deliver the right solutions to the right clients and that we create a lifetime of customer benefits. Among the main guidelines the company has in place to ensure fair customer treatment we have: 

a) In all sales of MetLife products, they must be suitable, that is, adequate for the financial needs according to the information provided to us. The company has a system of risk-based controls to ensure that products are reasonably suited to the customer's needs and requests, and must clearly disclose product features so that the customer can select the most appropriate product for his or her needs.

b) Sales activity in all of MetLife's distribution channels is effectively monitored: Business lines perform risk-based management that considers the controls in place to (1) ensure that all agents are professionally qualified, licensed and authorized according to local regulations; (2) are adequately trained; (3) monitor the quality of sales through metrics, file review or client contact, to ensure that the sales process meets local regulatory requirements; (4) appropriately address any concerns or non-conformities that the client may have throughout the life of the product.

The policy that establishes the guidelines and directives regarding this issue in the company can be found in the Methods and Procedures database under MLM-POLG-798

MetLife has a 365/24 whistleblower system in English and Spanish for its employees, external parties, suppliers, business partners or any other third party related to MetLife. Easy access to these channels is guaranteed, which are published on our intranet, institutional website, as well as being disseminated through communication and training campaigns.

In order to facilitate access and reporting of inappropriate conduct or acts, there are the following channels in Mexico and at the head office:

• Website: EthicsPoint - MetLife

We offer independence and objectivity to reports, since our channels are administered and managed as follows by the head office, which, when possible, reports the corresponding cases to Ethics & Compliance in Mexico for attention and/or channeling according to the type of report.

Our Code of Conduct establishes that all reports are treated confidentially and, if the whistleblower prefers, anonymously. The employees of the control areas involved in the conduct of the investigation sign a non-disclosure statement.

Our model of Lines of Defense allows us to use independent and specialized areas (e.g., Ethics and Compliance, Risks, Fraud Prevention, Money Laundering Prevention, Legal) to adequately address any complaint filed for violations or misconduct in matters related to:

a) Corruption

b) Fraud

c) Money Laundering

d) Sales Practices

e) Data Privacy

f) Information Security

g) Conflicts of Interest

h) Discrimination and Harassment

i) Leadership

j) Other violations of the Code of Conduct

All reports received, without exception, are registered by Ethics & Compliance in Mexico, giving an acknowledgement of receipt to the reporter and informing him/her when the report has been reviewed and concluded.

For auditing and reporting purposes, Ethics & Compliance continuously monitors the status and progress of the reported cases, keeping a record of the acts or violations identified, recommendations for actions and corresponding sanctions.

Ethics & Compliance presents indicators related to the issues received through the different reporting lines in the Working Group with Ethics and Compliance Executive Leaders.

Any resolution of the investigation is carried out in accordance with Local Regulations, Policies and our Code of Conduct. According to the seriousness of the offense, associates who fail to comply with any of the provisions referred to in the Code of Conduct or Articles 10 and 11 of MetLife Mexico's Internal Labor Regulations, notwithstanding the provisions of the Collective Labor Contract and the Law, will be subject to disciplinary measures consisting of:

a) Verbal reprimand: Imposed when they are minor, low-impact offenses.

b) Written reprimand: It is applied when the Worker repeats an offense previously indicated verbally, or when the human error or negligence is more serious.

c) Written reprimand with a warning: It is applied to severe offenses or for recidivism in serious behaviors already sanctioned. The warning will constitute a warning to the employee to correct the conduct in order to avoid being suspended from work or the termination of the employment relationship, as the case may be.

d) Suspension from one to eight days without pay: It will be applied to very serious misconduct or for recidivism of a conduct already sanctioned.

e) Termination: The termination of the Individual Employment Contract shall apply in the event that the Worker incurs in any of the causes set forth in Article 47 of the Law.

MetLife's training program includes annual refresher training for all associates, which is defined in the "Annual Training Plan," as well as training for new associates within three months of joining the company.

MetLife is committed to providing strong actions that systemically promote co-responsibility with its business partners and therefore in the insurance sector, so there are also trainings and/or certifications for its sales force, which are tailored according to the support required by each of our business partners.

The Integrity Training Program is based on the training requirements indicated in the applicable insurance regulations, in MetLife's Global Policies and Good Corporate Practices on integrity issues, which is reviewed annually and contains at least the following risks: prevention of corruption, prevention of money laundering, prevention of fraud, declaration of conflict of interest, protection of personal data (Privacy), supervision of appropriate sales practices, among others.

This plan is established based on the risk profile of the employees' functions inside and outside the company. The plan indicates the percentage of training that must be fulfilled, which must be at least 95% at the company level, so the program is promoted by the Executive Leaders of the company who must comply with 100% of the training, which shows consistency at all levels of MetLife on the company's commitment and personal responsibility of its employees in making decisions correctly and ethically.

The functions that have a higher integrity risk are given training more frequently and, in some cases, at least once a year to ensure the strengthening of the culture and proper decision making, always in compliance with the guidelines and regulations in force. As a best practice, Executive Leaders carry out an annual certification of the integrity policy to consolidate their commitment to complying with it.

In order to facilitate and promote continuous training anywhere in Mexico and at any time, MetLife has a "Global Training System" for employees and "Distance Training Tools" for its business partners/sales agents. 

MetLife also has a training area, which, if necessary, organizes on-site sessions with business partners to reinforce the culture of integrity. Additionally, there are areas specialized in some risks such as: Operational Risks, Privacy Office, Technology Risks, Money Laundering Prevention Office, Ethics & Compliance, which also provide on-site training to MetLife's associates and/or business partners if required.

In order to monitor compliance with this policy, Ethics & Compliance presents the "Annual Training Plan" to the "Working Group with Ethics and Compliance Executive Leaders" and periodically reports on the percentage of compliance. It also frequently sends a report with the progress of the training sessions to Executive Management in order for the latter to encourage and ensure compliance among its associates. 

5.2 Communication Program MetLife has an "Annual Communication Plan" which aims to reinforce the Company's Integrity culture by covering at least the following topics: corruption prevention, money laundering prevention, fraud prevention, conflict of interest disclosure, personal data protection (Privacy), supervision of appropriate sales practices, among others.

The plan is promoted primarily by MetLife's General Management and Executive Leaders, who are responsible for ensuring compliance with the Company's culture of integrity. The plan is presented annually to the "Working Group with Executive Ethics and Compliance Leaders", periodically showing the results of participation in campaigns, events, communications or activities performed.

MetLife has different communication channels, which facilitate and are used for the dissemination of integrity issues. 

Corruption is any activity that involves the abuse of position or power to gain improper personal or business advantages, whether in the public or private sector. Corruption violates public trust, threatens economic and social development, and primarily impedes fair trade. 

Reporting or whistleblowing is when an employee of the company or a related third party reports suspected wrongdoing to MetLife. For MetLife, the scope of a whistleblowing report encompasses acts or conduct in accordance with Local Regulations, Policies and our Code of Conduct.

Terrorist financing is the contribution, financing or collection of economic resources or funds for the purpose of supporting criminal and/or terrorist groups.

Fraud is any deliberate practice or act that is planned for the purpose of obtaining an unfair or unlawful gain by deception. Any activity including any fraudulent behavior or misconduct in connection with any financial crime, bribery, insider trading, accounting or auditing.

Personal information is defined as information that is held in electronic or physical form and that serves to identify or by means of which a person can be identified directly or indirectly.

Third-party vetting refers to the Ethics and Compliance checks performed on business partners, suppliers, customers and recipients of sponsorships and donations to ensure their legitimacy and that they are aligned with company policies.

Money laundering is the process of concealing the true origin of funds, securities or other assets derived from illicit activities in order to create the appearance of legitimacy. Financial institutions should also pay attention to financial transactions involving the use of funds from legal activities to promote illicit activities, including the financing of terrorist acts.

Administrative security measures are the set of actions and mechanisms to establish the management, support and review of information security at the organizational level, the identification and classification of information, as well as the awareness, education and training of personnel, in terms of personal data protection.

Physical security measures are the set of actions and mechanisms, whether or not they employ technology, designed to

a) Prevent unauthorized access, damage or interference to physical facilities, critical areas of the organization, equipment and information;

b) Protect mobile, portable or easily removable equipment, located inside or outside the facilities;

c) Provide equipment containing or storing personal data with maintenance that ensures its availability, functionality and integrity, and

d) Ensure the secure disposal of data.

Technical security measures are the set of activities, controls or mechanisms with measurable results, which use technology to ensure that

a) Access to logical databases or information in logical format is by identified and authorized users;

b) Access is only for the user to carry out the activities required by his functions;

c) Actions are included for the acquisition, operation, development and maintenance of secure systems; and 

d) The management of communications and operations of computer resources used in the processing of personal data is carried out.

Sponsorship and donations are any type of payment, monetary or other type of support provided in favor of a third party using company assets, with the direct purpose of promoting our products, services or company (sponsorship) or providing a contribution in cash or in kind to a charitable or community organization without expecting anything in return (donations).

Sales practices means any activity carried out by or on behalf of MetLife for the purpose of influencing a client's decision regarding a product or service. "Client" means individuals or legal entities, producers, affinity groups or governmental agencies doing business with MetLife. 

Sales practice risk is the risk that a product sold to a client is not suitable for his or her needs and, therefore, would create client dissatisfaction and could be grounds for MetLife to be the subject of client complaints with subsequent remediation, reputational damage or action by regulatory authorities.

Bribery is defined as improperly influencing an individual or entity in any way for the purpose of obtaining or appearing to obtain a benefit. This includes, directly or indirectly (through a Third Party) offering any Object of value for the purpose of influencing a person or entity to improperly participate in an act, omission or decision in the exercise of any official, public or business-related function or to gain an undue advantage in order to obtain, retain or direct business