How
we do it

The company’s approach is built on strong values, a robust ethical culture and a governance model that places people at the heart of every decision. At Sanitas, integrity, transparency and accountability guide the corporate strategy and reinforce fairness and respect in the care provided and in relationships with all stakeholders. Oversight, traceability and accountability drive a more efficient and innovative management model capable of generating sustainable value.

International presence

Since joining the Bupa Group in 1989, Sanitas has been part of an international healthcare organization with operations across numerous markets on five continents. This global reach is supported by an organizational model structured around three major business units with independent management capabilities—Bupa Global & UK, Asia Pacific, and Europe & Latin America—as well as operations in India and Saudi Arabia.

Learn more

International presence

Within this framework, Sanitas is part of the Europe and Latin America division, which includes countries such as Poland, Turkey, Chile, Brazil, Mexico and Peru. This platform also coordinates the commercial activities of Bupa Global Latin America in Guatemala, Panama, the Dominican Republic and Ecuador.

This reflects a leadership model that combines shared strategic direction with the adaptation of priorities and plans to the realities of each market, with the aim of maintaining common standards of excellence and commitment on a global scale.

Bupa and Bupa ELA presence

The map below illustrates the international footprint of the Bupa Group and its presence in strategic markets. Within this framework, Sanitas is part of the Europe and Latin America (ELA) division, operating within an organizational model that combines a global vision, regional coordination, and a tailored approach to the specific needs of each market.

Bupa ELA BUPA
Bupa ELA figures 2025
€7,022 billion

in revenue
(+14% vs. 2024)

€533 million

in operating profit
(+9% vs. 2024)

6.4 million

insured members
(+7% vs. 2024)

13.6 million

patients
(+6% vs. 2024)

Bupa ELA revenue by country in 2025
GRI 2-2
Corporate governance in Spain
GRI 2-9, 2-12, 2-17

At Sanitas, corporate governance operates as a management and control system that integrates risk management with a long-term value creation perspective. This framework makes it possible to anticipate and mitigate relevant risks, ensure consistent decision-making, and protect stakeholder trust, enabling the company to act with integrity, transparency, and responsibility at all times.

Learn more

Corporate governance in Spain

At Sanitas Seguros, corporate governance is built around a Board of Directors composed of highly experienced professionals whose expertise provides strong leadership and strategic direction for the company. All Board members perform their duties in accordance with the principles of honesty and integrity. To carry out its responsibilities effectively, the Board is supported by specialized committees that provide expert oversight, strengthen governance, and enable more agile and effective decision-making.

Sanitas and Bupa ELA Leadership Team
GRI 2-9

Sanitas combines ethical leadership and a robust governance model with healthcare delivery distinguished by excellence in customer care and innovation. This combination reinforces its distinctive position and underpins its standing as a global benchmark in healthcare and patient experience.

Carlos Jaureguizar
CEO, Sanitas and Bupa Europe & Latin America
Jesús Bonilla
Managing Director, Sanitas Dental
Yolanda Erburu
Chief Communications and Sustainability Officer, Sanitas and Bupa Europe & Latin America, and Vice-Chair of Fundación Sanitas
Miguel Escalona
General Counsel, Sanitas, and General Secretary, Bupa Europe & Latin America
Javier Gabás
Managing Director, Sanitas Mayores
Javier Ibáñez
Managing Director, Sanitas Seguros
Ana Mañero
Chief People Officer, Sanitas and Bupa Europe and Latin America
Miguel Kutz
Chief Risk and Compliance Officer, Sanitas and Bupa Europe & Latin America
César Morcillo
Chief Medical Officer, Sanitas and Bupa Europe & Latin America
Susana Quintanilla
Managing Director, Sanitas Hospitales and Bupa Peru
José Luis Ruiz
Chief Information Officer, Sanitas and Bupa Europe & Latin America
Jesús Gómez del Río
Chief Strategy, Transformation and Business Development Officer, Sanitas and Bupa Europe & Latin America
Pilar Villaescusa
Chief Financial Officer, Sanitas and Bupa Europe & Latin America
Fernando Martín
Chief Executive Officer, Bupa Global Latin America (BGLA)
Luiz Camargo
Chief Executive Officer, Bupa Care Plus (Brazil)
Rafael Córdova
Managing Director, Bupa Chile
Gökhan Gürcan
Chief Executive Officer, Bupa Acibadem Sigorta (Turkey)
Fernando Lledó
Chief Executive Officer, Bupa Mexico
Anna Rulkiewicz
Chief Executive Officer, LUX MED
Bupa ELA Advisory Committee
GRI 2-9

An independent advisory committee with extensive experience and a mandate to provide strategic advice and guidance supports Bupa Europe and Latin America. The committee is made up of the following members:

Manuel Pizarro
Chair
Carlos Jaureguizar
Member
Antonio Martos
Member
Cristina de Parias
Member
José María Álvarez-Pallete
Member
Strong and responsible governance
GRI 2-6, 2-8

Sanitas’ governance framework establishes clear rules for decision-making, accountability, and performance oversight. This ensures alignment with the company’s values, regulatory compliance, and effective risk management.

In supplier management, this framework is reflected in transparent supplier selection and qualification criteria, clear expectations for ethical conduct and compliance, and ongoing performance monitoring to ensure quality, safety, and person-centred care.

Learn more

Strong and responsible governance

Responsible Supplier and Supply Chain Management

At Sanitas, the supply chain is an integral part of the company’s commitment to integrity and responsible business practices. Accordingly, Sanitas expects its suppliers to demonstrate a clear commitment to transparency and respect for human and labour rights as a prerequisite for building trusted relationships and ensuring consistent performance across its operations.

Almost all of Sanitas’ suppliers are based in Spain (97%), accounting for virtually all transaction volume (97%).

Third-Party Risk Management Policy

This policy establishes the requirement for Sanitas to maintain a third-party risk management framework that includes procedures for the selection, management and oversight of suppliers. Its purpose is to support the smooth day-to-day operation of the business, help ensure that systems function effectively, and underpin the delivery of services to customers.

Clinical Governance Policy

GRI 2-8

This policy sets out the strategy that Sanitas is implementing to fulfil its ambition of becoming the world’s most customer-centric healthcare company. Clinical governance at Sanitas is the systematic approach to implementing, maintaining and continuously improving the quality and safety of the services it provides and commissions.

Procurement, supplier selection and contracting process

Sanitas’ ethical commitment is reflected in a robust procurement process that governs the selection, contracting and management of suppliers through a risk-based segmentation procedure. This includes risks relating to sustainability, modern slavery, financial crime, security and privacy, customers, reputation and regulatory compliance.

Risk control, oversight and management

Sanitas maintains a monitoring model that enables the identification of key risks and strengthens compliance throughout the commercial relationship.

Learn more

Risk control, oversight and management

Oversight includes specific controls in critical areas to protect service continuity and maintain stakeholder confidence:

  • Fraud indicator updates
  • Financial solvency reviews
  • Risk-based segmentation process
  • Due diligence process
  • Contracting process
Due diligence

Under this process, the suitability and materiality of suppliers identified as critical are assessed, including environmental, social and governance aspects.

Learn more

Due diligence

  • Environmental aspects

Environmental management systems, decarbonisation commitments and the integration of environmental criteria throughout the value chain.

  • Social aspects

Labour rights, equal opportunities, the integration of social criteria throughout the value chain, and the integration of the United Nations Global Compact principles.

  • Governance aspects

Implementation of a Code of Conduct and a whistleblowing channel, transparency, economic crime prevention frameworks, risk management systems, and value chain assessment processes.

Certifications and standards

To ensure the robustness of its management system, Sanitas relies on internationally recognised certifications that reinforce consistent practices in quality, environmental management and information security.

Learn more

Certifications and standards

These certifications strengthen internal controls and enhance process reliability. The standards applied include:

  • ISO 9001 – Quality management
  • ISO 13485 – Quality management for medical devices
  • ISO 14001 – Environmental management
  • ISO 27001 – Information security management

Wherever possible, Sanitas also gives priority to purchasing from Special Employment Centres.

Suppliers as a driver of sustainability

Strategic partners contribute directly to reducing the environmental impact of operations.

Learn more

Proveedores como palanca de sostenibilidad

En este contexto, en 2025 Sanitas ha implementado una guía de compras sostenibles que impulsa iniciativas que avanzan en eficiencia y en prácticas más sostenibles en el día a día:

  • Impulso del uso de energías renovables
  • Reducción del consumo de artículos de un solo uso y del plástico
  • Uso de artículos 100% reciclables
  • Reducción del consumo de papel y en su defecto consumo de papel 100% reciclado
  • Viajes en tren frente a avión
  • Equipos tecnológicos de mayor eficiencia energética y tanto reciclados como reciclables
  • Accesibilidad para personas con discapacidad
  • Contratación de trabajadores de integración social
Sanitas’ national leadership
Sanitas Seguros and its Board of Directors
GRI 2-9, 2-10, 2-14

This body is responsible for reviewing and approving the company’s strategic priorities and corporate policies, while overseeing the long-term sustainability of the business model. It is composed of seven directors and chaired by a non-executive Chair.

Learn more

Sanitas Seguros and its Board of Directors

The members of the Board of Directors are as follows:

  • Manuel Pizarro: Non-Executive Chair and External Director

  • Cristina de Parias: Independent Director

  • Carlos Jaureguizar: Chief Executive Officer (CEO) and Executive Director

  • Mónica Paramés García-Astigarraga: External Director

  • Pilar Villaescusa: Executive Director

  • Javier Ibáñez: Executive Director

Miguel Escalona
The application of current legislation and regulatory compliance are fundamental pillars underpinning the activities of all our business areas. Ensuring legal and regulatory certainty is essential to protecting not only our customers, but also our employees and partners.
Miguel Escalona
GENERAL COUNSEL, SANITAS, AND GENERAL SECRETARY, BUPA EUROPE & LATIN AMERICA
Committees and processes
GRI 2-9, 2-13, 2-15, 2-16, 2-23, 2-24

The Board of Directors defines the executive responsibilities of the Chief Executive Officer and delegates oversight responsibilities to the Audit Committee, the Risk Committee and the Criminal Compliance Body. Within this framework, it ensures that policies are clear and proportionate to prevent conflicts of interest and strengthen independence in decision-making.

Organisational structure: committees and boards
GRI 2-9, 2-11, 2-12, 2-13, 2-25, 2-26

The following bodies form the core leadership, management and corporate governance structure of the company.

Learn more

Organisational structure: committees and boards

Executive Committee

The Executive Committee is responsible for the executive leadership of the company, overseeing day-to-day management and acting as its official representative. It is supported by the General Management of Sanitas and the strategic business areas responsible for delivering the company’s business plan.

Audit Committee

The Audit Committee oversees the quality and reliability of financial and regulatory reporting. It also supervises the internal control system, risk management and the relationship with the external auditor.

Criminal Compliance Body

The Criminal Compliance Body strengthens the company’s crime prevention framework and compliance culture. It also ensures compliance with Article 31 of the Spanish Criminal Code and oversees the controls associated with the criminal liability of legal entities.

Risk Committee

The Risk Committee coordinates the identification, assessment and management of key risks and provides the Board of Directors with regular reporting on risk management, compliance and internal control. Its key deliverables include the Annual Complaints Report, the Own Risk and Solvency Assessment (ORSA) Report and the Solvency and Financial Condition Report (SFCR).

The Risk Committee is supported by three subcommittees:

  • Clinical Governance Committee: Oversees patient safety policies and the management of clinical risks across Sanitas hospitals.

  • Conduct Committee: Promotes ethical conduct and helps prevent risks related to business conduct and operational integrity.

  • Security, Privacy and Artificial Intelligence Committee: Ensures the protection of information and privacy through regulatory compliance and effective risk management.

Code of Conduct
GRI 2-16, 2-23, 3-3

The Sanitas Code of Conduct sets out the principles of integrity, responsibility and transparency that guide the conduct of everyone across the organisation.

Learn more

Code of Conduct

More than a formal set of rules, the Code serves as a practical reference for fostering a shared ethical culture, supporting consistent decision-making, and ensuring that day-to-day behaviours across all functions and levels of the organisation remain aligned with the company’s values.

The Sanitas Code of Conduct applies to both employees and suppliers and sets out the principles and standards that underpin the organisation’s culture. Its key elements include:

Transparency and integrity in management

Compliance with the Code supports consistent, principled decision-making, promotes transparency, and reinforces integrity in day-to-day management and across the company’s key processes.

Supporting policies that put the Code into practice

To embed these commitments, Sanitas complements the Code of Conduct with a range of specific policies, including the Crime Prevention Framework Policy, the Conflicts of Interest Policy, the People Policy, and the Fraud and Other Economic Crimes Prevention Policy. Together, these strengthen the company’s governance framework and support effective risk management.

Speak Up reporting channel

The company provides a confidential and anonymous reporting channel, Speak Up, which is managed by an independent third-party provider and enables employees and other stakeholders to report potential breaches of the Code.

Regular review and continuous improvement

The Code is reviewed periodically to ensure it remains up to date and aligned with changes in the operating environment, evolving societal expectations, and the organisation’s own needs.

 

Miguel Kutz
We apply the highest standards to our quality protocols in order to minimise the risks associated with our activity across all the processes we operate. We are equally demanding with our partners. We work to ensure that Sanitas meets the highest quality standards, for the benefit of patients, employees, and partners alike.
Miguel Kutz
Chief Risk and Compliance Officer, Sanitas and Bupa Europe and Latin America
The three values

that define Sanitas’ ethical commitment:

  • Transparency
  • Confidentiality
  • Compliance
The six guiding principles

that shape ethical behaviour at Sanitas:

  • Caring for customers
  • Caring for everyone who is part of Sanitas and for the people working across its value chain
  • Protecting Sanitas’ information and reputation
  • Helping to build a better world
    Complying with the law and acting with integrity
  • Understanding and applying the Code of Conduct
The three core values

that underpin the six guiding principles:

  • Responsibility: Taking responsibility for decisions and for their impact on the organisation and its stakeholders.
  • Courage: Acting with determination to put people at the centre and maximise the company’s positive impact, both within and beyond Sanitas.
  • Empathy: Listening actively and treating with respect the needs and expectations of everyone who interacts with the company’s activities.
Risk management at Sanitas

At Sanitas, risk management is based on five principles that determine how risks are identified, prioritised and managed across the organisation, under the direction of the Board of Directors.

Learn more

Risk management at Sanitas

The risk management model is maintained through a continuous cycle of monitoring and improvement, with clearly defined responsibilities and layered oversight. Accountability begins with the Board of Directors and extends throughout the executive and control structure, involving the Chief Executive Officer, the Management Committee, the Risk Committee, the Audit Committee and the Criminal Compliance Function.


This structure ensures consistency in implementation, strengthens traceability and supports rigorous compliance with established procedures.

Identification

Systematic identification and assessment of current and emerging risks, and of their potential impact on the organisation.

Definition

Establishment of a risk appetite and risk tolerance framework, with clear limits to guide operations and decision-making.

Implementation

Implementation of preventive and corrective responses and mitigation measures to reduce exposure and strengthen operational resilience.

Analysis

Use of high-quality information and data to support decision-making, prioritise actions and measure the effectiveness of controls.

Corporate Environment

Internal conditions that make the model operational and ensure its effective implementation:

  • Clearly defined responsibilities and strong accountability.
  • A culture of prudence and responsible risk management.
  • Prompt communication of incidents and alerts, supported by coordinated and timely responses.
Three lines of defence for risk management
GRI 2-25, 2-26

Sanitas has a structured risk management and control framework designed to protect the organisation across all areas of its operations.

Learn more

Three lines of defence for risk management

This framework is based on the Three Lines of Defence model, with clearly defined and complementary responsibilities that strengthen risk prevention, oversight and continuous improvement.

  • First line: Identifies, owns and manages risks within each business unit.

  • Second line: Oversees the internal control framework and ensures the effective implementation of policies.

  • Third line: Provides independent assurance on the overall effectiveness of the risk management framework.

To support its effectiveness, the model is underpinned by continuous training and digital tools that strengthen teams’ capabilities, particularly within the first line of defence.

The Risk, Compliance, Actuarial and Internal Audit functions form the core pillars of this protection and governance framework.