1

MANUAL FOR SELFCONTROL AND RISK MANAGEMENT MONEY LAUNDERING AND FINANCING OF TERRORISM

Version 3

DECEMBER 2014

2

TABLE OF CONTENTS 1. INTRODUCTION.......................................................................................................….3

2. DEFINITION OF CONCEPTS FOR ISAGEN.................................................................4

3. AREA OF SYSTEM APPLICATION…………...............................................................6

3.1 Shareholders for whom ISAGEN is a direct depositor……………..……..……................6

3.2 Other shareholders and persons who are Company stakeholders …………………………………………………………………………………………....................7

4. AML/CFT GUIDELINES......................……….............................................................7

5. AML/CFT OBJECTIVES................................................................................................7

6. AML/CFT TOOLS AND PRACTICES..........................................………………………..8

6.1 For compliance with direct oblications...............................................................………..8

6.2 Implementation of other procedures...............................................................................8

7. REPORTS AND OTHER................................................................................................9

8. RESPONSIBILITIES…………………………………...……………………………………...9

9. MECHANISMS FOR PREVENTING AND MANAGING CONFLICTS OF

INTEREST....................................................................................................................12

10. DUTY OF CONFIDENTIALITY……………………………………………………………13

3

1. INTRODUCTION

In 2007, ISAGEN made its debut on the stock market when it sold a portion of the Nation's shares in Company stock, equivalent to 19.22% of all Company shares in circulation.

With the registration of ordinary shares in the National Registry of Securities and Issuers (RNVE, for the Spanish original), ISAGEN became a Company over which the Financial Superintendence exercises concurrent control to continually monitor its compliance with the norms regulating stock market activities.1

Prior to executing the transfer schedule, General Shareholders' Meeting No. 023 on June 1, 2006 approved dematerializing 100% of the Company shares so that ISAGEN would be DECEVAL's direct depositor of shares owned by nine investors, which as of December 31, 2006 were considered the Company shareholders.

The Financial Superintendence of Colombia published Public Notice 060 on December 18, 2008 thereby annulling Public Notice 062 of 2007, dramatically reducing the direct obligations of real sector issuers in regards to Anti-Money Laundering and Combating the Financing of Terrorism (hereafter AML/CFT).

Issuers like ISAGEN, which trade on the secondary market by way of entities subject to inspection and oversight of the Superintendence, are required to follow instructions on managing risks related with AML/CFT.

Likewise, the norm indicates that when dealing with special trading executed outside the system for trading dematerialized securities, direct depositors must follow instructions on managing risks related with Anti-Money Laundering and Combating the Financing of Terrorism.

Although ISAGEN does trade dematerialized shares and acts as a direct depositor for the eight shareholders prior to the Democratic Share Holding Program, thus making it subject to the obligations referred to in the previous paragraph, share issues are managed by entities overseen by the Financial Superintendence, and therefore said entities are responsible for complying with norms on Anti-Money Laundering and Combating the Financing of Terrorism, in line with applicable regulation.

In accordance with guidelines in place by the governing body and Company policy on Corporate Responsibility and Corporate Governance, ISAGEN defined its obligations and the structure of the Manual for Selfcontrol and Risk Management

1 To that end, see Concept 2007001419-001 of February 6, 2007 by the Financial Superintendence of Colombia, which states, "Entities submitted to concurrent control include companies that issue shares which, due to their economic activity, are subject to inspection and oversight by another Government authority. For that reason, the function of oversight by this Government Body is reduced to verifying that the Company adjusts its operations to the norms regulating the stock market and to ensuring that information required to be provided by said issuers to the securities market is delivered as timely and completely as necessary.

4

Money Laundering and Financing of Terrorism (hereafter, "The System", which in addition to seeking compliance with current legislation also applies additional, voluntary measures. This system is built on elements from ISAGEN's work system such as guidelines, codes, standards, activities and responsibilities that facilitate managing risk associated with Anti- Money Laundering and Combating the Financing of Terrorism.

This manual will always be available to ISAGEN workers. It will be updated to stay in line with current legislation and the work environment, and must be approved by the Board of Directors.

2. DEFINITION OF CONCEPTS FOR ISAGEN

Monitored Shareholders

For purposes of this document, these are shareholders for whom ISAGEN is a Direct Depositor and others that the Legal Representative, with support from the Compliance Officer, decides to include through specific practices and procedures due to risks of AML/CFT that the person or activities pose to the Company.

Bond Issue Administrator

For purposes of this Manual, ISAGEN understands the Bond Issue Administrator, referred to in regulation, to be the person or persons who are legally or contractually responsible, in whole or in part, jointly or severally for the activities that in line with standards regulated by the stock market derive or are simultaneous to bond issues or share trading. These can include activity related with holding and managing physical or dematerialized securities macro securities, possessing the register of shareholders, the register of contributions, issue of a global certificate to exercise corporate rights, queries for issuers through the issuers module, calculating and liquidating equity shares in the securities, support to shareholder meetings, money laundering audits, etc.

Warning signs

Certain circumstances get more attention and justify more in depth analysis.

For ISAGEN this may include any information, conduct, activity or circumstance that indicates unusual or suspicious operations that could be associated with Money Laundering or Financing of Terrorism, which therefore justify more in depth analysis. Additionally, indicators that demonstrate unusual economic activity for one of the persons described in point number three of this Manual, Area of System Application.

5

Financing of Terrorism Financing of Terrorism is related with financial support provided to this activity, and terrorism is understood to be any intentional act that, due to its nature or context, can seriously harm a country or a national or international organization.

Money Laundering

Article 323 of the Colombian Penal Code defines this as: acquiring, guarding, investing, transporting, converting, holding or managing goods directly or indirectly originating from activities such as migrant smuggling, human trafficking, extortion, embezzlement, kidnapping for ransom, rebellion, gunrunning; crimes against the financial system, public administration or related bodies when conspiracy to commit a crime results in said criminal activities; trafficking in intoxicating drugs, narcotics and psychotropic substances; or when goods originating from such activities are presented as legally acquired or the true nature, origin, location, destination, transportation or rights associated with said goods are hidden or falsified or any other action is taken to hide or cover the origin of illicitly acquired goods.

Compliance Officer

The person responsible for defining, operating, overseeing and applying activities defined for AML/CFT. This person will present results and submit reports voluntarily generated to the oversight bodies. He or she must hold a senior level position and have decision making authority. In ISAGEN this role is assumed by the General Counsel.

Unusual Trading

Any trading in which the quantity or characteristics are not those commonly expected for the person's (shareholder, employee, client, etc.) economic activity or for which the number, amount traded or other specific characteristics are not in line with the normally established parameters.

Suspicious Trading

Trading in number, quantity or characteristics that are not in line with systems or practices considered normal for the specific businesses, industry or sector, and that due to the use and customs of the related activity cannot be reasonably justified. When this type of trading activity is detected, it must be reported to the UIAF.

6

Other Monitoring Stakeholders other than shareholders, when the Legal Representative, with support of the Compliance Officer, decides to monitor either the person or their activities. Monitoring may be through procedures, practices or special contractual conditions required by ISAGEN in its AML/CFT efforts.

UIAF

This is the Financial Information and Analysis Special Unit of the Ministry of Finance and Public Credit.

Publicly Exposed Persons

Colombian citizens or foreigners whose profile or job responsibilities can expose the Company to an increased risk of ML/FT, such as those who manage public resources as part of their job responsibility, who have some degree of public authority or who are publicly recognized.

3. AREA OF SYSTEM APPLICATION 3.1 Shareholders for whom ISAGEN is a direct depositor

AML/CFT control over special operations carried out by shareholders, who receive direct deposits through the Centralized Share Deposit, Deceval S.A. will be applied by ISAGEN either directly or through administrators of the bond issue or other market agents. More specifically shareholders or trading affected will be those referenced in numeral 1.2. of Public Notice 060 in 2008 by the Financial Superintendence of Colombia and the norms modifying said public notice.

In line with legal requirements, shareholders considered in this numeral are overseen by ISAGEN as long as the Company operates as the direct depositor before Deceval, understanding that from the moment any of these transfer all of their shares for which ISAGEN is the direct depositor said person will be excluded from ISAGEN's Area of system application, notwithstanding the Company may voluntarily implement measures in terms of the following numeral.

3.2 Other shareholders and persons who are Company stakeholders As an additional measure and notwithstanding the aforementioned, the Legal Representative is authorized to establish other procedures, tracking or practices to monitor shareholders and their transactions for which ISAGEN is not a direct depositor. Nonetheless, monitoring of said subjects and transactions is legally the obligation of overseen entities through which the issue is made, placed or

7

managed. When the Legal Representative notices signs in the market or the sector and it is considered necessary at the request of the Compliance Officer, the same treatment shall be given to other Company stakeholders.

4. AML/CFT GUIDELINES In its relation with stakeholders, ISAGEN shall define mechanisms and develop activities with a focus on Anti-Money Laundering and Combating the Financing of Terrorism, so that in addition to complying with current legislation the Company establishes an ongoing commitment to Corporate Responsibility and Corporate Governance.

The risk management for Anti-Money Laundering and Combating the Financing of Terrorism methodology is the same as that defined by the Company to manage other risks, which is defined in the "Risk Management Methods Handbook." Said handbook is also aligned with the "ISAGEN Risk Management System Manual."

Procedures, mechanisms, practices and tools implemented to manage and disclose the risks of money laundering and the financing of terrorism are utilized in the Company's various systems for prevention and correction. Among these are the Corporate Ethics System, the Corporate Governance Code, the Ethics Statement, the Manual for Handling Unethical Situations and Fraud Risk Management, the Employee Handbook and the Protocol for Handling Unethical Situations.

5. AML/CFT OBJECTIVES

Protect ISAGEN from being associated with ML/FT activities engaged in by

their stakeholders for which ISAGEN is operating as a direct depositor and in certain cases for other shareholders or on behalf of other Company stakeholders.

Identify and report all activities that could potentially constitute ML/FT or that

support ML/FT and that can compromise management.

Join forces with public and private institutions and companies, seeking to

effectively cooperate to prevent ML/FT.

8

6. AML/CFT TOOLS AND PRACTICES In agreement with the objectives announced in the previous point, ISAGEN may use the following tools and practices, and these are considered part of the complete System.

6.1 For compliance with direct oblications

In accordance with current legal requirements imposed on ISAGEN as a direct depositor for some shareholders (verification on special operations), the Company may delegate, as provided for legally or contractually, technical, administrative and legal authority to bond issue managers and other market managers who shall in turn effectively execute said legal obligations.

To guarantee compliance with the obligations cited in the previous paragraph, the Legal Representative, with support from the Compliance Officer, is authorized to implement procedures and guidelines considered necessary to correctly execute and periodically monitor third party compliance.

6.2 Implementation of other procedures

The Legal Representative is fully authorized by the Board of Directors to implement procedures and guidelines focusing on ML/FT, related activities and document creation and management procedures as necessary to prevent legal risks and risks to the Company's reputation associated with these criminal activities.

In line with the work model, controls and tools are defined to address the cause that can materialize into the risk. Said controls and tools include the following, which can be used jointly and separately: ISAGEN's ML/FT Risk Verification, the Ethics Hotline, the Warning Signs, the Manual for Handling Unethical Situations and Fraud Risk Management, the Suppliers Code of Conduct and the Technology Partner Network Code of Ethics.

7. REPORTS AND OTHER The ISAGEN Compliance Officer can:

1. Prepare external reports on suspicious trading for the competent authorities.

2. Implement special clauses and conditions in documents and contractual

relations as considered appropriate in agreement with the System objectives, whether these are the same as those activities identified in in numerals 5.1 and 5.2 or in any Company activity and as regards any stakeholder.

9

3. Disclose System information as appropriate, in a timely manner and through the media considered appropriate.

4. Carry out actions and activities considered appropriate to ensure

compliance with System objectives.

5. With approval from the Legal Representative, outsource oversight activities

provided for in this Manual, as well as other activities to ensure compliance with the same when efficient management and/or the surrounding circumstances justify this, at all times looking out for the integrity and confidentiality of Company's and third party information.

8. RESPONSIBILITIES To guarantee the System is implemented and maintained, the Company designates responsibilities to different teams and assigns specific roles to increase transparency, efficiency and effectiveness in said implemenation.

Additionally, for purposes of this System the Board of Directors, the Audit Committee and the Statutory Auditor have defined job responsibilities, which are presented hereafter:

Board of Directors

- Approve the AML/CFT Manual in line with recommendations provided by the

Audit Committee. - Designate the Company's Compliance Officer. - Provide effective, efficient and timely support to the Compliance Officer.

Audit Committee

- Create AML/CFT policies. - Review and approve the annual System compliance plan. - Evaluate all reports submitted by the Compliance Officer, the Statutory

Auditor and the Company Auditor regarding execution of Company standards and provisions on ML/FT and provide its feedback on said reports. Proof of such evaluation and feedback must be recorded in the Company's Book of Minutes.

- Follow-up on the comments and recommendations adopted from the reports evaluated in the previous paragraph.

- Provide effective, efficient and timely support to the Compliance Officer.

10

Legal Representative

- By way of the Audit Committee propose the AML/CFT Manual and its modifications to the Board of Directors for their approval.

- Verify that practices and procedures established in the AML/CFT System facilitate timely compliance with guidelines approved by the Board of Directors.

- Authorize and provide resources necessary for adequate compliance with the AML/CFT System.

- Provide effective, efficient and timely support to the Compliance Officer. - Annually submit repots on AML/CFT System execution to the Board of

Directors. - Approve the ML/FT risk evaluation of new markets, goods or services

presented by the Management Committee.

Compliance Officer*

- Oversee compliance with all Legal and ISAGEN Company aspects on Anti- Money Laundering and Combating the Financing of Terrorism.

- Propose the annual work plan for the proper development of the AML/CFT System and compliance with his responsibility.

- Present annual reports to the Board of Directors' Audit Committee. - Answering to the Legal Representative, manage the physical, technological

and human resources necessary to maintain an ideal AML/CFT System. - Promote corrective measures for the System and new procedures and

practices, taking into account market warning signs and possible risks derived from the same.

- Provide information required by oversight and audit bodies and respond to requirements received. Analyze reports submitted by the statutory auditor and the Company Auditor, and implement action plans to address deficiencies cited.

- Verify that stock brokers and other overseen entities comply with current legislation.

- Prepare reports on any suspicious trading, and submit them to the UIAF. - Submit Colombian citizen ID number, position and seniority to the UIAF

within fifteen (15) days of being designated to the position. * When making reference to the Compliance Officer, this should be understood to include this person's support group comprised of the members of the Financial Resource Management Teams and the General Counsel.

11

Company Auditor and Statutory Audit

- Verify compliance with external and internal norms and controls provided for in the System, and submit reports considered necessary for compliance.

- The Statutory Auditor must ensure the Company is maintaining compliance with the system, and must provide proof of said verification and compliance.

Financial Resources Management Team

- In contracts, orders and in general contractual relations with third parties,

entities overseen by the Financial Superintendence of Colombia, managers of current and future issues and other persons by which ISAGEN issues securities and shares, whether on the primary or secondary market, include the obligation of the counterparties to operate in compliance with the norms on ML/FT and to monitor said contractual commitments as well as those that legally bind the aforementioned in regards to ML/FT.

- With the Compliance Officer jointly propose the adoption of a procedure to guide oversight of the points cited in the previous paragraph if necessary. In a timely manner submit reports on unusual or suspicious operations arising, providing the corresponing analysis to the Compliance Officer. All Company employees are equally responsible for this last responsibility. If an employee becomes aware of any warning sign related with any of the persons described in point number three of this Manual, Area of System Application.

Shareholder Support Team

- Activities described in the previous point in regards to shareholders and

investors.

Human Resources Team

- Ensure employee instructions address Money Laundering and Financing of Terrorism.

General Counsel

- Train employees annually in orientation processes scheduled by Human

Resources to build awareness on policies, procedures, tools and controls adopted for Internal Audit and Risk Management on ML/FT.

Management Team

- The Management Committee evaluates the risk of Money Laundering and

Financing of Terrorism associated with new markets, goods or services, and it reports findings to the Legal Representative for approval.

12

All ISAGEN employees

- Shall follow this Manual. - Keep confidential the audit and analysis procedures associated with money

laundering and financing of terrorism that are practiced in ISAGEN as well as the reports on the same, which are submitted to competent auditors.

- Inform the Compliance Officer about any unusual or suspicious operations or warning signs they are aware of.

Other responsibilities of the different bodies, workers and teams may be presented in the Fraud Risk Matrix in the part on risk control, procedures and additional practices that may complement this Manual.

9. MECHANISMS FOR PREVENTING AND MANAGING CONFLICTS OF INTEREST

Internal regulation provided in the Corporate Governance Code on preventing and handling conflicts of interest will apply to all bodies, teams and workers responsible for carrying out System activities, always considering that conflicts of interest can arise in the management and application of the same.

10. DUTY OF CONFIDENTIALITY Information obtained in carrying out the procedures and practices of the AML/CFT System shall be considered confidential, and therefore it can only be made known to the Financial Information and Analysis Unit (UIAF) of the Ministry of Finance and Public Credit and the regional and area directors of the Nation's District Attorney when required by law in the latter cases. Accordingly, all ISAGEN bodies and workers, which are assigned responsibilities in this Manual and the procedures from which it is derived, are required to keep information confidential and limit its use strictly to the purposes for which it is established.