Leadership is addressing compliance and integrity related objectives in the business strategy.

i. The mission and vision statement and description of relationships with the key stakeholders include an ethical note, with which the leadership sets a corporate integrity standard for business operation, at all levels of decision-making and for overall corporate behaviour.

ii. Responsibility for the monitoring and implementation of the compliance programme is formally assigned to one or more senior executives, with sufficient independence and resources.

iii. Key and company specific compliance and integrity risk areas are identified in terms of the geographical area of operation, type of products or services, structure of the supply chain, etc..

iv. Business strategies are defined to address key areas of these risks.

v. Questions from compliance and integrity risk areas are included in the agendas of strategic and leadership sessions and are regularly addressed in business decision-making.

Code of Conduct


The company has formally adopted its Code of Conduct, which leaders actively implement and promote.

i. The key compliance and integrity risk areas are addressed in the Code of Conduct, which is documented and signed. Based on this, relevant policies and procedures, which further deal with areas such as gifts and hospitality, conflict of interest and corruption, personal information, competition and consumer protection, safety and health, etc., are also adopted.
ii. The Code is translated into local languages and includes a point of contact for seeking advice or reporting violations, with the non-retaliation policy explained.
iii. The Code is published online and presented to all employees, contractors, suppliers…, accompanied by management address. It is regularly updated.
iv. The company mandates that the entire leadership and all employees receive regular annual training in the areas covered by the Code. The training must be completed by the entire senior leadership and at least 75% of other employees (taking into account absences, other circumstances…).

Incentives and Discipline


Leaders encourage ethical conduct through a system of incentives and disciplinary measures.

i. The company has introduced at least three initiatives for promotion of ethical conduct as part of performance rewarding system, in particular for leaders.

ii. The implementing documents feature a table with various types of violations critical for the company, with various levels of seriousness, to which a certain form of disciplinary measure is assigned in advance, regardless of who is the violator.

iii. The company keeps a record of violations and measures taken (these are usually HR and legal records, etc.), with violations, their seriousness and measures taken description. In this way the company may demonstrate that it responds to violations consistently, proportionately, fairly and systematically.

Employees and third-party compliance


Leaders implement the integrity standards into the recruitment procedures and employees’ development and into third party relationship management.

i. The company has developed and actually implements employees’ background due diligence procedure in terms of compliance and integrity, before they are employed and periodically, specifically including the high-level staff and high-risk contractors.

ii. The company has a training plan addressing specific compliance and integrity risk areas, including a definition of the target audience, frequency, methods, such as e-training, workshops, etc.; and the manner of confirmation of attendance and conclusion of education.

iii. A training programme has been developed for all levels of leadership; also determining the general and specific risk topics, objectives of the training, the timeline and the manner in which feedback is gained to examine the effectiveness of the training.
This is an integral part of the onboarding protocol and is mandatory.

iv. The company also has a programme of compliance and integrity education and training, for individual target groups; specifically designed to cover relevant areas of work, business functions, groups of employees and other contracting parties in high-risk positions.
Training is focused on specific relevant risk areas, with examples of scenarios of violations and correct conduct included; the program also includes the manner in which participation is confirmed and the training is concluded; it must reach at least 80% rate.

Compliance monitoring and responding to violations


Leadership assures that an active and operational helpline for consultation and raising concerns regarding compliance and integrity issues is established. Leaders efficiently respond to reports and protect those who report violations in good faith from retaliatory measures.

i. A line for consultation and raising concerns (violations reporting) in the field of compliance and ethics is formally established and all employees, contractors and other third parties are informed about it where warranted. Leaders regularly and openly encourage employees to speak about violations and promote the benefits of the consultation purposes of the help-line.

ii. The integrity help-line management, including the proper procedure and timeline for responding to reports, is determined, and responsibilities are assigned to proper persons.

iii. The procedures and methods for protecting persons who report violations in good faith against retaliation are defined; this is communicated to employees and operationally assured.

iv. A registry of reported violations is established, indicating the time, subjects (with confidentiality protection assured), description of the violation and response to the report, including an internal investigation and other subsequent activities.

v. The line for reporting violations is functioning and active. Employees and other stakeholders are actually using the integrity line by asking questions and reporting violations of compliance and integrity.