The thyssenkrupp compliance program comprises the three elements Inform & Advise, Identify, and Report & Act. It is closely interlinked with risk management and with our internal control system. In this way we ensure that compliance is an integral component of every single business process.
The compliance program is focused on antitrust law and corruption prevention. Since 2014, measures relating to money laundering and data protection have additionally been integrated and established as part of the compliance program. In relation to other topic areas – such as occupational safety and environmental protection – the Compliance function has taken on the role of advisor, coordinator, and consolidator. Substantive responsibility in these areas remains with the competent corporate functions and business areas; the Compliance team provides support and advice and ensures uniform reporting to the Executive Board.
Setup and elements of the compliance program
The three pillars of our compliance program
Inform & Advise
Central components of the “Inform” pillar of our compliance program are the antitrust law and corruption prevention training programs carried out by the compliance officers. In the programs, employees are informed about compliance requirements, risks, and possible sanctions. The requirements are based on law and our Groupwide policies. They also serve the implementation of international standards. They cover for example rules for dealing with competitors and business partners and responding to invitations and gifts, as well as the prohibition of facilitation payments.
In the fiscal year 2017/2018, around 5,500 employees worldwide attended classroom courses, mainly on antitrust law and corruption prevention. In addition we continued the fourth cycle of the e-learning program on corruption prevention and antitrust law launched in November 2015. A total of more than 112,000 courses, net of disposals, were completed by the end of the fiscal year.
In connection with our compliance advice activities, we support important business transactions, for instance in connection with major projects and M&A projects or the engagement of intermediaries. For this the employees can contact their Compliance Officers in the business areas, regions, and at Corporate or call our central hotline. The Compliance Officers also advise the operating units on integrating compliance into their business processes.
The “Identify” pillar of the compliance program focuses on regularly reviewing critical business operations based on a risk-oriented, structured audit process.
In addition, in the 2013/2014 fiscal year we carried out a targeted Groupwide risk assessment. Based on a detailed questionnaire the Compliance team analyzed objective risks, mainly in the areas of antitrust law and corruption prevention, and the degree of implementation of the compliance program at the Group companies. In a second step, workshops were held at over 100 Group companies, in which measures were developed to address and reduce the risks identified.
An additional element in the identification of compliance risks is our whistleblowing system. Alongside the options of directly contacting a supervisor or the compliance department, this provides employees with a further channel for reporting possible infringements of laws or policies without revealing their identity.
Report & Act
The third pillar, “Report & Act”, encompasses intensive compliance reporting in all three dimensions of our organizational matrix. In the event of proven antitrust law infringements or corruption, our “zero tolerance” policy applies: Sanctions are systematically imposed on the employees concerned.