IATF 16949:2016 Clause 5.1.1.1 Corporate responsibility

Audio version of the article

It’s been over a year since Volkswagen was caught cheating on EPA tests, but the effects of that scandal are still reverberating throughout the automotive industry. The IATF 16949 standard has been revised by the International Automotive Task Force (IATF) based on industry feedback and engagement. This is the first time that ethics language has been included in an automotive quality standard. It’s significant because it gives us an opportunity to verify where the supply base stands on several core ethics policies. The new IATF 16949 standard states that certified organizations must implement basic corporate responsibility policies, such as anti-bribery policies, an employee code of conduct, and an ethics escalation (whistle-blower) policy. Nine North American and European OEMs and five national automotive supplier associations have agreed to include corporate responsibility requirements in the new quality standard. The language is basic, but it clearly requires automotive sites worldwide to provide documentation that they have established an employee behavioral expectation code, implemented a formal process to report code violations, and published an anti-bribery policy. There are no incremental costs to suppliers or OEMs to capture this corporate responsibility data. By late 2018, more than 65,000 supplier sites that are certified to the new standard—primarily Tier One and Tier Two direct-part manufacturers—must be physically audited and re-certified by an approved IATF third-party certification body. Non-compliance could result in the suspension of a supplier’s quality certification and limitations to accessing new business opportunities. Fortunately, the Automotive Industry Action Group (AIAG), which oversees the creation of these global standards, is offering a free knowledge assessment tool so that industry professionals can identify gaps in their understanding of the Group’s Global Guidance Principles and address them before being audited.

IATF 16949:2016  5.1.1.1 Corporate responsibility

The organization is required to  define and implement corporate responsibility policies, including at a minimum an anti-bribery policy, an employee code of conduct, and an ethics escalation policy i.e. whisfle-blowing policy

Explanation:

To be successful today, the automotive industry and its supply chain partners must contend with heightened expectations from a range of stakeholders on complex corporate responsibility issues:
• A plethora of governmental regulations affect the use and management of chemicals in the production process. The organization must keep abreast of existing and emerging regulations on the use and management of chemicals in the production process and provide an assessment of their impact.
• A growing number of regions, countries, and non-governmental organizations throughout the world require companies to report greenhouse gas emissions, which also factor into financial firms’ assessments, stockholder decisions, and customer perceptions. This is an important first step in environmental sustainability. OEMs and suppliers are required to calculate and report emissions from the supply base in a consistent and accurate manner and creating cost savings for the organization. The lessons learned and processes implemented for GHGs will set a foundation for other elements of environmental sustainability (i.e., water, wastes).
• The increased globalization of automotive production makes understanding and managing the impact of working conditions on business a greater challenge. Understanding and managing the impacts of the working conditions of business has become a greater challenge with the increased globalization of automotive production, and developing responsible working conditions begins with having a shared understanding of the key issues(child labor, forced labor, freedom of association, harassment and discrimination, health and safety, wages and benefits, and working hours.) up and down the supply chain.

1. Business Ethics
   The basis for sustainable and successful business activity is to have integrity and transparent business practices. Companies are expected to operate honestly and equitably throughout the supply chain in accordance with local law, including those laws pertaining to:
   • Anti-Corruption
   • Anti-competitive Business Practices
   • Protection of Intellectual Property
   • Respect for Company and Personal Data
   • Export Controls
   • Conflicts of Interest
2. Environmental Standards
   Companies are expected to pursue effective environmental protection throughout the supply chain in order to reduce the environmental footprint of our products throughout their life-cycle. All products manufactured within the supply chain and the applied materials and substances used in the process are expected to meet environmental standards for design, development, distribution, use, disposal, or recycling. Such a comprehensive approach includes but is not limited to:
   • Reducing energy and water consumption
   • Reducing greenhouse gas emissions
   • Increasing use of renewable energies
   • Enhancing appropriate waste management
   • Training of employees
   Businesses are expected to support a proactive approach to environmental challenges and encourage the development and diffusion of environmentally friendly technologies.
3. Working Conditions and Human Rights
   1. Child Labor and Young Workers
      Child labor should not be tolerated and the age of employment must be in accordance with local labor law.
   2. Wages and Benefits
      Compensation and benefits should be competitive and comply with applicable local laws, including those relating to minimum wages, overtime compensation, and legally mandated benefits.
   3. Working Hours
      Working hours, including overtime, should comply with applicable local laws regulating hours of work.
   4. Forced Labor
      Any form of forced or compulsory labor, including human trafficking, should not be tolerated.
   5. Freedom of Association
      Workers should be able to communicate openly with management regarding working conditions without fear of reprisal, intimidation, or harassment. Workers should have the right to associate freely, to join or not join labor unions, seek representation, and join workers’ councils in accordance with local laws.
   6. Health and Safety
      Workers should have a safe and healthy working environment that meets or exceeds applicable standards for safety and occupational health.
   7. Harassment and Discrimination
      Harassment or discrimination against employees in any form is not acceptable.

Anti Bribery Policy

Ethical business practices are not only necessary for preserving reputability and improving business overall, but also for adhering to the law. Conducting bribery or corrupt activities won’t just get you a slap on the wrist; you could be heavily fined or potentially put behind bars. Bribery includes the act of offering, giving, promising, asking, agreeing, receiving, or soliciting something of value for the purpose of influencing action. But being involved in bribery is not just limited to the act of offering a bribe: if you are on the receiving end and accept it, you are also breaking the law.  Anti Bribery  Policies should aim to:

• Demonstrate its understanding of anti-bribery law.
• Emphasise that the company has zero-tolerance for bribery.
• Detail whom the policy applies to.
• Detail the company and employees’ responsibilities.
• Reduce and control bribery risks.
• Provide rules about accepting gifts.
• Provide guidance on how business should be conducted so to prevent bribery.
• Provide direction on how to avoid conflicts of interest.
• Include information about monitoring and reviewing the policy.
• An anti-bribery policy demonstrates a company’s commitment to preventing bribery and corrupt activities, and all staff should be instructed to familiarise themselves with the information it contains.

Having this policy in place ensures that everyone knows what to do in regards to preventing bribery, which minimizes the risks of bribery and corruption occurring in your business and therefore protects your company from facing any issues with the law.

Six Principles to prevent Bribery in the organization

The Organization having Anti- Bribery policy in place and wishing to prevent bribery from being committed on their behalf should follow the following Six principles.  Commentary and guidance on what procedures the application of the principles may produce accompany each principle. These principles are not prescriptive. They are intended to be flexible and outcome focussed, allowing for the huge variety of circumstances that organizations find themselves in. Small organizations will, for example, face different challenges to those faced by large multi-national enterprises. Accordingly, the detail of how organizations might apply these principles, taken as a whole, will vary, but the outcome should always be robust and effective anti-bribery procedures. To set out in more detail below, bribery prevention procedures should be proportionate to risk.

Principle 1: Proportionate procedures

An Organisation’s procedures to prevent bribery by persons associated with it are proportionate to the bribery risks it faces and to the nature, scale, and complexity of the organization’s activities. They are also clear, practical, accessible, effectively implemented, and enforced.
Commentary
The term ‘procedures’ is used to embrace both bribery prevention policies and the procedures which implement them. Policies articulate the organization’s anti-bribery stance, show how it will be maintained, and help to create an anti-bribery culture. They are therefore a necessary measure in the prevention of bribery, but they will not achieve that objective unless they are properly implemented. Adequate bribery prevention procedures ought to be proportionate to the bribery risks that the organization faces. An initial assessment of risk across the organization is therefore a necessary first step. To a certain extent, the level of risk will be linked to the size of the organization and the nature and complexity of its business, but size will not be the only determining factor. Some small organizations can face quite significant risks and will need more extensive procedures than their counterparts facing limited risks. However, small organizations are unlikely to need procedures that are as extensive as those of a large multi-national organization. For example, a very small business may be able to rely heavily on periodic oral briefings to communicate its policies while a large one may need to rely on extensive written communication. The level of risk that organizations face will also vary with the type and nature of the persons associated with it. For example, an organization that properly assesses that there is no risk of bribery on the part of one of its associated persons will accordingly require nothing in the way of procedures to prevent bribery in the context of that relationship. By the same token, the bribery risks associated with reliance on a third party agent representing a commercial organization in negotiations with foreign public officials may be assessed as significant and accordingly require much more in the way of procedures to mitigate those risks. Organizations are likely to need to select procedures to cover a broad range of risks but any consideration by a court in an individual case of the adequacy of procedures is likely necessary to focus on those procedures designed to prevent bribery on the part of the associated person committing the offence in question. Bribery prevention procedures may be stand-alone or form part of wider guidance, for example on recruitment or on managing a tender process in public procurement. Whatever the chosen model, the procedures should seek to ensure there is a practical and realistic means of achieving the organization’s stated anti-bribery policy objectives across all of the organization’s functions. Applying these procedures retrospectively to existing associated persons is more difficult, but this should be done over time, adopting a risk-based approach and with due allowance for what is practicable and the level of control over existing arrangements.

Procedures
Organizations’ bribery prevention policies are likely to include certain common elements. As an indicative and not exhaustive list, an organization may wish to cover in its policies

• its commitment to bribery prevention
• its general approach to mitigation of specific bribery risks, such as those arising from the conduct of intermediaries and agents, or those associated with hospitality and promotional expenditure, facilitation payments, or political and charitable donations or contributions;
• an overview of its strategy to implement its bribery prevention policies.

The procedures put in place to implement an organization’s bribery prevention policies should be designed to mitigate identified risks as well as to prevent deliberate unethical conduct on the part of associated persons. The following is an indicative and not exhaustive list of the topics that bribery prevention procedures might embrace depending on the particular risks faced:

• The involvement of the organization’s top-level management.
• Risk assessment procedures
•  Due diligence of existing or prospective associated persons
• The provision of gifts, hospitality, and promotional expenditure; charitable and political donations; or demands for facilitation payments.
• Direct and indirect employment, including recruitment, terms, and conditions, disciplinary action, and remuneration.
• Governance of business relationships with all other associated persons including pre and post-contractual agreements
• Financial and commercial controls such as adequate bookkeeping, auditing, and approval of expenditure
• Transparency of transactions and disclosure of information.
• Decision makings, such as delegation of authority procedures, separation of functions, and the avoidance of conflicts of interest
• Enforcement, detailing discipline processes and sanctions for breaches of the organization’s anti-bribery rules.
• The reporting of bribery including ‘speak up’ or ‘whistle blowing’ procedures
• The detail of the process by which the organization plans to implement its bribery prevention procedures, for example, how its policy will be applied to individual projects and to different parts of the organization.
• The communication of the organization’s policies and procedures, and training in their application
• The monitoring, review, and evaluation of bribery prevention procedures

Principle 2: Top-level commitment

The top-level management (be it a board of directors, the owners, or any other equivalent body or person) are committed to preventing bribery by persons associated with it. They foster a culture within the organization in which bribery is never acceptable.

Commentary
Those at the top of an organization are in the best position to foster a culture of integrity where bribery is unacceptable. The purpose of this principle is to encourage the involvement of top-level management in the determination of bribery prevention procedures. It is also to encourage top-level involvement in any key decision-making relating to bribery risk where that is appropriate for the organization’s management structure.
Procedures
Whatever the size, structure, or market of a commercial organization, top-level management commitment to bribery prevention is likely to include (1) communication of the organization’s anti-bribery stance, and (2) an appropriate degree of involvement in developing bribery prevention procedures.

Internal and external communication of the commitment to zero tolerance to bribery. This could take a variety of forms. A formal statement appropriately communicated can be very effective in establishing an anti-bribery culture within an organization. Communication might be tailored to different audiences. The statement would probably need to be drawn to people’s attention on a periodic basis and could be generally available, for example on an organization’s intranet and/or internet site. Effective formal statements that demonstrate top-level commitment are likely to include:

• a commitment to carry out business fairly, honestly, and openly
• a commitment to zero tolerance towards bribery• the consequences of breaching the policy for employees and managers
• for other associated persons the consequences of breaching contractual provisions relating to bribery prevention (this could include a reference to avoiding doing business with others who do not commit to doing business without bribery as a ‘best practice’ objective
• articulation of the business benefits of rejecting bribery (reputational, customer, and business partner confidence)
• reference to the range of bribery prevention procedures the commercial organization has or is putting in place, including any protection and procedures for confidential reporting of bribery (whistle-blowing)
• key individuals and departments involved in the development and implementation of the organization’s bribery prevention procedures
• reference to the organization’s involvement in any collective action against bribery in, for example, the same business sector.

Top-level involvement in bribery prevention
Effective leadership in bribery prevention will take a variety of forms appropriate for and proportionate to the organization’s size, management structure, and circumstances. In smaller organizations, a proportionate response may require top-level managers to be personally involved in initiating, developing, and implementing bribery prevention procedures and bribery critical decision making. In a large multi-national organization the board should be responsible for setting bribery prevention policies, tasking management to design, operate, and monitor bribery prevention procedures, and keeping these policies and procedures under regular review. But whatever the appropriate model, top-level engagement is likely to reflect the following elements:

• Selection and training of senior managers to lead anti-bribery work where appropriate.
• Leadership on key measures such as a code of conduct.
• Endorsement of all bribery prevention-related publications.
• Leadership in awareness-raising and encouraging transparent dialogue throughout the organization so as to seek to ensure effective dissemination of anti-bribery policies and procedures to employees, subsidiaries, and associated persons, etc.
• Engagement with relevant associated persons and external bodies, such as sectoral organizations and the media, to help articulate the organization’s policies.
• Specific involvement in high profile and critical decision making where appropriate
• Assurance of risk assessment.
• General oversight of breaches of procedures and the provision of feedback to the board or equivalent, where appropriate, on levels of compliance.

Principle 3: Risk Assessment

The commercial organization assesses the nature and extent of its exposure to potential external and internal risks of bribery on its behalf by persons associated with it. The assessment is periodic, informed, and documented.

Commentary

For organizations, this principle will manifest itself as part of a general risk assessment carried out in clause 4 in relation to business objectives.  The purpose of this principle is to promote the adoption of risk assessment procedures that are proportionate to the organization’s size and structure and to the nature, scale, and location of its activities. But whatever approach has adopted the fuller the understanding of the bribery risks an organization faces the more effective its efforts to prevent bribery are likely to be. Some aspects of risk assessment involve procedures that fall within the generally accepted meaning of the term ‘due diligence.

Procedures

Risk assessment procedures that enable the organization accurately to identify and prioritize the risks it faces will, whatever its size, activities, customers, or markets, usually reflect a few basic characteristics. These are

• Oversight of the risk assessment by top-level management.
• Appropriate resourcing – this should reflect the scale of the organization’s business and the need to identify and prioritize all relevant risks
• Identification of the internal and external information sources that will enable risk to be assessed and reviewed.
• Due diligence inquiries
• Accurate and appropriate documentation of the risk assessment and its conclusions.

As a commercial organization’s business evolves, so will the bribery risks it faces and hence so should its risk assessment. For example, the risk assessment that applies to an organization’s domestic operations might not apply when it enters a new market in a part of the world in which it has not done business before

Commonly encountered risks

Commonly encountered external risks can be categorized into five broad groups – country, sectoral, transaction, business opportunity, and business partnership:

1. Country risk: this is evidenced by perceived high levels of corruption, an absence of effectively implemented anti-bribery legislation, and a failure of the foreign government, media, local business community, and civil society effectively to promote transparent procurement and investment policies.
2. Sectoral risk: some sectors are at higher risk than others. Higher-risk sectors include the extractive industries and the large-scale infrastructure sector.
3. Transaction risk: certain types of transactions give rise to higher risks, for example, charitable or political contributions, licenses and permits, and transactions relating to public procurement.
4.  Business opportunity risk: such risks might arise in high-value projects or with projects involving many contractors or intermediaries; or with projects which are not apparently undertaken at market prices, or which do not have a clear legitimate objective.
5. Business partnership risk: certain relationships may involve higher risk, for example, the use of intermediaries in transactions with foreign public officials; consortia or joint venture partners; and relationships with politically exposed persons where the proposed business relationship involves, or is linked to, a prominent public official.

 An assessment of external bribery risks is intended to help decide how those risks can be mitigated by procedures governing the relevant operations or business relationships, but a bribery risk assessment should also examine the extent to which internal structures or procedures may themselves add to the level of risk. Commonly encountered internal factors may include

• deficiencies in employee training, skills, and knowledge
• bonus culture that rewards excessive risk-taking
•  lack of clarity in the organization’s policies on, and procedures for, hospitality and promotional expenditure, and political or charitable contributions
• lack of clear financial controls
• lack of a clear anti-bribery message from the top-level management.

Principle 4: Due diligence

The organization applies due diligence procedures, taking a proportionate and risk-based approach, in respect of persons who perform or will perform services for or on behalf of the organization, in order to mitigate identified bribery risks.

Commentary

Due diligence is firmly established as an element of corporate good governance and it is envisaged that due diligence related to bribery prevention will often form part of a wider due diligence framework. Due diligence procedures are both a form of bribery risk assessment and a means of mitigating risk. By way of illustration, an organization may identify risks that as a general proposition attach to doing business in reliance upon local third-party intermediaries. Due diligence of specific prospective third-party intermediaries could significantly mitigate these risks. The significance of the role of due diligence in bribery risk mitigation justifies its inclusion here as a Principle in its own right. The purpose of this Principle is to encourage organizations to put in place due diligence procedures that adequately inform the application of proportionate measures designed to prevent persons associated with them from bribing on their behalf.

Procedures

As this guidance emphasizes throughout, due diligence procedures should be proportionate to the identified risk. They can also be undertaken internally or by external consultants. A person ‘associated with an organization includes any person performing services for a commercial organization. The scope of this definition is broad and can embrace a wide range of business relationships. But the appropriate level of due diligence to prevent bribery will vary enormously depending on the risks arising from the particular relationship. So, for example, the appropriate level of due diligence required by an organization when contracting for the performance of information technology services may be low, to reflect low risks of bribery on its behalf. In contrast, an organization that is selecting an intermediary to assist in establishing a business in foreign markets will typically require a much higher level of due diligence to mitigate the risks of bribery on its behalf. Organizations will need to take considerable care in entering into certain business relationships, due to the particular circumstances in which the relationships come into existence. An example is where local law or convention dictates the use of local agents in circumstances where it may be difficult for an organization to extricate itself from a business relationship once established. The importance of thorough due diligence and risk mitigation prior to any commitment is paramount in such circumstances. Another relationship that carries particularly important due diligence implications is a merger of organizations or an acquisition of one by another. ‘Due diligence’  should be conducted using a risk-based approach. For example, in lower-risk situations, organizations may decide that there is no need to conduct much in the way of due diligence. In higher-risk situations, due diligence may include conducting direct interrogative inquiries, indirect investigations, or general research on proposed associated persons. Appraisal and continued monitoring of recruited or engaged ‘associated’ persons may also be required, proportionate to the identified risks. Generally, more information is likely to be required from prospective and existing associated persons that are incorporated (e.g. companies) than from individuals. This is because on a basic level more individuals are likely to be involved in the performance of services by a company and the exact nature of the roles of such individuals or other connected bodies may not be immediately obvious. Accordingly, due diligence may involve direct requests for details on the background, expertise, and business experience, of relevant individuals. This information can then be verified through research and the following up of references, etc. An organization’s employees are presumed to be persons associated with the organization for the purposes of the Bribery Act. The organization may wish, therefore, to incorporate in its recruitment and human resources procedures an appropriate level of due diligence to mitigate the risks of bribery being undertaken by employees which are proportionate to the risk associated with the post in question. Due diligence is unlikely to be needed in relation to lower-risk posts.

Principle 5: Communication (including training)

The organization seeks to ensure that its bribery prevention policies and procedures are embedded and understood throughout the organization through internal and external communication, including training, that is proportionate to the risks it faces.

Commentary

Communication and training deter bribery by associated persons by enhancing awareness and understanding of a commercial organization’s procedures and to the organization’s commitment to their proper application. Making information available assists in more effective monitoring, evaluation, and review of bribery prevention procedures. Training provides the knowledge and skills needed to employ the organization’s procedures and deal with any bribery-related problems or issues that may arise.

Procedures for Communication

1. The content, language, and tone of communications for internal consumption may vary from that for external use in response to the different relationship the audience has with the commercial organization. The nature of communication will vary enormously between commercial organizations in accordance with the different bribery risks faced, the size of the organization, and the scale and nature of its activities.
2. Internal communications should convey the ‘tone from the top’ but are also likely to focus on the implementation of the organization’s policies and procedures and the implications for employees. Such communication includes policies on particular areas such as decision making, financial control, hospitality, and promotional expenditure, facilitation payments, training, charitable and political donations and penalties for breach of rules, and the articulation of management roles at different levels. Another important aspect of internal communications is the establishment of a secure, confidential, and accessible means for internal or external parties to raise concerns about bribery on the part of associated persons, to provide suggestions for improvement of bribery prevention procedures and controls, and for requesting advice. These so-called ‘speak up’ procedures can amount to a very helpful management tool for commercial organizations with diverse operations that may be in many countries. If these procedures are to be effective there must be adequate protection for those reporting concerns.
3.  External communication of bribery prevention policies through a statement or codes of conduct, for example, can reassure existing and prospective associated persons and can act as a deterrent to those intending to bribe on a commercial organization’s behalf. Such communications can include information on bribery prevention procedures and controls, sanctions, results of internal surveys, rules governing recruitment, procurement, and tendering. An organization may consider it proportionate and appropriate to communicate its anti-bribery policies and commitment to them to a wider audience, such as other organizations in its sector and to sectoral organizations that would fall outside the scope of the range of its associated persons, or to the general public.

Procedure for Training

Like all procedures training should be proportionate to risk but some training is likely to be effective in firmly establishing an anti-bribery culture whatever the level of risk. Training may take the form of education and awareness-raising about the threats posed by bribery in general and in the sector or areas in which the organization operates in particular, and the various ways it is being addressed. General training could be mandatory for new employees or for agents (on a weighted risk basis) as part of an induction process, but it should also be tailored to the specific risks associated with specific posts. Consideration should also be given to tailoring training to the special needs of those involved in any ‘speak up’ procedures, and higher risk functions such as purchasing, contracting, distribution and marketing, and working in high-risk countries. Effective training is continuous, and regularly monitored and evaluated. It may be appropriate to require associated persons to undergo training. This will be particularly relevant for high-risk associated persons. In any event, organizations may wish to encourage associated persons to adopt bribery prevention training. Nowadays there are many different training formats available in addition to the traditional classroom or seminar formats, such as e-learning and other web-based tools. But whatever the format, the training ought to achieve its objective of ensuring that those participating in it develop a firm understanding of what the relevant policies and procedures mean in practice for them.

Principle 6: Monitoring and review

The organization monitors and reviews procedures designed to prevent bribery by persons associated with it and makes improvements where necessary.

Commentary

The bribery risks that the organization faces may change over time, as may the nature and scale of its activities, so the procedures required to mitigate those risks are also likely to change. Organizations will therefore wish to consider how to monitor and evaluate the effectiveness of their bribery prevention procedures and adapt them where necessary. In addition to regular monitoring, an organization might want to review its processes in response to other stimuli, for example, governmental changes in countries in which they operate, an incident of bribery, or negative press reports.

Procedures

There is a wide range of internal and external review mechanisms that organizations could consider using. Systems set up to deter, detect and investigate bribery, and monitor the ethical quality of transactions, such as internal financial control mechanisms, will help provide insight into the effectiveness of procedures designed to prevent bribery. Staff surveys, questionnaires, and feedback from training can also provide an important source of information on the effectiveness and a means by which employees and other associated persons can inform the continuing improvement of anti-bribery policies. Organizations could also consider formal periodic reviews and reports for top-level management. Organizations could also draw on information on other organizations’ practices, for example, relevant trade bodies or regulators might highlight examples of good or bad practices in their publications. In addition, organizations might wish to consider seeking some form of external verification or assurance of the effectiveness of anti-bribery procedures. Some organizations may be able to apply for certified compliance with one of the independently-verified anti-bribery standards maintained by industrial sector associations or multilateral bodies. However, such certification may not necessarily mean that a commercial organization’s bribery prevention procedures are ‘adequate’ for all purposes where an offense under section 7 of the Bribery Act could be charged.

Example of Template of Anti Bribery policy

1. What does your policy cover?

1.1 This anti-bribery policy exists to set out the responsibilities o[f [COMPANY Name] and those who work for us in regards to observing and upholding our zero-tolerance position on bribery and corruption.
1.2 It also exists to act as a source of information and guidance for those working for [COMPANY NAME] . It helps them recognise and deal with bribery and corruption issues, as well as understand their responsibilities.

2. Policy statement

2.1 [COMPANY NAME] is committed to conducting business in an ethical and honest manner and is committed to implementing and enforcing systems that ensure bribery is prevented. [COMPANY NAME] has zero-tolerance for bribery and corrupt activities. We are committed to acting professionally, fairly, and with integrity in all business dealings and relationships, wherever in the country we operate.
2.2 [COMPANY NAME] will constantly uphold all laws relating to anti-bribery and corruption in all the jurisdictions in which we operate. We are bound by the laws of India, including the Prevention of Corruption Act 1988, in regards to our conduct both at home and abroad.
2.3 [COMPANY NAME] recognizes that bribery and corruption are punishable by imprisonment and a fine. If our company is discovered to have taken part in corrupt activities, we may be subjected to a fine, be excluded from tendering for public contracts, and face serious damage to our reputation. It is with this in mind that we commit to preventing bribery and corruption in our business and take our legal responsibilities seriously.

3. Who is covered by the policy?

3.1 This anti-bribery policy applies to all employees (whether temporary, fixed-term, or permanent), consultants, contractors, trainees, seconded staff, home workers, casual workers, agency staff, volunteers, interns, agents, sponsors, or any other person or persons associated with us (including third parties), or any of our subsidiaries or their employees, no matter where they are located (within or outside of India). The policy also applies to Officers, Trustees, Board, and/or Committee members at any level.
3.2 In the context of this policy, third-party refers to any individual or organization our company meets and works with. It refers to actual and potential clients, customers, suppliers, distributors, business contacts, agents, advisers, and government and public bodies – this includes their advisors, representatives and officials, politicians, and public parties.
3.3 Any arrangements our company makes with a third party are subject to clear contractual terms, including specific provisions that require the third party to comply with minimum standards and procedures relating to anti-bribery and corruption.

4. Definition of bribery

4.1 Bribery refers to the act of offering, giving, promising, asking, agreeing, receiving, accepting, or soliciting something of value or of an advantage so as to induce or influence an action or decision.
4.2 A bribe refers to any inducement, reward, or object/item of value offered to another individual in order to gain commercial, contractual, regulatory, or personal advantage.
4.3 Bribery is not limited to the act of offering a bribe. If an individual is on the receiving end of a bribe and they accept it, they are also breaking the law.
4.4 Bribery is illegal. Employees must not engage in any form of bribery, whether it be directly, passively (as described above), or through a third party (such as an agent or distributor). They must not bribe a foreign public official anywhere in the world. They must not accept bribes to any degree and if they are uncertain about whether something is a bribe or a gift or act of hospitality, they must seek further advice from the company’s compliance manager.

5. What is and what is NOT acceptable

5.1 This section of the policy refers to the following areas:
• Gifts and hospitality.
• Facilitation payments.
• Political contributions.
• Charitable contributions.
5.2 Gifts and hospitality
[COMPANY NAME] accepts normal and appropriate gestures of hospitality and goodwill (whether given to/received from third parties) so long as the giving or receiving of gifts meets the following requirements:
a. It is not made with the intention of influencing the party to whom it is being given, to obtain or reward the retention of a business or a business advantage, or as an explicit or implicit exchange for favors or benefits.
b. It is not made with the suggestion that a return favor is expected.
c. It is in compliance with local law.
d. It is given in the name of the company, not in an individual’s name.
e. It does not include cash or a cash equivalent (e.g. a voucher or gift certificate).
f. It is appropriate for the circumstances (e.g. giving small gifts around Dipawali / Christmas or as a small thank you to a company for helping with a large project upon completion).
g. It is of an appropriate type and value and given at an appropriate time, taking into account the reason for the gift.
h. It is given/received openly, not secretly.
i. It is not selectively given to a key, influential person, clearly with the intention of directly influencing them.
j. It is not above a certain excessive value, as pre-determined by the company’s compliance manager (usually in excess of Rs1000).
k. It is not offered to, or accepted from, a government official or representative or politician or political party, without the prior approval of the company’s compliance manager.
5.3 Where it is inappropriate to decline the offer of a gift (i.e. when meeting with an individual of a certain religion/culture who may take offense), the gift may be accepted so long as it is declared to the compliance manager, who will assess the circumstances.
5.4 [COMPANY NAME] recognizes that the practice of giving and receiving business gifts varies between countries, regions, cultures, and religions, so definitions of what is acceptable and not acceptable will inevitably differ for each.
5.5 As good practice, gifts that are given and received should always be disclosed to the compliance manager. Gifts from suppliers should always be disclosed.
5.6 The intention behind a gift being given/received should always be considered. If there is any uncertainty, the advice of the compliance manager should be sought.
5.7 Facilitation Payments and Kickbacks
[COMPANY NAME] does not accept and will not make any form of facilitation payments of any nature. We recognize that facilitation payments are a form of bribery that involves expediting or facilitating the performance of a public official for a routine governmental action. We recognize that they tend to be made by low-level officials with the intention of securing or speeding up the performance of a certain duty or action.
5.8 [COMPANY NAME] does not allow kickbacks to be made or accepted. We recognize that kickbacks are typically made in exchange for a business favor or advantage.
5.9 [COMPANY NAME] recognizes that, despite our strict policy on facilitation payments and kickbacks, employees may face a situation where avoiding a facilitation payment or kickback may put their/their family’s personal security at risk. Under these circumstances, the following steps must be taken:
a. Keep any amount to the minimum.
b. Ask for a receipt, detailing the amount and reason for the payment.
c. Create a record concerning the payment.
d. Report this incident to your line manager.
5.10 Political Contributions
[COMPANY NAME] will not make donations, whether in cash, kind, or by any other means, to support any political parties or candidates. We recognize this may be perceived as an attempt to gain an improper business advantage.
5.11 Charitable Contributions
[COMPANY NAME] accepts (and indeed encourages) the act of donating to charities – whether through services, knowledge, time, or direct financial contributions (cash or otherwise) – and agrees to disclose all charitable contributions it makes.
5.12 Employees must be careful to ensure that charitable contributions are not used to facilitate and conceal acts of bribery.
5.13 We will ensure that all charitable donations made are legal and ethical under local laws and practices and that donations are not offered/made without the approval of the compliance manager.

6. Employee Responsibilities

6.1 As an employee of [COMPANY NAME], you must ensure that you read, understand, and comply with the information contained within this policy, and with any training or other anti-bribery and corruption information you are given.
6.2 All employees and those under our control are equally responsible for the prevention, detection, and reporting of bribery and other forms of corruption. They are required to avoid any activities that could lead to, or imply, a breach of this anti-bribery policy.
6.3 If you have reason to believe or suspect that an instance of bribery or corruption has occurred or will occur in the future that breaches this policy, you must notify the compliance manager.
6.4 If any employee breaches this policy, they will face disciplinary action and could face dismissal for gross misconduct. [COMPANY NAME] has the right to terminate a contractual relationship with an employee if they breach this anti-bribery policy.

7. What happens if I need to raise a concern?

7.1 This section of the policy covers 3 areas:
a. How to raise a concern.
b. What to do if you are a victim of bribery or corruption.
c. Protection.
7.2 How to raise a concern
If you suspect that there is an instance of bribery or corrupt activities occurring in relation to [COMPANY NAME], you are encouraged to raise your concerns at as early a stage as possible. If you’re uncertain about whether a certain action or behavior can be considered bribery or corruption, you should speak to your line manager, the compliance manager, the director, or the Head of Governance and Legal.
7.3 [COMPANY NAME] will familiarise all employees with its whistleblowing procedures so employees can vocalize their concerns swiftly and confidentially.
7.4 What to do if you are a victim of bribery or corruption
You must tell your compliance manager as soon as possible if you are offered a bribe by anyone if you are asked to make one, if you suspect that you may be bribed or asked to make a bribe in the near future, or if you have reason to believe that you are a victim of
another corrupt activity.
7.5 Protection
If you refuse to accept or offer a bribe or you report a concern relating to potential act(s) of bribery or corruption, [COMPANY NAME] understands that you may feel worried about potential repercussions. [COMPANY NAME] will support anyone who raises concerns in good faith under this policy, even if the investigation finds that they were mistaken.
7.6 [COMPANY NAME] will ensure that no one suffers any detrimental treatment as a result of refusing to accept or offer a bribe or other corrupt activities or because they reported a concern relating to potential act(s) of bribery or corruption.
7.7 Detrimental treatment refers to dismissal, disciplinary action, treats, or unfavorable treatment in relation to the concern the individual raised.
7.8 If you have reason to believe you’ve been subjected to unjust treatment as a result of a concern or refusal to accept a bribe, you should inform your line manager or the compliance manager immediately.

8. Training and communication

8.1 [COMPANY NAME] will provide training on this policy as part of the induction process for all new employees. Employees will also receive regular, relevant training on how to adhere to this policy, and will be asked annually to formally accept that they will comply
with this policy.
8.2 [COMPANY NAME] ’s anti-bribery and corruption policy and zero-tolerance attitude will be clearly communicated to all suppliers, contractors, business partners, and any third-parties at the outset of business relations, and as appropriate thereafter.
8.3 [COMPANY NAME] will provide relevant anti-bribery and corruption training to employees etc. where we feel their knowledge of how to comply with the Prevention of Corruption Act 1988 needs to be enhanced. As a good practice, all businesses should provide their employees with anti-bribery training where there is a potential risk of facing bribery or corruption during work activities.

9. Record keeping

9.1 [COMPANY NAME] will keep detailed and accurate financial records and will have appropriate internal controls in place to act as evidence for all payments made. We will declare and keep a written record of the amount and reason for hospitality or gifts accepted and given, and understand that gifts and acts of hospitality are subject to managerial review.

10. Monitoring and reviewing

10.1 [COMPANY NAME] ’s compliance manager is responsible for monitoring the effectiveness of this policy and will review the implementation of it on a regular basis. They will assess its suitability, adequacy, and effectiveness.
10.2 Internal control systems and procedures designed to prevent bribery and corruption are subject to regular audits to ensure that they are effective in practice.
10.3 Any need for improvements will be applied as soon as possible. Employees are encouraged to offer their feedback on this policy if they have any suggestions for how it may be improved. Feedback of this nature should be addressed to the compliance manager.
10.4 This policy does not form part of an employee’s contract of employment and [COMPANY NAME] may amend it at any time so to improve its effectiveness at combating bribery and corruption.

—————————End of example————————————— 

Employee’s Code of Conduct

A code of conduct is a set of rules outlining the social norms and religious rules and responsibilities of, or proper practices for, an individual, party, or organization and can be defined as “Principles, values, standards, or rules of behavior that guide the decisions, procedures, and systems of an organization in a way that (a) contributes to the welfare of its key stakeholders, and (b) respects the rights of all constituents affected by its operations.“

A common code of conduct is written for employees of a company, which protects the business and informs the employees of the company’s expectations. It is ideal for even the smallest of companies to form a document containing important information on expectations for employees. The document does not need to be complex or have elaborate policies, but the file needs a simple basis of what the company expects from each employee. A Code of Conduct can be an important step in establishing an inclusive culture, but it is not a comprehensive solution on its own. An ethical culture is created by the organization’s leaders who manifest their ethics in their attitudes and behavior.] Studies of codes of conduct in the private sector show that their effective implementation must be part of a learning process that requires training, consistent enforcement, and continuous measurement/improvement. Simply requiring members to read the code is not enough to ensure that they understand it and will remember its contents. The proof of effectiveness is when employees/members feel comfortable enough to voice concerns and believe that the organization will respond with the appropriate action. There is no standard code of ethics, and broad guidelines are given which can be adapted according to the organizational culture and business requirement. Each organization’s Ethics & Compliance department is required to prepare a written Code of Conduct and implement the same within the organization. The main step has been mentioned with a brief narration and key activities required:

1.  Mandate & commitment from top management: The Code of Conduct defines the core values of the organization thus impacting the organization’s culture. It also has an impact on the reputation of the organization as it specifies the organization’s stance towards corporate social responsibility. The involvement of senior management is a must to provide direction, funding, and resources. Obtain a formal commitment from the management and board of directors to establish the Code of Conduct. Approval for budgets for development, implementation, and regular monitoring is required. Approval for staffing the department and establishing the reporting lines is a need.
2. Preparation of the policy document: The main policy document contains the values of the organization, management commitment to the same, details of the ethics program, and the monitoring process. Additionally, all supporting policies are mentioned. For example, if the code specifies fair and just treatment for employees, there should be additional policies relating to workplace aggression, diversity, sexual harassment, equal opportunity, etc. The core areas for the policy document needs to be identified. The main policy document needs to be supported by additional policies to ensure proper coverage and implementation. Benchmark the policy document with other organizations’ policy documents. Incorporate the legal requirements for the policy document.
3. Approval of draft policy document: After completion of the policy document and supplementary policies the same should be approved by the senior management. The draft policy document needs to be formally approved by the top management, audit committee, and board of directors. Obtain feedback from business users to determine if they are going to face any practical difficulties in implementing it.
4. Develop an implementation strategy: An implementation strategy is critical for the success of the program. A project plan should be developed along with the implementation strategy. The involvement of the Human Resources department is a must at this stage as they will be responsible for deploying training, incorporating the code of conduct in the appointment letters, establishing the reward system for maintaining ethics, and also the reasons for terminating employees on grounds of unethical behavior. The implementation process will require:
   • Department structure and staff requirements of the Ethics office.
   • Selection of vendors for hotline and web systems implementation in case it is not being done in-house.
   • Reward and recognition system to be established by HR.
   • Ethical values should ideally be incorporated in the balanced scorecard of the employee.
   • Training deployment strategy including the trainers, schedules, material, and evaluation system.
   • Investigation and reporting procedures for minor and major deviances
5. Training & Awareness: Communication is the key to a successful implementation of the Code of Conduct. Various methods and sources of training should be deployed simultaneously to train the staff and external stakeholders. A training calendar should be published for rolling out the training. Explore the following ideas for building awareness and training resources:
   • Prepare classroom training material for educating the staff on the detailed policies.
   • Develop a web-based training program that includes ethical tests, case studies, and business scenarios.
   • Publish relevant cases of ethical dilemmas on the intranet
   • Provide training to existing staff and incorporate the same in induction training for the new staff.
   • Publish the relevant policies on the web for external stakeholders like suppliers, etc.
   • Issue checklists for determining how to make decisions while facing ethical dilemmas.
6. Implementing the required hotlines and software to monitor complaints: The organization has an option to develop a web-based reporting tool internally or outsource it. Whichever the case may be, the final contact details and services should be published throughout the organization to enable staff to report complaints and discuss cases when they are facing ethical dilemmas. Undertake the following two steps for it:
   • Publish the contact numbers, email ids and websites for reporting complaints
   • Staff these 24/7 for effective monitoring or as per business requirement
7. Reporting deviances and taking corrective action: Minor and major breaches to the Code of Conduct should be investigated properly. The report should identify the people responsible for the breach, the level of it, corrective action to be taken, and modifications required to the existing policies if any. Do the following: Conduct investigations of the cases reported and submit reports to the audit committee and board of directors. Perform root cause analysis to determine the reason for deviances, and identify solutions to mitigate the risks.
8. Evaluating commitment to ethical values: Depending on the requirements, periodically, surveys and audits should be conducted to evaluate the adherence to the policies and the overall attitude of the organization towards ethics. One must be aware that having a Code of Conduct does not ensure that it will be followed, hence regular monitoring is required to assess adherence. Adopt the following practices:
   • Conduct an Organization Survey to evaluate employee understanding and commitment to the Code of Business Ethics.
   • Periodically audit the practices being followed by benchmarking them against the policy document.
9. Annual update: Policies are dynamic documents subject to revisions on the basis of changing economic and legal requirements. Do an overall assessment of the existing policies on annual basis, and incorporate changes after senior management approval. Also, for all additions and modifications, send a formal communication to the staff. Use the following process:
   • Conduct an annual review of the policies.
   • Address gaps and deficiencies identified in the policies
   • Obtain management approval for the same
   • Roll out the updated policies and provide training to the staff.

The advantage of implementing a Code of Conduct is that it enhances the corporate governance efforts of the organization by establishing a uniform set of core values and behavior for all the staff. The staff knows what is the right course of action, whom to approach in a dilemma, and what will be the risks of adopting unethical behavior patterns. Due to this, the reputation and legal risks of the organization are also reduced since it is mandatory for employees to follow the law.

Example of Employee Code of conduct

In order to establish a harmonious and stable corporate environment for the sustainable development of the Company (as defined below) and realize the Company’s vision of “world-leading broadband communication and information service provider”, employees of the Company must adhere to the ethics and code of conduct in respect to their honesty, credibility, and sense of responsibility, and endeavor to maximize the interest of customers, shareholders, employees, and the society. All of the above serve as the basis of this Employee Code of conduct (the “Code of Conduct”).

1 General Provisions

1.1. Scope of Application
1.1.1. This Code of conduct is necessary to maintain the objectiveness and coordination of internal activities of the Company and important for the Company to convey its corporate spirit, quality of service, and corporate value to its customers, employees, shareholders, and society, and must be complied with by all the employees (the “Employees”) of [COMPANY NAME] and its branch companies and subsidiaries (the “Company”);
1.1.2. For Employees governed by the Code of Conduct for Management Personnel, the provisions of the Code of conduct for Management Personnel shall apply. For provisions not included in the Code of conduct for Management Personnel but included in this Code of Conduct, such provisions of this Code of Conduct shall apply;
1.1.3. Service agreements entered into between the Company and any staffing service providers shall expressly specify that staff seconded the Company shall comply with this Code of Conduct.
1.2. Performance of Duties
1.2.1. Employees of the Company should report any fraudulent behavior or behavior that violates this Code of conduct to the Supervision Department of the Company in accordance with the related reporting and processing policies and procedures;
1.2.2. The Company will provide appropriate channels, such as posting this Code of Conduct on the Company’s website, producing it prior to any business activity, or incorporating it into commercial contracts, to ensure that parties that have business relations with the Company, such as suppliers, customers, agents, investors, creditors, and debtors, are able to understand the principles and spirit of this Code of Conduct in an accurate and timely manner.

2 Honesty and Credibility

2.1. Honesty and credibility are the fundamental principles of moral characters of the Company and all Employees. All Employees shall strive to maintain honesty and credibility in their work. Employees shall be honest and credible to customers, fellow tradesmen, partners, colleagues, shareholders, the country, and society.
2.2. Due fulfillment of responsibilities is an important approach for Employees to realize the principles of honesty and credibility. Employees should be responsible and self-disciplined, adhere to principles, be loyal to their duties, serve customers with enthusiasm and efficiency, handle the duties of their positions with a sense of responsibility, safeguard the interest of the Company as well as the rights and benefits of the shareholders and should not be concerned only about their own reputation or financial gains.
2.3. Employees should develop honesty and credibility as part of their fundamental professional ethics and reflect the same in their work, faithfully carrying out their commitments. Honesty and credibility should be fundamental to the Company’s development and success and instrumental to the realization of the Company’s core values.
2.4. Employees should view their performance reports appropriately and truthfully report their performance and keep accurate billing records, in order to ensure the truthfulness and reliability of accounting information and book records, the completeness of financial reporting procedures, and the accuracy of the information submitted. False accounts, figures, or performance results are strictly prohibited.
2.5. Employees are prohibited from providing any false or misleading information within and without the Company. The information disclosure procedures shall be strictly followed.
2.6. Employees should strengthen the prevention of fraudulent behavior, in order to timely report and effectively prevent any fraudulent behavior. The Company encourages honesty and credibility as one aspect of the corporate culture by advocating and protecting Employee whistleblowing actions that truthfully expose fraudulent behaviors or behaviors that violate laws and regulations.
2.7. Employees have the obligation to comply with the current policies, laws, regulations, and other regulatory requirements of India and of the place of the Company’s listing, registration, and business operation, and perform their duties according to the current rules as well as the Articles of Association of the Company.

3 Conflict of Interest

3.1. “Conflict of interest” in this Code of Conduct shall mean any conflict that has occurred or may occur between the personal interest of Employees and the interest of the Company, or between the Employees’ personal interest and their duties. In case of a conflict of interest, Employees should promptly report to their supervisors or the Supervision Department of the Company and proceed pursuant to the responses received in a timely manner.
3.2. Employees should abide by the Articles of Association and various rules and codes of the Company, faithfully perform their duties, and consciously prevent any conflict of interest for the best interest of the Company and its shareholders.
3.3. Employees should strictly comply with the laws, regulations and regulatory requirements in respect of anti-commercial bribery, distinguish normal commercial activities from improper business behaviors, firmly rectify any improper business behavior that violates commercial morality and fair competition, and cooperate with the regulatory authorities in their investigation of any commercial bribery cases.
3.4. Employees are prohibited from illegally or inappropriately utilizing their positions or the inherent power thereof, information related to the Company’s operations or financial condition, or any information that may have a material effect on the market price of the Company’s securities for their or their families’ benefits. These activities include direct trading of securities, leaking information to others, and suggesting others for such trading.
3.5. Employees are prohibited from carrying out, causing others to carry out, or invest in any business activities that may compete with the Company’s businesses or business activities that have a conflict of interest with the Company, or with their positions.
3.6. Employees are prohibited from conducting any connected transactions that may be detrimental to the Company’s interests with any economic entities in which they or their relatives serve or hold any investment or other forms of interest in. Employees are prohibited from holding any consulting, advisory, or direct or indirect employment relationship with any customer, supplier, or competitor of the Company or hold any substantial investment interest therein.
3.7. Employees should strictly abide by the related rules and policies of the Company in respect of “excuse from the position” and “excuse from the business”.

4 Relationship with Related Parties

4.1. “Relationship with related parties” in this Code of Conduct shall mean the relationship between Employees and related parties such as customers, business partners, competitors, regulators, and other employees.
4.2. Employees should treat customers, business partners, competitors, regulators, and other employees fairly.
4.3. Employees should adhere to the “Customers First” service concept and give customer service top priority.
4.3.1. Employees should develop the market-oriented service concept and focus on providing excellent services to customers;
4.3.2. Employees should protect the customers’ confidentiality and freedom of communication and should not disclose customers’ information and confidential data without customers’ consent;
4.3.3. In marketing activities, Employees should truthfully inform customers of the Company’s services and products and fully respect customers’ freedom in making purchase decisions;
4.3.4. All Employees should respect customers’ rights and benefits and protect the legitimate interests of the Company.
4.4. When working with business partners, employees of the Company should be consistent in their words and actions.
4.4.1. In selecting production chain partners, Employees of the Company should treat all candidates fairly and objectively and reasonably select the ultimate partner through tendering and bidding and other fair means in accordance with the Company’s rules;
4.4.2. When working with business partners, all Employees of the Company should consciously safeguard the legitimate interests of the Company, strictly abide by the laws and regulations prohibiting unfair competition, monopoly, corruption, and bribery, strictly implement Company’s policies and procedures in commercial contracting and avoid unnecessary commercial risks;
4.4.3. Employees should have respect for the Company’s business partners and should not infringe upon the legitimate interests of the business partners in order to achieve mutually beneficial results for the Company and its partners.
4.5. Employees should strive to maintain a normal market competition environment and a good development environment for the Company.
4.5.1. Employees should follow society’s moral standards and the rules of the competition and are prohibited from taking inappropriate measures to interfere and interrupt network interconnection;
4.5.2. Employees should try to expand the Company’s market share by capitalizing on the Company’s advantages in services, products, and brands and are prohibited from using inappropriate means such as exaggeration or distortion of facts and defaming our competitors’ product quality, service quality, financial condition, or business reputation;
4.5.3. Employees are prohibited from using any illegal or inappropriate means to obtain any commercial secrets or other confidential information of the Company’s competitors in relation to their products, services, or marketing strategies;
4.6. All Employees of the Company should submit to the lawful supervision of the regulatory authorities, communicate as appropriate and assist in maintaining the regulation and order of the industrial market.
4.6.1. Employees should submit to the lawful supervision of the state and capital markets regulatory authorities and safeguard the legitimate interests of the Company;
4.6.2. Employees should have normal interactions with regulatory authorities and are prohibited from any inappropriate trading activities;
4.6.3. Relevant personnel should provide truthful and reliable information required by the regulatory authorities. For any omission or error, Employees should communicate with the regulatory authorities promptly and rectify such omission or error in accordance with the relevant procedures.
4.7. Employees of the Company should treat each other with trust and as equals and work as a team.
4.7.1. Employees should be warm and kind to colleagues, respect each person’s dignity, privacy, and religious beliefs;
4.7.2. Employees should work as a team and use their expertise to promote innovation and teamwork.

5 Information Disclosure and Confidentiality

5.1. Employees should strictly abide by the Company’s confidentiality rules and undertake to safeguard the Company’s commercial secrets and customers’ confidential information during the stipulated confidentiality period.
5.2. The State’s communications secrets, the Company’s commercial secrets and customer confidential information shall mean the proprietary or confidential information that has not been made public and, once made public, will be detrimental to the interests of the State, the Company and the customer, respectively, including, but not limited to, the State’s communications secrets, the Company’s operation information, strategic plans, customer data, remuneration information, marketing, and sales strategies or any other confidential information.
5.3. Employees should safely keep confidential documents, materials, and their storage media appropriately.
5.4. Employees must enter into confidentiality agreements with relevant parties when representing the Company in cooperative or business activities if disclosure of confidential information is involved.
5.5. Employees should not exchange any confidential information pertaining to the Company with any individuals, companies, or institutions or use them without authorization or entering into a confidential agreement, whether or not they are employed at the time by the Company or have benefited from such exchange or use.
5.6. Employees should strictly follow the Company’s information disclosure procedures and are prohibited from, without the Company’s permission, disclosing any confidential information of the Company to the public in their own names or in the name of the Company or make public statements relating to the Company. They are further prohibited from dispersing any false information.

6 Protecting Company Assets

6.1. Company Assets shall mean various tangible or intangible assets, trade secrets, or other professional information that the Company owns or has the right to dispose of, including favorable business opportunities.
6.2. Employees should make reasonable use of and protect Company Assets, and ensure that Company Assets are reasonably utilized to serve lawful commercial purposes. Employees are prohibited from damaging, wasting, encroaching on, embezzling, or abusing Company Assets in any way. Employees should always economize.
6.3. Employees should be risk-conscious, follow the Company’s cost control and management policies strictly and with discipline, and minimize operational risks. Management at each level and all Employees should actively minimize the potential operational risks and strengthen the monitoring and control of operational risks.
6.4. Employees should comply with safety rules and prevent accidents in order to minimize the Company’s asset loss and the Employees’ personal damages.

7 Reporting and Sanction

7.1. Any Employee who has violated this Code of Ethics is subject to Company sanctions, which include, but are not limited to, administrative sanction, termination of the labor contract, and transfer to the judicial branch.
7.2. Every employee is obligated to timely report to supervisory departments any behavior that violates this Code of Ethics pursuant to relevant rules on reporting and handling of the Company. The audit committee of the Board of Directors, Supervision Department, Audit Department, and other departments of the Company are responsible for the supervision and handling of any violation of the Company’s rules and policies. Employees can report via any of the following means:
Mail: [Company mail address ]
Internet:[xx@yy.com]
Telephone and fax: [company phone no].
7.3. The Company encourages employees to report any violation of laws, policies, or regulations. The Company welcomes Employees’ comments and suggestions on operations and management of the Company through various communication channels including “Meet with the President” Day. Management at each level should treat employee comments seriously. Policies on reporting and handling should clearly specify that the Company should provide appropriate protection to whistleblowers and maintain information and records of such whistleblowing confidential. The Company should ensure the independence of personnel receiving and processing information provided by whistleblowers, differentiate authorization levels for relevant personnel, and the de-classification authorization of archives. Personnel responsible for receiving, recording, and processing or having access to reported information should sign additional confidential agreements specifying their obligations with regard to confidentiality. The Company should also reinforce the security measures for mailboxes, hotlines, and email boxes for whistleblowing, distinguish responsibilities between the management of reported information and report investigation and strictly follow the procedures for use of information and archives.
7.4. The Company protects employees reporting violations of laws, policies, or regulations. Reporting via telephone or mail can be anonymous. Employees who leak information or retaliate against whistleblowers shall be subject to removal from position or termination of employment. Employees that violate the laws will be handed over to the prosecution.

8 Supplementary Clauses

8.1. This Code of Conduct is a regulatory document setting forth professional standards for employees of the Company. As an attachment to the labor contract, it has the same legally binding force and effect as the labor contract. Employees should also comply with the State’s laws, regulations, and administrative rules, the Articles of Associations of the Company, and various current rules and regulations within the Company.
8.2. When employees sign their labor contracts, they should also sign Employee Statement I (See Exhibit I), indicating that they know and will comply with the various provisions of this Code of Ethics and monitor and report any behavior in violation of this Code of Ethics.
8.3. Human Resource departments at each level should publicize and implement this Code of Ethics by various means, including training. They should also conduct training via mail or office system and have Employees sign Employee Statement II (see Exhibit II) annually, collect information on fraudulent behaviors and behaviors that violate this Code of Ethics and submit to supervisory organizations for investigation and decision.
8.4. This Code of Ethics is reviewed by the Legal Department of the Company and by the Employees’ Congress. It shall take effect upon approval by the Board of Directors of the Company, which also has the interpreting authority. Termination or any modification of this Code of Ethics should be approved by the Board of Directors.

Exhibit I:  Employees Statement I

I have carefully read and understood the requirements of this Employee Code of Conduct (the “Code”) of [Company name]. I acknowledge that it is an exhibit to my labor contract with equal legal binding force and effect and undertake to abide by this Code. I hereby declare the following:
1. I will abide by professional ethics and not commit fraudulent acts or behaviors in violation of this Code;
2. I will timely report any fraudulent behavior or behaviors in violation of this Code.

(Signature)

Date:

Exhibit II: Employees Statement II

1. I have strictly complied with the Employees Code of Conduct of [Company name] (the “Code”) from _________,  to _________, and have not committed any acts in violation of this Code;
2. I am not aware of any acts committed by other employees that are fraudulent or in violation of this Code. I have truthfully reported all such acts that I’m aware of to the Supervision Department.

(Signature)

Date:

—————————End of example—————————————

Example of Whistleblowing  Policy of Oman LNG L.C.C

1. Introduction
Oman LNG is committed to the highest possible standards in terms of governance practices, openness/transparency, honesty, accountability, professionalism, and duty of care in delivering one’s responsibilities as prescribed in OLNG’s “Statement of General Business Principles” and “Code of Conduct”.

2. Purpose
This Policy aims to encourage every individual working for or dealing with the Company to report any Unethical Practices at any level of the organizational structure with complete comfort, confidence, and protection. Also, it aims to define and establish the position of the Company on the framework for reporting Unethical Practices and establish suitable steps to investigate and take necessary corrective actions.

3. Definition
a. “Unethical Practice” means any behavior or practice of the Company, its employees, contractors, suppliers, or their individual employees in relation to their business dealings with the Company which is believed to be inconsistent with the Company’s General Business Principles and its general spirit, and includes, but is not limited to, the following suspected activities / improper practices:

• Fraud or fraudulent financial reporting;
• Manipulation of Company data/records, including forging official documents;
• Abuse of authority at any defined level in the Company;
•  Disclosure of confidential/proprietary information to unauthorized personnel;
•  Knowingly violating applicable laws and regulations, thereby exposing the Company to penalties, fines, or any legal action;
• Any instances of misappropriation or abuse of Company property/assets;
• Actively violating any laid down Company policy, including the Code of Conduct;
• The economically wasteful act or action;
•  Criminal activity;
•  Harassment of any nature to employees or any other third party.
•  Using confidential information acquired in the course of one’s work for personal advantage;
•  Any other activities whether unethical or improper in nature and damaging the interests of the Company;
•  Attempts to conceal any of the above.

b. “Whistleblower” means any person (employee, director, customer, vendor, or any other individual stakeholder) reporting an Unethical Practice under this policy.

4.  Reporting Unethical Practice

a. The Company has introduced this policy to enable you to raise your concerns about Unethical Practices at an early stage and in the right way. If something is troubling you which you think the Company’s management or Board should know about or look into, then please refer to this policy.

b. Normally, concerns should be raised with the appropriate department that the issue is dealt with within the Company and should be handled in line with company policies and procedures. It is recognized, however, that there may be occasions where the use of the normal chain of command may not be appropriate. Persons may believe their concerns:

• are overly sensitive;
• would  not be receiving appropriate attention;
• are of particular significance;
• the line manager/department is the perpetrator of the issue to be addressed or
• the person may be sufficiently uncomfortable such that it warrants the use of another confidential reporting channel. 

Hence, the Whistleblower may report such Unethical Practice in writing to WhistleBlow@omanlng.co.om. This mailbox is regularly reviewed by the Chief Internal Auditor at the Company. 

c. The Chief Internal Auditor shall never reveal the name of the Whistleblower without his/her consent unless required by law. If they at some point in time are ordered and required by law to report the name of the Whistleblower, they shall inform the Whistleblower, unless they have lawful reasons not to do so.  Where the Whistleblower feels very exposed and is afraid of being victimized (s)he can e-mail anonymously when reporting the issue by hiding his / her identity. In this respect, the Whistleblower shall provide and deliver all related information and facts with the initial report to facilitate the investigation process. The Whistleblower can remain anonymous in follow-up communications and clarifications by providing a discreet e-mail address.

d. The Whistleblower must address the following aspects, while reporting any issues under this policy:

• A clear understanding of the issue being raised.
• The issue should not be merely speculative in nature but should be based on actual facts.
• Should contain as much specific information as possible to allow proper inquiry/ investigation.
• If the Whistleblower has a personal interest in the matter, (s)he will be required to disclose this.

5. Protection to Whistleblower

The identity of the Whistleblower shall be kept confidential at all times unless otherwise agreed with the Whistleblower or required by law (e.g. during the course of any legal proceedings, where the Whistleblower is required to give evidence in court). No unfair treatment shall be vetted out towards any Whistleblower acting in good faith by virtue of his/her having reported issues under this policy and the Company shall ensure that full protection is granted to him/her against any action.

—————————End of example————————————— 

Back to Home Page

If you need assistance or have any doubt and need to ask any question  contact me at: preteshbiswas@gmail.com . You can also contribute to this discussion and I shall be happy to publish them. Your comment and suggestion is also welcome.