Annual Report and Sustainability Report 2019

SUSTAINABILITY

Zero tolerance for corruption

Ethics, integrity and compliance

“For KONGSBERG, maintaining a high ethical standard in our daily operations is very important. We are experiencing a constantly changing world, with an increased focus on compliance with laws, rules and sanctions. This places great demands on an international business. We work systematically on improvements to our processes and routines so that they meet applicable requirements. We ensure implementation of our processes through training and we follow up through reporting and audits to make sure we comply with applicable requirements.”

Geir Håøy, President and CEO

Our position

Business Ethics

Our Code of Ethics and Business Conduct is regularly updated in line with national and international developments. It expresses our basic attitudes and indicates how we shall relate to colleagues, customers and society in general.

Tone at the top

The Board of Directors and management of KONGSBERG set requirements for periodic external evaluation of the compliance programme. They assess and approve risk assessments and actions plans for Responsible Business Conduct on yearly basis. The Chief Compliance Officer reports status every quarter to the Corporate Management, the Audit Committee and the Board.

Our Code of Ethics and Business Conduct is the backbone for how we conduct our opera­tions, and the code applies regardless of where, when and which of our employees is doing business.
Anti-corruption

KONGSBERG has zero tolerance for corruption. By that, we mean that we will never permit sales to be achieved through corruption. Meanwhile, we recognise that doing business in vulnerable parts of the world may involve greater risks for corruption. For our business partners, zero tolerance in practice means requiring that any historical situations are regularised, that an approved anti-corruption programme is implemented and complied with, and that corruption is clearly denounced through words and actions. Our attitude is expressed explicit through our Code of Ethics and Business Conduct, and our endorsement of the UN Global Compact, the OECD’s Guidelines for Multinational Enterprises and our membership of Transparency International, The International Forum on Business Ethical Conduct (IFBEC) and Maritime Anti-Corruption Network (MACN). The Board and Corporate Management Team devote considerable attention to this work.

Our Code of Ethics and Business Conduct is the backbone for how we conduct our operations, and the code applies regardless of where, when and which of our employees is doing business. This Code is communicated and implemented to ensure a clear understanding throughout the Group, and as such shall contribute to a strong business culture, working in a preventive manner against the occurrence of errors and irregularities. Well-integrated values and the Code of Ethics and Business Conduct make up an important element of our risk management.

Before we enter into an agreement with a business partner (customer, supplier, market representative, joint venture partner, other collaboration partner, recipient of sponsorship or charitable contributions), we must be certain that the business partner has satisfactory ethical standards in place. We use a risk-based approach, which includes compliance Due Diligence investigations.

We carry out compliance Due Diligence investigations in accordance with internationally recognised standards. The level at which these investigations are conducted depends on the business partner and the risks concerned, and we carry out screening using recognised screening tools. The risk assessments are regularly revised and updated. We have incorporated requirements regarding ethics and corporate social responsibility into our standard agreements with business partners, and carry out risk-based audits.

Notification of alleged misconduct

The Group has procedures for notification of any breach of the Code of Ethics and Business Conduct. Employees will always have the right to issue alerts about circumstances worthy of criticism, and are under a duty to do so if there is a question of a violation of laws, rules or our Code of Ethics and Business Conduct. KONGSBERG will not tolerate a whistleblower being subject to reprisals or negative reactions. The Group has two ombudsmen who can provide advice and receive alerts from employees. Internal and external questions about ethics, whistleblowing, etc., can be directed to the Chief Compliance Officer by sending an e-mail to: ethics@kongsberg.com or to our global web-based notification channel. Our notification channel ensures that everyone can report concerns and ensure that this is treated in a confidential manner and in line with applicable laws.

In 2019 we have processed 32 cases internally, mainly concerning the work environment and financial irregularities of a personal character. All issues are considered in accordance with our procedures, and the majority of these issues were closed during 2019.

Exports and sanctions

KONGSBERG is committed to complying with all applicable laws regarding exports, imports, transit and trade in all countries in which we operate. These include laws on export bans, sanctions, customs, product/country of origin labelling and anti-boycotts.

There is a particular focus on the export of defence systems and other military equipment, along with associated technology and services. In Norway, and in most countries KONGSBERG operates in, services and technology subject to export controls can only be exported subject to an export licence from the authorities. Sanctions may apply regardless of export classification. Customers and parties involved in the transactions must be checked with respect to sanctions and export bans. Customers and parties involved in the transactions must be checked with respect to sanctions and export bans.

KONGSBERG has a comprehensive programme for internal control and training in connection with our export activities. Several employees are “Certified Export Control Managers” for both defence materials and dual use goods. This practise will be continued in 2020 to build further expertise.

In 2019, a Trade Compliance project was established in collaboration with Patria. The main objective for the project is to improve processes and routines, interaction and competence building. We will conduct extensive internal audits in 2020 to map and focus on this.

The UN and the EU are the two most important international institutions making decisions on the imposing or lifting of sanctions. Decisions of the UN and EU largely determine which sanctions Norway implements. In addition, countries such as the USA have imposed further sanctions against countries and parties that are more comprehensive than those of the UN or EU. KONGSBERG has guidelines and procedures which are regularly updated (most recently in 2019) in order to address this.

Data privacy at KONGSBERG

The EU General Data Protection Regulation (GDPR) came into effect from May 2018. Over the last years, KONGSBERG has undertaken work on data privacy in order to comply with the new requirements in the regulation. KONGSBERG had its Binding Corporate Rules (BCR) approved in February 2018 (updated in 2019). This is the legal basis for the processing of personal data within the Group. This framework forms the basis for how KONGSBERG must ensure that the personal data of our employees, customers and partners is treated in accordance with these requirements.

A separate privacy organisation has been set up in the Group and in the business areas with overall responsibility for ensuring and coordinating the establishment of internal processes and procedures, to ensure compliance. KONGSBERG has focus on IT security, and it is an important part of securing personal data processed in the company for our own employees, customers and other partners. We participate in a network with focus on privacy with other large Norwegian companies, with purpose to share experiences and best practices. The status of privacy is reported annually as part of the overall compliance report to the group management and the board.

Please find our privacy statement on kongsberg.com/privacy (updated in September 2019) together with a public version of our BCR as well as an overview of the companies which are part of it.

In-house training

All our new employees go through a training programme that deals with the Group’s Code of Ethics and Business Conduct. The programme is updated regularly, and consists of e-learning courses and classroom courses for new employees and managers. In addition, a complex training programme has been further developed in the field of ethics, business-related behaviour and special topics for exposed target groups, including a general introduction to our notification rules.

Training in our Code of Ethics and Business Conduct is the backbone for how we conduct our operations.

Our challenges

We perform risk assessments in all our business areas and facilitate action plans to reduce identified risk. KONGSBERG operates in both the defence industry and the oil and gas industry, which, according to Transparency International, are two of the sectors most susceptible to corruption.

Our activities involve the use of market representatives. The use of third-parties is generally known to imply a high risk of corruption, so we pay particular attention to that aspect of our anti-corruption programme. We have drawn up and implemented comprehensive internal regulations for signing and following up agreements with market representatives. The regulations include assessments of a market representative’s ethical standards and reputation. Further, risk is assessed based on industry, country and company, and approval procedures have been introduced for the use of standard terms of business and verification of payments, as well as for follow-up during the agreement period and including training and external audits.

We carry out periodic evaluation of our compliance and anti-corruption programme. The last occasion was in 2017. Improvement measures identified through previous internal and external evaluations, audits and compliance audits with ISO standard 37001 “Anti-bribery management systems” were implemented during 2019.

Law violations in 2019

None of the companies in KONGSBERG were sanctioned due to law violations related to business ethics in 2019.

Organisation 

KONGSBERG strengthened our compliance organisation through the addition of five new employees in 2019. This makes a total of 10.5 people spread across the Group and business areas. Chief Compliance Officer reports direct to the CEO and Audit Comittee as well as administratively to the CFO.

Goals and acitivites

Goals:
Every aspect of our business activities shall be conducted in an ethical and responsible manner
  • Goals for 2019 – what we said

    • Follow up of audits that have been carried out against the ISO standard for “Anti-corruption management systems”.
  • Goals for 2019 – what we said

    • Implementation of revised governance documents.
    • Develop and maintain internal governance documents.
  • Goals for 2019 – what we said

    • Carry out risk analyses, internal controls and audits to confirm compliance with legislation, rules and internal procedures.
    • Carry out risk reduction measures as needed.
    • Reinforce internal control function in our compliance department.
  • Goals for 2019 – what we said

    • Further develop and carry out continuous training.
  • Goals for 2019 – what we said

    • Maintain and further develop good forms of cooperation with business partners and other external parties.
  • Goals for 2019 – what we said

    • Further develop and maintain incentives and KPIs for ethics and integrity, as well as internal rules and procedures for reactions and sanctions.
  • Goals for 2019 – what we said

    • Continue to com­municate a clear and distinct “Tone at the Top” to all managers at all levels.
To the top