Zero tolerance for corruption
Ethics, integrity and compliance
“For KONGSBERG, maintaining high ethical standards in our day-to-day operations is very important. We are experiencing a constantly changing world, with an increased focus on compliance with laws, rules and sanctions. This places great demands on an international business. We work systematically to improve our processes and routines so that they meet applicable requirements and to safeguard our licence to operate. We ensure implementation of our processes through training and we follow up through reporting and audits to make sure we comply with applicable requirements.”
Geir Håøy, President and CEO
We have set targets and indicators to support our ambitions and to ensure compliance and follow-up.
Our ambition is for all aspects of our business to be carried out in
an ethical and responsible way.
- We need ethical guidelines supported by a good governance system to ensure that we conduct our business with integrity.
- We will work constantly to ensure a world-class compliance programme.
- We will protect, monitor and document our business proactively using risk-based control measures.
- We set and maintain high ethical standards for our employees and business partners to ensure sound business practices.
- We support and promote common values to ensure an ethical culture.
Indicators for 2021
Ethics and compliance training for all employees.
Indicators for 2021
Risk-based follow-up and audits of our market representatives.
Indicators for 2021
Conflicts of interest must be recorded and managed as part of the compliance programme.
Our approach to ethics, integrity and compliance
Our Code of Ethics and Business Conduct is regularly updated in line with national and international developments. It expresses our basic attitudes and indicates how we will relate to colleagues, customers, shareholders and society in general.
The Norwegian parliament (Stortinget) has approved the Transparency Act, which will come into force in 2022. The core of the law, and other similar international laws, is the duty to perform due diligence for human rights and decent working conditions in line with the OECD guidelines. At KONGSBERG, we have started a comprehensive project to ensure compliance with the new legal requirements. Also see the section on human rights.
The tone at the top
The Board of Directors and management of KONGSBERG set requirements for the periodic external evaluation of the compliance programme, and assess and approve risk assessments and action plans on an annual basis. The Chief Compliance Officer reports on status every quarter to the Corporate Management, the Audit Committee and the Board.
KONGSBERG has zero tolerance for corruption. Our attitude is expressed explicitly through our Code of Ethics and Business Conduct, and our endorsement of the UN Global Compact, the OECD’s Guidelines for Multinational Enterprises and our membership of Transparency International, the International Forum on Business Ethical Conduct (IFBEC) and Maritime Anti-Corruption Network (MACN). The Board and Corporate Management Team devote considerable attention to this work. In 2020 we conducted an external audit of our anti-corruption programme against the framework of the regulations of the US Foreign Corrupt Practices Act (FCPA). This was carried out by an internationally recognised law firm in the United States, with very good results. We are planning a new external audit in 2023.
Our Business Code of Ethics and Business Conduct is the backbone of our operations, and the Code applies to everyone at KONGSBERG regardless of where or when. The Code is communicated and implemented to ensure clear understanding throughout the Group, contributing to a strong business culture, working in a preventive manner to avoid errors and irregularities. Well-integrated values and the Code of Ethics and Business Conduct constitute an important element of our risk management.
Before we enter into an agreement with a business partner (customer, supplier, market representative, joint venture partner, other collaboration partner, recipient of sponsorship or charitable contributions), we must be certain that the business partner has satisfactory ethical standards in place. We use a risk-based approach, which includes due diligence for compliance. We have incorporated requirements regarding ethics and corporate social responsibility into our standard agreements with business partners, and carry out risk-based audits.
We conduct an annual comprehensive compliance and risk assessment for the entire Group, including all subsidiaries and part-owned companies and partners. Our reviews and audits of our subsidiaries include anti-corruption, export control and sanctions, as well as human rights. This is an important part of our anti-corruption work throughout the Group. The audits are carried out by internal resources in collaboration with external specialists.
We operate in areas including the defence and oil and gas industries that, historically, are sectors that have been exposed to corruption on the international stage. We also recognise that doing business in many parts of the world may involve a risk of corruption. For our business partners, zero tolerance in practice means requiring that potential historical situations are regularised, that an approved anti-corruption programme is implemented and complied with, and that corruption is clearly denounced through words and actions. Our activities involve the use of external market representatives. The use of third parties is generally known to imply a high risk of corruption, so we pay particular attention to that aspect of our anti-corruption programme.
Our anti-corruption programme
We have drawn up and implemented comprehensive in-house regulations for the signing of agreements with market representatives. This means, among other things, background checks of the company, key people and ownership, audits of financial and non-financial information, approval procedures, standard termination and audit rights agreements, as well as following up on and monitoring the agreements. The regulations also include assessments of a market representative’s ethical standards, reputation and training. Risk is also assessed based on industry, country and company. The agreements have a maximum duration of three years, and the approval process is repeated on renewal. We investigate payments, and perform audits of our market representatives on an ongoing basis in line with risk-based audit programmes, for which we use internal and external experts. In total, we have more than 80 market representatives distributed throughout the Group, supporting us in all parts of the world in which we operate.
Notification of alleged misconduct
The Group has procedures for the notification of any breach of the Code of Ethics and Business Conduct. Employees will always have the right to issue alerts about circumstances worthy of criticism, and are under a duty to do so if there are questions related to violation of laws, rules or our Code of Ethics and Business Conduct.
KONGSBERG will not tolerate a whistleblower being subject to reprisals or negative reactions. The Group has two ombudsmen who can provide advice and receive alerts from employees. Internal and external questions about ethics and whistleblowing can be directed to the Group’s Chief Compliance Officer by email to firstname.lastname@example.org or via our global web-based notification channel. Our whistleblowing channel ensures that everyone can report concerns and that such reports are treated in a confidential manner and in line with applicable laws. External business partners can also use the whistleblowing channel. In the 2021 employee survey, nearly two-thirds said they were well aware of the whistleblowing system and how to make a report. We aim to ensure that all our employees have good knowledge of the whistleblowing procedures and have initiated measures to make the whistleblowing system more accessible on our website. We will also place greater focus on the whistleblowing system in the e-learning course and stress that openness and whistleblowing are an integral part of our work to comply with the Norwegian Transparency Act.
Our whistleblowing procedures were updated in 2020 to ensure compliance with new changes to the Working Environment Act, and will be updated in 2022 in accordance with the new EU whistleblowing directive.
In 2021 we dealt with 26 cases internally. These have mainly involved the working environment and financial irregularities of a personal nature. All issues are considered in accordance with our procedures, and the majority of these issues were closed during 2021.
Exports and sanctions
KONGSBERG is committed to complying with all applicable laws regarding exports, imports, transit and trade in all countries in which we operate. These include laws on export bans, sanctions, customs, product/country of origin labelling and boycotts.
There is a particular focus on the export of defence systems and other military equipment, along with associated technology and services. In Norway, and in most countries KONGSBERG operates in, services and technology subject to export controls can only be exported subject to an export licence from the authorities. Sanctions may apply regardless of export classification. Customers and involved in the transactions must be checked with respect to sanctions and export bans. Customers and parties involved in the transactions must be checked with respect to sanctions and export bans. We have also invested in new tools to ensure regulatory compliance.
KONGSBERG has a comprehensive programme for internal control and training in connection with our export activities.
In 2019 a Trade Compliance project was established in collaboration with Patria. The main objective of the project is to improve processes, routines, interaction and competence-building. In 2021 extensive internal audits were carried out to gain an overview of status. Experiences from this work will be used in 2022.
The UN and the EU are the two most important international institutions making decisions on the imposing or lifting of sanctions. Decisions there largely determine which sanctions Norway implements. In addition, the US has introduced further sanctions in a number of cases. KONGSBERG has guidelines and procedures that are updated on an ongoing basis in order to address this.
Data privacy at KONGSBERG
The EU General Data Protection Regulation (GDPR) came into effect from May 2018. In recent years, KONGSBERG has undertaken work on privacy in order to comply with the requirements of the regulation. KONGSBERG had its Binding Corporate Rules (BCR) approved in February 2018 (updated in 2019). This is the legal basis for the processing of personal data within the Group. Furthermore, an application for UK Binding Corporate Rules was made in June 2021. Updates have also been made in relation to the changes after the SCHREMS ruling. This framework forms the basis for how KONGSBERG must ensure that the personal data of our employees, customers and partners is treated in accordance with these requirements.
A separate privacy organisation has been set up within the Group and in the business areas with overall responsibility for ensuring and coordinating the establishment of internal processes and procedures, to ensure compliance. KONGSBERG has focus on IT security, and this is an important part of securing personal data processed in the company for our own employees, customers and other partners.
KONGSBERG has not identified any leaks, theft or loss of customer data. Nor have we received any substantiated complaints about violations of privacy from third parties or regulatory bodies. The privacy status is reported annually as part of the overall compliance report to Group management and the Board.
Alongside other large Norwegian companies, we participate in a network with a focus on privacy. We share experiences, and work together on common problems/solutions. Read our Privacy Statement and BCR here: kongsberg.com/privacy.
All our new employees go through a training programme that deals with the Group’s Code of Ethics and Business Conduct. The programme for new employees and line managers, which consists of e-learning and classroom courses, is updated regularly. In addition, a complex training programme has been further developed in the field of ethics, business-related behaviour and special topics for exposed target groups, including a general introduction to our notification rules. The Board receives regular updates on the compliance programme, such as recent developments on anti-corruption regulations, sanctions and reported concerns. All members of the Board participate in mandatory training on ethics and compliance, including anti-corruption.
In the 2021 employee survey, 91 per cent answered that they have good knowledge of the ethical guidelines. Overall, in 2021, 79 per cent of employees completed compliance training, which includes several themes, including a comprehensive module on anti-corruption. We implemented a new and improved compliance management system in 2021 that makes it possible to monitor training completion at an individual level. The new system caused a delay in the implementation of the e-learning, and some employees will complete the training in 2022.
Violations of law in 2021
None of the companies within KONGSBERG were sanctioned due to violations of law related to business ethics in 2021.
Divided into Group and business area, at the start of 2022 the organisation had a total of 45 employees working wholly or partially with compliance, export control, sanctions and privacy. The Chief Compliance Officer reports directly to the CEO and Audit Committee as well as administratively to the CFO.