Compliance Management System
Our corporate conduct is characterized by a sense of responsibility as well as ethical principles. Compliance with legal and regulatory requirements is integral to our operations. It is only in this manner that we can sustainably increase the company’s enterprise value and safeguard our reputation.
Compliance Culture and Targets
In its Corporate Compliance Policy, Covestro has specified a Group-wide code of conduct that mandates fundamental principles and rules for all employees. This code of conduct details our commitment to fair competition, integrity in business dealings, the principles of sustainability and product stewardship, data protection, upholding of foreign trade and insider dealing laws, the separation of business and private interests, proper record-keeping and transparent financial reporting, as well as to providing fair, respectful, and nondiscriminatory working conditions. These requirements apply within the company as well as to all interactions with external partners and the general public. Our code of conduct provides a framework for all decisions by the company and our employees. The Corporate Compliance Policy is available on our intranet and on our website, and is part of an information packet distributed to new employees when they are hired.
Covestro is aware that employees will likely embrace and exhibit integrity if managers are excellent role models. The Board of Management states very clearly in its Corporate Compliance Policy for all staff that, above and beyond any legal requirements, Covestro elects not to conduct any business activities that would violate our rules and that management staff is prohibited from instructing employees otherwise. In this way, management continuously fosters our compliance culture by, for example, regularly drawing employees’ attention to compliance topics and their significance to the company. At Covestro town hall meetings, for example, Board of Management members regularly present recent compliance cases to employees and underscore the importance of complying with statutory requirements and internal regulations.
We want to utilize our compliance management system in order to:
- Foster and reinforce conduct per compliance requirements,
- Minimize or even eliminate compliance violations,
- Identify risks for potential violations,
- Implement preventive measures, and
- Uncover, halt, and proactively eliminate a repeat occurrence of any compliance violations committed by individuals acting without authorization and in breach of clear rules.
We have taken steps to meet our targets, including implementing an internal control system to ensure compliance rules are followed. The insights gained from our annual evaluation of effectiveness are leveraged in our efforts to continually improve our compliance management system.
The Chief Compliance Officer is in charge of all compliance activities at Covestro, and in this function reports directly to the Board of Management. The corporate Law, Intellectual Property & Compliance function is the single point of contact that coordinates Group-wide compliance activities. Chaired by the Chief Financial Officer (CFO) of Covestro, the Compliance Committee is the Group’s top-level decision-making body on these issues. The Committee’s responsibilities include the following: exercising a Group-wide compliance governance function, initiating and approving compliance-related regulations, and approving the annual training plan. In the reporting period, the Compliance Committee met a total of four times. The suitability and effectiveness of compliance activities are regularly reviewed by the Corporate Audit function in independent, objective audits.
Data privacy is under the responsibility of the corporate Law, Intellectual Property & Compliance function and is coordinated Group-wide. By defining controls and processes, the function works to ensure compliance with legal requirements (in particular the EU General Data Protection Regulation, GDPR) and legal judgments to protect personal data of employees, as well as of business partners, media representatives, etc. Local Data Privacy Officers have been appointed for each country in which Covestro has employees. They serve as local points of contact for employees on all questions regarding data privacy. The Board of Management is informed regularly about activities in the company relating to data privacy law.
A local Compliance Officer has also been appointed for each country in which Covestro has employees. This person serves as a local point of contact for employees on all questions regarding legally and ethically correct conduct in business situations. The country organizations also have local compliance committees.
Communications and Compliance
Covestro systematically conducts training courses on compliance. Once focus areas have been specified, target groups are defined for each content category and the employees (including managerial staff) are invited.
Covestro expressly encourages its employees to openly address any doubts about proper conduct in business situations and to solicit advice. We inform all employees whom they can contact if they have any doubts or questions. Covestro has also set up a whistleblowing tool. Employees and third parties can report potential compliance violations through a hotline accessible worldwide or use an online tool that also permits anonymous reports. In addition, employees can also report any compliance incidents to their supervisors or to the Compliance organization.
An internal policy sets out the principles for handling compliance incidents at Covestro. All suspected compliance incidents are recorded in a central database. Confirmed violations are evaluated, and organizational, disciplinary, or legal measures are taken if necessary.
Compliance incidents are regularly reported to the Supervisory Board, the Board of Management, and the business entities’ management teams. Moreover, a current overview of incidents, including additional information on various aspects and developments related to this topic, is published in a monthly Compliance Telegram on the intranet. This ensures a high degree of transparency for all employees.
On a quarterly basis, all companies document risks arising from pending or current legal or administrative proceedings. Relevant cases are reported on a regular basis to the Board of Management and to the Audit Committee of the Supervisory Board. The material legal risks are disclosed in the Notes to the Consolidated Financial Statements.
Principles and Targets of Tax Compliance
Covestro takes seriously its responsibility to pay the statutory tax liability in accordance with the rules set by each government as well as to meet all registration, documentation, disclosure, and licensing requirements in all the applicable countries and/or tax jurisdictions. Ensuring that tax payments are made in the appropriate amount is a core element of Covestro’s responsibility to society, because this is a major source of revenue for governments that is used to carry out economic and social policies.
Our tax principles are as follows:
- Zero tolerance for violations, especially tax fraud/evasion;
- Tax payments in line with the value created in the relevant countries/territories;
- Cooperation with tax authorities.
These principles are also published online.
Our principles are at the heart of a tax policy applicable to the entire Group, which was reviewed and approved by the corporate Taxes function and the Chief Financial Officer (CFO). The tax policy also includes our tax strategy in alignment with our Group strategy and our C3 corporate values. The tax strategy is discussed and amended as necessary in regular exchanges with the CFO.
In addition, we are interested in keeping abreast of ongoing developments in tax law and therefore participate in political discussions in trade association committees. All of our activities rest on compliance with our ethical principles. The aim of our participation in trade associations is fair, transparent, and administratively streamlined evolution of tax law.
Tax Compliance Organization
Responsibility for implementing and continually improving the appropriate tax processes lies with the corporate Taxes function, which reports to the CFO. Local tax experts in Covestro’s subsidiaries implement tax processes or support this effort. To the extent that third-party professionals are tasked with tax-related responsibilities in certain countries, they agree to adhere to our principles and compliance rules.
Covestro expressly encourages employees to openly discuss any concerns about proper conduct by the company regarding taxes with their supervisors or local tax departments, and to obtain assistance or advice. Our whistleblower tool is also available to employees and third parties.
A standardized process is used to report tax risks worldwide to the corporate Taxes function once a year. Tax risks are monitored on an ongoing basis in cooperation with the subsidiaries and, if necessary, the risk reports are amended. Financial reporting comprises tax risks, which are integrated into the internal control system for the (Group) accounting and financial reporting process and the risk early warning system.