Annex 2 - CLO Compliance Blue Print and covering letter

Similar documents
BUSINESS COMPLIANCE WITH COMPETITION RULES

CORPORATE GOVERNANCE STATEMENT 30 JUNE 2017

Code of Ethical Conduct for the Sanlam Group

Risk Management Briefing

COMPLIANCE MANAGEMENT FRAMEWORK FOR VICTORIA UNIVERSITY

Guidance Note: Corporate Governance - Audit Committee. January Ce document est aussi disponible en français.

THE ANTITRUST COMPLIANCE PROGRAMME OF THE ITALCEMENTI GROUP

THE ARCG CHARTER. Issued in March 2008

Developing an Integrated Anti-Fraud, Compliance, and Ethics Program

KING IV GOVERNANCE PRINCIPLES APPLICATION BY MURRAY & ROBERTS FY The governing body should lead ethically and effectively (Leadership)

Guidance Note: Corporate Governance - Audit Committee. March Ce document est aussi disponible en français.

PostNL group procedure

Slavery and human trafficking statement 2017

1. OBJECTIVE 1.1 This Charter outlines the roles and responsibilities of the Board.

ONLINE PUBLIC CONSULTATION

Guidance Note: Corporate Governance - Board of Directors. January Ce document est aussi disponible en français.

Agenda Item 6-2. Committee: International Accounting Education Standards Board Meeting

Corporate Governance Framework

International Rescue Committee, UK Modern Slavery Statement

Communication on Progress Report

INTEGRITY COMPLIANCE GUIDELINES

Human Resources Audit. XYZ Group

MACQUARIE TELECOM GROUP LIMITED CORPORATE GOVERNANCE

BCE INC. BOARD OF DIRECTORS CHARTER (INCLUDING BOARD CHAIR POSITION DESCRIPTION)

CORPORATE GOVERNANCE STATEMENT 2018

International Standard on Auditing (UK) 220 (Revised June 2016)

Internal Audit Charter

ARTICLE 29 DATA PROTECTION WORKING PARTY

This document sets out how AIB complies with these Regulations. 1. Governance

INTERTEK GROUP PLC INTERTEK S MODERN SLAVERY STATEMENT 2017

ENERGY QUEENSLAND LIMITED INTERNAL AUDIT CHARTER. [April 2017]

(Non-legislative acts) REGULATIONS

DECISION. mb a5 EFSA Internal Control Framework. Internal Control Framework of the European Food Safety Authority. Decision No.

DS SMITH PLC MODERN SLAVERY AND HUMAN TRAFFICKING STATEMENT 2016/17. Page 1 of 10

Self Assessment Workbook

The Gym Group plc. (the Company ) Audit and Risk Committee - Terms of Reference. Adopted by the board on 14 October 2015 (conditional on Admission)

Code of Business Conduct

GROUP HEALTH & SAFETY POLICY

The BEST Framework EDF Group s Expectations for Managing Health and Safety. The EDF Group BEST Framework

Self Assessment Workbook

Corporate Governance Statement John Bridgeman Limited

When Recognition Matters CODE OF ETHICS PO1-PECB Code of Ethics Version: 2.0 Revised:

GUIDELINES ON ANTITRUST COMPLIANCE (only the Italian text is authentic)

Document File Name LEG-001 Anti Bribery Policy V Date Approved by Owner/Revisions made 27 September 2017 V1.4

1. Is the proposed definition of modern slavery appropriate and simple to understand?

Triple C Housing, Inc. Compliance Plan

Bribery Act: how will you act?

Defence Health Governance Structure

International Forum of Independent Audit Regulators Report on 2013 Survey of Inspection Findings April 10, 2014

Code of Conduct. Integral Diagnostics Limited ACN

Part of the IoD International Network

For personal use only. Corporate Governance Statement 2018

IMMUNOGEN, INC. CORPORATE GOVERNANCE GUIDELINES OF THE BOARD OF DIRECTORS

Anti-corruption Code of the Hitachi Rail Italy Group

Audit & Risk Committee Charter

SIME DARBY BERHAD BOARD CHARTER

Developing an Integrated Anti-Fraud, Compliance, and Ethics Program

SOUND ENERGY PLC QUOTED COMPANIES ALLIANCE CORPORATE GOVERNANCE CODE 2018

Code of Conduct. Contents 1 Introduction from the CEO 2 Our people 5 How we work 9 Whistleblowing and enforcement

ECHO ENERGY PLC QUOTED COMPANIES ALLIANCE CORPORATE GOVERNANCE CODE 2018

Corporate Governance. This King III Reporting is prepared in terms of the JSE Listings Requirements for the period 01 July 2015 to 30 June 2016

Date Approved by Owner/Revisions made 24 September 2012, V1.2

1.3.1 The responsibilities of the Parent Board include, but are not limited to, the following 1 :

Code of Corporate Governance

Corporate Governance Statement. APN Property Group August 2017

AmCham EU s Recommendations on GDPR Implementation

ARTICLE 29 Data Protection Working Party

A Firm s System of Quality Control

BOARD CHARTER LA PRUDENCE LEASING FINANCE CO LTD

Mayur Resources Ltd. 80 Robinson Road, #02-00, Singapore

- 1 - Ethics and you. An introduction to the CIPFA Standard of Professional Practice on Ethics. July

Corporate Governance Statement

EUROPEAN CONFEDERATION OF INSTITUTES OF INTERNAL AUDITING (IVZW)

STANDARD ON INTERNAL AUDIT (SIA) 7 QUALITY ASSURANCE IN INTERNAL AUDIT *

CORPORATE GOVERNANCE STATEMENT 2017/18

Corporate Governance Statement

MPAC BOARD OF DIRECTORS MANDATE

Model 231. Adopted by the Board of Directors of Brainlab Italy s.r.l. on December 9, 2013.

Policy (Board Approved)

Audit quality. a director s guide. November This handbook offers guidance for. entities about how to improve audit quality

CORPORATE GOVERNANCE STATEMENT

Anti slavery and. Human trafficking statement ISS UK LIMITED

CORPORATE GOVERNANCE CODE

AUDIT AND RISK COMMITTEE TERMS OF REFERENCE

The One Stop Shop Working in Practice

Internal Audit Quality Analysis Evaluation against the Standards International Standards for the Professional Practice of Internal Auditing (2017)

CORPORATE GOVERNANCE KING III COMPLIANCE REGISTER 2017

For personal use only

npliance IN 2008, MICROSOFT CORP. WAS FINED 899 MILLION Auditing for

Compliance with the European Union (Capital Requirements) Regulations 2014

Anti-fraud strategy. November November 2014 EMA/591051/2014 Executive Director. 30 Churchill Place Canary Wharf London E14 5EU United Kingdom

SIME DARBY PROPERTY BERHAD BOARD CHARTER. (Adopted on 29 August 2017)

Bank of Ireland Group plc Compliance with the Capital Requirements Directive (CRD IV) - Governance Disclosures

2017 The Global ABB Integrity Program.

Control Environment Toolkit: Internal Audit Function

Achieve. Performance objectives

Health, Safety, Environment and Quality (HSEQ) Manager. HSEQ Management System Advisor

BOM / BSD 7 /April 2001 BANK OF MAURITIUS. Guideline on Corporate Governance

APES 320 QUALITY CONTROL FOR FIRMS

AUDIT & RISK MANAGEMENT COMMITTEE CHARTER

Transcription:

Annex 2 - CLO Compliance Blue Print and covering letter Dear Sir/Madam Final - July 24, 2010 The ultimate goal of European antitrust policy is to deter practices which restrict competition in the European single market. We are writing to you now because we believe the time is ripe to add a new dimension to EU antitrust deterrence strategy. Other jurisdictions such as the United Kingdom, United States, Canada and Australia have already moved in this direction. Business notes and welcomes the UK OFT s recent report on Drivers of Compliance with Competition Law. Business in particular welcomes the OFT s observation that the majority of businesses want to comply with competition law and the OFT s statement that it will not generally view the existence of a compliance programme as an aggravating factor resulting in an increase of the fine. The EU s antitrust deterrence strategy today relies almost exclusively on the presumed wider deterrent effect of ever-increasingly high fines on undertakings found to have broken the law. However, when setting the level of fines the European Commission does not take into account whether or not organizations have promoted a compliance culture and have established generally accepted antitrust compliance standards. We have no doubt that formally recognising an organizations efforts in instilling a compliance culture will decisively enhance their wider deterrent effect. It will also promote greater cooperation between corporations and antitrust authorities for the rapid identification of unlawful corporate behaviour. One of the steps for an organization to achieve a compliance culture is to recognise the vital importance of efforts implemented by that organization to create and maintain a compliance culture. Genuine compliance efforts made by the organization ought to be acknowledged as a mitigating factor in the setting of fines. Currently there is no recognition for those organisations which invest the funds, staff and time necessary to introduce and maintain robust group-wide compliance programmes. In addition, this would create certainty on what needs to be done and certainty on its legal value as a defence in the event of violations. Business would urge the European Commission and EU NCAs to take active steps to encourage the adoption of robust antitrust compliance standards, and as a result the agencies should not generally treat genuine compliance programmes as an aggravating factor when setting the level of any fine. By the same token, organizations which have completely failed to take appropriate measures to prevent infringements through the implementation and enforcement of a robust compliance programme should clearly not receive any credit for any programme they may have. This strategy will bring EU antitrust enforcement in line with EU antitrust law itself, which holds that a fine may be imposed on an undertaking if it has either intentionally or negligently broken the law. The current European Commission fining policy ignores this condition when fining an organization for a violation anywhere within its group, irrespective of the efforts of the organization to prevent it. We believe that preventing anti-competitive practices is far more efficient than investigating and sanctioning violations after they occur. This is particularly true where illegal cartel conduct is concerned. Preventing cartel conduct depends primarily on the spread of efforts within individual undertakings to enforce compliance with the law, and more broadly on the efforts of both the business community and public authorities to foster a culture of competition in which cartel conduct is widely and unambiguously condemned with the appropriate sanctions. In this perspective there is growing interest in introducing a new, preventive dimension to current EU antitrust policy, based on the recognition that the adoption by more organizations of more robust antitrust compliance programmes best serves the ultimate goal of prevention. With a view to accelerating the EU s move towards such an enhanced deterrence strategy, we have set out in the Annex to this letter an outline of generally accepted standards applicable for a robust antitrust compliance programme which reflect those now in place in the United Kingdom, Australia, Canada and the US, and takes into account our experience operating across the European Union. We look forward to an opportunity to discuss this with you in the near future. 1

Outline of generally accepted standards applicable for a robust antitrust compliance programme: Further enhancing the foundation for a European culture of antitrust compliance All compliance efforts must demonstrate a company s commitment to conducting business in conformity with the law, and as such, compliance programmes will contain basic ingredients necessary for robust antitrust compliance. Programmes are designed to: Help companies identify and minimize/eliminate risks that infringements occur, and to provide evidence of the implementation of the programme both internally (e.g. towards the board/audit committee) and externally (e.g. towards competition authorities) Serve as a basis for consideration by European competition authorities and legislators of the formal recognition of compliance programmes meeting this standard as mitigating factors in possible sanctions for antitrust violations. The design of a robust programme depends on the size, geographic presence, activity and structure of a specific company, so flexibility must be built into any description or acceptance of best practice. However, although there is no one-size-fits all programme or template, common components of a robust programme include: Antitrust compliance embedded as company culture with management commitment Formalisation of the compliance commitment which demonstrates and reflects all management levels commitment to comply with strong support from the top/senior management levels; Compliance is considered a business priority at all levels of the corporation: o Compliance is identified as part of the corporation s core values; o Senior management accepts that it is its responsibility to create and maintain the compliance culture; it communicates and operates that illegal or unethical behaviour is not tolerated; Antitrust policies and procedures Appropriate policies and procedures should be implemented; o The appointment of a specialist compliance executive and advisor with overall responsibility for the programme reporting to senior management; o Identification of individuals responsible for each element of the programme; Disciplinary action will be taken internally against staff who intentionally or recklessly involves the organization in infringements of antitrust laws; Antitrust training Training (on-line, face-to-face or a combination of both) to ensure that staff understands the compliance dimension of its work; Availability of a clear and jargon-free antitrust law compliance manual addressing the specific risks faced by the organization; Risk assessment and controls Regular reporting and periodic reassessment of compliance risks and response: o Commitment and main elements of the programme communicated internally and externally to stakeholders; o Continuous re-evaluation and upgrading of the programme; o Independent internal audits and appropriate due diligence where risks have been identified; o Mechanisms for reporting antitrust infringements or concerns up the corporation's ladder 2

European Best Practice Compliance Programmes: Building the foundation for a European culture of antitrust compliance I. Common Compliance Programme Components All compliance programmes must demonstrate a company s commitment to conducting business in conformity with the law, and as such, all will contain the same basic ingredients necessary for robust antitrust compliance. All programmes are designed to: Help companies design and implement a programme to identify and eliminate compliance risks, and to provide evidence of the implementation of the programme both internally (e.g. towards the board/audit committee) and externally (e.g. as part of a Compliance Defence); Serve as a basis for consideration by European competition authorities and legislators of the formal recognition of compliance programmes meeting this standard as mitigating factors in possible sanctions for antitrust violations. The design of a robust programme depends on the size, geographic presence, activity and structure of a specific company, so flexibility must be built in to any description of best practice. However, although there is no one-size-fits all programme or template, common components of a robust programme include: Formalisation of the compliance commitment which demonstrates and reflects senior management commitment to comply; Compliance is considered a priority at all levels of the corporation, starting with the highest : o Senior management accepts that it is their responsibility to create and maintain the compliance culture; it communicates and operates a zero tolerance policy to illegal or unethical behaviour ; o Compliance identified as part of the corporation s core values ; Reporting to senior management, the appointment of a specialist compliance executive and advisor with overall responsibility for the programme: o Identification of individuals responsible for each element of the programme; Regular reporting and periodic reassessment of compliance risks: o Commitment and main elements of the programme communicated internally and externally to stakeholders; o Continuous re-evaluation and upgrading of the programme; Training to ensure that staff understands the compliance dimension of their work. II. Implementation: for large organisations The following compliance programme is a mechanism designed to identify and reduce the risk of an Organization infringing applicable antitrust laws, and in the event of a breach, rapidly and effectively to remedy that breach. The template needs to be adapted according to the corporate structure and governance of the particular Organization concerned, and references to Board or senior management body and senior management should be interpreted as the highest level of management of the company. The implementation of the elements of this template should comply with all applicable laws (for example data privacy laws). Purpose of the Template The purpose of the template is to assist entities to implement robust antitrust compliance programmes and therefore to avoid or reduce the risk of an antitrust violation occurring in the future. 3

If an Organization can demonstrate that it has in place the relevant elements of the template and the means of enforcing such elements in a manner suitable to the antitrust risks in its relevant businesses, the Organization should be deemed to have a robust antitrust compliance programme. An organization is defined here in the broad sense as the "business" rather than a particular legal entity. This distinction is warranted because a legal entity structure rarely reflects the organizational business structure of a Group of companies. A legal entity may host several different organizations businesses which are managed pursuant to their respective processes and senior management structure. Accordingly, the adequacy of the compliance programme and efforts ought to be evaluated in the context of an organization rather than within the confines of a legal entity. Depending on the scope of the operations of a group, which may include a variety of businesses the said adequacy should be judged in the context of the relevant businesses. Element Antitrust Compliance embedded as Company Culture and Policy Details This should be reflected in a Statement of Business Principles / Code of Conduct / Code of Business Ethics (or similar corporate policy document), which must be adopted and endorsed by the most senior management body in the Organization and be made publicly available. Reasonable and effective steps shall be taken to support a culture of compliance and integrity. Senior management commitment to antitrust compliance Senior management supervision and identified accountable positions Tone at the Top is critical and senior management s visible commitment and support for a culture of antitrust compliance should be reflected in messages given by senior leadership, including but not limited to endorsement of the antitrust training programme. A senior individual either on or reporting to the Board will be responsible for the Compliance Programme. A report (at least on an annual basis) on the antitrust Compliance Programme will be made to the Board, to non-executive directors, and to the Audit Committee (and/or Group Risk committee) (as appropriate to the structure of the Organization). Larger Organizations will designate a Chief Compliance Officer or a Compliance Committee who will be (or will include) a senior member of the management of the Organization with accountability for the implementation of the programme. 4

Compliance organisation and resources The Organization will establish and suitably resource / fund a compliance office or similar organisational structure with suitably qualified staff to ensure that antitrust risks are appropriately identified and managed. This could include (as appropriate to the structure of the Organization ): o Chief ethics and compliance officer o Business or Country / Regional Compliance Officers / Advisors (reporting to the Chief Compliance Officer) o One or more subject matter experts (within the Legal function, if there is one) who are familiar with antitrust laws and are suitably experienced to identify and advise on antitrust risk Defined risk assessment process The Organization will define a risk assessment methodology and process. The Organization will regularly conduct antitrust risk assessments across the business and will adapt the antitrust compliance programme to manage and mitigate those risks. The outcome of the risk assessments and actions following on from the risk assessment will be appropriately recorded. Defined risk control points The Organization will define control points. Control points in this context means control mechanisms designed to manage the identified antitrust risks. The control points should be suitable to the risks faced by the particular Organization. Antitrust Compliance Knowhow Simple, clear and jargon-free antitrust rules and guidelines must be developed to address the identified antitrust risks. Rules, policies and procedures must be developed to address specific antitrust compliance issues in the business operations of the Organization. Rules, guidelines and policies must be distributed to relevant staff and their circulation suitably documented. 5

Antitrust training Antitrust training is one of the key components of an antitrust compliance programme. Training should be designed to provide practical (business specific) examples, explain the aims and reasons for the Organization's policies and procedures and the consequences if these are not followed. Employees who need training should be identified on a risk basis, and senior management should all receive appropriate antitrust training. The Antitrust compliance programme should clearly stipulate the frequency of required training, which should be appropriate to the antitrust risks in the business concerned. All new employees in commercial or management roles should receive onboarding antitrust training. This includes both newly recruited employees and employees who move from a lower risk role to a higher risk role within the same organization. Antitrust training could be face-to-face, on-line or both, depending on the risks faced by the Organization concerned. Suitable records of all training must be maintained. Regular assessment of training needs to be conducted to ensure it has been robust (see Continuous Improvement below). Antitrust Compliance Certification Compliance incentives Antitrust concerns handling system Employees who have been identified as requiring antitrust training on a risk basis should certify after antitrust training that they have understood the Organization's policy on antitrust compliance and will comply with the law. The certification can be in any suitable manner (on-line / manual) provided records of the certification are maintained. The Organization should carefully consider the incentives it provides and ensure that suitable HR or other controls are in place to ensure compliance processes are followed (e.g. tracking training through performance evaluations) The Organization's compliance program should include a system of handling compliance concerns including antitrust concerns (for example a whistle blower line or help line ), including means to identify, classify, store and investigate such concerns after seeking antitrust advice. The compliance concerns handling system should include appropriate whistle-blower protection safeguards, to protect employees who raise compliance concerns 6

Investigations The Organization should adopt a written process for Organization compliance related investigations / audits. Investigators / auditors should be adequately qualified, trained and resourced, and should use external resources if required. Disciplinary Action The Organization's antitrust compliance programme should affirm that disciplinary action would be taken internally against any staff who knowingly or recklessly infringes antitrust laws. The policy should make clear that the Organization would not indemnify those employees if personal criminal fines were imposed against them in a final decision. Antitrust Due Diligence The Organization will exercise due diligence and undertake all appropriate checks when: o Hiring new employees in commercial or management roles o Acquiring companies or entering into preexisting JVs to ensure that the employee or business concerned has not engaged in antitrust violations. In the case of a business that has previously been found guilty of engaging in antitrust violations, the Organization will exercise due diligence to ensure suitable controls are in place in the business to avoid a recurrence, including ensuring that from closing of the transaction, the business adopts the Organization's Antitrust Compliance programme (or in the case of a Joint Venture, that the JV adopts an equivalent programme). Monitoring The Organization must regularly evaluate its own performance and its approach to ensure they are appropriate to manage the antitrust risks faced by the business. Periodically an independent review of the antitrust compliance programme processes and controls must be undertaken to ensure that the antitrust compliance programme remains best practice and fit for purpose. The reviewer must be suitably independent, qualified and experienced in antitrust and compliance matters to review the programme effectively. 7

Continuous improvement The Organization must track all feedback on the programme, including feedback on training and processes, internal audits and independent reviews, and must put deal appropriately with any deficiencies in the programme. The Organization will monitor best practice in antitrust compliance programmes (through benchmarking and other means) and will introduce measures consistent with best practice to improve its programme. 8

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback