Ethics and anti-corruption
Principles guiding our anti-corruption efforts
Zero tolerance policy on corruption
Personal data protection policy
Business standard audits
Our objective with ethics and anti-corruption is to minimise practices deviating from our compliance policy and to secure employees’ active contribution to a responsible business culture.
We follow internationally recognised guidelines in our anti-corruption work, such as the Foreign Corrupt Practices Act (FCPA) and UK Bribery Act 2010. The six principles outlined below form the basis of our anti-corruption efforts.
- Top-level commitment: We have a clearly articulated policy against corruption. Our group management team constantly communicate their commitment towards zero tolerance for any kind of corrupt activities throughout the organisation. The management team has the full support and encouragement from the board.
- Proportionate procedures: Our anti-corruption measures are proportionate to the variation in risk we have across our diversified organisation and the various parts of the world where we operate.
- Risk assessment: Corruption risk assessments are carried out in all our business areas, identifying whether we face a high, medium or low risk. The risk varies, depending on geographical location and the nature of the business we conduct
- Communication (including training): We constantly communicate the anti-corruption policy in order to make sure that our policy is understood throughout the organisation. Anti-corruption training is compulsory for all employees.
- Due diligence: We conduct due diligence of business partners where appropriate and in a variety of forms. The comprehensiveness of the due diligence conducted is proportionate to the risks. We utilise licensed screening systems to conduct due diligence in-house and, if necessary, source from third party consultants.
- Monitoring and review: We acknowledge that monitoring, reviewing and reporting is challenging, yet essential to ensure effective implementation. The board of Wilhelmsen as well as the group management team receive and review anti-corruption reports. To ensure our data are accurate, we have a number of reporting initiatives including a whistleblowing channel, giving all employees and external stakeholders the opportunity to anonymously report irregularities, thorough investigation of complaints, audits of risk exposed areas of operation, and third party verification of our anti-corruption procedures. All potential breaches are handled according to our routines and regulatory framework.
More information on our whistleblowing channel, our values, our Code of Conduct and our compliance policy is available here.
Expectations to operate with the same ambitious standards on ethics and compliance are clearly conveyed through board members of the respective companies. In addition, we actively share our policies and best practice documents with these companies with the aim of moving towards alignment of anti-corruption standards and practices.
Late in 2017, we introduced a revised Code of Conduct and a new simplified compliance policy. Instead of having multiple policies covering our business standards, we now have one compliance policy referring to more operational policy descriptions covering the areas of anti-corruption, theft and fraud, whistleblowing, competition law and personal data protection.
The group wide anti-corruption programme “I Comply” was rolled out in the second half of 2014. The roll out and focus on the programme has continued since then, with emphasis on e-learning modules, training through workshops and addressing the importance of our anti-corruption work at management conferences throughout our organisation. All new Wilhelmsen employees receive this training as a mandatory course when joining Wilhelmsen.
In 2017 only 70% of our new employees completed the Wilhelmsen Business Standard training (I Comply), the clear majority of the non-completion population were employed within ships service. In February 2018, a new extensive roll-out of the training started within ships service covering a total population of 2 452 employees, with a more acceptable completion rate of 95.6%.
In 2018, ship management continued to focus on completion of compliance training for seafarers and new joiners onshore. The current completion rate for seafarers on board and planned for joining is 98%. Onshore, all employees have completed the compliance training. Efforts have been taken to continue to increase awareness both for sea and shore employees about the need to have full compliance with the company Code of Conduct and governance requirements.
During 2018, an updated training program for business standards was developed including content on anti-corruption, anti-theft/fraud, competition law, whistleblowing and personal data protection. This will be rolled out to all Wilhelmsen employees in 2019.
In 2017, we acquired an increased stake in NorSea Group. Our policy is that in all companies where our shareholdings exceed 50% should implement the Wilhelmsen group business standards. The implementation in NorSea Group continued in 2018. Due to an on-going re-structuring process the implementation has taken longer than initially planned for and will continue in 2019.
We believe in partnerships in our fight against corruption.
Ship agency and ship management are active members of the Maritime Anti-corruption network, allowing us to draw on their expertise and experience with corruption in various parts of the world on how to best deal with the training needed and the challenges our personnel will face. in 2019, Ship management will start to take a more active participation.
Ship management was certified by TRACE, an anti-bribery standard-setting organisation, in early 2016. The ships service organisation has continued to complete the TRACE certification and at the end of 2018 had obtained certification in 23 countries. We aim at achieving further certification for all parts of the ships service organisation in 2019.
The trend of customer demands towards compliance requirements continue. Our customers in an increasing scale ask us to verify that we have our house in order when it comes to anti-corruption initiatives. We very much appreciate this trend and believe that our extensive efforts to comply will distinguish us and provide us with new business.
We have also experienced an increasing focus on anti-corruption and other compliance matters related to merger and acquisition activities. When considering own acquisitions, we always ensure that a thorough Integrity Due Diligence (IDD) of the target is executed at an early stage in such a process.
Ships service and ship management each assess risks related to their operations.
Ships service is the business area within Wilhelmsen with the highest number of land-based employees and represented in 2 200 ports in 125 countries. Regular corruption risk assessments are conducted due to the magnitude of their operations and their exposure by operating in geographical areas where corruption in general is widespread. In the 2018, corruption risk assessment, the main risk factor identified relates to the general level of corruption in the country of operation. Ships service does not operate in high-risk sectors, typically being identified as extractive, defence, and heavy engineering, where operations are linked to government approvals and the winning of licenses. Therefore, the ships service exposure to the risk of “grand” corruption is low. The typical exposure would be related to facilitation payments and fraud in procurement processes. Ships service’ business is predominantly of transactional nature.
Ships service realises that individual breaches to our anti-corruption policy may occur regardless of how much efforts and resources are put into anti- corruption work. The focus is therefore to ensure that any system or routine breaches of the policy that potentially could accumulate into major breaches are eliminated.
In ship management, the main challenge revolves around corruption and bribery in the vessel operations. Port official in some countries are still requesting facilitation in the form of cigarettes and/or cash. Ships are trying their best to avoid these payments with strong support from shore.
We operate in many geographical areas were corruption and bribes are still a major problem. We recognize that even if we see a move in the right direction, our efforts will have to continue and be further strengthened throughout our organisation. However, our long-term goal is firm. Our ambition is a corruption free industry.
In 2019, we will continue to focus on “living” our business standards. Learning and understanding the standards are important parts of our recruitment routines and new employees undergo mandatory business standard (ethics) training. This will further be underlined when our new training program is rolled out in 2019. We will continue emphasising our zero-corruption tolerance goal and expect all our employees to say no to corruption. We will continue our focus on internal compliance audits to verify and document that we “live” our zero-tolerance policy on corruption.
In 2017, we started preparing for the introduction of a global Wilhelmsen personal data protection policy ensuring that we adhere to current and planned EU General Data Protection Regulation (GDPR) legislation that came into force in May 2018 (Norway adapted the legal requirements in July 2018). The new legal requirements resulted in the need for considerable changes in Wilhelmsen policy and practices when it comes to handling of personal data. We have during 2018 developed “a personal data administration organisation” (mainly based on HR resources) to identify and follow up on potential data protection issues. Initial training has been provided to such resources, we have in addition engaged an external Data Protection Officer to oversee compliance with GDPR requirements.
We have further filed an application with the Norwegian Data Protection Authorities for so-called Binding Corporate Rules (BCR), our application is to be reviewed by Norwegian authorities and the authorities from two EU member states. It is uncertain how long the evaluation process will take.
The purpose of having an approved BCR (basically a data protection Code of Conduct describing our practices) is to allow us to transfer personal data within the whole Wilhelmsen group. In 2019, we will focus on getting our BCR approved and conduct audits within Wilhelmsen to make sure we are compliant with our new policy and practice. There is also a need for continuous updates on some topics like signing data processing agreements with all external vendors/customers and the protocol of data processing activities in Wilhelmsen needs to be completed.
In 2019, we will continue to focus on building a culture with increased emphasis for blowing the whistle or raising a concern if something irregular is detected.
We have since late 2014 been operating an internal whistleblowing channel. Our experience was positive, and in 2017 we added to this by introducing a whistleblowing channel for external stakeholders. The channel guarantees anonymous reporting if requested, and a third-party intermediary in the reporting line will ensure this. The purpose of this is to get more whistles and better quality, making sure that potential irregularities are detected and dealt with as early as possible.
Our experience with this new and extended whistleblowing channel is positive. We had an increase in the number of whistles in 2018, at year end we have had 24 whistles regarding allegations of fraud/corruption, health and safety and more HR related matters. Almost half of the whistles originate from an anonymous source. All reports being forwarded through our whistleblowing channel are being investigated and/or followed up according to our internal guidelines.
At year end, we have eight whistles that are pending a conclusion. Due to the increase in the number of whistles we have seen the need to further improve our whistleblowing channel. We will from January 2019 strengthen some of the technical capabilities in our existing system including the possibility of opening a dialogue with whistlers even if they choose to remain anonymous.
We will continue to make employees aware of the whistleblowing opportunity, should they see or experience behaviour not in line with our policies and expectations.
Our business standards and compliance training include the areas of anti-corruption, theft and fraud, whistleblowing, competition law and personal data protection.
In order to ensure that we actually live our business standards, audits are essential. The audits are initiated and conducted by and in cooperation with various parts of the Wilhelmsen organisation. Focus areas and audit location depends on several factors, from size, to being new to the group, randomly chosen or selected due to concerns received
Some of the audits conducted in 2018 have detected irregularities/deviations and have as such confirmed the need to continue our efforts in 2019.