We understand compliance as the adherence to all applicable laws, internal policies, internationally recognized standards of behavior and voluntary commitments in all our business activities. We view compliant behavior as central to successful business development. Integrity and compliance are therefore integral components of Bilfinger’s strategy and corporate culture. We don’t compromise in this regard. For this reason, the creation and maintenance of a first-class compliance system is of the utmost importance. Here, the focus is on anti-corruption, anti-trust and data protection, because these areas can impact our business activities significantly.
As deficits in our compliance system could lead to considerable legal consequences, substantial financial penalties and damage to our reputation, compliance is of central importance to us. We have learned that lesson through a case in the past: Due to violations of the US Foreign Corrupt Practices Act (FCPA) in years prior to 2005, it was agreed in 2013 with the US Department of Justice (DoJ) in a Deferred Prosecution Agreement (DPA) that a compliance monitor be put in place to oversee our compliance system. In 2016, the DPA was extended until the end of 2018. Through the integration into our corporate departments and business units as well as through the support of renowned advisors, we are working to meet the obligations and objectives from the DPA on time.
Compliance is of great importance to the CEO and the entire Executive Board. The Corporate Legal & Compliance department is headed by the General Counsel and Chief Compliance Officer. He reports directly to the CEO/Chairman of the Executive Board.
The compliance program developed by Corporate Legal & Compliance is targeted at preventing compliance violations, detecting early any type of misconduct and reacting quickly and consistently to any detected transgressions. In doing so, the compliance program covers all business areas and processes relevant to Bilfinger.
Our compliance program is built on integrity in dealing with customers, suppliers, business partners and colleagues. It forms the basis for our corporate culture. In 2017, in order to further anchor the significance of compliance in the company, Bilfinger introduced a new Code of Conduct which is binding for all employees worldwide. Furthermore, from the beginning of 2017, numerous new Group Policies have been formulated and implemented. These contain rules and regulations for employees for compliant behavior in certain situations at work, e.g. when dealing with third parties, receiving or presenting gifts as well as dealing with conflicts of interest.
Management takes on a vital role for compliance and within the scope of our corporate culture: managers must act as role models, and employees must be able to orient themselves on the correct and responsible behavior of their supervisors. For this reason, an individual integrity assessment is included in the annual performance evaluation of managers; this is part of their annual dialogue on career development. Furthermore, variable compensation for managers at management levels 1 and 2 takes into account an individual integrity factor. This factor is determined and taken into consideration annually with regard to the extent a manager displays integrity and compliance in his daily actions, and how much he actively supports and promotes them in his organization and sphere of influence.
The Compliance Review Board (CRB) serves in sustainably establishing compliance as a leadership priority in all business units. The CRB controls and monitors the structure and implementation of our compliance system. It is comprised of the Executive Board as well as a number of heads of corporate functions and meets at least quarterly under the chairmanship of the General Counsel and Chief Compliance Officer. Since September 2017, the CRB has also been supported by divisional compliance review boards, which control and monitor the implementation of the program in the individual business divisions.
In each of our approximately 200 subsidiaries, we employ at least one compliance manager. Furthermore, internal control systems (ICS) are implemented in all legal entities. They take into account the specific risk profile and the respective business requirements at the location when structuring the compliance and control measures. An internal ICS officer is responsible for this at every business division and each subsidiary.
The area of Internal Audit & Controls also assumes control functions. As part of anti-corruption audits, it verifies the implementation of the compliance policies and processes in the individual business units.
A detailed analysis repeated at regular intervals and an assessment of compliance risk factors in the divisions and entities of the Group is a key aspect of our compliance program. This forms the basis for an appropriate risk classification and the resulting program of compliance measures for the mitigation of potential risks.
The goal of the compliance program is, above all else, to prevent future misconduct. To this end, Bilfinger relies primarily on information, communications, clear policies, training, supporting compliance IT tools as well as specific, practical compliance accompaniment and consulting for employees. In addition to the regular analysis and evaluation of compliance risk factors, increasing our employees’ awareness of possible compliance violations is also a focus.