Compliance management system
The compliance management system is firmly anchored in Group-wide management and control structures and includes all instruments, processes, guidelines, instructions and measures that are intended to ensure that procedures in the companies of the Rheinmetall Group comply with the applicable country-specific legislation, general legal conditions, regulatory provisions and the Company’s own guidelines. It creates an organizational structure that allows the applicable standards to be publicized across the divisions. If binding legal regulations in individual countries deviate from the rules set out in the compliance management system, the stricter regulation shall apply.
Illegal conduct can cause many different types of damage and can have serious consequences, such as the imposition of fines, the absorption of profits, claims for damages and criminal proceedings. There is also the risk of significant and lasting damage to the Group’s reputation and thus a detrimental effect on its market position. The Group-wide compliance management system therefore aims to ensure conduct in accordance with the law and regulations, to prevent employees from contravening laws and Company guidelines and to support them in applying the law and Company guidelines correctly and appropriately, by providing comprehensive regulations, up-to-date information on important developments, regular training and personal advice.
Compliance is an important management task. Managers are expected to set an example here and to act honestly and with integrity. To express their commitment, they have been signing a legality declaration since the late 1980s. As line managers, they ensure that their employees have been informed of the compliance management system and that they understand and comply with the regulations. They also take part in the classroom training sessions that are offered, together with their employees, and complete various electronic learning programs. Furthermore, the Chief Compliance Officer advises the Supervisory Board and members of the Executive Board of Rheinmetall AG on matters relating to compliance. Managers receive in-depth training in specific aspects of compliance in accordance with their remit.
All employees – from the Executive Board to managers and executives and employees in the operating and administrative units – are obliged to observe binding regulations in the context of their duties and activities, including the following:
- Compliance guidelines
- Code of Conduct
- Guidelines on weapons of war and export controls for the Federal Republic of Germany
- Guidelines on export control laws of other countries
- Guidelines on the prevention of corruption and other criminal offenses
- Guidelines on managing offset obligations
- Guidelines on IT security
- Guidelines on corporate safety
- Guidelines on weapons legislation in the Federal Republic of Germany
- Guidelines on dealing with gifts
- Guidelines on dealing with hospitality
- Guidelines on dealing with invitations to events
- Guidelines on social media.
The documents are stored on the Intranet where they can be accessed easily and located quickly.
All employees are asked to play an active part in implementing and observing the compliance management system in their area of responsibility. The Compliance team adapts the compliance management system to the applicable legal requirements, updates it at regular intervals in the light of new findings and reviews it on an ad-hoc basis if any breach of compliance regulations is suspected or discovered. Implementation of the compliance management system is monitored through reports by compliance officers and reviews by Internal Auditing.
Compliance is taken into account among risk aspects in decision-making processes, not only in considerations relating to the Rheinmetall Group’s strategic and operational focus, but also in day-to-day business practices. The appropriate procedure is set out in the guides to the early risk identification system, which are used as the basis for the annual risk inventory and monthly risk reports.
Sales agents and advisers undergo extensive due diligence checks in accordance with defined process steps, in which the level of detail is determined by the current country rating from Transparency International (Corruption Perception Index), among other factors. The division for which the potential business partner is to work must explain to the compliance officer why this sales agent or consultant was chosen and, with the support of the compliance officer, performs a risk analysis and assessment. Meta-search engines and special databases such as Lexis and RepRisk are used to conduct an initial check, along with lists of sanctions. Potential business partners must also submit documents such as self-declarations, extracts from the commercial register and bank certificates as proof of their business organization. Depending on the results of these initial analyses, a more in-depth investigation may be commenced. Only once all those involved in the check have given their approval for the hiring of the potential business partner as part of a formalized process can contract negotiations begin. Contracts also include provisions stating that the sales agent or adviser must regularly provide proof that his remuneration is in reasonable proportion to the services he has provided.
As part of corporate governance and compliance, extensive and detailed due diligence checks must also be performed when acquisitions or joint venture activities are initiated.
To make employees at all hierarchical levels aware of compliance risks, numerous seminars and workshops are held, some of which are tailored to specific functions such as procurement or sales staff. Legislation and important provisions are explained, further content is provided and, based on case studies, practical advice is given on correct conduct in specific situations during everyday work. These classroom training sessions, which also serve as a practical forum for discussions, are accompanied by interactive online programs. As part of compliance awareness training, up to 1,700 employees at sites in Germany and abroad every year receive instruction not only in general compliance issues, but also in prevention of corruption, export controls and cartel and competition laws. The content of the training is designed by compliance officers with the involvement of the Compliance team, consulting external experts if necessary in individual cases. Depending on the participants, the content is adapted or supplemented with country-specific or regional features.
If employees have information about questionable activities that have been observed, breaches of regulations or business practices that may be prohibited, they can either contact their line managers or various other offices within the Company directly or they can contact an independent, external ombudsman who is a lawyer by profession. Protection is guaranteed for all whistleblowers, who need not fear reprisals. Employees involved in investigations into possible breaches of compliance will be assumed to be innocent until proven otherwise. Any information that is received will be systematically analyzed. Systematic follow-up checks will be carried out on the basis of established schedules and appropriate measures will be taken to properly clarify the facts that have been reported, with the involvement of external specialists if necessary. Confidentiality and discretion take top priority here. If necessary, we will involve the relevant authorities and cooperate with them to resolve the matter. Proven misconduct is sanctioned and entails organizational measures and, for the employees who committed the offense(s), consequences under labor law, civil law and criminal law.