Compliance with international rules and the fair treatment of our business partners and competitors are among the guiding principles followed by our Company. Volkswagen’s commitment has always gone beyond statutory and internal requirements; voluntary obligations and ethical principles also form an integral part of our corporate culture. The misconduct uncovered in the fiscal year 2015 runs contrary to all of the values that Volkswagen stands for. However, our conviction remains unchanged: compliant behavior is a cornerstone of business success and must be self-evident for all Group employees.
Commitment to compliance at the highest level
This view is expressly shared by the Company’s management. The Chairman of the Board of Management of Volkswagen AG, Matthias Müller, said at a Group-wide information event for management in November 2015 that “no business in the world justifies violating legal and ethical limits. Our key currency is not unit figures or the operating result. Our key currency is credibility and trust in our brands, our products and the people who work for our Company. […] Compliance and the rule of law are central to Volkswagen rather than being onerous duties, something that is confirmed by the creation of a new Group Board of Management position for Integrity and Legal Affairs.”
Preventive compliance management system
Volkswagen has had a distinct and recognized Group-wide compliance management system for a number of years. In 2015, compliance continued to play an important role in the Governance, Risk and Compliance (GRC) organization in the Volkswagen Group (see the Report on “Risks and Opportunities”).
The Supervisory Board of Volkswagen AG resolved to create the new Board of Management position for Integrity and Legal Affairs from January 2016 as a visible reinforcement of compliance throughout the Company. Dr. Christine Hohmann-Dennhardt, a former judge at the German Federal Constitutional Court, has been appointed to this position.
Volkswagen adopts a preventive compliance approach and aims to create a corporate culture that is designed to prevent potential breaches before they occur by raising awareness and educating employees.
Group Internal Audit and Group Security regularly perform the necessary investigative activities, systematically monitor compliance and perform random checks regardless of any suspicion of infringements, as well as investigating specific suspected breaches.
Responses are implemented by the Human Resources and Group Legal departments. These processes are closely interrelated, in line with the concept of a comprehensive compliance management system. Nevertheless, we are aware that even the best compliance management system can never entirely prevent the criminal actions of individuals.
The Group Chief Compliance Officer is supported by 14 Chief Compliance Officers or compliance contact persons (staff who are responsible at the brands, Volkswagen Financial Services and Porsche Holding GmbH, Salzburg). They are supported by compliance officers in the Group companies.
Various bodies support the work of the compliance organization at Group and brand company level. These include the Compliance Board at senior management level and the core Compliance team, which bundles expertise in compliance issues.
Focal points in 2015
Each year, detailed compliance risk assessments are carried out across the Group as part of the standard GRC process. The results are factored into the risk analyses performed by the Volkswagen Group, the brands and the companies, and into the Compliance Program planning.
We primarily continued to drive forward our work in China in 2015 and intensified our compliance activities at Volkswagen Group subsidiaries and second-tier subsidiaries. We reacted to events surrounding the emissions issue by adopting measures and launching campaigns: the brisk response by the employees to a call to participate in a photo campaign under the motto “Together for Volkswagen, Together for Compliance” demonstrated their clear commitment to compliance. In addition, we have strengthened the product-related internal compliance control system in cooperation with internal and external experts. Cross-departmental projects on this issue were initiated in particular at Technical Development. Detailed information about the investigations into the emissions issue can be found in the special chapter on “The Emissions Issue”.
The GRC organization provided information on various compliance issues to the Group’s brands and companies over the year, using a wide range of traditional communication channels. These include reports in various employee magazines produced by the brands, companies and locations. Digital media such as intranet portals, smartphone and tablets apps, blogs and newsletters are also frequently used to provide compliance information.
We have communicated the Code of Conduct, including the compliance obligation, to employees at the brand companies, and this forms a key component of our compliance training. It is also integrated into our operational processes. For example, all new employment contracts entered into between Volkswagen AG on the one part and both management staff and employees covered by collective agreements on the other include a reference to the Code of Conduct and the obligation to comply with it. In addition, the Code of Conduct is part of employees’ annual reviews and therefore forms part of the calculation of variable, performance-related remuneration.
In addition to the Code of Conduct, Volkswagen’s compliance framework incorporates the anti-corruption guidelines, including checklists and the express prohibition of facilitation payments, as well as guidelines on competition and antitrust law, among other things.
Directives on dealing with gifts and invitations, as well as on making donations also apply across the Group.
Learning programs, training and advice
Providing information to employees at all levels continues to be a core component of our compliance work. In 2015, approximately 193,000 employees across the Group participated in a variety of compliance-related topics such as the Code of Conduct, anti-corruption, human rights, anti-money laundering, and competition and antitrust law. In addition to traditional lectures and e-learning programs, case studies, role-playing games and other interactive formats form an integral part of the training provided to employees and managers. Also, since December 2014 a management talk on risk management and compliance has been offered to all newly appointed senior managers in Group functions and the Volkswagen Passenger Cars brand. All new Volkswagen AG employees are required to complete an e-learning program on the Group’s Code of Conduct. The subject of human rights is an integral part of this training program. Training on competition and antitrust law is a core component of Compliance work in the Volkswagen Group. Approximately 30,000 employees received training on this issue during the reporting period. Among other things, a compliance app for smartphones and tablets is available to Volkswagen AG’s employees as a self-learning solution.
Employees of all brand companies and a large number of Group companies are able to obtain personal advice about compliance issues, usually by contacting the compliance organization via a dedicated e-mail address. An IT-based information and advisory tool is available at Volkswagen AG’s German locations.
Business partner check
We also expect our business partners to act with integrity and ensure regulatory compliance. For this reason, Volkswagen verifies the integrity of its business partners (business partner check) in a risk-oriented approach. This check allows us to find out about potential business partners before entering into a relationship with them, reducing the risk of starting a cooperation that could be damaging to the Company or its business.
The Group-wide ombudsman system can be used to report any breaches or suspicions regarding corruption, illegal economic activity, or other irregularities, such as violations of human rights and ethical misconduct, in all major Group languages to two external lawyers appointed by the Group. Since 2014, employees providing information have had the option of communicating with the ombudsmen via an additional online channel; various breaches can be reported using a technically highly secure electronic mailbox. Naturally, the people providing the information need not fear being sanctioned by the Company for doing this. After plausibility checks, the ombudsmen passed on 79 reports by people – whose details remained confidential if requested – to Volkswagen AG’s Anti-Corruption Officer in 2015. In addition, the Anti-Corruption Officer and the head of Group Internal Audit received information on a further 111 cases directly. During local internal audits of the brands and Group companies, 331 reports were submitted to the Anti-Corruption Officer. All information was or is being followed up. For all breaches of the law and violations of internal regulations, the need for sanctions is reviewed and these are applied where necessary.
In accordance with the normative standards issued by Deutsches Institut für Interne Revision e.V. (German Institute for Internal Auditing – DIIR), internal audit functions should be audited externally every five years. An external quality assessment of the Volkswagen Group’s internal audit system was carried out by an audit firm in the period between the third quarter of 2014 and the first quarter of 2015. In addition to central management and supervisory processes, this took into consideration the quality of the brands’ and regions’ internal audit functions (sample size: Volkswagen AG, AUDI AG, SEAT S.A., Volkswagen de Mexico, Volkswagen Group China). The auditors confirmed that all of the internal audit units examined are fully compliant with the underlying DIIR Standard No. 3 “Quality management in the internal audit activity” and, in many areas, use leading internal audit methodologies and practices.
We review the effectiveness of the compliance measures taken at the Volkswagen Group’s brands and companies annually using an integrated survey, which forms part of the standardized GRC process. We check the effectiveness of selected countermeasures as well as management controls used to manage compliance risks. In addition, the continuous improvement of the compliance management system is ensured through independent reviews by the Group Internal Audit function at the corporate units and the regular exchange of information with external bodies, for example.