E Slig E Paris St E Paris st E Paris St E Paris St E Paris ...
The New Finmeccanica Compliance- Finmeccanica at Paris Air Show 2013
-
Upload
finmeccanicaweb -
Category
Business
-
view
365 -
download
3
Transcript of The New Finmeccanica Compliance- Finmeccanica at Paris Air Show 2013
Walter VasselliGroup Senior Compliance Officer
The New Finmeccanica Compliance ProgramBusiness Ethics and Trade Controls
Tuesday 18th of June
Concept
In line with the best practice (especially for listed parents in multinational groups), specialized company units (“Compliance Officers”) are dedicated to the prevention of ALL legal risks, i.e. management and implementation of policies aimed at avoiding or reducing the exposure to corporate liability for any violation of national or international regulations.
Given the importance and reach of the legal risks, the support of Compliance Officers the senior leadership is based on the following features:
Focus – selective processes for matters where there is a potentially significant impact on the Group as a whole (at parent level) with coordination of activities of single Companies (at subsidiary level);
Interplay - clear and adequate mechanims to be implemented in cooperation with other corporate units (business, institutional/investor relations, legal, audit, finance, technical);
Authority – capacity to act at all levels and with all units under full endorsement of the Principals.
Ethics and Compliance
Finmeccanica promotes and enforces a business culture based upon responsibility, correctness and integrity in the performance of its activities.
Finmeccanica implements risk management policies, both at Group level and in the individual companies, by way of structures and procedures defined on the basis of the highest compliance standards.
The objective of the Finmeccanica Group compliance policies is to prevent events that may cause liability for the companies.
The priority areas of the policies in relation to Ethics and Compliance of the Finmeccanica Group are:
Business Ethics - Anti-Bribery Trade Controls - Activities in Sensitive Countries
Prevention of Legal Risks
4
Compliance Program
The Compliance Program is the overall system, as defined by the Holding for the whole Group, that encompass the organization and procedures aimed at the prevention of the major legal risks to which Group Companies are exposed.
New approach to legal risks management: essential for the effective implementation of Group Policies!
Value and Protection for the Shareholders
Shareholder interests are valued and protected through a fair balance between business needs and risk management, in line with best practice.
Sound Reputation and Excellence in Performance
The success of market leaders demonstrate that a compliance system integrated into business strategies can not only protect the reputation but also improve the performance.
Strenghthening Internal Control and Risk Management
Even the recent changes introduced by the Italian Corporate Governance Code for Listed Companies claim a key role for compliance in the context of the internal control and risk management system.
Culture of Respect of All Rules Applicable at Any Level
Management's commitment on the prevention of legal risks promotes a corporate culture oriented to maximum compliance with rules by all business units.
COMPLIANCE
PROGRAM
Shareholders Strategies
Managemen
t
Governance
5
Compliance Mission
1. Empowered Unit to ensure full compliance with any regulations applicable to the Company/Group and with any Directives, Policies and Procedures.
2. Direct Responsibility to Principals and Internal Control Bodies for all compliance matters.
3. Point of Reference for other Units within the Company and for other Compliance Officers at Parent/Subsidiary level, especially for notification and reporting.
The Compliance Officer should be in a key position with a direct reporting line to the Principals in order to:
ensure an expert support for management and control of operations (separate from business);
maintain an independent (technical, not decision-making) role in the assessment; avoid that the responsibility (power and liability) is spread across the Company
and the Group (from subsidiary to parent and viceversa).
6
Control-Risk Committee
Control-Risk Committee
Board of Auditors
Board of Auditors
Supervisory Body
Supervisory Body
Senior Compliance
Officer
Human Resources
(Directives and Procedures)
Human Resources
(Directives and Procedures)
Legal & Corporate Affairs and Compliance
(Corporate Governance)
Legal & Corporate Affairs and Compliance
(Corporate Governance)
Other functions involved in Compliance
(….)
Other functions involved in Compliance
(….)
Legal and Compliance Organisational Unit
Legal and Compliance Organisational Unit
Wise-Men Committee
Administration Finance and Control
(Law no. 262/2005)
Administration Finance and Control
(Law no. 262/2005)
SENIOR COMPANY MANAGEMENT
BOARD OF DIRECTORS
Internal AuditInternal Audit
Group Companies
Parent Company
Information Flow and Communication
Organisation Overview
Group Compliance Cycle
(output)General
Guidance
PRINCIPALS
Assessment Audit
(feedback)
Assessment
Audit(feedback)
8
Main Tools
RISK MATRIX: assessment of legal risks is carried out not only on an occasional basis (entry into force of new laws, changes to organisation or processes, notices of violations), but also in a structured and ongoing manner by means of a risk/gap analysis implemented recurrently in line with plan milestones and upgrade objectives.
PROTOCOL MANAGEMENT: Group/Company regulation is made adequate at all levels not only by single initiatives but also according to a harmonized approach for all phases (approval and review of directives and procedures, monitoring and reporting, general and specific training, notification of issues, controls, sanctions and corrective measures, communication of policies inside and outside).
INTEGRATED SYSTEM: all legal risks are included, not only those exposing the Company to liability (ITA D231, US FCPA, UK Bribery Act) under the jurisdiction of its national country but also those relevant to the Group especially taking into account the so called “domestic markets” (Italy, USA, UK) and other local countries of operation, based on effective Holding/Sub-Holding guidelines.
9
Main Pillars
10
Ethics and Compliance
From “Design” to “Implementation”
A compliance program should deliver certain fundamental outcomes: enhanced culture of trust throughout the company where control is perceived as
support; high level of accountability and integrity in everyday individual behavior by all
management, personnel and business partners; effective prevention and detection of non-compliance, aimed at avoiding or at
least minimizing the risk of liability and related cost; optimal readiness for “when” (not “if”) a violation occurs so as to enable active
and timely response with mitigation of negative impacts; continuous improvement of performance by periodical review and upgrade of all
processes; valid defense in legal actions or proceedings made by authorities or third parties; proactive protection of company reputation by proving transparency and
responsibility with all stakeholders.
To reach these results, a KEY FACTOR is making a breach of a company policy as serious as a breach of the law and keeping conduct always in line not just with the letter but with the spirit of any legal or policy requirement!
11
Priority Areas
• Group Trade Compliance Program:• Risk Analysis and Commodity Classification (Military, Dual, Civil)• Communication and Training (All Employees and Key Personnel)• Prior Notification of Transactions in Sensitive Countries• Know Your Customer – Due Diligence of Intermediaries• Screening of Denied Parties (Individuals or Entities)• Rapid Reporting of Issues• Whistleblower Mechanism• Assessments and Audits (Short Notice, Review and Plan)• Global Trade Council
• Group Trade Compliance Program:• Risk Analysis and Commodity Classification (Military, Dual, Civil)• Communication and Training (All Employees and Key Personnel)• Prior Notification of Transactions in Sensitive Countries• Know Your Customer – Due Diligence of Intermediaries• Screening of Denied Parties (Individuals or Entities)• Rapid Reporting of Issues• Whistleblower Mechanism• Assessments and Audits (Short Notice, Review and Plan)• Global Trade Council
Trade Controls
FOCUS ON Sensitive Transactions
Trade Controls
FOCUS ON Sensitive Transactions
•Fully Revised Model 231 (Directive for ITA Subs)•Uniform Code of Ethics (Project for US Subs)•Adequate Procedures (UK Subs)•Directives and Procedures:
• Use of Commercial Advisors and Sales Promoters• Use of Pofessional Advisors• Sponsors and Donations• Gifts and Hospitality• Business Partners (Suppliers - M&A and JV)
•Fully Revised Model 231 (Directive for ITA Subs)•Uniform Code of Ethics (Project for US Subs)•Adequate Procedures (UK Subs)•Directives and Procedures:
• Use of Commercial Advisors and Sales Promoters• Use of Pofessional Advisors• Sponsors and Donations• Gifts and Hospitality• Business Partners (Suppliers - M&A and JV)
Business Ethics
FOCUS ON Anti-Corruption
Business Ethics
FOCUS ON Anti-Corruption
12
Compliance Program
PRINCIPLES
SYSTEMS
PROTOCOLS
AMBITS
AREAS
COMPONENTS
GROUP WORLD-WIDE DIMENSIONGROUP WORLD-WIDE DIMENSION
PROCESSES
13
Zero Tolerance for Corruption Trade Control Security of Persons, Goods and
Information Health, Safety, Environment Labour and Privacy Protection Competition, Antitrust and State Aids Corporate Crimes and Anti-Fraud Relations with Communities and
Human Rights
Zero Tolerance for Corruption Trade Control Security of Persons, Goods and
Information Health, Safety, Environment Labour and Privacy Protection Competition, Antitrust and State Aids Corporate Crimes and Anti-Fraud Relations with Communities and
Human Rights
Risk Analysis
High-impact legal areas
Internal Regulatory System General Principles and Rules Responsibilities in the Compliance
Processes Legal Risk Management Monitoring and Reporting Communication and Training Notification and Rapid Reporting of Issues Protocol Assessment and Corrective
Actions
Internal Regulatory System General Principles and Rules Responsibilities in the Compliance
Processes Legal Risk Management Monitoring and Reporting Communication and Training Notification and Rapid Reporting of Issues Protocol Assessment and Corrective
Actions
Standard compliance processes
The methodology provides a path which starts from (i) the mapping of the main high-impact legal regulations and (ii) the selection of standard compliance processes and periodically conducts (iii) the risk analysis for the establishment, management, updating and monitoring of (iv) a Compliance Program complete, consistent and coordinated throughout the Group.
Implementation of internal rules in relation to individual matters (e.g. relations with consultants). The minimum content of an internal protocol will be the following:
ObjectivesApplicable Regulations (internal and external)ScopeRoles and Duties of Competent Business UnitsRules of conduct and Requirements for Authorization and TraceabilitySpecific Tools for Communication and TrainingSpecific Mechanisms for Monitoring and Reporting (Schedules and Forms)Reporting Provisions and Implementation Measures (Timeline, Conditions)Periodic Audit, Review and UpdateSanctions and Remedies Applicable for Infringements
Implementation of internal rules in relation to individual matters (e.g. relations with consultants). The minimum content of an internal protocol will be the following:
ObjectivesApplicable Regulations (internal and external)ScopeRoles and Duties of Competent Business UnitsRules of conduct and Requirements for Authorization and TraceabilitySpecific Tools for Communication and TrainingSpecific Mechanisms for Monitoring and Reporting (Schedules and Forms)Reporting Provisions and Implementation Measures (Timeline, Conditions)Periodic Audit, Review and UpdateSanctions and Remedies Applicable for Infringements
Operating Approach
Definition/updating of new/existing internal protocols
14
15
A BIG CHANGE IN
FINMECCANICA USUAL APPROACH
Trade Compliance:
Minimum Standards
New Tools
16
Ongoing Developments
Compliance is a process of continuous change and development. Recently Finmeccanica has taken several measures in order to further strengthen its control procedures and to reinforce the management and coordination over the operating companies.
Among other measures, the following are worth mentioning:
new rules for appointment of members in Corporate Bodies of operating companies;
establishment of a new Corporate Bodies Committee for nomination/assessment of key management;
provision of a Risk Management structure reporting to the CFO;
centralization of the Group’s Internal Audit activities, including a specific audit unit for monitoring of intermediaries;
appointment of a “Wise-Men Committee” (composed of external experts) entrusted with the task of reviewing existing policies and proposing new measures to ensure full compliance with the international best practice.
17