RAG - Home
Sustainability report 19/20

Transparency and compliance

Corporate governance

In order to meet the requirements for proper corporate governance, RAG has implemented all of the elements necessary in accordance with a modern Three Lines of Defence model  and integrated them into its operations. These are mainly related to the groups of issues typically associated with compliance, risk management and the internal control system. Additional elements – such as an information security management system (ISMS) and a business continuity management system – are in place to help us fulfil our duties as an operator of critical infrastructure.

An internal audit of RAG’s compliance management system was carried out at the end of 2020, and the resulting proposals for improvements were quickly implemented.

Technische legal compliance

RAG’s compliance management structures cover all principles, measures and activities aimed at ensuring that the company conforms to all applicable regulations. The head of Internal Audit also serves as the Compliance Officer, with responsibility for all core aspects related to compliance, and reports to both members of the Executive Board. However, the majority of compliance-related matters, in particular those which are essential for the proper operation of technical facilities, are managed on a decentralised basis by the various specialist departments, which have the necessary expertise at their disposal. In this regard, managers have a key role to play, as they have a duty of care which obliges them to take appropriate steps to ensure regulatory compliance. Employees form the basis of the company’s compliance structures, as they must comply with both internal and external regulations in the course of their everyday work.

The various specialist departments serve as a point of contact for queries on decentralised compliance-related matters connected with day-to-day operations. Breaches of compliance policies must be reported to the Executive Board by the manager concerned. The Compliance Officer and the Legal Department are also informed, so that they can provide general legal support. The Compliance Officer also prepares a comprehensive report for the Executive Board at least once a year.

Anti-corruption and transparency

We are well-known for our long-term ties with contractual partners and suppliers. These business relationships are characterised by fairness, trustworthiness, integrity and transparency. We are also committed to upholding the principles of fair and honest competition, and complying with all statutory regulations designed to combat bribery and corruption.

Our employees are forbidden from requesting or accepting preferential treatment or inducements, and from offering or providing such advantages to others. They are also obliged to avoid conflicts of interest between personal matters and their company-related duties. In order to prevent misconduct, all employees receive compulsory training on appropriate behaviour. The company also has internal anti-corruption reporting systems in place, and reports are prepared annually for the Executive Board and the Audit Committee.

Donations and sponsorship of third parties require the express permission of the Executive Board. All such activities are registered centrally and reported to the Executive Board once a year.

The company has no political affiliations, and makes no financial contributions to political parties or organisations, or their representatives. We represent RAG’s interests in dealings with public bodies with regard to matters that affect the company itself, or its employees, customers and representatives of the owners. This relates to memberships or involvement in working groups set up by various industrial associations and interest groups.

A list of our memberships (PDF)
 

Internal control system

Compliance with internal guidelines and processes is maintained by an internal control system (ICS). This is characterised by a functioning organisational structure, application of the four-eye principle, separation of functions, and internal guidelines for business processes.

All business transactions concluded on behalf of RAG must be booked or documented in accordance with the applicable regulations, and must be verifiable. Under the process-oriented ICS, selected business processes are subject to systematic controls – the individual control steps are documented and checks are made to ensure they are carried out. Annual evaluations ensure that the ICS is kept up to date, and its effectiveness is also continuously monitored by Internal Audit.

The ICS focuses primarily on financial reporting, but it also covers key operational aspects, such as tank farm inventories in order to ascertain stocks of crude oil held as compulsory emergency reserves, and reserve accounting for oil and gas.

Data protection

Based on the General Data Protection Regulation (GDPR), our data protection policy governs the treatment of personal data at the company. In order to ensure effective policies, a data protection management process has been implemented with the goal of achieving continuous improvements in data protection standards and adapting to new requirements. If employees have any questions they can contact the designated data protection officer, the HR Department or the Legal Department.

Transparent procurement processes 

We place an emphasis on forming fair and transparent relationships with suppliers and partners who operate in accordance with our philosophy, and are also committed to environmentally and socially responsible management. For this reason, in 2020 we drew up a supplier code of conduct containing corresponding long-term requirements for suppliers’ practices.

The code also contains provisions on human rights, social responsibility, environmental matters, as well as compliance and integrity. The supplier code of conduct can be found here.

We are fully aware that sustainability-related aspects can make a significant contribution in procurement. And over the coming years we will engage even more closely with our suppliers in order to establish basic principles and to examine the associated risks and effects for the value chain.
Curd Ornig | Head of Procurement

Procurement policy

All purchases made by RAG with a net value of more than EUR 5,000 are subject to the Group-wide procurement policy. This covers ethical principles and the award of contracts for goods and services in accordance with competition law.

In 2019, RAG voluntarily introduced a reduced threshold of EUR 100,000 (down from EUR 428,000) for the electronic award of procurement contracts, with a view to enhancing transparency. This also applies to master agreements without fixed offtake amounts.
 

Annual CSR audits of suppliers

The Procurement Department is currently developing a supplier audit procedure which includes sustainability-related criteria. Annual audits are planned for all suppliers with a net annual procurement total of EUR 1 million and business-critical suppliers* with a net procurement total of EUR 50,000 or more. Suppliers will be assessed using the following three-step approach:

  1. Audit of the completeness and accuracy of all information
  2. Audit of information provided regarding legal compliance
  3. Consideration of previous experience and a risk assessment of the supplier concerned with regard to sustainability-related factors

A supplier will be able to provide goods and services to RAG and its subsidiaries for a further year only if it completes the audit successfully.

In the next phase of the project, we will analyse whether and how to integrate country, sector, product and business model risks facing a supplier into the risk assessment, and the extent to which sustainability criteria will play a part.

Further information on our procurement processes can be found in the chapter on “Climate and environmental protection”, in the section entitled “Sustainable procurement”.

*By business-critical suppliers we mean suppliers for which there are few alternative suppliers on the world market. We purchase products from these suppliers which are important for the safe operation and availability of our plants.