Responsible entrepreneurship means first and foremost legally compliant conduct. All of Merck KGaA, Darmstadt, Germany's activities have to comply with statutory rules and regulations worldwide. Violations might not only entail legal prosecution, but could also seriously harm the company's corporate reputation, meaning its standing as a business partner or employer. Therefore, compliance with statutory rules and regulations has top priority for us. Compliance for our company also means acting in accordance with the ethical principles defined in the Merck KGaA, Darmstadt, Germany . We strive to do “good” business, which means operating profitably while still meeting high ethical standards.
Globally mandatory guidelines
The Merck KGaA, Darmstadt, Germany is a compulsory set of rules for the company’s entire workforce. Our employees have been provided with a copy of the Code of Conduct, and new employees are handed a copy with their letter of offer.
The Code of Conduct explains the principles for dealings with business associates, general partners, co-workers, and employees, as well as the communities in which we operate. Thus, it supports all employees in acting ethically – not only in their interactions with one another, but also outside the company. Oursupplements the Code of Conduct with global human rights principles, such as the core labor standards of the International Labour Organization (ILO). In July 2014, we furthermore adopted a new anti-corruption guideline for the Group.
We expect our business partners worldwide to adhere to our guidelines and principles as well. While Supplier Management ensures that suppliers conduct their business according to the rules and regulations, Global Business Partner Risk Management handles the relationships with distribution-related associates such as distributors and wholesalers.
Group Compliance oversaw the integration of AZ Electronic Materials (AZ), which was acquired in 2014, and trained AZ employees on compliance as well as on our compliance guidelines. Since January 2015, AZ employees have been fully integrated into Merck KGaA, Darmstadt, Germany's compliance measures.
Our Compliance organization
Through our compliance organization, we ensure adherence to statutory regulations as well as to the company's own internal rules and regulations. The Compliance Group function, which features a Group Compliance Officer and other specialists, is responsible for maintaining and enhancing the compliance program. At our subsidiaries, local and regional compliance officers are responsible for implementing the compliance measures. Besides expanding the global Compliance organization, we have also appointed a Compliance Officer for the life science business and one for our Healthcare business sector. This will augment the compliance expertise available when entering new business fields and ensure that our businesses comply with statutes and regulations. The approximately 60 Compliance Officers worldwide fall under the Group Compliance Officer. Group Compliance provides them with guidance as well as training documents, along with other support. They report regularly to the Group Compliance Officer, who in turn reports to the Executive Board at least once a year, updating the Board on compliance activities, compliance risks and serious compliance violations. The Executive Board updates the company's supervisory bodies at least once a year on the key compliance issues.
Selecting business partners
Merck KGaA, Darmstadt, Germany applies a risk-oriented approach to the selection of sales-related business partners such as distributors, agents, and wholesalers. In essence, the greater we estimate the risk to be with regard to a certain country, region, type of service, etc., the closer and more carefully we examine the company before doing business with them. For risk assessments, we use tools such as the (CPI) maintained by Transparency International, as well as background information from various databases. We also take into account whether the business partner in question has a compliance program.
Our "Global Business Partner Risk Management Guideline" governs the selection process for business partners as well as the system-based documentation of relevant information and the evaluation thereof. Through this comprehensive process, we are both minimizing our risk as well as taking into account the modified requirements resulting from new anti-corruption legislation such as the UK Bribery Act.
This Group-wide mandatory guideline stipulates eight principles that must be taken into account when selecting new business partners and that also apply to existing business relationships. For instance, the policy stipulates that the company shall only do business with partners who comply with all applicable laws, who do not engage in bribery, who adhere to environmental, health and safety guidelines, and who refuse to tolerate discrimination. Furthermore, we require them to demonstrate a commitment to internationally recognized human rights and labor standards, as well as to the compliance standards defined in our Code of Conduct.
Business partners must accept and adhere to these principles if they wish to enter into a business relationship with Merck KGaA, Darmstadt, Germany. We also conduct such audits on existing business partners, usually when it's time to renew a contract.
If the audits come up with red flags, we may reject potential business partners or terminate the relationship. However, our business associates are frequently willing to modify their structures and processes to meet our stringent compliance requirements. Since implementing the process in 2013, more than 1,000 business partners have already undergone this audit.
The Internal Auditing Group function regularly reviews compliance-relevant matters at our facilities. Their audits focus on the existence and quality of compliance guidelines, processes and structures. In addition, Internal Auditing also checks our sites for violations of our Code of Conduct and reviews workplace aspects of the Human Rights Charter. The topic of corruption is also part of our standard audit program. Altogether, 30 audits were conducted in 2013 to check for corruption, with 36 in 2014.
On top of this, 27 sites across 22 countries were audited on workplace aspects of the Human Rights Charter in 2013, and 32 sites across 28 countries were audited in 2014. The audits found no violations.
We place a high priority on regular compliance training, which is provided as classroom and online courses. Employees of all levels, as well as independent contractors and supervised workers such as temps, are trained on topics related to the Code of Conduct such as corruption, competition law and conflicts of interest.
In 2013 and 2014, we used our e-learning system to train 29,360 people on our Code of Conduct, educating them on the consequences of compliance violations. This training also taught ways to avoid compliance violations.
In 2013 and 2014, a total of 40,188 people took 117,509 online courses on a variety of compliance topics. A large portion of these classes focused on corruption. In 2013 and 2014, we trained 31,687 people on how to prevent corruption.
Several courses on special topics are offered specifically for employees above a certain Global Grade, such as the course on competition law that was rolled out in 2014. In addition to online courses, numerous classroom courses on compliance are held worldwide in order to provide employees with effective training on local issues in particular.
We review and revise training plans regularly, adapting them to new developments. For instance, in 2014 we developed online courses to accompany the implementation of our new anti-corruption guidelines. Since 2013, we have been training employees, especially those in distribution, on our expanded business partner selection process as well as our "Global Business Partner Risk Management Guideline". Due to the significance and complexity of the subject, this training is generally offered as a classroom course.
All employees are called upon to report compliance violations to their supervisor, Legal, HR, or other relevant departments. Employees can also report violations via the SpeakUp Line central reporting system, doing so in their respective national language. Available as a telephone hotline or a web-based application, they can report the incident free of charge and anonymously from anywhere in the world. In addition to our employees, business partners who have undergone the Business Partner Risk Management Process can also report misconduct via the SpeakUp Line.
The reports received are reviewed by the Group Compliance Officer and submitted to the Compliance Committee, who will then coordinate the necessary investigation into the matter. This committee consists of senior representatives from Internal Auditing, Compliance, Group Security, Data Security, and Human Resources. They monitor the handling of reported cases and initiate appropriate corrective measures as needed. Disciplinary actions are also taken, when necessary, against employees who have violated a compliance rule. These actions may range from a simple warning up to dismissal of the employee, depending on the severity of the violation.
On top of the SpeakUp Line, we have also set up a central advice hotline within the Group Compliance Office. Our employees can call this number to get advice on ethical and compliant conduct.
The number of compliance-relevant reports as well as the number of actual compliance violations have remained for the most part unchanged over the last several years. Via the SpeakUp Line and other channels, we received a total of 22 compliance-related reports in 2013 that resulted in an investigation, with 26 such reports in 2014. We confirmed nine cases of compliance violations in 2013 and eleven in 2014. The majority of these violations resulted from the misconduct of individual employees and represented minor, isolated incidents that led to commensurate disciplinary action. During the 2013-2014 period, six cases total entailed managerial employees who were involved in improper business practices, or had knowledge thereof. These cases mostly dealt with improper distribution and marketing methods to boost sales, as well as inappropriate interactions with medical professionals. In all cases, disciplinary action was taken against the managers responsible for the infractions.
The importance of compliance in business processes will continue to grow, especially in the pharmaceutical industry. For Europe, the transparency initiative of the European Federation of Pharmaceutical Industries and Associations (EFPIA) stipulates that, effective 2016, companies will have to publish all donations made to physicians that are not connected to research. Our Compliance organization has worked with the relevant businesses to implement measures that satisfy this disclosure obligation. This includes the creation of an internal guideline that stipulates the approval process and documentation requirements for donations made to physicians.