voestalpine requires its companies and all of its employees to comply with absolutely all applicable laws in all of the countries in which it operates. For voestalpine, however, Compliance means more than just acting legally and in accordance with other external requirements. It is the expression of a culture that is also rooted in ethical and moral principles. The principles of this corporate culture as it relates to the treatment of customers, suppliers, employees, and other business partners are spelled out in the voestalpine Code of Conduct.
Likewise, voestalpine requires its suppliers to comply, without limitation, with all applicable laws in the respective country and, in particular, to respect and uphold human rights as fundamental values.
The Code of Conduct
The voestalpine Code of Conduct was enshrined in writing in 2009. It is the result of numerous conversations and discussions at the level of the Management Board as well as among the managing directors and department heads of the voestalpine Group. It is based on the Group’s corporate values and provides the basis for ethically and legally sound conduct on the part of all of the Group’s employees. The Code of Conduct was revised in the business year 2019/20 to integrate all those of the voestalpine Group’s values and behavioral rules that had not yet been included in it as principles. It has been revised twice since then. For one, these changes were made in connection with the implementation of the EU Directive on the protection of whistleblowers and, for another, in connection with supply chain management. The Code of Conduct has been published in German and 20 additional languages and may be downloaded from the Internet: Compliance
The voestalpine Code of Conduct covers the following areas:
- Compliance with laws and other external and internal requirements
- Human rights, respect, and integrity
- Fair competition
- Competition and antitrust law
- Corruption, bribery, and acceptance of gifts
- Donations and sponsorships
- Trade wars and conflict minerals
- Money laundering
- Conflicts of interest
- Data privacy and protection
- Protection of information and intellectual property
- Secrecy of confidential information
- Intellectual property
- Protection of corporate property and IT usage
- Workplace protections
- Environmental protection and climate action
- Prohibition of abuses of insider information
- Corporate communications
- Reporting of misconduct
The Code of Conduct applies to all members of the management boards, the managing directors, and the non-executive employees of all entities in which voestalpine AG has a direct or indirect interest of at least 50% or which it controls in some other way. As regards all other companies in which voestalpine AG has a direct or indirect stake of at least 25% but does not control them, the Code of Conduct is brought to their attention with the request that they enforce it by having their corporate decision-making bodies recognize it of their own volition.
Every employee must reckon with disciplinary consequences if they violate statutory provisions; internal guidelines, regulations, and instructions; or the provisions of the voestalpine Code of Conduct. Moreover, violations may also have consequences under criminal and civil law, e.g., claims to compensation and claims for damages.
voestalpine aims to have the Code of Conduct apply throughout its sphere of influence. Suppliers and consultants are required to comply with the Code of Conduct for Business Partners. Additionally, Group companies are urged to bring the Code of Conduct to the attention of their customers and to strongly encourage them to commit to compliance therewith also. All of voestalpine’s business partners are also requested to reasonably promote adherence to the Code of Conduct among their own business partners along the supply chain.
voestalpine AG has adopted several Group guidelines that serve as a helpful tool for employees in applying the Code of Conduct. The Compliance rules and regulations associated with the voestalpine Code of Conduct currently comprise the following:
Business Conduct
These guidelines supplement and flesh out the Code of Conduct with respect to issues of corruption, bribery, acceptance of gifts, and conflicts of interest. For example, they regulate the permissibility of gifts, invitations, and other benefits; donations and sponsoring; secondary employment as well as the private purchase of goods and services by voestalpine employees from customers and suppliers. The section entitled “Business Conduct” also addresses the prohibition of political contributions. The voestalpine Group does not allow donations to politicians, political parties, organizations affiliated with political parties, or political front organizations. This does not apply to political precursor organizations that are devoted solely to social issues and have been individually approved by the Management Board of voestalpine AG.
Dealings with Brokers and Consultants
This guideline provides additional information on the topics of corruption, bribery, and the acceptance of gifts. It defines the procedure to be complied with prior to engaging sales representatives, agents, and other marketing consultants. An objective analysis of business partners’ environment and scope of activities before establishing business relationships with them serves to ensure that the business partners also comply with both applicable law and the voestalpine Code of Conduct.
Antitrust Law
This guideline describes the prohibition of agreements restricting competition; provides rules for dealings and interaction with, and in, associations, professional associations, or other industry organizations; and defines concrete rules of conduct for employees of the voestalpine Group. Additionally, manuals have been developed with respect to issues of information sharing and benchmarking, procurement alliances, and supplier relationships with competitors; they provide employees with information on these topics from an antitrust perspective.
Compliance Manual & Compliance Violation Prevention Program
These rules and regulations provide information on the Group’s compliance strategy and compliance structure. They also provide information on steps taken to prevent and identify Compliance violations as well as on the potential reactions and sanctions such violations may trigger. Furthermore, these rules and regulations contain information on the Web-based whistleblower system that makes it possible to report Compliance violations anonymously too.
Code of Conduct for voestalpine’s Business Partners
These rules and regulations that are directed toward suppliers of goods and services as well as toward brokers, consultants, and other business partners define the principles and requirements for doing business with voestalpine. It was comprehensively revised and expanded in the business year 2022/23. Among other things, voestalpine requires its business partners to respect and comply with human rights as fundamental values in accordance with the International Bill of Human Rights, the UN Guiding Principles (UNGPs) on Business and Human Rights, and the Core Labor Conventions of the International Labor Organization (ILO). In particular, this applies to the prohibition of child and forced labor; the prohibition of human trafficking in any way, shape, or form; the equal treatment of employees; and the right to employee representation and collective bargaining. Business partners must also undertake to comply with environmental protection standards and to set scientifically verifiable targets for reducing their CO2 footprint. In fact, the business partners must abide by their commitments not just in their own sphere of activity; they must also require their own suppliers to act accordingly and must verify compliance with these commitments in the supply chain.
Code of Conduct for voestalpine’s Lobbyists (Lobbying Code of Conduct)
voestalpine’s Lobbying Code of Conduct regulates dealings with stakeholders in Austria as well as in Europe and internationally in accordance with the Austrian Lobbying and Advocacy Transparency Act in order to provide a clear and transparent framework for lobbying activities. Just as the general Code of Conduct, the Lobbying Code of Conduct, too, is binding on all members of the management boards, the managing directors, and the non-executive employees of all entities in which voestalpine AG has a direct or indirect interest of at least 50% or which it controls in some other way. Care must be taken to ensure in cases where voestalpine’s lobbying activities are supported by third parties that the latter commit to compliance with the Lobbying Code of Conduct.
Compliance organization
Responsibility for adherence to Compliance regulations rests with the respective management. The voestalpine Group comprises a Compliance organization to help management fulfill this responsibility and set up the processes required to that end. Aside from a Group Compliance Officer, a Divisional Compliance Officer has been appointed for each division; additional Compliance officers are appointed in particular divisional sub-units. The Group Compliance Officer reports directly to the Chairman of the Management Board and is not bound by instructions. The Divisional Compliance Officers report to both the Group Compliance Officer and the respective division heads who are members of the Management Board.
Compliance officers are responsible for the following areas:
- Antitrust law
- Corruption
- Compliance with capital market regulations
- Fraud (internal cases of theft, fraud, misappropriation, or embezzlement)
- Conflicts of interest
- Special topics assigned to the Compliance organization by the Management Board of voestalpine AG (e.g., in connection with issues related to UN or EU sanctions)
All other Compliance issues—e.g., environmental law, taxes, accounting, labor law, protection of employees, or data privacy—do not fall under the purview of the Compliance officers’ powers. Other organizational units are responsible for these Compliance issues.
Preventive measures
As part of its Compliance activities, voestalpine places particular importance on preventive measures including, in particular, education and training, discussions with management, and communications.
The voestalpine Group already introduced e-learning courses on the subject of Compliance back in 2009. This e-learning curriculum has been repeatedly revised and expanded over time. The existent e-learning courses on antitrust law (including an advanced course) and on the Code of Conduct were revamped and rolled out anew in the business year 2019/20. In addition to the learning units, they now also present case studies and require a final test.
The e-learning courses are continually supplemented Group-wide by face-to-face training tailored to target groups, particularly sales and marketing personnel. This face-to-face training is generally focused on adherence to the law and internal guidelines as well as on (anti)corruption and antitrust law as it applies to the participants’ respective sphere of activity. Compliance training is mandatory for young executives: Six to seven face-to-face training sessions are conducted per year for up to 40 employees each. Face-to-face training on issues of compliance with capital market regulations is also provided to employees of voestalpine AG.
Compliance is a regular topic in Group communications and is addressed repeatedly— including by top management—during major employee events at the level of the Group and the divisions.
Reporting Compliance violations
Reports of Compliance violations should be made openly for the most part, i.e., divulging the whistleblower’s name. Pursuant to the Code of Conduct, such reports may be addressed to the individual’s direct supervisor; the appropriate legal or human resources department; the management of the respective Group company; the Internal Audit and risk management departments of voestalpine AG; the Group Compliance Officer; or one of the Divisional Compliance Officers. Upon request, whistleblowers are ensured of absolute confidentiality.
An option to anonymously report violations via a Web-based whistleblower system has been available since 2012. Initially, only a few issues could be reported through this whistleblower system; since the business year 2022/23, however, reports may be filed with respect to all of the following:
- Antitrust, corruption, fraud, conflicts of interest, capital market compliance
- Discrimination, sexual harassment, mobbing, human rights
- Data privacy and protection
- Technical compliance, in particular, compliance with technical standards and certifications in production processes; IT security
- Environment
- health and safety
- Violations in other areas
The system makes it possible for the appropriate Compliance Officers to communicate with whistleblowers while maintaining absolute anonymity.