- Ensuring integrity and compliance throughout the Group and with business partners
- Compliance organization
- Compliance risk assessment
- Code of Conduct
- Communication campaigns
- Business partner audits
- Tell me! whistleblower portal
- Compliance audits
- Case investigations
- Punishing misconduct
Deutsche Telekom has clearly expressed its commitment to complying with ethical principles and current legal standards. This commitment has been incorporated in our Guiding Principles and Code of Conduct. We have introduced a comprehensive compliance management system to effectively combat risks and make sure conduct throughout the Group is based on integrity and complies with our principles and regulations. All compliance management activities are in line with legal regulations and our Binding Corporate Rule on Privacy, which specify how to handle personal data within the Deutsche Telekom Group. Responsibility for the compliance management system lies with the top management level at Deutsche Telekom in the Board department for Data Privacy, Legal Affairs and Compliance. The same applies to every Deutsche Telekom company; responsibility for compliance is always assigned to a member of the top management. The Chief Compliance Officer of Deutsche Telekom AG is responsible for the Group-wide structure, advancement and implementation of the compliance management system and heads the Group Compliance unit. We also have compliance officers at our operating segments and national companies who are in charge of local implementation of the compliance management system and compliance targets.
Goals of the compliance management system (CMS)
At Deutsche Telekom, compliance refers to following the rules and doing the "right thing," which means compliance requires all Deutsche Telekom employees to act with integrity. Within the meaning of our five Guiding Principles and Code of Conduct, integrity, and therefore compliance, forms the basis of all our business decisions and activities. It defines the behavior of all our employees when dealing with customers, employees and colleagues, investors, managers and Deutsche Telekom's general environment.
The goals of our compliance activities are based on these principles, the relevant regulations and legal standards as well as on Deutsche Telekom's strategic objective of becoming the leading European telecommunications provider. More specifically, the aim is to prevent compliance violations and non-ethical business decisions and to integrate compliance permanently into business processes at an early stage. This reduces risk of liability for the company and supports customer perception of Deutsche Telekom as a reliable partner. Group Compliance implements overarching compliance goals in business activities by systematically applying the compliance management system in the areas of prevention, identification and response.
Focus on prevention
We conduct a Group-wide compliance risk assessment each year. This helps us identify and assess our compliance risks and define focal points for conducting effective preventative measures, which are compiled in our compliance program.
The goal is to make sure that the conduct of our employees is ethical and compliant at all times, which is why we have set forth clear expectations on employee conduct in our Code of Conduct. We have also introduced Group policies relating to compliance such as policies on anti-corruption, gifts, invitations, events and dealing with consultants and agents. A policy database makes it easy for our employees to access and follow our policies (group-wide implementation of a code of conduct).
In addition to regular compliance training, we also conduct extensive anti-corruption training. We specifically address managers to act as multipliers to further raise awareness of compliance. Their feedback is thoroughly analyzed and used to introduce additional training offers or other measures as needed (click here for more information).
Employees can also visit the Ask me! portal to have their compliance questions answered and find reliable information on laws, internal policies and codes of conduct relevant to their daily activities.
We have also introduced various communication measures to promote a culture of compliance at the Group.
Identification and monitoring
Despite the best preventative measures, we are not always able to prevent breaches of law or serious violations of internal regulations at the company.
We have created the Tell me! whistleblower portal to uncover non-compliant conduct. Our employees as well as external parties, e.g., business partners or customers, can use the portal to report misconduct (protecting whistleblowers). Deutsche Telekom thoroughly investigates all reports within the limits of the legal framework and punishes such activity appropriately.
We have introduced a Group-wide reporting process to control and monitor these activities, including regular internal and external audits of our compliance management activities.
Compliant interaction with business partners and suppliers
Our Code of Conduct specifies proper conduct for all of our employees. With our Social Charter we make a commitment to protecting and promoting human rights including compliance with the ILO's core labor standards. Our suppliers are expected to comply with the obligations, principles and values set forth therein and we do our part to place our suppliers under the obligation to do so. We also expect our suppliers to require the same of their sub-suppliers. Our General Terms and Conditions for Purchasing include a corporate social responsibility and anti-corruption clause that places suppliers under the obligation to take all steps necessary to prevent and punish active and passive forms of corruption. We have been offering regular e-learning and face-to-face compliance training to our suppliers since 2014 and provide them with a compliance guideline as well (see GRI index).
We select our business partners based on compliance criteria and conduct risk-oriented compliance business assessments. This applies to customers and suppliers as well as consultants (Consultant Policy), sales agents, development partners and joint venture partners.
In order to guarantee that we are able to effectively mitigate risks and that we have effective processes in place at the company for doing so, we became certified according to the 980 audit standard of the Institute of Public Auditors in Germany (IDW) in the areas of anti-corruption and anti-trust legislation.
Anti-corruption audit: During the period from January 2012 through December 2013, German and international units were audited for risk of corruption in their respective countries. The auditors confirmed that our processes at the central compliance organization and various corporate departments are suitable for effectively preventing corruption. These processes related to sales, procurement, human resources and internal audit. In 2016 (Germany) and 2017 (internationally) we will again be applying for certification focusing on anti-corruption. We document details regarding audit content and corporate departments that have undergone anti-corruption audits in our audit report.
Anti-trust compliance audit: Deutsche Telekom's anti-trust regulations were also audited for compliance with the IDW PS 980 standard by an independent auditing firm between January and December 2013. The audit report was issued in 2015 and confirms the effectiveness of our compliance management system, which is suitable for identifying vulnerabilities in time, thereby preventing violations of anti-trust law. Within the scope of this certification process, the independent auditing firm audited Deutsche Telekom AG, Telekom Deutschland GmbH and T-Systems International GmbH in Germany as well as ten other Group companies internationally. We document details regarding audit content and corporate departments that have undergone anti-trust compliance audits in our audit report.
Different legal practices and cultural values in the countries where Deutsche Telekom is active represent a significant compliance challenge. The increasingly dynamic development of global markets and intensified international competition also influence our compliance strategy.
In line with the Group's international structure, we discuss strategic issues with an international compliance advisory team twice a year and define a shared compliance approach. The team is a trend-setter of sorts, as it provides an impetus for designing and implementing balanced compliance structures at Deutsche Telekom. We have also been promoting Group-wide compliance collaboration for years through meetings of the representatives of all compliance organizations from our international subsidiaries. The 11th International Compliance Days were held in 2015. Around 130 compliance officers from 31 countries met at our Greek national company OTE in Athens on April 22 and 23. Under the slogan, "Share and Collaborate," they discussed compliance strategies and trends as well as new approaches to collaboration.
All Group units regularly audited for risk of corruption
We conduct a wide spectrum of internal measures to prevent and fight corruption. The compliance risk assessment forms the foundation of our compliance management system. It helps us identify and evaluate compliance risks and develop appropriate prevention measures. To this end, we have introduced an annual process throughout the Group that assigns responsibilities and defines clear assessment criteria that are documented systematically. Companies are selected to participate in the compliance risk assessment process according to a maturity-based model . 79 companies participated in the assessment process in 2015.
Our Group risk map is a key component of the compliance risk assessment that we use to assess risks that are particularly significant to our company. The risk map enables Deutsche Telekom's globally active companies with their various business models to conduct systematic risk analyses. It currently covers 27 core risk categories ranging from corruption and anti-trust law violations to violations of the Group Code of Conduct. Each subsidiary can add additional categories specific to their business needs. This involves defining which specific threat each risk poses to the subsidiary and stating which measures have already been implemented to mitigate this risk. If necessary, additional measures are developed to reduce the risks to a manageable level. Responsibility for the compliance risk assessment lies with the respective Group company. Our central compliance organization provides support and advice in these matters.
The subsidiaries' managing boards are informed of the results of the compliance risk assessment. Subsequently the compliance program for the following year is defined, including specific measures and responsibilities. The managing board passes a formal resolution to approve the program. The compliance program measures are monitored closely.
Investigation based on clear criteria
Deutsche Telekom has specified clear criteria for investigating suspected cases of corruption. We only start investigations if a violation of legal or internal regulations is reported with a sufficient degree of detail. Any tips that meet this requirement are investigated thoroughly. Any violations we uncover are punished appropriately. In some cases employment relationships have even been terminated for good cause. Claims for damages may also be asserted. Any weaknesses identified in the internal control system during the investigation are systematically analyzed and remedied.
In 2015, 120 compliance-related reports were made to Deutsche Telekom via the Tell me! portal. 18 of those are still being reviewed for plausibility and investigations are being made into 56 plausible reports (as at: February 2016). 17 of those were confirmed as actual misconduct and were punished accordingly. 31 cases are still in the investigation phase. In confirmed cases, Deutsche Telekom imposes systematic sanctions that are proportionate to the act and the guilt of the perpetrator and are in line with applicable legal provisions. Overall, in 2015 the majority of tips related to embezzlement, theft and fraud, commissions fraud and target manipulation.
Deutsche Telekom is the most transparent telecommunications company worldwide. This was confirmed in a study published by Transparency International in November 2015. The anti-corruption organization has published a transparency rating list of the world's 35 largest telecommunications companies.
The study was based on publicly available information on company anti-corruption programs, interdependence among businesses and country-by-country reporting of financial expenditures and revenues. Transparency International emphasized that Deutsche Telekom publishes all relevant information regarding preventative measures conducted at the company as well as on national and holding companies and discloses significant financial data.
Click here for the complete study.
Deutsche Telekom works together with associations and organizations to fight corruption. We use these opportunities to share experiences and to further develop our compliance management system on an ongoing basis. For example, we are active as a corporate member of the Forum Compliance and Integrity (Center for Business Ethics), DICO (German Institute for Compliance), Bitkom (German Association for Information Technology, Telecommunications and New Media) and ENICO (European Network of Integrity and Compliance Officers). In cooperation with the ICC (International Chamber of Commerce) and other companies, Deutsche Telekom has developed guidelines to promote the prevention of corruption.
Through cooperation and exchange of experiences Deutsche Telekom makes a valuable contribution to the work of international anti-corruption-initiatives across company boundaries. The acquired knowledge is used to continuously improve the compliance-management-system.
Deutsche Telekom is party to several proceedings both in and out of court with government agencies, competitors, and other parties. The proceedings mentioned in the 2015 Annual Report are of particular importance from Deutsche Telekom's point of view.