Holistic compliance management system
We have clearly expressed our commitment to complying with ethical principles and current legal standards. This commitment has been incorporated in our Guiding Principles and Code of Conduct. We have put in place a compliance management system to anchor lawful and ethical conduct in all areas of the Group. The specific purpose of this system is to ensure compliance risks are successfully tackled and make sure rules and regulations are followed throughout the entire Group.
Responsibility for the compliance management system lies with top management. There is also a management position for compliance in every company of Deutsche Telekom. The Group-wide design, development, and implementation of the compliance management system falls under the remit of the Chief Compliance Officer of Deutsche Telekom AG and the Group Compliance Management unit she runs. We also have dedicated compliance officers (COs) at each of our operating segments and national companies. It is their job to ensure the compliance management system and our compliance goals are implemented on site.
At Deutsche Telekom, compliance means following the rules and always doing the right thing. Within the meaning of our five Guiding Principles and Code of Conduct, integrity – which necessarily encompasses compliance – forms the basis of all our business decisions and activities. It defines the behavior of all our employees when dealing with customers, employees and colleagues, investors, managers, and Deutsche Telekom’s general environment.
We have derived the following objectives for our compliance work:
- Preventing compliance violations and unethical business decisions
- Integrating compliance into business processes at an early stage and on a lasting basis
- Minimizing liability risks for the company
- Ensuring Deutsche Telekom is viewed as a dependable partner by its customers
- Adopting a consistent approach to preventing, identifying, and responding to non-compliance
- Fostering a compliance culture and ethical conduct
Compliance management certifications
In 2018, we once again had our compliance management system certified with a focus on anti-corruption measures. This is our way of ensuring that we can confront risks consistently and that we have established effective processes in the company. Since 2016 25 international companies have been were certified.
The certification focused on processes in Procurement, Sales, HR, and Mergers & Acquisitions, on the one hand, and on events, donations, and sponsorships on the other. The potential danger of corruption is greatest in these areas. Auditors investigated the efficacy of the compliance management system and verified it without any reservations. We document details regarding audit content and corporate departments that have undergone anti-corruption audits in our audit report.
Compliance management enhanced with risk assessment
If we are going to be successful in preventing and countering legal infractions and regulatory breaches, then we need to adopt the correct approach to assessing compliance risks. That is why our compliance management system is centered around an annual compliance risk assessment. To help us carry this out, we have put in place a Group-wide compliance management process, allocated responsibilities, and defined assessment criteria. The individual steps in the compliance risk assessment, all of which are documented transparently, are as follows:
- The companies that will take part in the compliance risk assessment are selected using a model based around how developed and complete their compliance programs are. A total of 80 companies took part in 2019. This equates to a coverage of just under 97 percent in terms of headcount. Responsibility for conducting the compliance risk assessment lies with the respective national company. Our central compliance organization provides support and advice in these matters.
- The national companies’ managing boards are responsible for the results of the compliance risk assessment. Activities and responsibilities for the following year’s compliance program are developed on the basis of these results. The managing board then passes a formal resolution to approve the program. The compliance program measures are monitored closely.
- We use the Group risk map to assess risks that are particularly significant to our company. The risk map enables Deutsche Telekom’s companies, with their various business models, to conduct systematic risk analyses. It currently covers 27 core risk categories, ranging from corruption and anti-trust law violations to contraventions of the Code of Human Rights & Social Principles. Each national company can add additional categories specific to their business needs. This involves defining which specific threat each risk poses to the national company and stating which measures have already been implemented to mitigate this risk. If necessary, additional measures are developed to reduce the risks to a manageable level.
A clear reference framework: our Code of Conduct
Integrity, respect, and compliance with the law – these are the principles on which Deutsche Telekom’s business activities are based. Our Code of Conduct is the central reference framework for completely lawful and ethical conduct. It makes a significant contribution to our business success by providing a solid foundation for our business activities.
Raising awareness of compliance risks among staff
We aim to ensure the conduct of our employees in their day-to-day work is always ethical and lawful, which is why we implement the following measures across the entire Group:
- Annual compliance risk assessment (CRA), which we use to identify and assess compliance risks and specify key areas for suitable preventive measures.
- Preventive measures that are combined in a compliance program.
- A Group-wide Code of Conduct that sets out clearly how our employees are expected to behave.
- Compliance-related Group policies on areas such as anti-corruption, gifts, invitations, and events, as well as on dealings with consultants and agents.
- A policies database that helps staff find and implement applicable regulations.
- Regular compliance and anti-corruption training (see GRI 205-2).
- The “Ask me!” portal for questions relating to compliance. The portal contains FAQs with example cases, as well as information on laws, internal policies, and behavioral standards. It also gives users the opportunity to contact the “Ask me!” advisory team, which will provide reliable answers if they are unsure about what to do in a particular situation. The number of inquiries and the topics covered can be viewed here.
Systematic handling of infractions
We always investigate tip-offs about a breach of statutory or internal regulations when there is a sufficiently tangible description of the matter at hand. Among other things, we run a whistleblower portal called “Tell me!” as a means of accepting tip-offs.
- All tip-offs are carefully investigated.
- Any violations we uncover are punished appropriately. In some cases employment relationships have even been terminated for good cause. Claims for damages may also be asserted.
- Any weaknesses identified in the internal control system during the investigation are systematically analyzed and remedied.
Deutsche Telekom is party to proceedings both in and out of court with government agencies, competitors, and other parties. We have reported on what Deutsche Telekom views as key processes in the 2019 annual report.
“Tell me!” whistleblower portal
We have created the “Tell me!” whistleblower portal to uncover non-compliance. Both our employees and external parties such as business partners and customers can use the portal to report misconduct – and can do so anonymously. We have introduced a Group-wide reporting process to control and monitor these activities.
In 2019, 122 compliance-related reports were made to Deutsche Telekom via the “Tell me!” portal (137 reports were made in the previous year). 27 of those are still being reviewed for plausibility and investigations are being made into 60 plausible reports (as of December 31, 2019). A total of 38 were confirmed as actual misconduct and were prosecuted accordingly. 13 cases are currently still being investigated.
- Most of the tip-offs received in 2019 focused on “financial interests” (possible cases of fraud, breach of trust, misappropriation, theft, manipulation of targets, and unfair sales methods).
- In confirmed cases, we impose systematic sanctions that are proportionate to the act and the guilt of the perpetrator and are in line with applicable legal provisions.
- Naturally, we always follow up on all compliance-related tip-offs, even those that reach us through other channels.
|1 058||953||1 706|
|Compliance relevant tip-offs|| |
|thereof anonymous tip-offs|| |
Hints: Most of the reports submitted in 2019 were related to fraud, breach of trust, embezzlement, theft, target manipulation and unfair sales practices. Tipp-offs reported to portals in a business unit are only counted for the central Tell me! portal if Group relevant.
Current measures to strengthen company culture
In 2016 we started the Compliance-based Corporate Culture initiative with the intention of encouraging integrity and a constructive speak-up culture within our company. Based on an employee survey in the following year, a comprehensive set of measures was put together and then rolled out in 2018 and 2019.
- The Speak-Up Culture initiative: Employees are encouraged to openly address grievances in critical situations, just as managers should be open to hearing these grievances. To help with this, “Speak Up!” training courses are offered on an international scale, in which employees learn communication techniques for use in difficult situations. By the end of 2019, approximately 3,000 employees had taken part in one of these courses in Germany alone.
- “Ethical Leadership” training courses help our managers reflect on their own ethical conduct. So far, around 400 managers have taken part in one of these courses.
- In 2019, we introduced an e-learning and self-reflection tool for managers and project managers that helps them foster a speak-up culture in their teams and enhance their own ethical leadership behavior.
- Employee surveys: in 2019 we carried out a follow-up survey on our compliance culture and a good 46,000 employees took part.
The results of our employee study on the culture of compliance
In 2019, as part of the Compliance-based Company Culture initiative, we conducted our second ever international employee survey on compliance. The aim was to reassess how our compliance culture had developed since the last survey was conducted in 2017. The European School of Management and Technology (ESMT Berlin) and Hertie School of Governance were our research partners for the first, extensive study. Some 46,000 Deutsche Telekom employees took part in the latest survey – more than participated in the first. The initiative is supported by an expert committee created specifically for this purpose. The committee is comprised of Deutsche Telekom employees as well as representatives from non-governmental organizations, the business and scientific communities, and society.
The results have improved compared to 2017.
- Some 98 percent of those surveyed said they are committed to the rules at Deutsche Telekom and are unwilling to conduct themselves in an unethical manner (97 percent in 2017). Accordingly, the vast majority stand by their own values and would not stray from them, even under pressure.
- A total of 88 percent indicated that their manager sets a good example for ethical conduct.
- Just under 90 percent said they are well informed by the company as regards appropriate conduct at work and that they feel well prepared to deal with ethically dubious situations.
- A clear majority of survey respondents stated that the company management team sets a good example for ethical conduct.
- Weaknesses were identified with regard to feedback culture. A number of employees said they did not feel comfortable expressing their opinion openly.
The weaknesses identified were the subject of intensive discussion on the Board of Management and a set of measures was developed to address them. The aim of these measures is to further reinforce the values-based compliance culture in the Group and carry forward the current, overwhelmingly positive trend. One of the measures was the introduction of the “Managing Dilemmas” virtual reality program. The aim behind this program is to make it easier for staff to identify critical situations and adopt the correct approach in these scenarios. A “speak-up culture” is also being promoted with measures such as the launch of a new e-learning program.
Breaking down barriers – worldwide cooperation for compliance
Different legal practices and cultural values in the countries where Deutsche Telekom is active represent a significant challenge for compliance. The increasingly dynamic development of global markets and intensified international competition also influence our compliance strategy.
In line with the Group’s international orientation, we discuss strategic issues with an international compliance advisory team twice a year. The team is a trend-setter of sorts for designing and implementing balanced compliance structures at Deutsche Telekom. We also promote Group-wide compliance cooperation through meetings of the representatives of all compliance organizations from our international subsidiaries.
We are working with other parties in national and international organizations and professional circles, which involves discussing compliance issues, among other things. We also actively contribute to the ongoing development of compliance, for example by giving specialist presentations and releasing publications.
Commitment to anti-corruption initiatives
Deutsche Telekom AG regularly contributes to national and international organizations that focus primarily on compliance issues. As a member of associations and organizations such as the Compliance & Integrity forum of ZfW (Center for Business Ethics) and BITKOM (Federal Association for Information Technology, Telecommunications, and New Media), we make use of the opportunity to exchange ideas and experiences related to compliance.
Responsible use of artificial intelligence (AI)
In 2018, with Group Compliance Management taking the lead, we introduced guiding principles for the ethical use of artificial intelligence (AI). These principles clarify how we at Deutsche Telekom aim to use AI responsibly and develop our AI-based products and services in the future. We do not claim that these guidelines constitute universally applicable rules on the responsible use of AI. Instead, we aim to continuously develop these guidelines in partnership with our employees and external stakeholders, anchoring them in our company.
In 2019, we carried out activities such as training and workshops on implementing the guidelines, held a conference on digital ethics, provided employees with comprehensive information through a range of formats, integrated the AI guidelines into contract-relevant provisions for our suppliers, and developed an internal test seal for ethical AI products. AI applications that satisfy our high standards carry the seal.