Clear understanding of values embedded in globally applicable guidelines
NORMA Group’s understanding of values forms the basis for all business decisions and activities in the Group. In particular, the global focus of the company makes worldwide implementation and compliance with codes of conduct especially important.
The implementation of compliance-specific frameworks sets rules clearly and transparently. The main compliance guidelines at NORMA Group are
•the CODE OF CONDUCT,
•the ANTI-CORRUPTION POLICY and
•the SUPPLIER CODE OF CONDUCT.
Requirements on HUMAN RIGHTS (regarding freedom of association, forced labor, child labor and anti-discrimination, among others) form an integral part of the compliance guidelines. The guidelines are regularly reviewed regarding the need for updates and adapted as required.
NORMA Group’s compliance management system is aimed at ensuring that its values and rules are lived throughout the Group. Concrete steps are determined, implemented, and tracked in a Compliance Action Plan.
Group-wide compliance management
The Management Board of NORMA Group is responsible for an effective compliance management system. Compliance forms an integral part of the overarching ‘Integrity’ department, which – in addition to compliance – addresses the topics of data protection and information security. This bundling not only considers the growing importance of these topics, but also adequately reflects their increasing interlinking in terms of content.
The group-wide compliance activities are managed by the Chief Compliance Officer of NORMA Group SE. The Chief Compliance Officer regularly reports to the Executive Vice President HR & Integrity and is able to report directly to the Management Board if necessary. CORPORATE GOVERNANCE REPORT Besides the main compliance department at Group level, Compliance Delegates are appointed at the level of the regions EMEA, Americas and Asia-Pacific, as well as at operationally active individual entities. The Compliance Delegates of the individual Group companies are in regular contact with the other local departments and regularly report to the respective Regional Compliance Delegates, who in turn report to NORMA Group Compliance.
Any member of NORMA Group’s compliance organization can be contacted at any time on any compliance issue. The compliance department is in close communication with the legal department of NORMA Group in order to continuously take into account new or changed legal requirements in the compliance risk analyses and in the compliance program.
The effectiveness of the compliance organization set up by the Management Board is monitored by the Supervisory Board of NORMA Group SE, which is informed about compliance matters as needed.
Close risk monitoring and control
The systematic and regular identification and assessment of relevant compliance risks forms an important basis for the compliance program. NORMA Group carries out the respective risk analyses and is in close contact with relevant departments (e.g. Internal Audit, Risk Management).
The risks to which NORMA Group is exposed form the basis for determining the compliance program and the respective measures. Implementing these measures and adhering to the compliance rules are also regular audit tasks of internal auditing.
Systematic, demand-oriented training of employees
To ensure the effectiveness of NORMA Group’s compliance management system, all employees must be familiar with the relevant legal requirements and internal compliance guidelines. The goal is for all employees of NORMA Group to know the compliance rules, as well as the contact persons and reporting channels.
The compliance training that NORMA Group offers serves as the basis for this. It mainly takes place in form of online training sessions and as face-to-face sessions if necessary. Depending on the job and responsibility profile of an employee, the training courses to be completed are assigned as needed. During training, the employees receive concrete support on which behavior is in line with the compliance guidelines and can test their knowledge in practical assessments and case studies. The training courses of fundamental importance that must be completed as basic training by every employee of NORMA Group, include the online training courses ‘Code of Conduct & Compliance Basics’ and ‘Anti-Corruption’. Depending on the job profile, employees must attend specific focus training sessions (including ‘Antitrust law’). Furthermore, the knowledge of employees is updated and extended regularly through refresher courses. ‘Compliance Safety Cards’ were handed out to employees without a PC workstation, especially those who work in production, in the past fiscal year. They are available in all the necessary languages and clearly communicate relevant compliance topics.
In fiscal year 2022, 2,080 employees (2021: 1,114) received online compliance training. In this context, training courses totaling 2,535 hours (2021: 1,283) were conducted. The increase in both the number of employees trained and the number of training hours compared to the previous year is due in particular to the fact that in 2022 there was a full re-enrollment in the revised and updated "Anti-Corruption" training.
The need for training is checked regularly. Internal reporting records the status of compliance training. Compliance-related topics are also communicated via additional channels such as posters, brochures and Compliance Safety Cards that summarize key compliance topics in condensed form, as well as e-mails and intranet articles.
Various ways of reporting violations
NORMA Group encourages its employees to report violations of rules and internal policies, even across hierarchical levels. Besides personally approaching supervisors, the human resources department or Compliance Delegates, NORMA Group’s INTERNET-BASED WHISTLEBLOWER SYSTEM enables anonymous reporting of matters by internal or external whistleblowers. The employees of the compliance organization always follow up on indications of possible compliance violations. Further information on the whistleblower system can be found in the CORPORATE GOVERNANCE REPORT.
In cases in which the electronic whistleblower system is more difficult for employees to use for technical or organizational reasons (a lack of PC access by employees in production, for example), NORMA Group offers other appropriate reporting channels, such as notice boxes at the plants or reporting directly to NORMA Group Compliance by e-mail or by meeting in person, for instance. Besides the main electronic whistleblower channel, NORMA Group offers supplementary or alternative reporting channels at all sites at which local laws require these channels to be made available.
Both the suitability and the appropriateness of the reporting system are reviewed on a regular basis – with regard to the requirements of the “Directive (EU) 2019/1937 of the European Parliament and of the Council of October 23, 2019, on the protection of persons who report infringements of Union law” (so-called “Whistleblower Protection Directive”) as well as the respective implementing laws of the member states, for example. The system is adapted if necessary. In view of the fact that in many cases the Whistleblower Protection Directive has not yet been transposed into the national laws of the EU member states, further developments will be monitored closely and any adjustments necessary will be made as required.
These contents are part of the Non-financial Group Report and were subject to a separate limited assurance examination.