3.8Compliance
management approach
SBM Offshore’s reputation and license to operate depends on responsible business conduct. SBM Offshore is committed to complying with all applicable laws and regulations. SBM Offshore does not tolerate bribery, corruption, fraud, violations of trade sanctions, anti-money laundering or anti-competition laws, or any other illegal or unethical conduct in any form by anyone working for or on behalf of the Company. All employees and those working for or on behalf of SBM Offshore must embrace and act in accordance with the core values of the Company (see section 1.3), the Code of Conduct and the Company’s internal policies and procedures. SBM Offshore fosters a culture of trust and fairness where dilemmas are openly addressed enabling employees to make the right decisions, with commitment to integrity at all levels. This commitment is one of the foundations of the Company’s license to operate and license to grow in support of SBM Offshore’s Vision. Building on the accomplishments of recent years, the Company will strive for continuous improvement in embedding compliance as an integral part of its business processes.
Governance
The Group Compliance function is, on behalf of the Management Board, responsible for ensuring that the entire SBM Offshore organization operates within its clearly defined Compliance Program. The Group Compliance function has a leadership role in proactively advising the Management Board and Management on acting in a compliant manner, both from a strategic and an operational perspective. An important part of its role includes the focus on the prevention of misconduct.
Governance Management
The Company’s Management Board has overall accountability and the Chief Governance and Compliance Officer (CGCO) has the overall responsibility for compliance, risk and legal matters. Reporting to the CGCO, the Group Risk and Compliance Director (GRCD) leads the Compliance Program, drives its execution and regularly reports on its operating effectiveness to the Management Board and the Audit and Finance Committee of the Supervisory Board, while also reporting on the Company’s key compliance risks and incidents. The GRCD is chair of the Company’s Validation Committee for the review and approval of third parties before engaging in a business relationship. Furthermore, the GRCD chairs the Company’s Risk Assurance Committee, ensuring an integrated approach to risk management. The integrated Risk & Compliance department comprises a global team of eleven Risk and/or Compliance professionals, reporting directly to the GRCD, located within the Company’s worldwide locations and at corporate headquarters. Business leadership has accountability and responsibility to manage compliance and integrity risks within their fields of management control.
STRATEGY
SBM Offshore’s Compliance Program aims to guide the Company’s management and employees in applying their moral compass as well as strengthening the management control system. SBM Offshore has integrated the Compliance Program into its organizational structure and is promoting a culture of integrity and compliance in the day-to-day way of working of all employees. SBM Offshore maintains an effective compliance risk management and control system, which includes monitoring and reporting and upholds the Company’s zero tolerance for bribery, corruption, fraud or any other form of misconduct. The Company maintains a global management control framework, while the Company’s Management is responsible for embedding compliance in day-to-day business practice.
The Compliance Program is built on three pillars:
- Compliance governance and organization
- Hard and soft controls1
- Organizational culture and employee behavior
Key elements of the Compliance Program
- Commitment of the Management Board and the Supervisory Board
- Responsibility and accountability for compliance implementation and management residing in line management and ultimately with the Management Board
- Oversight and autonomy of the GRCD and adequate, qualified resources in the department
- Company Code of Conduct and Compliance policies and procedures
- Regular communication, training and continued guidance and advice
- Regular monitoring of compliance risks, mitigating measures and risk-based controls as well as incident and action reporting
- A thorough third party due diligence process, including an internal Validation Committee which reviews the due diligence outcome on high-risk third parties prior to engagement
- Independent verification (e.g. compliance audits)
- Compliance-related internal financial controls, following ICOFR principles
- Confidential reporting procedures, including an Integrity Line and internal investigations
- Annual compliance statements from employees in middle and senior management positions
|
NOTABLE DEVELOPMENTS AND ACHIEVEMENTS IN 2017 |
||
|---|---|---|
|
Third Party Due Diligence scope. In addition to compliance due diligence on business partners, as a continuous process, due diligence was performed on a very significant number of yards, subcontractors, logistics providers and other vendors. |
Due Diligence database. Up-to-date repository in the Company’s Group Supply Chain department of all compliance due diligence reports on vendors. |
Due Diligence Process and ownership. Significant increase of timely and systematic compliance due diligence by Management in the Regional Centers, Product Lines and Operations. Vendor compliance due diligence integrated in renewed Vendor Qualification Process. |
|
Annual Compliance Training Plan. Developed and executed with special focus on sharing of practical examples and dilemmas. |
Insider Trading e-Learning. Training launched to targeted staff in December enhancing the awareness of the SBM Offshore Rules of Conduct regarding Inside Information. |
SBM Offshore Vendor Compliance Day. Held in Europe for a large selection of key vendors, dedicated to the importance of compliance with the rules of the Company’s Code of Conduct. |
|
Compliance KPIs in Regional Centers, Product Lines and Operations. These KPIs include management attention for completion of compliance certificates and participation in compliance training, and are monitored and reported on a quarterly basis. |
Risk Assurance Committee Charter. Clearly describing the roles and responsibilities of the RAC members and incorporated into the Company’s management system. |
Compliance Staffing. Strengthening of the integrated Group Risk & Compliance department with qualified and experienced staff members warranting the continuity of oversight and adequate support to the business. |
|
Market Abuse Regulation. Development and implementation of the Disclosure Committee Charter to ensure compliance with the Market Abuse Regulation. |
Townhall meetings. The core values of Integrity and Care are a standard topic addressed by the Company leadership in the Company’s updates to employees, with real live examples including compliance topics. |
Compliance Due Diligence on SBM Offshore. Clients, business partners and other stakeholders such as financing partners, through their qualification process, provided assurance in the Company’s Compliance Program. |
|
CSR/Sustainability. Initiatives include participation in an Ethics presentation to high schools in Rio de Janeiro under the name ‘Preparing the future’ aimed at impacting young people around the theme of ’ doing the right thing’. |
Integrity Line. Improved access to the Company Integrity Line and improved ways of working of the Integrity Panel for the review and handling of Integrity Line reports. |
Legacy Issues. For information on the Company’s Legacy Issues see sections 1.1, 1.8, 2.2, 3.3, 3.7.3 , 4.1. |
How SBM Offshore measures performance
- As part of performance management processes, the Company sets, monitors and reports on compliance KPIs for its Regional Centers, FPSO Product Line and Operations
- Compliance training hours and completion ratios by employee target group
- Employee feedback surveys after each face-to-face training
- Annual Code of Conduct certification by staff in leadership positions
- Use of a Company-wide tool to approve, register and monitor giving and receiving of Gifts, Hospitality and Entertainment
- Use of a Company-wide tool ’GRaCE’ for continuous risk identification, assessment, registration and reporting
- Registration, review and monitoring of integrity reports through a Company-wide Compliance Case Management System
- Integrated quarterly Group Risk & Compliance reports to the Management Board and the Audit and Finance Committee of the Supervisory Board
Metrics
|
COMPLIANCE CERTIFICATES AND TRAININGS TO DESIGNATED STAFF |
||
|---|---|---|
|
Number of employees in Designated Staff* per year-end |
845 |
|
|
Compliance Certificate completed |
full year |
85% |
|
Trained on Code of Conduct (face-to-face and/or e-Learning) |
full year |
85% |
|
* Designated Staff reflecting the number of employees per January 1, 2017 in Hay-grade 11 or above, less the number of employees that left the Company during the year. |
||
|
The ratio of completion of Compliance Certificates and Training on the Code of Conduct (face-to-face and/or e-Learning) of Onshore Designated Staff is 97%, that of Offshore Designated Staff 18% (Compliance Certificates) and 21% (face-to-face training and/or e-Learning). |
||
|
OVERALL NUMBER OF FACE-TO-FACE TRAININGS IN 2017: |
|
|---|---|
|
Face-to-face trainings worldwide |
1,179 |
|
OVERALL COMPLETION OF CODE OF CONDUCT E-LEARNING CAMPAIGN 2016-2017: |
|
|---|---|
|
e-Learnings in 2016 |
1,678 |
|
Additional e-Learnings in 2017 |
302 |
|
INTEGRITY LINE REPORTS: |
|
|---|---|
|
Integrity Line reports received under the Company’s Integrity Reporting Policy |
37 |
|
The Company is promoting a Speak Up culture. The nature of the Integrity Line reports over 2017 was predominantly workplace related. |
|
The objectives for 2018 are to continuously strengthen compliance management and control, focusing on the importance of the right behavior and enhancing efficiencies in the management process.