One of our four values is trust. Trust requires integrity, honesty and incorruptibility. Compliance with all the legal requirements that apply to Continental AG and its subsidiaries and its internal regulations by management and employees has therefore long been a goal of the company and an integral part of its corporate culture. In addition to our corporate guidelines, OUR BASICS, this is reflected in particular in our sustainability ambition and the Code of Conduct that is binding for all employees. The Executive Board is firmly committed to these principles and that of “zero tolerance,” particularly with regard to corruption and antitrust violations.
The basis of our compliance management system (CMS) is a comprehensive analysis of the compliance risks to which the company is exposed. The company and its business activities are examined in terms of potential compliance risks that can arise, for instance, from its structures and processes, a specific market situation or even operations in certain geographic regions. This takes into account, for example, the results of regular corporate-wide reporting on compliance risks in the governance, risk and compliance (GRC) system, the findings of investigations by the Group Audit department, and external sources such as Transparency International’s Corruption Perception Index. This analysis is substantiated and expanded primarily by a series of discussions with management and employees at all levels and at our training events. The risk analysis is not a one-off procedure, but is constantly reviewed and updated.
The head of the Compliance department manages the compliance organization in operational terms. The person holding this position is subordinate to the corporate compliance officer, who reports directly to the chief financial officer. The focal area of the work of the Compliance department is preventing violations of antitrust and competition law, corruption, fraud and other property offenses, and infringements of regulations for the prevention of money laundering. For other areas in which there is a risk of compliance violations, responsibility for compliance management lies with the respective functions that have performed these duties competently for a long time and are supported in these tasks by the Compliance department.
The CMS consists of the three pillars of prevention, detection and response:
- The first pillar of CMS – prevention – serves to maintain and further develop a general culture of compliance. This begins with setting an appropriate “tone from the top” by the Executive Board and management and, in addition to risk analysis, includes in particular employee training. Here, we attach great importance to inperson events at which we can address employees personally and directly and discuss their questions. Due to the restrictions caused by the COVID-19 pandemic, we are currently conducting most of this training in the form of webinars. We use e-learning programs as well. Prevention is also fostered by consultation on specific matters with the Compliance department and by the internal publication of guidelines on topics such as antitrust law and contact with competitors, giving and receiving gifts, and sponsoring. Continental introduced the Business Partner Code of Conduct to prevent compliance violations by suppliers, service providers or similar third parties that could have negative repercussions for Continental, or that could be attributed to the company under laws such as the UK Bribery Act. This must be recognized as a basic requirement for doing business with Continental. If necessary, third-party due diligence can be performed with regard to compliance issues. Another key element of preventive compliance is communication measures, which are carried out on a regular basis. These include video tutorials on compliance, as well as Compliance Days and Compliance Games that are organized by the individual locations with the support of the compliance organization. They, too, have been converted to a digital format.
- The second pillar of CMS – detection – comprises regular and ad hoc audits. In addition, compliance is always a subject of audits carried out by the Group Audit department. Continental has set up the Compliance & Anti-Corruption Hotline to give employees and third parties outside the Continental Group the opportunity to report violations of legal regulations, its fundamental values and ethical standards. Information on any kind of potential violations, such as bribery or antitrust behavior, but also other offenses or accounting manipulation, can be reported anonymously via the hotline where permissible by law. The Group Audit and Compliance departments investigate and pursue all tips received by this hotline. The hotline is available worldwide in many different languages. The number of tips received by the hotline has risen steadily over the past few years. We see this as a sign of increased awareness of compliance topics and as a success in our compliance work. Since the start of the COVID-19 pandemic and the associated restrictions, we have recorded a decline in the number of tips received.
- The third pillar of CMS – response – deals with the consequences of compliance violations that have been identified. The Compliance department is involved in decisions on measures that may be required, including any individual sanctions. Furthermore, the Compliance department conducts a thorough analysis of such events to ensure that isolated incidents are not symptoms of failings in the system, and to close any gaps in prevention and continuously further develop the compliance management system.
In 2016, the design, implementation and effectiveness of Continental AG’s CMS for the areas of anti-corruption, competition/antitrust law, fraud and other property offenses were audited in accordance with Audit Standard 980 of the Institut der Wirtschaftsprüfer e. V. (IDW) and were issued an unqualified review opinion.
Material compliance-related matters and risks are described in more detail in the report on risks and opportunities starting on page 99, and in the notes to the consolidated financial statements (Note 36).