Ensuring legal compliance: guidelines for responsible conduct
Legal compliance is ensured at all company levels at Tchibo. The Tchibo Code of Conduct (CoC) forms the basis for this. It is binding for all employees of Tchibo GmbH and the international business units, and governs our dealings with business partners and customers. The CoC is based on the fundamental conventions of the International Labour Organisation (ILO) and among other things prohibits all forms of corruption, and granting or accepting of an undue advantage. If an employee violates any of the principles, they face sanctions under labour law. We regularly train our managers in the application of our CoC. Once a year, managers confirm in writing that they understand the rules of the CoC, that they have complied with them and have reported any breaches they have become aware of. In addition, by signing, they affirm that they have explained the CoC to their staff and that they are monitoring compliance with the CoC. Every new employee receives a copy of the CoC. We inform our employees about new developments via the intranet as well as directly, through their supervisors.
Compliance with the CoC is verified in internal audits by the Group auditors of maxingvest ag. A whistleblowing hotline operated by an independent body serves as an anonymous point of contact so that employees, suppliers and customers can report possible cases of misconduct. If necessary, the information received is forwarded anonymously to an ombudsman council as an internal examining body. The ombudsman council consists of various heads of department at maxingvest ag and Tchibo GmbH, as well as the chairman of the works council. Grievances can also be reported to the works council, the Human Resources department, the Legal department, the Directorate of Corporate Responsibility, and the Group Audit department.
Beyond this, Tchibo has been a member of the UN Global Compact since 2009, which means it has pledged, among other things, to actively combat corruption. We continuously conduct training for employees in the relevant departments, such as Purchasing and Sales, in order to make an active contribution.
Identify and prevent: risk management
Our business is subject to various risks – e.g. from currency fluctuations or environmental incidents that can have an impact on commodity prices. As part of our integrated risk management system, we identify these risks and take preventive measures to limit them. We make a fundamental distinction here between company risks and supply chain risks.
We carry out risk inventories to take stock of all material risks, which we break down into a risk cluster with three categories: short-term operational risks, one-off risks, and strategic risks. Within these categories a further differentiation is made. Risks that are acutely threatening are immediately reported to the management at the time they occur. This allows us to quickly control potential threats. An update on the development of risks is incorporated into Tchibo's steering and planning systems several times a year. The Internal Audit department reviews the effectiveness of the risk management, and informs the Management Board and Supervisory Board of this in regular risk assessment reports. The Boards determine the scope of review for the Internal Audit department. Information on threatening risks is immediately communicated to the Boards. For example, as a trading company, Tchibo is exposed to the risk of saturated or shrinking core markets – which would lead to stagnating or declining sales. We guard against this risk with an innovative product policy and international growth. Because the global retail landscape is changing, along with customer behaviour, we have further strengthened the e-commerce sector, and introduced cross-channel services and an attractive permanent range of products.
To prevent risks in the area of procurement, we integrate social and environmental requirements in our procurement and quality processes. For instance, we are gradually reducing the number of suppliers we use for our consumer goods, developing the remaining suppliers into strategic partners, and supporting them with the Worldwide Enhancement of Social Quality (WE) qualification programme. In our issues management, we analyse the relevant concerns of our stakeholders on an ongoing basis. For instance, in 2014 we decided to integrate the standards underlying Greenpeace’s DETOX Commitment into our purchasing and quality processes. Beyond this, we also practice resolute supplier monitoring as part of our risk management.
The new data protection standards under the EU General Data Protection Regulation (GDPR) pose a variety of challenges for companies – and Tchibo is no exception. More than before, data protection, as a management issue, is required to be integrated into all relevant business processes. In this way, we aim to meet the documentation and risk assessment requirements even better. Raising awareness among our employees and a clear distribution of tasks within the national and international business units are as essential to this as the development of a clear target vision.
In 2016, despite our careful handling of the information entrusted to us by our customers and our employees, and our three pillars of data economy, transparency and security, we failed to fully meet the requirements placed on us in two cases, when faulty configurations arose during system changeovers. Quality assurance mechanisms are being implemented and will prevent a recurrence of such lapses in future.