Compliance

Sandvik is bound by international regulations and standards and by the laws of the countries in which it operates. Four compliance programs mitigate risks and meet the requirements of the law as well as stakeholder expectations. These programs address anti-bribery and corruption, competition law, trade compliance, and data privacy.

Enforcement and reporting

The Sandvik Compliance Functional Council includes compliance officers from the business areas and specialist legal counsel at the Group level. It oversees the programs that are implemented by each business area. The council sets requirements, reviews performance and reports to the main board through the Audit Committee. The Council met four times in 2017.

The development in all programs are reported to the Board of Directors on a regular basis. Reporting is designed to provide visibility of program effectiveness and timely advice of risks as they occur.

Employees and other stakeholders are encouraged to report any deficiencies or breaches of Sandvik compliance programs through the Speak Up system. This facilitates rapid identification of risks and enables corrective remediation to take place.

Anti-bribery and corruption

Our policy on anti-bribery and anti-corruption states the following: “Sandvik is firmly committed to fair business practices without any form of bribery or corruption and confirms to comply with anti-bribery laws in all countries where we operate.” This policy applies to all entities and employees within the Sandvik Group and we expect the same high ethical standards from our business partners, suppliers and intermediaries regarding anti-bribery and corruption.

Sandvik’s anti-bribery and corruption program closely conforms to the guidance provided by major regulators with policies and procedures, assessment of bribery and corruption risks, screening and vetting of business partners, training of employees and monitoring and reporting of these activities.

In 2017, Sandvik strengthened group-wide management of commercial intermediaries by acquiring new IT systems support, which facilitates risk assessment, due diligence, ongoing management and monitoring of commercial intermediaries. Sandvik further enhanced penetration and monitoring of anti-bribery and corruption compliance through embedding specific controls into the group-wide risk and control matrix.

Other programs

During the year, the competition law program focused on training and working on compliance issues together with business leaders in the industry.

The trade compliance program addresses customs, sanctions and export controls. In 2017 the program continued to support the business with the changes in the lifting of sanctions in Iran and elsewhere.

The data privacy program was revamped in 2017 for better alignment with the requirements of the EU General Data Protection Regulation (GDPR), which comes into effect in May 2018.

Each of the compliance programs comprise the following:

  • Risk identification and assessment
  • Controls (including policies, procedures and record keeping)
  • Training
  • Enabling and enforcing
  • Follow up, reporting and improvement
  • Organization