EVRAZ plc – Annual report – 31 December 2018
Industry: steel, mining
Anti-corruption and anti-bribery
EVRAZ has always striven for consistency in its strict compliance with the Law of the Russian Federation No. 273 “On Preventing Corruption”, the UK Bribery Act, the US Foreign Corrupt Practices Act and other relevant local legal equivalents. Battling bribery and unethical practices are core aspects of its anticorruption efforts.
The Group has a developed system of well-documented and adhered to procedures which define compliance managers’ routine. Today, compliance specialists scrutinise all tender procedures, check potential and existing business partners, vet prospective new candidates and ensure that the principles set forth in the Anti-corruption Policy, Code of Conduct and other relevant policies are followed conscientiously and fully.
Policies and regulations
All EVRAZ subsidiaries comply with the Code of Conduct and Anti-corruption Policy, the top-level documents that define the norms of ethical and responsible behaviour for employees in all circumstances. These and other relevant policies are available on the corporate intranet and employees bear personal responsibility for full compliance with them. Employees are consistently encouraged to seek guidance from compliance managers whenever they have questions about the expected course of action in difficult situations or when they want to voice concerns about known violations.
The Group seeks to ensure that compliance managers are present at every major asset and are responsible for handling anti-corruption and anti-bribery matters. They investigate possible noncompliance with policies; monitor charity payments and hospitality spending; and act on whistle-blower allegations of possible bribery, corruption, fraud and malfeasance. They then present their findings and recommendations to local managing directors, the Group’s compliance manager and specialists reporting to the senior vice president for business support. The latter review investigation results to liaise with senior management as necessary. The Group’s compliance manager routinely informs the Audit Committee about the status of ongoing anti-corruption efforts and prepares memos at the committee’s request.
Employees have access to a brief summary of relevant anti-corruption policies as well as links to the full texts of top-level documents on the corporate intranet. Where necessary, the compliance managers discuss the essence of the adopted rules and procedures with all interested parties.
At the end of each calendar year, compliance managers perform a comprehensive analysis of potential anti-corruption risks across all assets. For this purpose, they consider every business process and redefine key risk areas if necessary. Each area is then evaluated to see if existing controls and procedures effectively mitigate the associated risks. EVRAZ has a declared policy of zerotolerance for bribery and corruption. The Group uses every means to investigate carefully and discretely all signals suggesting potential violations of applicable law and key internal anticorruption policies.
As the Group’s business processes are stable and consistent year to year, compliance managers typically examine the same following processes for signs of risk:
• Purchase of goods or services
• Sale of goods, works and services
• Business gifts, hospitality, entertainment and travel expenses
• Charity and sponsorship
• Interaction with government authorities
• Hiring and transferring staff
• Vetting contractors or customers
• Contract approval
• Group property management
When doing so, managers apply the methodology developed jointly by the compliance, internal audit, legal, and business support functions specifically for this purpose. According to the methodology, random events (current and past) are evaluated for signs of predefined risks. Such events can include tenders, contract approvals, specific purchases, inventory checks, charitable donations, etc.
The compliance managers meet with responsible managers of each asset to inform them of the revealed risks and discuss threats to recommend further actions. The compliance managers then monitor any corrective measures that are undertaken to mitigate the discussed risks.
At the beginning of the following year, the Group’s compliance manager presents a consolidated analysis to the Audit Committee.
In early February 2018, the compliance officer presented to the Audit Committee the analysis for 2017, which revealed no significant violations of anti-corruption statutes or cases of noncompliance with Group policies.
Examples of anti-corruption risks tested in the Group’s business processes
In the process “sale of goods, works and services”, compliance managers defined risk indicators to look and then test for:
• Goods are sold at prices and on terms that are significantly different from the market average;
• Goods, works and services are sought to be sold via middlemen and agents when direct contracts are possible;
• There are discounts or mismatched conditions set in supply contracts that contradict the Group’s trade policy requirements.
Other corruption risk indicators here include unexplained/unjustified bonuses to the buyer based on the amount of purchased products, lack of primary and shipping documentation, and granting a delay in payment that violates the current internal requirements.
So, random transactions – recent or past
– are singled out and carefully considered for signs of said risks. Should compliance managers reveal systemic or significant violations of anti-corruption procedures, this is drawn to the attention of the Group’s compliance manager and the top management, locally or at the Group level. Compliance managers then ensure that risks are properly addressed and mitigated.
Similarly, compliance managers further examine every major process for signs of corruption risks, unethical practices or bribery. So, in another example, they consider charity and sponsorship payments to make sure:
• There were no violations of the approval procedure for charity and sponsorship projects;
• All the required and correct documents were properly supplied for consideration to decide if the charity or sponsorship payment can be made;
• Potential recipients of charity or sponsor support are allowable in accordance with the internal policy.
Key developments in 2018
The compliance function of EVRAZ did not initiate any investigations of its own into signs of bribery in 2018. Meanwhile several signals about potential collusions between company employees and vendors came to hotline and were carefully investigated. Certain suspicions about potential fraudulent schemes between some unscrupulous managers and suppliers/providers also led to investigations initiated by Direction of control over business procedures. In the past year there were over twenty such investigations five of which revealed fraudulent intent. The involved employees were terminated and necessary measures to improve controls were taken.
The rather low number of such confirmed violations results from the Group’s ongoing preventive efforts, the clear tone from the top and employees’ adherence to the anti-corruption requirements set forth in its policies.
The Group has additional compliance control measures in place for payments to non-resident companies (specifically offshore entities), which have proven their effectiveness.
Following a request from the Board, the management together with Linklaters have developed in-person training for the management team to ensure compliance with the EU Market Abuse Regulation. The training was delivered on 25 May 2018 in EVRAZ Moscow office for a team of 30 managers. It was based on the topics covered in the EVRAZ Compliance Manual and was followed by a test. Going forward, the management will discuss refresher training as and when required.
In addition, about 2,500 more managers in the whole of EVRAZ Group have completed online anti-corruption training developed by Thomson Reuters. Overall, compliance managers have so far assigned close to 11,000 licenses to employees whose functions and areas of responsibility warrant such training. The programme will continue in 2019. Gradually, those previously trained will receive invitations to refresh their active knowledge of anti-corruption principles and best practices.
This course by Thomson Reuters defines bribery and corruption and examines the implementation of anti-bribery legislation in Russia. The training also covers a business-wide system of controls aimed at managing and reducing bribery risks.
The key learning objectives are to:
• Confirm the Group’s position and full compliance with applicable anti-corruption laws
• Explain the Group’s systems and controls to manage the risk of bribery and corruption
• Help identify the damaging effects of bribery and corruption
• Highlight red flags, eg warnings about possible illegal payments or other corrupt activities
The course aims to provide guidance regarding how to apply anti-bribery laws to relevant business scenarios.
For additional information, see EVRAZ first Sustainability Report for 2018, which is to be published in May 2019.
Outlook for 2019
In 2019, the Group’s compliance managers will revisit the methodology applied in risk assessment to analyse its effect year-to-year and will update it together with internal audit and legal specialists. The set of anti-corruption policies will be updated to reflect certain changes that have taken place within the compliance system since its launch. Finally, there are plans to design in-house Group-specific training modules to complement the anticorruption course provided by Thomson Reuters that is currently in use.