Global Policy on Bribery, Fraud and Corruption
Introduction
As stated in the Xstrata Statement of Business Principles, Xstrata is committed to the highest standards of personal and professional ethical behaviour. We will not tolerate any incident of Bribery or Fraud, committed by Xstrata employees and Associated Persons, either from within or outside the Group, and will take consistent and swift action (including dismissal and legal action), against those persons committing Bribery or Fraud, irrespective of length of service or position.
Xstrata complies in full with the laws and regulations of those countries in which we operate, and in particular will comply with the UK Bribery Act, the US Foreign Corrupt Practices Act and such similar laws existing in or applying to other jurisdictions in which we operate.
This Policy should be read in conjunction with the Xstrata Statement of Business Principles, Sustainable Development Standards, Code of Conduct and Third Party Due Diligence Standards. Collectively, these documents set out the necessary Bribery and Fraud prevention, detection and response processes and controls, which Xstrata and its Business Units must implement worldwide to ensure an appropriate Bribery and Fraud Prevention Framework is in place.
Defined Terms
The following terms have the meanings set out below for the purpose of this Policy.
The terms may also have specific legal meanings in the particular countries in which
Xstrata operates:
Associated Persons means anyone who is engaged or paid to represent any entity in the Group and includes agents, representatives, intermediaries, introducers, sponsors, consultants, contractors and advisers whose ability to represent such entity is established or implied by the terms of their arrangement.
Bribery is the giving, offering or receiving of any advantage, which need not be financial, including any payment, gift, loan, fee, or reward, to or from any person in order to influence them corruptly or improperly in the exercise of their duty.
Fraud is any corrupt, dishonest or false representation, failure to disclose information, abuse of position or use of deception, in each case, with the intention of making a gain, avoiding an obligation or causing loss (or the risk of loss) to another party, including theft.
Group means Xstrata plc, Xstrata (Schweiz) AG and any business which is directly or indirectly wholly or majority owned, managed, or controlled by Xstrata plc or Xstrata (Schweiz) AG.
Purpose
This Policy is produced to:
- assist in the prevention of Bribery and Fraud;
- ensure that Xstrata has adequate procedures in place to prevent any Bribery and
Fraud; - explain the procedures to be followed by Xstrata management and staff when
there is evidence or a suspicion of an incident of Bribery or Fraud having been
committed; and - describe the reporting and investigation procedures in this situation.
Application of Policy
This Policy applies across the Group to all subsidiaries and joint ventures controlled by
Xstrata and to all employees, officers and directors of those entities. Xstrata must also
apply this Policy to Associated Persons as a condition of the Associated Person’s
engagement. The Policy reflects Xstrata’s minimum requirements. Business Units may
supplement it, where appropriate, by adding additional requirements or guidance
relevant to their own businesses.
Bribery and Fraud Prevention Framework
The key components of Xstrata’s Bribery and Fraud Prevention Framework are shown below. This framework ensures that the necessary and adequate procedures are in place to comply with the UK Bribery Act and the US Foreign Corrupt Practices Act, and such similar laws existing in other jurisdictions in which we operate.
BRIBERY AND FRAUD PREVENTION, DETECTION AND RESPONSE FRAMEWORK | |||
| Leadership, Governance and Control Framework | Prevention | Detection | Response |
| Group Board | Senior management oversight | Bribery and Fraud identification | Investigations |
| Audit Committee oversight | Code of Conduct | Auditing & Monitoring | Enforcement & Accountability |
| Group Executive Committee | Third Party Due Diligence Standards | Mechanisms for reporting bribery and fraud | Corrective actions |
| Xstrata Statement of Business Principles | Training | ||
| Global Policy on Bribery Fraud and Corruption | Communication | ||
| Group Internal Control Framework | Bribery and Fraud Risk Assessment | ||
| Internal Audit Processes | |||
These procedures will be reviewed and updated on an ongoing basis, as appropriate.
A. LEADERSHIP, GOVERNANCE AND CONTROL ENVIRONMENT
1. Group Board
The Global Policy on Bribery, Fraud and Corruption has been approved by the Xstrata plc Board of Directors and oversight of the Policy has been delegated by the Board to its Audit Committee. Xstrata strongly believes that it has a responsibility to take an active stand against Bribery and Fraud. This extends to all Xstrata’s dealings and transactions wherever it conducts its business. Accordingly, Xstrata has adopted a policy of zero tolerance towards Bribery and Fraud, as reflected in Xstrata’s Statement of Business Principles, and in this Policy.
2. Chief Executive and Executive Committee
The Chief Executive, the Executive Committee of Xstrata (Schweiz) AG, and the Chief Executives of the Business Units are responsible for providing leadership, resources and active support for implementing the Policy and the Chief Executives of the Business Units are responsible for ensuring that the Policy is applied within their Business Units.
Business Units are required to provide Letters of Representations to the Group management for the purposes of the Group’s Annual and Interim Financial Statements that they are aware of the requirements of this Policy including the Code of Conduct, Training and Third Party Due Diligence Standards, that the necessary controls have been implemented and regular monitoring is undertaken within their Business Units.
3. The Bribery and Fraud Control Environment
This is supported by the Group’s Internal Control Framework and risk management processes which are reviewed by the Group Board and the Audit Committee. The internal control, internal audit and risk management processes are the means by which the Audit Committee is kept assured of the effective implementation and monitoring of this Policy.
B. PREVENTION
1. Senior management role
The Chief Executive and Business Unit Chief Executives take responsibility for the effectiveness of the Policy and take a visible and active role in ensuring that the requirements of the Policy are effectively applied within the Business Units and that the required resources are made available.
2. The Xstrata Code of Conduct
(i) The Code of Conduct document describes in detail Xstrata’s policies on:
- the persons to whom the Code applies, including application to Associated Persons;
- gifts and hospitality;
- payments to public officials;
- specific areas or situations which may present the risk of Bribery and Fraud occurring, as ascertained by regular evaluation and assessment, by reference to the countries in which Xstrata operates, its business operations and business practices; and
- dealing with specific business issues in a transparent and business ethical manner.
(ii) The Code of Conduct also explains:
- the procedures for approval, recording and accounting of payments, gifts and hospitality;
- the sanctions and penalties that may apply to individuals and/or to Xstrata in the event of breaches of the rules, including disciplinary sanctions that may be imposed.
3. Third Party Due Diligence Standards
(i) All Xstrata Business Units are required to comply with the standards set out in the Third Party Due Diligence Standards.
(ii) The Third Party Due Diligence Standards are designed to ensure that our ethical standards are applied where Xstrata is doing business through Associated Persons and in connection with transactions entered into by Xstrata, whether acquisitions, joint ventures, partnerships or other major contracts.
(iii) The Due Diligence Standards include requirements for:
- consultation with Corporate and Business Unit legal counsel before engaging an Associated Person, entering into a joint venture or partnership, acquiring a company, business or significant asset, or agreeing to a major contract;
- the elements of the due diligence process that should be undertaken;
- the way in which the due diligence process should be documented;
- the form and substance of the representations or warranties that may be appropriate to address Bribery and Fraud in any such contract;
- following implementation of this Policy and periodically thereafter reviews by Business Units of arrangements with Associated Persons or counterparties;
- identifying ‘Red Flag’ issues giving rise to potential Bribery or Fraud concerns; and
- specific issues such as entering into success fee arrangements with Associated Persons.
(iv) An anti-Bribery toolkit that can be used for due diligence purposes and which contains contract precedent clauses is made available to the Business Units.
(v) Anti-corruption intelligence software is made available to the Business Units which provides them with the necessary data to perform profiling and background checks on individuals/companies to determine the ethical standing of the party prior to entering into any formal business relationship.
(vi) Xstrata Audit Services has responsibility for auditing compliance with the Third Party Due Diligence Standards.
4. Training
The Training Programme is devised to provide specific training to Xstrata managers and employees. This is provided on a continuing basis and appropriate to the needs of and risks relating to their work. Managers within the Business Units are responsible for identifying those employees within Xstrata who should undergo training and the type and level of training that is appropriate.
Training is delivered by a variety of means including web based tools, electronic means, in groups or in one to one sessions, as appropriate.
Business Unit managers are also responsible for identifying circumstances where it is appropriate for training to be extended to Associated Persons.
5. Communication
(i) Internal
The key objectives of internal communications are to ensure that all Xstrata employees, officers and directors are aware of the Policy, Code of Conduct and Third Party Due Diligence Standards, and the importance the Group places on countering Bribery and Fraud.
(ii) Associated Persons
Associated Persons must also be made aware of this Policy, the Code of Conduct and Third Party Due Diligence Standards through appropriate contractual arrangements in the engagement of such Associated Persons.
(iii) External
External communications are used to inform Xstrata’s stakeholders of its policies and practices.
6. Bribery and Fraud Risk Assessment
The risk of Bribery and Fraud is seen as an integral part of general risk management within Xstrata. Risk evaluation within Xstrata is carried out using a business process approach. This entails the identification of critical business processes, identification of risk associated with each process and the development of effective, efficient and transparent controls to reduce exposure to identified risks. As such, risk management activities include the estimation of the likelihood and impact of the occurrence of Bribery or Fraud.
Business Units are required to report annually to their Audit Committees confirming their Bribery and Fraud risk assessments and treatment plans. Business Units must also provide a Letter of Representation to the Group management for the purposes of the Group’s Annual and Interim Financial Statements.
7. Internal Audit Processes
Internal audit is a fundamental element of the processes by which the Xstrata Board and Executive Management obtains the assurance it requires that Xstrata’s risks are properly identified, evaluated, and managed.
The primary role of internal audit within Xstrata is that of risk assessment, evaluating controls in place to effectively mitigate risks and determining the levels of compliance with these controls. Consistent with Xstrata’s risk management processes referred to in section B6 above, risk based audit plans are prepared and approved by the relevant Audit Committees on an annual basis and Xstrata Audit Services completes audits in accordance with these plans.
In the context of Bribery and Fraud, in performing its audit activities in accordance with the risk based audit plans Xstrata Audit Services determines the Group’s Bribery and Fraud risk profile and assesses the effectiveness of controls implemented to address these risks.
All control weaknesses identified during all audits are communicated in a standard reporting format, which includes agreed remedial action, to the relevant Business Unit management. Details of any Bribery and Fraud risks identified by Xstrata Audit Services that could result in financial loss and/or reputational damage to Xstrata (together with the audit steps taken to detect such risks) are shared with the Business Units and remedial action required to address any Bribery and Fraud risks identified is agreed.
The results of all audits are reported to the Xstrata plc and Business Unit Audit Committees, with all serious control shortcomings highlighted.
C. DETECTION
1. Identifying Bribery or Fraud
The responsibility for considering this issue, and the implementation of an appropriate strategy to effectively deal with Bribery or Fraud risks, lies with Business Unit and Group Management. The initial responsibility for identifying instances of suspected Bribery or Fraud risks lies with each Business Unit. It remains the responsibility of all personnel to be vigilant of the risk of Bribery or Fraud and to report any suspicion or incident of Bribery or Fraud, or any concerns about any risks in this regard, through the facilities and processes provided by Xstrata (see sections C3 and C4 below) as soon as any issue arises.
2. Discovery through Auditing and Monitoring
The internal audit process is described in section B7 above.
In the event of Bribery or a Fraud being discovered during the performance of an audit, the matter is reported to Head of Xstrata Audit Services, who will decide if the matter warrants a detailed investigation as discussed in section D1. Fraud and Bribery related matters are also reported to Business Unit and Xstrata plc management and Audit Committees as discussed in section C3.
3. Reporting Bribery or Fraud
Employees should raise concerns and violations as early as possible.
If an employee or other person feels that, due to reasons of confidentiality, a report of a suspicion or incident of Bribery or Fraud cannot be given to his/her supervisor/manager then the employee should report the matter through the confidential Ethics line or the confidential email address, as described in more detail in section C4 below.
In all other cases the employee should report any suspicion or incident of Bribery or Fraud to his/her supervisor or manager. The supervisor/manager shall advise the most senior manager at the operating site at which the informant is employed. After performing some initial work as swiftly and discreetly as possible to gauge the veracity of the allegations, the senior official must inform the CBU Risk Manager who will then inform the following Xstrata management:
Where the amount involved is not expected to exceed US$25,000
- Business Unit Chief Executive
- Business Unit Chief Financial Officer
- Regional Head of Group Internal Audit Services (Xstrata Audit Services)
- Business Unit Human Resources Manager (when applicable)
- Business Unit Legal Counsel
- Group Insurance Manager (when applicable)
Where the amount involved is expected to exceed US$25,000 or, irrespective of the value, it could have serious reputational consequences for Xstrata, or involves a senior official, then in addition to the above, the following Xstrata management shall be notified:
- Group Chief Executive
- Group Chief Financial Officer
- Group Legal Counsel
- Group Head of Corporate Affairs
- Global Head of Audit Services
The template included as Appendix 1 (refer to pdf) details the information to be included in the report.
4. Whistleblowing
Where for good reason the discovering employee cannot report the suspicious activity to his immediate superior, he should make use of either the toll-free Ethics call line operated independently on Xstrata’s behalf by KPMG, telephone numbers for which are set out on the back page of the Statement of Business Principles, or the confidential email address: ethics@xstrata.com.
Any concerns reported through the call line will be treated as confidential (subject to any legal constraints) and relayed in confidence to the Head of Xstrata Audit Services for appropriate action. E-mails to ethics@xstrata.com are read only by the Head of Xstrata Audit Services, who is independent of management and has a direct reporting line to the Xstrata plc Audit Committee.
The Head of Xstrata Audit Services will determine the most appropriate method to investigate the substance of the claims (see section D1 below) and ensure that there is appropriate monitoring of progress until the matter has been satisfactorily resolved. The Xstrata plc and Business Unit Audit Committees are informed of all matters reported on the call lines or sent to the email address.
Where the person reporting the activity has acted on the basis of a legitimate concern, no penalties will apply and their identity is kept confidential to provide protection against discrimination or retaliation after the event. A protected disclosure indemnity is provided by Xstrata, if requested by persons making a report.
D. RESPONSE
1. Detailed investigation
Where an initial report of potential Bribery or Fraud has been made under the procedure described in section C above (and the pro forma report in Appendix 1), the delegated Business Unit representative in collaboration with the Regional Head of Xstrata Audit Services will liaise with Business Unit Legal counsel and/or Group Legal counsel (as appropriate) to determine whether the report warrants a detailed investigation. Where a detailed investigation is appropriate, an investigating officer or team possessing the necessary forensic expertise will conduct the detailed investigation under the direction of Xstrata Audit Services.
Legal Counsel will advise on the conduct of the investigation to ensure that due process is followed in conducting the case and, on the conclusion of the investigation, including any actions to be taken as a consequence of the findings.
(i) Security of Evidence
The person delegated with the responsibility for the investigation, is responsible for ensuring that evidence, physical assets and records, which may be used in subsequent investigations, are secured at an early stage of the investigation.
Personnel being investigated for suspected Bribery or Fraud may be denied access to Xstrata’s premises and information systems.
The details of investigations performed and documentation produced are to be managed and retained in accordance with Xstrata’s Data Protection and Privacy Policy.
(ii) Personal Security
Consideration is given to the need to provide security, or access to security, for the
person reporting the suspicion or incident of Bribery or Fraud, members of the investigating team and employees closely associated with the gathering of evidence.
Retaliation against anyone for raising a legitimate concern or assisting to address Bribery, Fraud or other ethical matter is not tolerated by Xstrata. Retaliation is grounds for serious action to be taken against the guilty party which could include dismissal.
The principles of natural justice will be applied in all cases against any person being investigated following an allegation of Bribery or Fraud.
2. Enforcement and Accountability
Any disciplinary action to be taken in connection with any suspected or actual incident of Bribery or Fraud will be established by the investigating team in conjunction with the appropriate Business Unit Chief Executive, Human Resources Manager and Legal Counsel.
3. Corrective actions
(i) Disclosure of the results and root cause remedies
A report will be prepared for each investigation performed and will include
identification of root causes of the incident/violation (control gaps/deficiencies,
collusion, systems penetration or sabotage etc). Following thorough consideration
and analysis of these findings, remedial actions are taken to address the identified
deficiencies/gaps including but not limited to amending existing or implementing
new procedures and controls, improving existing or implementing new systems,
increasing assurance activities, and requesting Associated Persons to make changes
to their systems or processes to address identified causes.
The results of all incidents investigated are reported to the respective Business Unit
and the Xstrata plc Audit Committee by Xstrata Audit Services.
For completeness, the respective Chief Financial Officers are responsible for tabling
a report covering all incidents of common theft and other misappropriations
uncovered and investigated by local operational staff and in particular Security
personnel. This will take the form of a misappropriation report tabled half yearly at
the January and July Business Unit Audit Committee meetings.
(ii) Communication to employees
Appropriately limited information in relation to incidents of Bribery or Fraud
committed and action taken may be communicated to employees, for example
where this is necessary to emphasise that incidents of unethical business behaviour
will not be tolerated by Xstrata.
(iii) Loss/damage recovery actions
Based on the results of the investigation performed, all actions possible are taken,
with external assistance where required, to recover Xstrata funds or assets
misappropriated.
Based on the results of the investigation, consideration is given to the possibility of
legal proceedings against the offending parties to obtain the appropriate remedies.