Managing compliance

Our business practices are governed by integrity, honesty, fair dealing and full compliance with applicable laws.

Our Corporate Business Principles (pdf, 1 Mb) are the foundation of our corporate culture and describe our core commitments to our stakeholders.

Our Management and Leadership Principles (pdf, 2 Mb) and our Code of Business Conduct (pdf, 76 Kb), form the basis of how we conduct our business.

Our Code of Conduct states: "Nestlé and its employees are bound by the law. Compliance with all applicable laws and regulations must never be compromised. Additionally, employees shall adhere to internal rules and regulations as they apply in a given situation. Those internal rules are specific to the Company and may go beyond what is required by the law."

Please see Human rights for more information on how we are managing human rights.


  • Governance and oversight

    The Chairman, the Chief Executive Officer and other members of the Executive Board are ultimately responsible for the supervision and management of the Group. They're supported by a number of other governance bodies, including our Operations Sustainability Council, Issues Round Table, Audit Committee, Risk Management Committee, Information Security Committee, Research Development Sustainability Council and Group Compliance Committee.

    The Group Compliance Committee, serves as a steering committee for the oversight and coordination of compliance-related activities and initiatives and recommend and implements key compliance initiatives. The Committee:

    • Provides a forum for coordination internally
    • Receives briefings on compliance-related initiatives and provides cross-functional input 
    • Identifies deviations from best practice, makes recommendations and drives the implementation of appropriate action
    • Drives the implementation of the Company's Corporate Business Principles and our policy system and proposes the issuance of minimum standards as appropriate
    • Regularly reports and makes recommendations to our Executive Management and provides updates on its activities to the Audit Committee and in the Company's Annual Report to Shareholders
    • Coordinates the management of complaints received by its members regarding compliance matters and enhances our procedures for the receipt, retention and treatment of such complaints
    • Informs Executive Management if, in the course of fulfilling its responsibilities, important facts arise that reveal material violations of law or other regulations that we must comply with, indicate suspect serious wrongdoings or constitute a serious offence to our reputation
    • Has the authority to conduct or authorise investigations into or studies of any matters within the Committee's scope of responsibilities, and
    • Reviews and reassesses the adequacy of this Charter periodically and makes such amendments as are appropriate

    In 2012, key Group Compliance initiatives included the:

    • Continuous implementation of the Corporate Business Principles and the Code of Business Conduct
    • Acceleration of the deployment of the previously developed state-of-the-art anti-corruption training programme, in close coordination and collaboration with the Legal department
    • Driving of Group-wide implementation of our Integrity Reporting System and providing ongoing support to all our countries of operation regarding the roll out and communication process as well as the best handling and management of actual non-compliance reports
    • Continuous implementation of the Group's Privacy Policy and giving direction in making privacy a mind-set rather than a specific individual or group responsibility
    • Revision of the CARE questionnaire with an expanded scope of review (including now Human Rights and Security as additional topics), and
    • Provision of guidance to Nestlé Continuous Excellence (NCE) with regards to compliance, as one of the NCE foundations

    Integrity Reporting System

    • Nestlé introduced integrity reporting ("whistle blowing") with the launch of its Code of Business Conduct, which clarified reporting channels, allowed anonymous reporting and introduced the protection of both the "whistleblower" and the accused. Building on the commitment in the Code, the Nestlé Executive Board decided in 2011, to gradually make such a system available globally
    • 'The system is implemented in a decentralized manner and is adapted locally to ensure employee acceptance at market level. The complainant leaves a message by phone or via the online system which will be transcribed, translated and sent to the person who has been designated by the Market as Compliance Officer. The complainant receives a log number with which they can call back, this facilitates a dialogue between the complainant and the Company without compromising the former's confidentiality
    • After piloting the Nestlé Integrity Reporting System in Russia, focus in 2012, was on rolling out the system across the Group. The roll-out included a personal endorsement from the CEO. The messages received through the Nestlé Integrity Reporting System were investigated in accordance with Best Practices issued by Group Compliance, and several of the complaints led to findings and consequences. The overall experiences so far are positive and the system is overwhelmingly appreciated both by local management and employees. Importantly, there is little indication that the system is being abused by complaints made in bad faith
    • The "Reporting of non-Compliance Best Practices" provide guidance on how to handle investigations and ensure the protection of both the accused person and the complainant, while ensuring consistent and fair consequence management
    • In 2012, over 180 messages were received through the Nestlé "Integrity Reporting System" related to alleged breaches of the Nestlé Corporate Business Principles or the Code of Business Conduct. All complaints were fully investigated

    Monitoring and audit

    The CARE program was introduced in 2005 as a worldwide program to help verify that Nestlé operations comply with local legislation, the Nestlé Corporate Business Principles and the Code of Business Conduct. The audits, which take place every three years and are performed by three leading independent audit companies, focus on compliance in the following areas: Human Rights and Labour Practices, Business Integrity, Safety and Health, Environmental Sustainability and Security.

    Since November 2005, more than 490 sites (mainly Nestlé factories) have performed CARE audits. We have extended CARE to all Nestlé employees and all sites owned or operated by Nestlé.

    CARE findings are classified in three categories: Minor (isolated and non-repetitive finding or minor issue), Major (systematic finding or major issue or infringement against local legislation), Critical (exceptional issue, which requires immediate information of Nestlé Corporate Compliance Committee). At the end of December 2012, there were no critical findings, only few major findings and mainly, minor findings.

    We have systematic monitoring of the action plans in place.

    In the spirit of continuous improvement and to evolve the CARE program in May 2012, we launched the revised, expanded CARE questionnaire. The labour standards pillar was renamed "Human Rights and Labour Practices" and now also addresses also Human Rights commitments relevant to our operations, includes new and/or rephrased questions that reinforce the audits related to Business Integrity, Safety & Health and Environment, and has an entirely new set of security-related questions.

    We have used the new questionnaire for all CARE audits since October 2012.

    We have carried out 1687 CARE audits since 2005. In 2012, we carried out more than 150 CARE audits.

    CARE gaps identified across all areas of compliance (by severity)


    Human
    Rights &
    Labour
    Practices
    Safety &
    Health
    Environmental
    Sustainability
    Business
    Integrity
    Security
    Of which:
    Minor

    28

    38

    32

    12

    24

    Of which:
    Major

    5

    1

    1

    0

    3

    Of which:
    Critical

    0

    0

    0

    0

    0

    Employee training and engagement

    Our Corporate Business Principles were fully revised in 2011, and reissued to all our countries where we have operations. A sustained communications campaign involving an email to all employees, a satisfaction survey, flyers, presentations and videos at team meetings will be followed up by ongoing work to determine how best to integrate our Principles into key processes. Additionally dedicated training programmes are available for the Code of Business Conduct and our commitment against corruption.

    Security personnel

    Percentage of security personnel trained in the organisation's policies or procedures concerning aspects of human rights that are relevant to operations

    2012
    20%

    This is an estimate and includes, for example, training of third-party security providers to Nestlé Colombia, Nestlé Sri Lanka and in Russia, where the Government has made such training mandatory.