Our Compliance Management System

Our Compliance Management System (CMS) consists of basic principles and measures intended to ensure rule-based behavior throughout the company. The CMS is based on national and international standards and is applied on a global scale at all Daimler AG units and majority holdings. The CMS consists of seven elements that build on one another. (See graphic E.07)

Daimler GB2017 E.07 Daimler Compliance Management System

Our compliance values and goals

Our Compliance Management System (CMS) is designed to help Daimler and its employees avoid inappropriate or illegal behavior. The measures needed for this are defined by Group Compliance and the Legal department in a process that also takes the company’s business requirements into account.

Our compliance organization

Group Compliance and the Legal department play a major role in ensuring that applicable regulations are adhered to throughout the Group. Our compliance organization is structured in a divisional and regional manner, while our Legal department is organized regionally and along the value chain. These structures enable us to provide optimal support and advice to our divisions. A contact person is made available to each function, division and region. In addition, a global network of local contact persons make sure that our standards are met throughout the Group and also help local management at selected Daimler facilities and sales companies implement our compliance program.

Compliance risks

We systematically pursue the goal of minimizing compliance risks, and we analyze and assess the compliance risks of all our business units every year. These analyses are based on centrally compiled information on all business units and take into account specific additional details in line with the given risk assessment. The results of the analyses form the basis of our risk management.

Compliance program

Our compliance program comprises all the principles and measures designed to reduce compliance risks and prevent violations of regulations and laws. The individual measures, which are based on the knowledge gained through our systematic compliance analyses, focus on the following aspects:

The whistleblower system BPO (Business Practices Office) enables Daimler employees and external whistleblowers to report misconduct anywhere in the world. The BPO is available around the clock to receive information that is sent by e-mail or normal mail. Such information can also be provided to the BPO by calling an external toll-free hotline or by filling out a special form. Reports can be submitted anonymously if local laws permit this. In Germany, reports to the BPO can also be submitted via a neutral intermediary, who in this case is an independent external attorney. The information provided to the BPO enables us to learn about potential risks and specific violations and thus prevent damage to the company and its reputation. A globally valid corporate policy aims to ensure a fair and transparent approach that takes into account the principle of proportionality for the affected parties, while also giving protection to whistleblowers. In an effort to increase trust in our whistleblower system and make it even better known within the Group, we have established a continuous communication process that includes the periodic provision of information to employees about the type and number of reported violations, as well as the staging of informational and dialogue events at our locations.

A total of 95 new BPO cases were opened in 2017. During the year under review, 96 cases were closed, 61 of them “with merit,” which means the initial suspicion was confirmed. Three of these cases were categorized as “corruption.”

With regard to those cases that are closed “with merit,” appropriate response measures are decided in line with the principles of proportionality and fairness. Such measures are only taken if the investigation of the case in question leaves no doubt of misconduct on the part of the accused individual(s). Measures taken in 2017 included the issuing of verbal and written warnings and final warnings, as well as seperation agreements and extraordinary terminations. In some cases, there were claims for damages, while in others those guilty of violations stepped down voluntarily.

Compliance on the part of our business partners. We also require our business partners to adhere to clear compliance requirements because we regard our business partners’ integrity and behavior in conformity with regulations as an indispensable precondition for trusting cooperation. In the selection of our direct business partners, we therefore ensure that they comply with the law and observe ethical principles. In financial year 2017, we began reviewing our standardized process for examining all of our business partners (Business Partner Due Diligence Process) and implementing ongoing monitoring measures to increase process effectiveness and efficiency. Back in 2016, we published a “Compliance Awareness Module” that can be made available to our business partners on request and is designed to increase their awareness of the latest compliance requirements. We also reserve the right to terminate cooperation with business partners who fail to comply with our standards. For the expectations we place on our business partners, see also daimler.com/nh/ugb.

Communication and training

Our extensive training courses are based on our Integrity Code. The integrated training program is defined on the basis of an annual planning cycle that includes everything from a needs analysis to the implementation of the program and a monitoring process. Among other things, the program covers the topics of integrity, compliance (including corruption prevention and technical compliance), data protection and antitrust law. Depending on the risk and the target group, we use classroom training or digital learning techniques such as web-based training courses.

Every employee with e-mail access who works at a Daimler-controlled company can participate in a web-based and target group-focused training program consisting of several modules — a basic module, a management module (for managers) and expert modules on antitrust law, data protection, procurement, sales, and non-cash rewards for employees etc. This program is being continuously expanded in line with the requirements of specific target groups.

With the exception of industrial employees, employees are automatically assigned mandatory modules relevant to their role and function. This ensures that each employee is given exactly the modules needed for his or her line of work. These training modules are assigned when an employee is hired, promoted, or transferred to a position that involves a heightened risk. This approach ensures that all personnel changes are properly addressed. In general, the program must be repeated every three years.

A new mandatory version of the training program was rolled out at the end of the year under review. The web-based training courses are supplemented by classroom training sessions that are conducted by central or local trainers. We provide our internal trainer network with modular training documents and materials for the methodical implementation of the courses. Such materials include a guideline for trainers and explanatory videos that can be used in a target group-specific manner in accordance with the risks associated with the functions of the participants. A total of approximately 96,300 employees from various hierarchy levels attended a classroom training course or participated in web-based training courses in 2017.

Our integrated training program also includes target group-specific qualification measures that help staff at Group Compliance and the Legal department address changes to regulations and the legal framework. In addition, all new employees at both departments attend a special practical seminar that offers a comprehensive introduction to this topic.

All of these training measures contribute to the permanent establishment of ethical and compliant behavior at the company and also help our employees deal with specific issues that can occur at work. The same is true of the new Daimler app for integrity, compliance and legal affairs. The app can be downloaded and used by all employees with an iOS company owned device. Among other things, the app enables mobile access to information on corruption prevention and antitrust law.

We have also further expanded our qualification and consulting program for individuals who perform supervisory and management functions. New members of executive bodies at companies in which Daimler is the majority shareholder are given a compact overview of key aspects of corporate governance via the Corporate Governance Navigator, which is a target group-focused program that supports them in their new role by providing information on their tasks and responsibilities, contact partners, and units that deal with central issues addressed by the Integrity and Legal Affairs division and adjacent units.

In addition to our internal training measures, our training program also includes special courses on integrity and compliance (including corruption prevention) that are offered to our business partners in line with their specific risks. The courses are offered as web-based training or classroom training sessions. Daimler informs its business partners about the courses and invites them to participate.

Monitoring and improvements

Every year, we review the effectiveness and efficiency of our Compliance Management System and adapt it to global developments, changed risks and new legal requirements. We also monitor important core processes during the year on the basis of key performance indicators (KPIs) that include process duration and quality. To determine these indicators, we check, among other things, whether formal requirements are met and all information is complete. In addition, we analyze the knowledge gained through independent internal and external assessments and participate in selected benchmark studies. These activities are used to define any required improvement measures, which are implemented by the responsible units and departments and then monitored on a regular basis. The relevant management bodies continuously receive reports on these monitoring activities.

Involvement of company management

Our divisional and regional compliance managers report to the Chief Compliance Officer. This guarantees the compliance managers’ independence from the business divisions. The Chief Compliance Officer and Group General Counsel report directly to the Member of the Board of Management for Integrity and Legal Affairs and to the Audit Committee of the Supervisory Board. They also report four times each year to the Board of Management of Daimler AG on matters such as the status of the Compliance Management System and its further development, the status of the whistleblower system and, if necessary, on other topics. In addition, the Group General Counsel regularly reports to the Antitrust Steering Committee and the Group Risk Management Committee, to which the Chief Compliance Officer also reports.

Important non-financial reporting topics

Eliminating corruption, preventing cartel arrangements and ensuring compliance with technical regulations — we introduced our Compliance Management System in order to address exactly these issues, which are extremely important to us. Our Group-wide approach to respecting and upholding human rights is also based on the Daimler CMS.

Anti-corruption compliance