This site uses cookies and by using the site you are consenting to this. Find out why we use cookies and how to manage your settings. More about Cookies

Our compliance and ethics programme

Our global programme aims to create an exemplary compliance environment, and an ethical framework to ensure that Diageo always does business with integrity.

This year we restructured the way we oversee compliance and ethics across the business, bringing together risk management, internal control, and compliance and ethics into one central team. This team is now managed by our global risk and compliance director, who reports to the group finance controller, and directly to the audit committee on all controls, compliance, and ethics matters.

Our controls, compliance, and ethics programme, overseen by the audit and risk committees, focuses on seven areas, each of which has an annual plan. How the programme is implemented, however, is determined by each of our markets, based on their areas of greatest risk, what matters most locally, and what will work best for those employees. Our over-riding aim is to encourage integrity in every part of Diageo: instead of ‘we do it because we have to’, we want employees to feel that ‘we do it because it’s the right thing to do’.

Organisational leadership and culture

Our leaders and managers are at the front line in engaging our people in our Code and policies and helping them to make the right decisions. We have made good progress in raising the profile and importance of compliance and ethics within our business. This year we focused on engaging and training line managers – we believe this middle tier of our organisation is central to developing a more fundamental culture of ethics and integrity.

In response to feedback through our Values Survey and from the annual certificate of compliance (see below), we strengthened and relaunched our Leaders of Integrity toolkit and training in December, by giving further guidance on areas such as handling conflicts of interest, gifts and entertainment, making policies relevant to teams, and preventing retaliation against those who report breaches.

Ultimately, the toolkit is designed to show managers how to lead their team in a way that remains faithful to our purpose and values. It helps them understand their responsibilities, what to do in different situations and how to handle any breaches of our Code, policies or standards. The changes we have made should help reduce the number of breaches and near-breaches of our standards, and help us protect our reputation by addressing potential problems or behaviour early and correctly.

Standards and procedures

We have clear and simple global policies, standards, and procedures that cover key aspects of our business operations, and explain to employees what is expected of them. To ensure our policies are relevant and up to date, we review them at least once a year, ensuring they are accessible and available to all. We work with a team of subject matter experts to manage the policies and standards, and we help our markets embed them effectively. We audit and monitor compliance against these standards, which allows us both to detect and to prevent breaches.

Annual certificate of compliance

Performance against target
Target by 2013 2013 performance Achievement
100% of lower and middle managers and above complete the annual certificate of compliance 100% (99.8% completed in the allotted time, with the rest completing after the deadline) Achieved

The annual certificate of compliance (ACC) is an important measure of the effectiveness of our compliance and ethics programme, since it includes questions that are designed to confirm that managers have fulfilled their duties with regard to compliance, and have read and understood our Code and the global policies relevant to their roles. The ACC also requires line managers to confirm that they have had informed conversations with their direct reports about our Code, and the policies that are most important to their respective roles.

In 2013, we expanded the ACC to include all lower level managers in addition to middle managers. Translating the ACC into 14 languages for the first time, we succeeded in tripling its reach from 3,220 managers to just over 9,670, or 40% of our people. Our target for this roll‑out was to reach all lower managers by 19 November; by this date 99.8% had completed the ACC. By the end of January, all had done so.

Assessing our risk profile

Each year, all business units and functions are expected to carry out a compliance risk assessment, including consideration of human rights and corruption, and to develop mitigation plans for their most relevant risks. They are required to report on their progress to the board’s audit and risk committee. This year all did so.

Due care in delegating authority

We’re also committed to establishing good working relationships with our partners and ensuring that they adhere to our standards.

Our approach to mitigating the risk of corruption from third parties evolved this year with a new programme called ‘Know Your Business Partner’. It provides a consistent framework for each market to assess bribery and corruption risk from business partners, and the steps to take to mitigate those risks. So far we have trained the key employees who will manage this programme in our highest-risk countries, with the aim of implementing it in all our markets by the end of the next financial year. For more information on how we manage social and ethics risks in our supply chain, see the suppliers section.

As our business expands through mergers and acquisitions, it is also important to ensure that we embed our principles in new business units. We plan ahead and move quickly to ensure our new partners are operating to the same standards as our existing businesses, and we are consistent in our stance on non‑compliance issues. Read more in our case study.

Monitoring, auditing, and reporting

Performance against target
Target by 2013 2013 performance Achievement
1% of employees report breaches through SpeakUp (global benchmark) 0.8%1 Not achieved
  1. Although this falls below the global benchmark, we have seen breach reporting overall increase by 24%, so we believe that employees still feel comfortable to raise issues, but are using internal channels more than SpeakUp.

Our internal audit team monitors performance against our risk mitigation plans as well as general compliance with our Code of Business Conduct, and may identify breaches during their audit work. We also strive to ensure we have a culture in which employees feel comfortable to raise concerns they might have about potential breaches. This is essential if we are to ensure that unethical behaviour does not go unchallenged, and has appropriate consequences.

We expect anyone who comes across a breach of our Code to report it immediately, either through SpeakUp, our confidential whistleblowing helpline, to their line manager, or to a member of the compliance and ethics, human resources or legal teams. In recent years we have extended SpeakUp to suppliers, so that they too can raise any concerns with us.

To track and respond to all identified breaches faster and more securely, we launched a breach reporting database in July 2012. Having trained all relevant compliance managers and lawyers, and our corporate security team, to use the database, we now have better insights into our performance in this area, from how quickly we manage and investigate breaches, to areas of breaches that may need specific training or other interventions.

To help employees be better prepared to avoid breaches, we routinely share examples of breaches that have recently occurred, or testimonials from colleagues who were tempted to do the wrong thing yet made the right decision.

Breaches this year

There were 743 suspected breaches reported this year, compared with 601 in 2012, of which 376 were subsequently substantiated compared with 388 last year. Of the suspected breaches, 242 were reported through SpeakUp, the same number as in 2012, but representing a lower percentage of employees since we have grown this year. Given that overall the number of cases reported has gone up, however, it is clear that more employees chose to report directly to their line manager, the legal team, or our controls, compliance and ethics managers. This, along with the fact that the number of substantiated cases has gone down, strengthens our belief that our programme is working, and that we are creating an environment where people feel comfortable raising concerns.

Reported and substantiated breaches

reported_and_substantiated_breaches

  1. Reported through SpeakUp – 242.

Response and continuous improvement

All identified breaches of our Code and policies are taken very seriously and investigated within a target of 30 days by experienced investigators who handle every breach reported to us that requires action. Our response to proven breaches varies depending on the severity of the matter. We aim to help employees improve through individual coaching and training, but we will take formal disciplinary action when necessary (see enforcement and incentives, below).

Developing our Values Survey and creating an Integrity Index

Performance against target
Target by 2013 2013 performance Achievement
Maintain or improve positive responses to Values Survey question: ‘Where I work I feel comfortable raising any concerns about compliance or ethics’1 84%2 Achieved
  1. This question was changed this year; last year’s question was ‘I would feel comfortable raising any concerns about compliance or ethics with my line manager, or through SpeakUp’.
  2. Compared with 84% in 2012.

To ensure we continuously improve our performance in this area we also rely on our Values Survey, which asks every employee how he or she believes we are demonstrating our company values, including the quality of our leadership and how we work as teams.

Three years ago we introduced two questions on compliance, and the responses have become essential in helping us shape our programme. This year, we adapted these questions to give a better picture of how employees really feel about integrity within Diageo.

Question: My manager is committed to high standards of ethical business practices and conduct

This new question has been included because we want to hear how well employees feel their line managers set the right tone, and whether they lead by example.

Question: Where I work, I feel comfortable raising any concerns about compliance or ethics

Ensuring employees feel they can raise concerns is critical to protecting an ethical culture, and we encourage them to share concerns either internally or via SpeakUp. We follow up any weaknesses through a post‑Survey review so that they can be understood and addressed.

This year we achieved our target of maintaining or improving positive responses to this second question, with, as last year, 84% responding positively.

Reflecting the fact that sustainability and responsibility are growing themes, we brought these questions together with six others to create an ‘Integrity Index’ to help us measure our performance in this area. We want to be admired by our stakeholders and always be proud of what we do: by measuring and reporting back to markets we can continue to strengthen our culture of ‘doing the right thing’.

Enforcement and incentives

Wherever possible, we look to improve our culture through training, coaching and incentives. Annual performance appraisals are weighted with 70% based on performance and the other 30% based on behaviour – including the individual’s commitment to Diageo’s controls, compliance, and ethics agenda. Employees’ overall performance affects their pay increases, and where relevant, their bonuses.

We take seriously the disciplinary consequences of breaches of our Code or policies, and any actions by employees that violate certain aspects, for example our provisions on anti-discrimination and human rights, would result in the termination of their contract. This year, 116 people exited the business as a result of breaches of our Code or policies.

Training and communications

In addition to training on our codes and policies and our focus this year on middle management, we’ve been giving further training to controls, compliance, and ethics managers and ‘ambassadors’ on the necessary function-specific and leadership capabilities for their roles.

Reporting frameworks in this section

Top Stories