Governance and compliance

Governance and compliance

• Supervisory board’s finance and investment committee renamed investment and sustainability committee
• Second human rights risk analysis and first face-to-face human rights training sessions
• First long-term assessment of physical and transitional opportunities and risks
• I ncreased data transparency and intensity for primary product carbon footprints

Responsible management/human rights

As well as complying with the law and respecting human rights, the principles of business ethics involve respecting internal regulations and binding voluntary commitments. We strive to prevent compliance violations and breaches of human rights at Evonik and put an end to any that do occur. We also want to make sure that comparable standards of human rights are observed within our supply chain. Where this is not the case, we will work with our suppliers to establish such standards and remedy violations. We therefore see fulfilling statutory regulations, for example, on fair competition, fighting corruption and money laundering, and respecting protected human rights as a minimum requirement.

The starting point for responsible corporate management at Evonik is our code of conduct, together with our policy statement on human rights, our global social policy, our policy on the environment, safety, health, quality, and energy (ESHQE), and our code of conduct for suppliers.

Voluntary commitments:

Corporate governance

As a specialty chemicals company with a presence throughout the world, good corporate governance with a long-term focus is essential for Evonik. The executive board and supervisory board are explicitly committed to responsible corporate governance and identify with the goals of the German Corporate Governance Code.

Executive board

The executive board of Evonik Industries AG is responsible for running the company in the company’s interests, taking into account the interests of the shareholders, employees, and other stakeholders. It discusses sustainability at its meetings several times a year, especially aspects relating to the environment, safety, and portfolio transformation. For information on the executive board’s overall responsibility for sustainability and all climate-related aspects

Supervisory board

The supervisory board advises and supervises the executive board. It appoints the members of the executive board and names one member as the chairperson of the executive board. It also decides on the remuneration of the members of the executive board. The supervisory board examines the company’s annual financial statements, the executive board’s proposal for the distribution of the profit, the consolidated financial statements for the Evonik Group, and the combined management report.

Opportunity and risk management

Since it operates globally, Evonik is exposed to a range of influences along the entire value chain that may be either opportunities or risks. We have a three-pronged approach to risk management:

1. Risk management in compliance with the framework defined by the Committee of Sponsoring Organizations of the Treadway Commission (COSO):
2. A long-term 1 risk analysis based on the frameworks issued by the Task Force on Climate-related Financial Disclosures (TCFD) and the Task Force on Nature-related Disclosures (TNFD)
3. Sustainability aspects as an additional risk assessment criterion for capital expenditures for property, plant and equipment that exceed €25 million.

The risk management process at Evonik:

Ethics and compliance

The compliance areas of specific relevance to Evonik are bundled in a House of Compliance. Each area defines relevant rules for its compliance-related issues and the voluntary commitments entered into by Evonik and issues internal regulations.

Responsibility for the environment, safety, health, and quality is bundled in a corporate function with the same name.

Minimum group-wide standards have been defined for the compliance management systems for the areas covered by the House of Compliance, and we make sure that they are implemented in every area. The final responsibility for this rests with the executive board, which defines the key elements of the minimum standards for the compliance management systems and monitors their observance as part of its management responsibility for ensuring compliance with legally binding regulations within the Evonik Group. The supervisory board’s audit committee oversees the effectiveness of the system.

House of Compliance:

Compliance management system

The executive board sets the minimum standards for the compliance management system. Its main aim is to avoid, or at least minimize, compliance violations and the associated risks. Compliance violations should be identified and halted and sanctions imposed, depending on their severity.

Compliance-Management-System:

Human rights compliance risk analysis

The annual group-wide risk analysis in the area of human rights covers both Evonik’s own area of business and direct and indirect suppliers. The risks of breaches relating to protected legal positions are identified and prioritized.

Evonik’s whistleblower system

Evonik has set up various channels for people to report actual and possible compliance violations.

• An electronic whistleblower system operated by an independent external provider with data protection certification, whose servers are based exclusively in Germany, is available worldwide 24/7 via the intranet and via Evonik’s internet site.
• Additionally, Evonik employees and agency staff working for Evonik can contact the internal compliance officers personally or by phone.
• Employees and external stakeholders can submit reports by email to compliance-officer@evonik.com.

Evonik’s whistleblower system:

Responsible management/human rights:

Evonik is subject to the German Act on Corporate Due Diligence Obligations in Supply Chains (LkSG). In January 2023, KPMG conducted a readiness check and confirmed that Evonik met all requirements of this legislation, taking into account the reasonable timeframe for implementation.

Internal investigations into compliance violations

In the reporting period, the departments responsible for conducting investigations reported 126 alleged compliance violations. As a result of these allegations, 110 internal investigations of suspected compliance violations were reported to us. In addition, there were 82 cases of payment fraud in the reporting period. These were handled by the Antitrust Law & Investigations unit through an interdisciplinary payment fraud task force, which includes representatives of other functions. Two reports of breaches of human rights did not lead to an investigation. One of these reports did not have any meaningful content, and the other related to employment law. Based on the investigations concluded by year-end, 86 measures were taken. The breakdown was as follows: 12 employees were dismissed and a further 15 received a warning or reprimand. Three contractual relationships were terminated, and the contracting parties were blacklisted. Special training and other awareness-raising measures were taken in 23 cases. In addition, 33 case-specific measures were implemented.

Confirmed incidents of corruption and action taken

Eight alleged cases of corruption were investigated in the reporting period. Six of the eight cases of corruption involved kick-back scenarios, where there was a suspicion that Evonik business partners had made payments to individual employees to give them preferential treatment when selecting suppliers or to obtain offers of Evonik products at preferential prices. Following a thorough investigation, no evidence was found of such conduct in any of these cases.

Cyber Security

Evonik regards cybersecurity and information security as vital preconditions for successful digitalization. The challenges in cyberspace are increasing exponentially. This is attributable to the further professionalization of cyber blackmail, the serious effects of ransomware attacks, the increasing diversity of malware programs and their mutations, and critical weaknesses in widely used software products. The growing importance of this topic is confirmed by our materiality analysis: Cybersecurity was ranked as a material topic. To heighten cybersecurity, we are focusing on the risks of a loss of intellectual property, combined with a loss of business, inadequate observance of regulatory and compliance requirements, and inadequate robustness of critical IT and operational technology systems. We are also focusing on inadequate technical equipment and speed in order to keep pace with digital business projects, risks for third parties such as the loss of customer data, reputational risks, and emerging technological risks.

We continuously review our extensive security measures to prevent attacks by third parties and invest in technical and organizational measures to identify and ward off such attacks. One example is our cybersecurity enforcement program, which classifies our employees in cyberattack protection (CAP) groups. The higher the CAP classification, the greater the level of protection required. More stringent security measures apply to particularly high-risk employees and applications, especially with regard to information requiring special protection, for example, information affecting Evonik’s competitiveness or access to critical IT infrastructure. For risk-based checking and improvement of the security of IT systems, we carry out regular penetration tests and IT security audits.

Green Data Center

We have been systematically optimizing the energy performance of our computer centers since 2021. This includes an agreement with the provider of our central computer services on exclusive use of green power. In the selection of cloud providers, Evonik also makes sure that they have set CO2 avoidance targets.

Management of data protection

Protection of personal data is one of the principles used by Evonik to shape its relationship with employees, job applicants, customers, suppliers, other business partners, prospects, and other people affected. Therefore, handling personal data conscientiously is important to us.

Tax

The payment of taxes is a central link between legislators, states, local authorities, and companies. We affirm our responsibility to stakeholders in the countries where we operate. As well as credibility and transparency in all tax matters, this includes levying taxes correctly and timely and the complete payment of taxes.

Responsibility within the supply chain

Evonik has a significant influence on the environment and society through its procurement volume. By working closely with our suppliers, we want to help prevent breaches of human rights and environmental violations. We strive to counter a lack of transparency and inadequate traceability in the supply chain.

By selecting suppliers carefully, we do not simply secure and increase their sustainability standards, we also enhance the quality of the entire value chain. Our focus is on validating and evaluating suppliers. Suppliers of certain critical raw materials are subject to a special examination. We define critical raw materials as all raw materials that could potentially involve a supply risk or reputational risk, such as conflict minerals and renewable raw materials.

The aim of our procurement organization is to guarantee longterm reliability of supply for the production of Evonik products and to secure competitive advantages for our operating businesses. Alongside economic requirements, our procurement strategy takes account of criteria such as health, quality, safety, social factors, and environmental protection. As a member of the UN Global Compact, we are committed to its principles. These requirements are documented in our code of conduct for suppliers.

Together for Sustainability (TfS)

Harmonizing global standards in the supply chain creates transparency and makes it easier for both suppliers and customers to reliably assess and evaluate sustainability performance. The chemical industry set up the TfS initiative for this purpose in 2011. Evonik is one of the six founding members. More . The aim of TfS is the joint development and implementation of a global assessment and audit program for responsible procurement of goods and services.

Validation and evaluation of suppliers

We expect our suppliers to share our principles and act correctly in all respects, which means accepting responsibility towards their employees, business partners, society, and the environment. In the interests of a fair and reciprocal understanding of business, Evonik always endeavors to pay outstanding invoices by the agreed payment deadlines.

Supplier validation and evaluation

Conflict minerals

The Dodd-Frank Act requires companies listed on the US stock market to disclose whether or not their products contain potential conflict minerals. These are mineral raw materials from the Democratic Republic of Congo and its neighboring countries that are often used to finance armed conflicts. In addition, human rights are often violated in the production of conflict minerals. Evonik is not listed on US stock exchanges and therefore has no legal obligation to comply with the reporting requirements of the US stock market regulator. Nevertheless, we believe we have a responsibility to check the origin of such substances sourced from established suppliers. The minerals checked include tin, tungsten, tantalum, gold, and cobalt.

Supply chain resilience in times of geopolitical change

As an overarching goal, our procurement strategy includes securing the availability of raw materials on the best possible terms. Restrictions on the availability of starting products and intermediates in the short- or intermediate-term represent potential risks. In addition to preparations to substitute suppliers in emergencies, we closely monitor the business situation of selected suppliers of key raw materials in order to anticipate bottlenecks and mitigate risks. At the same time, we identify the possible impacts of present and potential crises and geopolitical conflicts on Evonik’s supply situation and introduce timely and specific mitigation measures where possible.

Chapters in the sustainability report

• Responsible management/human rights
• Strategy and management
• Corporate Governance
• Opportunity and risk management
• Ethics and compliance
• Human rights compliance risk analysis
• Cybersecurity
• Management of data protection
• Tax
• Responsibility within the supply chain
• Strategy and management
• Together for Sustainability (TfS)
• Validation and evaluation of suppliers
• Conflict minerals
• Supply chain resilience in times of geopolitical change
• Our targets

Our targets

Below is an overview of the targets set for our governance and compliance area of action.

Target attainment in 2023
Governance
	30 percent women at both the first and the second management level below the executive board by year-end 2024 (status at year-end 2023: 38.5 percent at the first management level and 33.3 percent at the second management level)
Compliance
	Regular risk analyses on compliance aspects Human rights in 2023 Antitrust law, fighting corruption and prevention of money laundering by year-end 2024
Responsibility within the supply chain
	100 percent of all raw materials suppliers where annual procurement volume is >€100 thousand to be covered by TfS assessments by year-end 2025 (status at year-end 2023: 66.7 percent)

Targets for 2024 and beyond
Governance
	30 percent women at both the first and the second management level below the executive board by year-end 2024
Compliance
	Regular risk analyses of human rights, antitrust law, fighting corruption, and anti-money laundering by year-end 2025
	Identify antitrust risks using an IT-based compliance management tool by year-end 2024
Responsibility within the supply chain
	100 percent of all raw materials suppliers where annual procurement volume is >€100 thousand to be covered by TfS assessments by year-end 2025