Criteria
|
Digi’s Approach
|
Average score for Disclosure by Malaysian Companies (2018)
|
- Public commitment to anti-corruption
Companies should have a clear and public commitment that communicates its standards for conduct, particularly when it comes to matters of corruption and unethical behaviour, to stakeholders internally and externally.
|
Digi has articulated its approach to business integrity, anti-corruption and anti-bribery, through a clear and publicly available Anti-Corruption Policy, which includes areas such as bribery, facilitation payment, use of middlemen, and a No Gift Policy, which disallows employees to receive gifts from, or give gifts to any third parties.
|
66%
While this is an improvement year-on-year, this score shows that there is still room for improvement on public commitments to anti-corruption from companies in Malaysia.
|
- Public commitment to comply with laws
Companies should publicly state its commitment to comply with all applicable laws in order to reinforce a deterrence for corruption amongst business partners.
|
A commitment to legal compliance is stated in Digi’s Code of Conduct: “We play by the rules - We follow laws, regulations and our policies and, if in conflict, we uphold the highest standard.” The Code further states that “Further to setting out our own ethical standards, the Code Principles require us to comply with applicable laws and regulations. You should always familiarize yourself with the laws where you operate and seek guidance from the Legal Function if you have questions”
|
97%
Malaysian companies scored the highest for this question. Regionally, most companies stated publicly its commitment to comply with laws and regulations, including anti-corruption laws. This was anticipated since legal compliance is required to legitimise its operations.
|
- Leadership support
Compliance begins with the top management setting the proper tone for the rest of the company. Having strong and visible leadership commitment to integrity is vital to fostering an ethical culture and the right behaviours within the company.
|
Digi’s CEO Message in the Sustainability Report 2017 states, “Over the years, we have built our business on the foundation of the highest standards of integrity, transparency and governance. Our commitment to uphold these principles is critical to build resilience, and key to Digi’s continued growth and success. Our employees are guided by our Code of Conduct, which underlines the manner in which we conduct ourselves, and expect from our partners.”
Furthermore, the company’s leadership reinforces these messages through their daily interactions with employees and town hall meetings, including sessions on ethical dilemmas held at least twice a year to help employees understand and apply the Code of Conduct. To be authentic, these messages must be mirrored by the processes and practices across the company. The aim is to make ethics and integrity a key part of the culture at Digi and second nature to how employees behave and make decisions at every level.
|
19%
Having a stronger and more visible commitment and support for leadership is one of the biggest areas for improvement identified for Malaysian companies.
|
- Code applies to all employees and directors
The code of conduct articulates a company’s values and expected standard of conduct to which all employees, regardless of level, must comply with. It is a central guide and reference for both employees and directors to support decision making.
|
Digi has in place a Code of Conduct – recently updated in 2018 – which all employees and directors read and acknowledge every year. It defines the expected behaviours for employees and directors and underscores the importance of transparency and professionalism. This year, they included updates on issues such as their gift & declaration process.
|
96%
Most companies were willing to disclose the extent to which its employees and top management (though some did not include its directors) are liable for compliance with anti-corruption programmes.
|
- Training programme for its employees and directors
Having a policy commitment is not sufficient on its own. Companies must ensure that there are adequate procedures in place to enforce the policy. This includes communication and training on it.
|
Digi conducts training to ensure that employees and directors understand how to apply the Code of Conduct. Among the training they conduct include:
- A new e-learning course for employees to familiarise themselves with updates in the Code of Conduct
- Monthly ethics and compliance scenario-based learning, “Doing Business the RIGHT Way”, launched in 2017 using illustrations to highlight real scenarios of possible breaches of the Code of Conduct to guide employees in handling work-related dilemmas.
- An “Integrity Day” to emphasise to employees why it is critical to consistently adhere to ethical business standards, featuring talks on topics such as conflicts of interest, sexual harassment and supplier conduct.
|
60%
There is still room for Malaysian companies to report on how they are providing anti-corruption training for employees.
|
- Code applied to agents and business partners
The conduct of agents and business partners is always the blind spot of business ethics. Effective corruption risk management should also apply to agents – who are often at the highest risk of corruption and play an important role in curbing it.
|
Before awarding contracts to potential business partners, Digi’s business managers also conduct Integrity Due Diligence (IDD) screening on selected companies depending on their level of risk and the value of contracts. This measures the level of integrity held by the companies, with the findings reviewed and closely monitored by Ethics & Compliance and Sourcing & Logistics teams. Since 2018, Digi has also conducted ongoing monitoring of existing business partners.
|
20%
This disclosure was one of the lowest among the 13 questions and represents at area for significant improvement in Malaysia (and across ASEAN).
|
- Code applied to suppliers
Extending the provision of anti-corruption policy to suppliers is a crucial step in proactive corruption prevention, particularly for companies sourcing goods/services in countries of high risk of corruption. Kickbacks are a common form of bribery to win bidding contracts.
|
Suppliers sign an Agreement of Responsible Business Conduct covering its Suppliers Conduct Principles, which states, “the Supplier shall not offer, give, ask for, accept or receive any form of bribe, facilitation payment or undue or improper advantage, favour or incentive to/from any public official, international organisation or any other third party (either in private or public sector), whether directly or through an intermediary”. Compliance with the ABC is reported quarterly to the Board of Directors and to Telenor Group Supply Chain.
This is part of its wider approach to supply chain sustainability which also includes audits and inspections, as well as capacity building for suppliers to ensure that they adhere to the principles.
|
28%
Suppliers represent a significant gap for Malaysian companies, when it comes to anti-bribery and anti-corruption.
|
- Gifts, hospitality, travel policies
This is inherently linked to the issue of conflicts of interest that can leave a company vulnerable to accusations of unfair-dealing practices. As such, a company should have a clear set of policy which serves as decision-making principles when an employee faces a dilemma. Offers or receipts of anything of value should be made publicly available in order to enhance a transparent culture.
|
Digi’s No Gift Policy disallows employees to receive or give gifts to any third parties, such as vendors, customers, business partners and regulators. It also outlines the type of gifts covered – both tangible (e.g. food hampers) and intangible (e.g. product discounts) – as well as items which are exempted if it meets certain criteria.
|
59%
Most companies scored well here, in Malaysia and across ASEAN, though some companies failed to specify the threshold of the amount of acceptable gifts or hospitality.
|
- Prohibition on facilitation payments
Facilitation payment is not considered to be bribery according to the legislations of some jurisdictions. However, companies should restrict facilitation payment in their policies as this practice does create additional risks.
|
Principle 9 in Digi’s Code of Conduct highlights its zero-tolerance approach to all forms of corruption, including bribery, facilitation payments and other improper advantages to influence third-parties.
|
31%
Most companies do not specifically prohibit facilitation payment, a practice which creates additional risks, indicating that this is a major area for improvement.
|
- Disclosure on political contributions
Political donations can give rise to higher risks of corruption, bribery or money laundering. As such, a company and its employees, agents, lobbyists or other intermediates should not make direct or indirect contributions to political parties.
|
Principle 22 in Digi’s Code of Conduct highlights its approach to political activity, where the company will not take political positions or be associated with specific political movements – except to participate in public debates which are of importance to its strategies and business performance. It also states its commitment not to support political parties, neither in the form of direct financial support nor paid time.
|
27%
There was much improvement for Malaysia and the Philippines, though on average, disclosures remain low.
|
- Prohibition of retaliation for reporting
A robust reporting system is a key function for internal personnel and external stakeholders to report serious wrongdoings without fear of reprisals if the reporting was done in a good faith. The way a company handles its whistle-blower situation greatly affects the reputation of a company.
|
Digi provides a confidential Integrity hotline for employees and business partners, used by all companies which are part of the Telenor Group, to step forward and voice their concerns or report possible acts of non-compliance. The channel is accessible via web and available 24/7. Reports made are kept confidential and only accessible to Telenor and Digi’s global investigation team and compliance team. The hotline is also administered by a third party, IP addresses or any other data are not tracked, and no calls or telephone numbers are recorded. It also states that Telenor does not allow reprisals of any kind against those who report possible breaches.
|
92%
Malaysia scored the highest among the countries. All countries except Singapore showed improvement here.
|
- Confidential reporting channel (e.g. whistleblowing)
A reporting mechanism acts as a warning system that allows early detection of fraudulent actions threatening the continuation of a company. As such, companies should increase the credibility of this mechanism to encourage internal or external stakeholders to expose any suspected fraud cases.
|
Digi also organised a ‘Speak Up’ programme to encourage employees to use this hotline.
|
66%
Most companies operate a confidential reporting channel for whistle-blowers, with significant improvement here. Among the companies that fared poorly here, two-way communication which facilitates investigations tended to be neglected.
|
- Regular programme monitoring
Effective anti-corruption compliance measures require regular review and monitoring of company’s practices especially in compliance with the latest standards in anti-corruption legislation as well as the appropriate application
of certain compliance procedures.
|
For internal operations, Digi carries out a company-wide ethics and compliance annual risk assessment exercise to identify the Company’s risk exposures and put in place appropriate remediation plans.
To monitor business partners, they also implemented a new business partner risk management policy which requires relevant employees to screen business partners for integrity concerns prior to engagement, ensuring that Digi’s business relationships with all business partners do not pose unacceptable risks to the company.
Digi also has an Ethics and Compliance Officer who oversees the governance of integrity. Reporting to the CEO, the Ethics & Compliance Officer has direct monthly reporting to Digi Management and the Audit and Risk Committee to ensure full independence.
|
25%
Companies did relatively poorer here compared to the other questions, though there was improvement. Malaysian companies attained the lowest scores compares to ASEAN peers on this disclosure.
|