As our business spans across numerous countries around the globe, we recognise and analyse differences in laws, regulations, and practices in respective countries while conducting business in lawful and ethical manner. We also develop and implement global personal data security policies to respect the privacy of our customers and employees and to protect their personal data. Our endeavors to systematically manage compliance and ethical risks are driven by the Samsung Global Code of Conduct and the Business Conduct Guidelines that guide all our employees in taking action and making value judgment. Our Compliance Team, previously under the Legal Office, now reports directly to the CEO and the head of Compliance Team attends all board meetings to support important decisions made by the board. We operate dedicated organizations at each business division and overseas regional offices to manage compliance issues pertaining to each business and region.
Ethics management
We disclose our Global Code of Conduct (‘Samsung Business Principles’) to our suppliers, customers, and other external stakeholders as well as to our employees through our ethics management website, and provide a channel to report on any violation of ethical standards. Furthermore, the ‘Employee Business Conduct Guidelines’ that serve as the ethical standards for our employees are translated and available in a total of 15 languages (including Korean) and uploaded on our in-house intranet. Relevant details are disseminated and shared among all our employees around the globe through collective, online, and audio/visual training offered at least annually if not more. Separate ‘Business Guidelines’ are also provided to our suppliers in order to establish transparent business practices.
Compliance management
Our compliance program aims to establish a compliance-driven corporate culture in order to minimise the business risks that may occur due to price-fixing or the infringement on intellectual property rights and to take a stronger responsibility in the areas of human rights, health & safety, and environment. The Compliance Program Management System (CPMS), an IT system developed to manage compliance-related risks, provides our area-specific policies and the details of regional issue monitoring. Our Help Desk is up and running to assist employees in making one-on-one inquiries to experts whenever they have work-related questions or when they find our guidelines insufficient to determine illegality. Our whistle-blowing system, developed under the CPMS for our employees, is operated in a way that firmly guarantees the confidentiality of whistle-blowers.
Compliance
management
process
-
Operation of
dedicated unitsCreate the Privacy Office within the Corporate Legal Office under the direct leadership of the CEO Ap-point lawyers in charge of privacy policy in respective business divisions
-
Monitoring
Conduct regular/ad-hoc monitoring through dedicated units or staff
-
Follow-up
managementIdentify the root causes of issues through process/result analyses, make improvements, prevent the reoccurrence of the same issue (e.g. introduce actual cases as part of training)
Privacy policy
We officially announced our global standard privacy policy and developed relevant policies that reflect region-specific regulatory conditions and local characteristics. As a result of such endeavors, our employees are provided with the ‘Global Personal Information Guide’ and ‘Management Guide for Outsourcing personal data processing’ to be used as management regulations. We operate our processes and systems in a way that incorporates relevant policies into our daily business conduct and continue to perform reviews and offer company-wide training.