Further information on compliance
Trust, integrity and mutual respect in cooperation with customers and partners are a matter of course at RUAG. Our business relationships are always open, honest and transparent.
Day in and day out, our specialists make every effort to live up to the trust placed in us. We act responsibly, keep our word and follow the rules.
The Code of Conduct is not simply an abstract concept, but an unequivocal set of rules that apply to all our employees. It helps us foster the clear values and principles to which we are committed – within the company itself as well as with regard to customers, business partners, suppliers, society, the political sphere, the public authorities and, last but not least, our shareholder, the Swiss Confederation. Any type of conduct is therefore only admissible at RUAG if it is permitted by the applicable laws and regulations and is consistent with this Code of Conduct.
Legal structure RUAG MRO Group and ownership structure (financial participations)
RUAG MRO Holding Ltd (RUAG) came into being in 2020 from the division of the former RUAG Group. The sub-groups RUAG and RUAG International resulting from the unbundling are two independent corporate groups with different orientations.
RUAG is the technology partner of the Swiss Armed Forces, providing security-related services to the Federal Department of Defense, Civil Protection and Sport (DDPS). As sole shareholder in RUAG, the Swiss Confederation manages the corporate group directly through the DDPS. The legal basis for the corporate group lies in the Federal Act on the Defense Companies of the Confederation (Bundesgesetz über die Rüstungsunternehmen des Bundes, or BGRB).
Find out more about how the Confederation enforces its interests at RUAG MRO Holding AG:
Governance, Risk & Compliance
The Board of Directors is responsible for the overall management and supervision of RUAG MRO Ltd and implements corporate governance.
Compliance Managementsystem (GRC)
The Group-wide Compliance Management System (CMS) forms an overarching framework designed to actively identify, evaluate, mitigate and monitor compliance risks and ensure that compliance provisions are observed within the Group. The Head of Compliance is responsible for designing and implementing the measures necessary to safeguard the CMS and for ensuring independent monitoring of compliance risks. It periodically reports to the Executive Board, the Audit and Risk Committee and the Board of Directors.
The CMS is intended to ensure that all business units of RUAG MRO Holding Ltd act ethically in all their activities and adhere to all applicable laws and regulations.
The Board of Directors of RUAG MRO Holding Ltd delegates the preparation and implementation of its decisions as well as the supervision of business operations to a number of committees. The committees are authorized to conduct or commission investigations into all matters within their sphere of responsibility. They can call on independent experts.
The Audit and Risk Management Committee (ARC) supports the Board of Directors in its supervisory role, in particular with regard to the correctness of financial statements and compliance with legal regulations (incl. regular auditing of the Compliance Management System).
The Audit and Risk Committee evaluates the expediency of the internal control system and the general monitoring of business risks.
Code of Conduct and other Group-wide guidelines
Using the Code of Conduct and other corporate guidelines such as the Group anti-corruption regulation, the Board of Directors ensures that the Group acts ethically in all its business activities and all the countries in which it is active while always complying with all applicable laws and regulations.
Code of Conduct for Employees
The current version of the Code of Conduct is an integral part of every employment contract and is available in all company languages.
Code of Conduct for Business Partners
We expect that our business partners – customers, suppliers, agents, service providers and their supply chains – behave appropriately at all times. These provisions are established in the minimum standards of the Code of Conduct for business partners.
Directives and processes
We endeavor to enshrine all binding rules of conduct and processes in corresponding corporate guidelines (directives, regulations, supporting documents). The formal requirements of the corresponding specifications are regulated and documented in writing. Corporate guidelines are officially inspected on a regular basis and must not contradict or conflict with one another.
We have implemented a number of directives and processes on compliance-related issues, which are an integral part of employment contracts. The directives are reviewed on a regular basis by the Head of Compliance and, where necessary, adjusted.
The RUAG task universe illustrates the different compliance-related topics implemented in the Compliance Management System. For the topics listed there, RUAG has introduced risk-based directives and processes that are an integral part of employment contracts. The directives and processes are reviewed on a regular basis – generally once a year – by the Head of Compliance and, where necessary, adjusted. The Compliance Division maintains a training plan and regularly provides general and risk-based training courses for posts and units subject to an increased compliance risk.
In addition to the general practices, detailed Group directives and appropriate processes have been established in the compliance-relevant areas and are presented as follows:
Within the task universe, the “Business Ethics” sub-area ensures that we at RUAG act in accordance with our values and standards. Among other things, these include the Code of Conduct, a culture of integrity and avoiding conflicts of interest.
Trade Compliance includes aspects such as sanctions, embargoes and export controls. The aim is to ensure that international commercial activities and procurement processes comply with all legal provisions and requirements.
Commercial Compliance relates to third-party compliance, antitrust law and anti-corruption.
Third-party compliance ensures that agents, representatives, resellers and other individuals or companies called on to assist sales and customer support respect RUAG's compliance principles, in particular those relating to anti-corruption.
Furthermore, RUAG promotes free and fair competition and demands full compliance with all antitrust regulations. Against this backdrop, the “antitrust law-compliant conduct in competition” internal regulations outline the fundamental provisions of antitrust law.
The RUAG MRO Holding Ltd anti-corruption regulations fall under the responsibility of the Executive Board and are reviewed on a regular basis and adjusted if necessary. The risks of bribery and corruption are comprehensively managed and monitored by the Head of Compliance as part of the Compliance Risk Management process.
The effectiveness of the Compliance Program is reviewed by means of regular training measures, employee surveys and both internal and external audits and is adjusted where necessary, with a report submitted to the Board of Directors at least once a year.
Another key area in the task universe is data protection. This ensures that systems and user data are protected in accordance with applicable data protection regulations.
HR Compliance refers to compliance with labor laws and regulations. In particular, this includes the protection of employees’ personal rights, anti-discrimination provisions, protection against psychological and sexual harassment background checks and the control of the use of external personnel and secondary employment. The aim is to ensure that RUAG is a fair and responsible employer and that it respects and protects the rights of its employees.
Financial Compliance ensures that in all its financial activities, RUAG complies with the legal provisions and requirements relating to fraud prevention, the fight against money laundering, the financing of terrorism and anti-corruption. The aim is to ensure the transparency and legal conformity of the RUAG’s financial processes and transactions and to protect the company and its partners against potentially damaging events.
Environment, Social, Governance
The Environment, Social, Governance area relates to RUAG’s sustainability strategy. It covers aspects such as environmental protection, sustainability and social responsibility. Governance aspects, such as compliance with corporate governance rules, are also of key importance.
In order for the compliance system to function in a flawless manner, employees must be familiar with our Code of Conduct and directives and must be able to apply all the rules on a day-to-day basis. This requires risk-based compliance training courses to be carried out on a regular basis. The Head of Compliance ensures that employees of RUAG MRO Holding Ltd are trained on compliance-related topics.
Basic compliance training is mandatory for all employees at every level of the Group. This includes compliance awareness training as well as training courses on anti-corruption, personal integrity, conflicts of interest including secondary employment, data protection, trade compliance and whistleblowing.
Furthermore, specially tailored training courses are provided in areas subject to increased risk. These training courses are also mandatory. The training courses are provided in the respective languages of the target audiences.
The training content is aligned with the directives already in place and is regularly updated.
All compliance-relevant training courses are generally conducted every two years.
When collaborating with third parties involved in the sales process, such as agents, resellers, distributors and business consultants, there is an increased risk of corruption. It is therefore important to conduct a risk-based compliance review in advance. This is done under the supervision of the Head of Compliance and with the support of the Symfact Third Party Management web-based application, which includes automatic compliance checks using the Dow Jones Risk & Compliance Database. In accordance with applicable legislation, external audits can also be conducted by independent experts. This due diligence checking process is carried out on a regular basis and at least every three years in the case of an existing, unchanged contractual relationship.
Any third party involved in the sales process must be approved in advance by the Head of Compliance or rejected if the compliance requirements are not met.
Third parties are required to prepare quarterly activity reports and to provide information concerning any contact between a third party and a business partner.
Payments may only be made to an account in the name of the contracting party. The payment connections are reviewed on a regular basis. Payments by check or in cash are not permitted.
RUAG works exclusively with selected and verified agents and brokers and has implemented a specific set of rules with regard to dealing with agents, consultants and resellers. Business partners are required to comply with the RUAG Code of Conduct.
With regard to the remuneration of agents, RUAG has implemented percentage limits and hard caps for the agent commissions.
The procurement divisions of the relevant Group companies are involved in establishing new supplier relationships and are responsible for implementing processes and controls.
The Code of Conduct for RUAG business partners is an integral part of every assignment and applies to all subcontractors and suppliers. Ensuring that suppliers’ subcontractors adopt appropriate anti-bribery and corruption standards as well as the corresponding processes is of great importance to us.
By conducting regular audits of our contractual partners, we ensure that these provisions are an integral part of the contractual relationship (supplier-subcontractor) throughout the entire supply chain.
Conflicts of interest and benefits
Declaration of conflicts of interest and disclosure of mandates (public offices)
We strive to be a reliable partner that demonstrates integrity with regard to both internal and external stakeholders. Conflicts of interest pose a major risk of corruption, which is why RUAG employees are required to report possible conflicts of interest in accordance with the corporate regulation concerning conflicts of interest.
In addition to defining specific potential conflicts of interest, the regulation also includes a standard process for reviewing potential conflicts of interest and monitoring identified conflicts of interest.
As part of the compliance training program, all employees are trained on the specific risks relating to conflicts of interest.
Before being employed by RUAG, individuals who hold public office or have held public office in recent months must be specifically checked with regard to potential conflicts of interest. Conducting such a check falls within the responsibility of the Head of Compliance.
Employees may not hold public office without obtaining prior approval.
RUAG has implemented Group-internal directives, guidelines and processes for giving and accepting gratuities (gifts, invitations, political donations, sponsoring).
We apply a policy of zero-tolerance with regard to corruption. On this matter, the corporate anti-corruption regulation clearly defines which types of gratuity are permitted. Only gratuities that are legal, reasonable, neutral, appropriate and transparent are permitted.
In addition to addressing gratuities, the corporate regulation also contains clear and binding conditions concerning events, donations and sponsoring. Additional binding regulations can be found in the corporate sponsoring directive.
Additional binding regulations can be found in the corporate sponsoring directive. RUAG does not engage in political lobbying activities, make donations to political parties or sponsor any party political events.
As part of our operations, we engage in inbound and outbound offset business. In particular, we use direct inbound offset business to build up the capabilities we need to maintain systems as the Swiss Armed Forces’ material competence center over the entire service life of the systems. Furthermore, as a technology partner of the Swiss Armed Forces, we use indirect inbound offset business to build our capabilities for the security of Switzerland through new technology. In doing so, we strictly align our actions with the provisions of the Swiss Federal Offset Office. For outbound offset obligations, we use direct offset projects whenever possible to enable the current procurement project and the users of the new systems directly. If we are unable to generate sufficient credits through direct outbound projects, we seek to support projects with strategic partners that serve the security of the recipient country. In doing so, we strictly adhere to the laws and regulations of the country, and in particular to the requirements of the respective offset authorities.
As a Swiss technology company, we are guided by the industrial and economic needs of international customers when buying and selling products and capabilities. The offset policies and rules aim to contribute to the economic, industrial and technological development of the buyer country, regardless of whether the development is in the defense or civil sector. Our offset management, which is commonly referred to as offset but also includes industrial participation, is primarily guided by the principles set out in internal codes, including RUAG’s Code of Ethics and Anti-Corruption, and is based on applicable national and international regulations.
We apply coordinated offset practices across the Group based on an autonomous but collaborative business model with shared information, transparency and consistency in the formulation of best practices, professional development and cooperation. This business model creates a suitable environment for coordination through operational and strategic working groups. Offset is managed in our company through a three-tier structure:
The Capture Managers of the projects develop the offset projects with the technical support of the Head of Industrial Cooperation.
The Head of Industrial Cooperation & Offset centrally manages strategic relations with offset authorities and interest groups.
The RUAG Offset Board coordinates and monitors compliance with internal and external directives and is responsible for inbound and outbound offset projects. Every transaction is approved and implemented in accordance with the internal business relations processes.
Offset obligations are monitored throughout the entire life cycle by the individual departments and coordinated at a central level.
The employees of the Offset Department and the associated posts receive training on fighting corruption. Furthermore, there is an awareness program relating to offset solutions at different levels of the organization.
Before a contractual relationship is established and thereafter (in the event of major changes, extensions or renewals), partners involved in offset solutions are subjected to a thorough due diligence check to combat bribery and corruption in accordance with a sanctioned party list in order to check all risk factors linked to potential corruption, including:
Verification of the legal basis for the offsetting agreement;
Verification of the ethical and reputational aspects;
Identification of the ultimate beneficiaries;
Identification of any conflicts of interest (including family, personal or professional ties between the counterparty and/or its employees and government officials).
Furthermore, the same national and international standards of ethics, anti-corruption and conduct that we apply are required by specific contractual clauses in the offset agreement of our partners. The internal audit reviews and reports on compliance with the processes independently.
RUAG adopts a zero-tolerance approach to corruption and other serious incidences of compliance misconduct. As offset transactions are subject to an increased risk of corruption, RUAG conducts a regular internal risk assessment – generally once a year – of compliance risks relating to third parties and, where necessary, adjusts its control instruments.
Reporting Channels & Whistleblowing
We have implemented a directive and process for reporting suspicious activity. Employees can report potential compliance violations to their line managers, HR or Compliance. Furthermore, we have implemented an “Integrity Line,” which is managed externally. In doing so, we enable the entire workforce as well as external individuals to make a report (also anonymously).
Anonymous and non-anonymous reports are processed and handled in the same way. We are committed to an active “speak-up” culture and prohibit any retaliation against bona fide whistleblowers.
We monitor the quality and awareness of the company’s whistleblowing standards by means of annual employee surveys.
Investigation of Suspicious Cases Reported Externally and Internally
RUAG takes reports of potential compliance violations very seriously and follows up on every report, in particular those relating to contracted service providers, suppliers, agents and their suppliers. Compliance violations by contractual partners are not tolerated and can result in the immediate termination of the business relationship.