Compliance Bayer manages its businesses responsibly and in compliance with the statutory requirements and regulations of the countries in which it operates. We define compliance as legally and ethically impeccable conduct by all employees in their daily work, because the way they carry out their duties affects our company’s reputation. We do not tolerate any violation of laws, codes of conduct or internal regulations. Compliance is essential for our long-term economic success. The Board of Management is unreservedly committed to compliance, and Bayer will forego any business transaction that would violate the compliance principles in force throughout the Bayer Group. The global compliance management system is steered by a central compliance organization within the Bayer Group. This organization is headed by the Group Compliance Officer, who reports directly to the Chairman of the Board of Management and to the Audit Committee of the Supervisory Board on matters of this nature. The compliance organization is staffed with specialized compliance managers who are responsible for the corporate functions and for establishing business- and industry-specific standards in the divisions, business units and service companies. Through our compliance management system, we aim to ensure lawful and responsible behavior by our employees. Potential compliance risks are identified together with the operational units to achieve systematic and preventive risk detection and assessment. Risks are identified not just by the global functions (top-down), but also by the Bayer country organizations (bottom-up). Compiled findings about risks are entered into a global statistical database for compliance risk management that we use to develop suitable measures for specific processes, business activities or countries, for example. We assess our business partners to the same extent with regard to potential compliance risks. Corporate Compliance Policy Our compliance principles apply throughout the Bayer Group and are established in our Corporate Compliance schließen (Corporate) compliance comprises the observance of statutory and company regulations on lawful and responsible conduct. Policy. Here we commit to uphold ten principles, particularly in antitrust and anticorruption matters. Online Annex: A 4.2-1 limited assurance Antitrust: fair competition in our markets Anticorruption: integrity in our business dealings at all times Corporate responsibility: sustainability, safety and product stewardship Foreign trade law: observance of relevant trade controls Insider trading: safeguarding of equal opportunity in securities trading Accurate books and records: complete and detailed recording of our business activities and financial transactions Fairness and respect at work: treating one another with fairness and respect Intellectual property: safeguarding our own intellectual property and respecting that of others Avoiding conflicts of interest: separation of business and personal interests Privacy: precautions to protect and secure personal data All employees are required to observe these principles and to immediately report any violation of the Corporate Compliance Policy. This general reporting requirement does not apply in France due to peculiarities of national law. Bayer’s senior managers serve as role models and therefore have a vital part to play in implementing the compliance principles. They may lose their entitlement to variable compensation components and be subject to further disciplinary measures if violations of applicable law or internal regulations have occurred in their sphere of responsibility. Compliant and lawful conduct also factors into the performance evaluations of all managerial employees. Adherence to the corporate compliance principles is among the subjects covered in audits conducted by Bayer’s Internal Audit. The planning of these audits follows a function- and risk-based approach that also takes a corruption perceptions index schließen Corruption Perceptions Index (CPI) Since 1995, NGO Transparency International has produced an annual index of countries by the perceived level of public-sector corruption. The CPI ranks countries according to the extent to which public servants and politicians are believed to engage in bribery and to grant or accept undue advantage. into account. The largest companies, which together account for about 80% of Group sales, are generally subjected to audits at three-year intervals. A total of 191 compliance audits were completed in 2017, of which 22 were preventive or incident-related audits. The head of Internal Audit and the Group Compliance Officer regularly attend the meetings of the Audit Committee of the Supervisory Board, presenting a summary of conducted audits and key findings at least once a year. Compliance training To create a positive compliance culture in our company, we support all employees in conducting their professional activities with integrity and avoiding potential violations before they can occur. Bayer therefore organizes Group-wide training programs tailored to requirements and target groups, along with extensive communications activities on relevant compliance issues and risks. In addition, compliance managers are available worldwide to answer questions from all employees regarding lawful and ethical behavior in business-related situations. Employees can also discuss such matters with their supervisors, who serve as role models for compliance. We have set a Group target for nearly all of Bayer’s managerial employees worldwide to complete at least one compliance training program each year. In 2017, 35,159 employees, or around 96.6%, completed such a program. Group target: annual compliance training for virtually 100% of Bayer managers Online Annex: A 4.2-2 limited assurance The aim of these targeted training programs is to ensure that employees do not overstep boundaries out of ignorance or uncertainty. Our compliance training programs reflect the main compliance risk areas and are available in various formats to meet the training needs of different employee groups. Some take the form of web-based training (WBT) programs, while others involve face-to-face training sessions or workshops. In 2017, we implemented a new global web-based training program in 67 countries on the subject of data privacy. This program, currently available in ten languages, has already been completed by 57,613 employees as at December 31, 2017. New hires and employees switching to different areas of responsibility within Bayer undergo training according to their functions. Handling of suspected and actual compliance violations Suspected compliance violations can be reported – anonymously if desired and if permitted by respective national law – via a central compliance hotline that has been set up worldwide. It is also accessible to the general public. In 2017, the compliance organization received a total of 245 reports in this way (including 157 anonymous reports), with six reports coming from Germany and 239 from other countries. Alternatively, suspected compliance violations may also be reported to the respective compliance functions in Germany or the country organizations, or to Internal Audit. Compliance violations at Bayer are systematically sanctioned. The action taken in a each case depends on factors including the gravity of the compliance violation and applicable law. All cases are recorded according to uniform criteria throughout the Group and dealt with under the rules set forth in Bayer’s Corporate Policy “Management of Compliance Incidents.” Online Annex: A 4.2-3 limited assurance Where an investigation confirms that a compliance violation has occurred, the company has a graduated set of measures at its disposal. These include a verbal warning or written reprimand, transfer to a different unit, cancellation of a planned promotion, a reduction in the short-term incentive payment, downgrading to a lower collectively agreed pay rate or managerial contract level, and ordinary or extraordinary termination. Bayer also reserves the right to assert further claims against the employee for cost reimbursement or damages and / or initiate criminal proceedings. Lobbying As part of our commitment to tackle corruption, our Corporate Policy “Code of Conduct for Responsible Lobbying” sets out binding rules for our involvement in political matters and creates transparency in our collaboration with the representatives of political institutions. We also proactively participate in existing transparency initiatives such as those established by the European institutions or the U.S. Congress. As set out in our corporate policy on responsible lobbying, we did not make any direct donations to political parties, politicians or candidates for political office in 2017. Some associations of which the Group is a member make donations on their own initiative, in compliance with statutory regulations. Online Annex: A 4.2-4 limited assurance Our liaison offices in Berlin, Brussels, Washington, Moscow, Brasília and Beijing are key touchpoints between the company and political stakeholders. We publish details of costs, employee numbers and any of the other statistics required in each country in the transparency registers of the European institutions and the U.S. Congress. Bayer goes far beyond the statutory requirements in doing so. For instance, the Group also publishes data for countries such as Germany where there is no legal publication requirement. In 2017, the costs incurred at the liaison offices, including human resources, material and project expenses, totaled approximately €1.35 million in Berlin, Germany; €2.3 million in Brussels, Belgium; €6.97 million in Washington, United States; €0.28 million in Moscow, Russia; €1.5 million in Brasília, Brazil; and €0.82 million in Beijing, China. In the United States, where corporate donations are prohibited by law for federal elections and in many cases also state and local elections, some employees use the Bayer Corporation Political Action Committee (BayPac) to support legislative candidates through private donations. Political action committees are state-regulated, legally independent employee groups. The private donations made by BayPac are regularly reported to the U.S. Federal Election Commission and can be viewed on its website.