Monitoring our adherence
Our Standards of Business Conduct (SoBC) apply to all our Group companies and employees.
Employees are required to report any instances of non-compliance and managers are required to take appropriate disciplinary action in cases of non-compliance. Retaliation against employees for reporting information or raising questions in good faith about possible violations is itself a breach of the Standards.
Any allegations are investigated internally and strong action is taken where necessary.
All business units worldwide complete an annual self-assessment against our key audit controls, in which they confirm they have adequate procedures in place to support SoBC compliance.
In addition, all staff working across the Group are required to complete an annual sign-off, confirming their commitment and adherence to the SoBC, and re-declare any personal conflicts of interest.
Continuous information on compliance with the Standards through the year is gathered at a global level and reported to the Regional Audit and CSR committees, and quarterly to the Board Audit Committee.
All Group companies have adopted the SoBC or local equivalent. Reynolds American Inc. companies adopted their localised version of the SoBC with effect from 1 January 2018. Any instances of suspected improper conduct contrary to their localised SoBC, and established breaches, have been reported on an aggregated Group basis from 2018 onwards.
In the year ended 31 December 2018, 266 instances of suspected improper conduct contrary to the SoBC were reported to the Audit Committee (2017: 183).
Of the instances reported, 98 were established as breaches and appropriate action taken (2017: 78). In 99 cases, an investigation found no wrongdoing (2017: 75). In 69 cases, the investigation continued at the year-end (2017: 30), including investigation, through external legal advisers, of allegations of misconduct.
The appropriate action will vary from case to case but will include, depending on the circumstances,disciplinary action or dismissal. Where criminal activity is believed to be involved, the matter will generally be reported to the relevant authorities. Where any weakness in internal controls is identified, appropriate measures are taken to strengthen them.