Professional Documents
Culture Documents
Fraud Management
Fraud Management
NOQD-111/EN
1 (6)
20 Dec 2010
Distribution
Archive:
Retention period:
Permanent
Fraud_suspicion.doc
Appendices:
http://digiumenterprise.com/answer/?sid=697887&chk=PE3UZW8N
Business ID
Domicile
www.nesteoil.com
NesteOil 2007
FI1852302-9
Espoo
Principle
NOQD-111/EN
20 Dec 2010
1 CHANGES
The principle has been updated to correspond to the new organization structure. At the
same time, some minor adjustments have been made.
Fraud Suspicion form has been updated due to person changes. Updates in related
documents.
2 PURPOSE OF THE PRINCIPLE
Neste Oils objective is to operate in compliance with applicable laws and regulations,
guard company reputation and credibility, and promote consistent organizational
behavior. Our company values form a basis for this. Illegal, fraudulent or dishonest
activities are not allowed.
This principle outlines the guidelines for fraud prevention, detection of fraud and fraud
risk assessment. Procedures related to fraud investigations, reporting and resolutions
after the investigations are included. The purpose of the principle is to raise awareness
of fraud and fraud risk management.
3 SCOPE AND VALIDITY
This principle is applied at the whole Neste Oil group, subsidiaries included. This
principle applies to any fraud or suspected fraud, involving employees as well as
consultants, vendors, contractors, external agencies and /or any other parties in
business relationship with Neste Oil group.
This principle, approved by the President and CEO, is valid until revised.
4 DEFINITIONS
4.1 Fraud
Fraud is considered to be any dishonest or deceptive activity or misuse of Neste Oil
assets, systems or position intended to result in direct or indirect benefit for the person
involved or associates of that person.
Some examples refer to, but are not limited to the following:
o
Expenses or liabilities avoided by fraudulent or illegal acts (e.g. tax fraud, abuse
of wage and working hours reporting)
Business ID
Domicile
www.nesteoil.com
NesteOil 2007
FI1852302-9
Espoo
2 (6)
Principle
NOQD-111/EN
3 (6)
20 Dec 2010
Bribery
Tax fraud
Money laundering
Code of Conduct
When assessing fraud-related risks the business area and common function
management has to identify the possible fraud risks concerning Neste Oil, e.g.
by employees, business partners, suppliers, customers, competitors or
professional criminals
Business ID
Domicile
www.nesteoil.com
NesteOil 2007
FI1852302-9
Espoo
Principle
NOQD-111/EN
20 Dec 2010
5.4 Monitoring
6 FRAUD DETECTION
Detective controls are designed to uncover fraud and misconduct when it occurs.
6.1 Mechanisms for seeking advice and reporting misconduct
Employees who discover or suspect fraudulent activity are provided with multiple
channels for reporting concerns about fraud or misconduct. This reporting can be
submitted verbally or in writing and the employees may choose to alert their own
managers, Corporate Security, Human Resources, Group Legal or Internal Audit.
A written notification can be submitted by using a whistle-blowing reporting system in the
Neste Oil Portal (tools Ethics On-line), by e-mail or by conventional mail using a
specific form enclosed herewith. This reporting can also be done anonymously. All the
reports shall be addressed further to the Head of Internal Audit.
All the reported matters are treated confidentially with relevant safeguards in place to
ensure maintenance of the confidentiality. In all instances, the rights and privacy of both
the reporting persons and the ones suspected are to be adequately protected and
assured.
6.2 Auditing and monitoring
Auditing and monitoring plans in Neste Oil shall be designed to encompass detection of
fraud and misconduct, including early warnings of fraud problems
7 FRAUD RESPONSE
Response controls are designed to take corrective action and remedy the harm caused
by fraud or misconduct.
When information related to actual or potential fraud and misconduct is uncovered, a
comprehensive and objective internal investigation is conducted. The purpose of an
investigation is to gather facts leading to credible assessment of the suspected violation,
leading to decision on a sound course of action.
In resolving fraud or misconduct incidents, penal proceedings in industrial relations
legislation valid in each respective country are used in connection with the employment
of perpetrator(s).
Investigation results and resolution of fraud incidents will not be disclosed to or
discussed with anyone else than those who have a legitimate need to know.
The penal proceedings concerning Neste Oil Oyj and its Finnish subsidiaries are
described in the following instruction Menettely rikkomustapauksissa Neste Oil
-konsernissa, 02.05.2006, (NOQD-29/FI).
Neste Oil Corporation
Group Functions
Business ID
Domicile
www.nesteoil.com
NesteOil 2007
FI1852302-9
Espoo
4 (6)
Principle
NOQD-111/EN
5 (6)
20 Dec 2010
8 RESPONSIBILITIES
8.1 Maintenance of Fraud Management Principle
The Chief Risk Officer is responsible for the maintenance of this principle.
8.2 Fraud management
The principal responsibility for fraud management rests with the President and CEO.
The Heads of business areas and common functions have responsibility for the fraud
prevention and management processes.
8.3 Fraud response
The owner of fraud management response process is the Head of Internal Audit. He/she
has the primary responsibility for organizing the investigation of all suspected fraudulent
acts as defined in this document.
The Head of Internal Audit is supported in the investigation by the Corporate Security.
Depending on the nature and scope of the suspected fraud or misconduct, the General
Counsel and appropriate business area or common function management will be
involved.
The Head of Internal Audit informs the President and CEO of the investigation results,
and decides about possible independent investigations.
The General Counsel decides about initiating possible legal actions.
The Head of Internal Audit shall also recommend procedures to attempt to prevent the
recurrence of any potential or suspected fraud or misconduct.
9 REPORTING
The Head of Internal Audit presents in his/her report to the Audit Committee the
occurred incidents.
A comprehensive status report is presented to the President and CEO and the Audit
Committee on a yearly basis.
The management of the business areas, common functions, subsidiaries and field
offices shall report the suspected and occurred incidents to the Head of Internal Audit
without delay.
10 RELATED DOCUMENTS
The person/s having authority and responsibility for the maintenance of the related
documents shall be aware of and refer to the stipulations described in this principle
concerning financial wrongdoings.
o
Business ID
Domicile
www.nesteoil.com
NesteOil 2007
FI1852302-9
Espoo
Principle
NOQD-111/EN
20 Dec 2010
Business ID
Domicile
www.nesteoil.com
NesteOil 2007
FI1852302-9
Espoo
6 (6)