Business conduct and corporate culture (including issues such as organizational ethics and integrity, protection of whistle-blowers, and compliance with regulations) represent material positive impacts that our organization creates for our stakeholders, but also financial risks if not addressed well. Failure to reach the expected standards in these areas will result in financial risks in the form of penalties, legal costs, and reputational damage. As an assurance and advisory firm whose work is founded on trust, we value these principles and actively manage the risks associated with them. As described in our management review (new window), we are guided by our core values – Integrity, Excellence, Courage, Together, For Better – in upholding these ethical standards and thus creating a positive impact for our stakeholders.
|
G1 Business conduct |
Impact materiality |
Financial materiality |
Value chain |
||
|
Positive |
Negative |
Opportunity |
Risk |
||
|
Corporate culture |
|||||
|
|
|
|
||
|
|
|
|
||
|
|
|
|
||
|
|||||
In this section, we use the ESRS G1-1 guidelines as a basis for disclosing information on our business conduct and corporate culture, including how we value ethics, integrity, and the protection of whistle-blowers. Complying with regulations is an important issue that we address diligently. This section addresses our compliance with regulations related to business conduct; further information on compliance can be found in other parts of this sustainability statement, including Audit quality, Data security, and Own workforce.
Our strategy for upholding business conduct is grounded in the principles outlined in our Global Code of Conduct, which serves as a comprehensive framework for ensuring ethical behavior and a positive corporate culture across KPMG N.V. This code underpins our commitment to transparency, accountability, and a safe workplace, guiding our actions and interactions at every level.
To support this framework, we have implemented targeted policies, processes, and governance structures designed to address critical issues such as undesirable behavior, labor disputes, complaints, whistle-blowing, corruption, bribery, and organizational misconduct. These measures include having dedicated committees and channels for raising concerns, promoting a culture of openness, and ensuring that every report is addressed swiftly and appropriately.
Together, these efforts reflect our strategic commitment to ethical business practices, fostering trust within our organization and with external stakeholders.
4.2.1 IRO management: Key policies and actions related to business conduct and corporate culture
To ensure our Code of Conduct is followed appropriately, we have developed several mechanisms for detecting, preventing, and addressing any concerns related to unlawful behavior, protecting whistle-blowers and preventing corruption and bribery. Following the guidelines of ESRS G1-1, this section explains how we manage impacts and risks related to complaints, whistleblowing, and corruption. Our Ethics and Independence department ensures that our Code of Conduct is upheld and is implemented appropriately.
Policies and actions related to corporate culture
We have several policies that support us in strengthening our culture. Our annual mandatory trainings, for example, include “We do what is right: Integrity at KPMG.” Via this training, we impart our values to our client-facing and non-client-facing employees alike, as the basis of all our professional actions. Consequently, our values form an integral part of the tone at the top and are the core of our quality control system. In addition, member firms across KPMG International share many of the same risk, independence, and compliance training courses. This means that when teams work together internationally, everyone is familiar with the same basic approaches and rules, ensuring that there are no compliance risks arising from global engagements.
To encourage integrity in training, it is clearly stated at the start of each training course that both the course and the assessment must be completed independently, without any assistance. The professional confirms they accept this before beginning the training. Since 2023/2024, internal mandatory trainings are also monitored to prevent possible answer sharing.
Our Supplier Code of Conduct covers the diversity and corporate responsibility principles that KPMG N.V. assumes are observed by its suppliers. The code includes 10 principles within the categories of business conduct, working conditions, human rights, and the environment. For all orders and contracts with a total value of at least EUR 25,000, partners and employees must ensure that the Supplier Code of Conduct is included as a condition of the order or contract. Our COO has ultimate responsibility for ensuring the implementation of and adherence to the Supplier Code of Conduct.
Policies and actions related to complaints and whistleblowing scheme
Our Global Code of Conduct and Complaints & Whistleblowing Scheme are the key policies that empower all stakeholders, whether internal or external, to report on any concerns related to unlawful behavior and whistleblowing. This section describes actions and processes to address these concerns.
Complaints and addressing unlawful behavior
The Complaints & Whistleblowing Scheme is designed for ease of access, ensuring that all concerns raised are investigated diligently by our Internal Audit & Compliance Office, which is comprised of experienced auditors. This scheme undergoes annual testing to ensure its effectiveness.
This general scheme is separate from the dedicated channel in place for our own workforce to report issues related to undesirable behavior and labor disputes, as discussed in section 3.1.3 Processes to remediate negative impacts (new window). The head of the Internal Audit & Compliance Office has ultimate responsibility for ensuring the implementation of the Complaints & Whistleblowing Scheme.
Whistleblower reporting and protection
As discussed in Processes to mitigate negative impacts (new window), our whistleblower channels, managed by the Internal Audit & Compliance Office, provide stakeholders with a secure avenue for reporting unethical conduct. Our whistleblower scheme complies with the EU Whistleblower Protection Directive. Investigations are conducted by certified auditors who have undergone specialized training. The process for personal investigations follows our established Personal Investigation Policy, ensuring integrity and confidentiality at every step.
Our organization gives high priority to protecting whistleblowers. Several safeguards are in place to ensure confidentiality, including the option to report anonymously, and to provide legal protection and guarantees that no whistleblower will face unfair treatment as a result of filing a report. Files and evidence are stored on secure, protected servers, further ensuring the confidentiality of investigations.
We continuously review our protections against retaliation in light of evolving regulations and we make any necessary revisions to enhance the safety and security of those raising concerns.
We actively promote awareness of these mechanisms. Our Global Code of Conduct, which includes details of our complaints and whistle-blowing channels, is available to all our people and to the wider public, making it a critical resource for maintaining ethical behavior. Every year, all our employees are required to confirm their compliance with our internal policies – including explicit affirmation of their awareness of our complaints, whistle-blowing, and speak-up channels – through the Annual Compliance Confirmation. Furthermore, all our employees are required to complete the mandatory “We do what is right: Integrity at KPMG” training and Global Independence Trainings.
Policies related to corruption and bribery
Our policies on corruption and bribery are laid out in our Global Quality & Risk Management Manual and are further supported by our Global Code of Conduct. These provide clear guidelines to all our employees on how to prevent and address instances of corruption and bribery (in line with the UN Convention against Corruption). The Internal Audit & Compliance Office ensures that the policies are applied appropriately at all levels.
Given that most of our business operations occur within the Netherlands, a low-risk country for corruption and bribery, we do not designate specific high-risk functions. Nevertheless, to ensure that these policies are consistently applied, we conduct regular training for our employees, particularly those in high-risk departments such as Finance, Procurement, and Marketing. This training ensures our compliance with anti-corruption and anti-bribery regulations and enhances our colleagues’ ability to recognize and act on potential threats.
We carry out specific checks during the acceptance process for clients and engagements to assess the risk level for bribery and corruption. Our teams are also trained to detect and address potential instances of corruption during their engagements. In cases where a higher risk of corruption or bribery is identified, specialized forensic experts are involved to provide additional oversight. Furthermore, if any potential bribery or corruption is identified, the engagement team consults with the Audit Quality Professional Practice department’s 240/250/Wwft Panel, whose members are specially trained to offer guidance on how to proceed. This ensures that every instance is handled with due diligence and care.
Fraud, bribery, and corruption are also monitored at the organizational level through an annual anti-bribery and -corruption (ABC) assessment. This is mandatory for KPMG member firms to determine whether there is (non-)compliance with the global values and rules set out in our Global Quality & Risk Management Manual. Carried out objectively by the KPMG Forensic team, the ABC assessment also includes follow-up recommendations.