4 th ICAC Symposium Deals Under the Table

4 th ICAC Symposium: Deals Under the Table – the Doing or Undoing of Business Beyond Rhetoric – Sustaining Efforts to Combat Corruption Mark Gough Deputy Head of Compliance Investigations Hong Kong December 2009

Overview 1. Siemens History & Problems 2. Reaction & Results 3. Investigations at Siemens 4. Cooperation & Joint investigative activity 2 Hong Kong December 2009

From Werner von Siemens' workshop to global player – active in over 190 countries 1847 Founding of ''Telegraphen-Bauanstalt von Siemens & Halske" in Berlin 1850 First international sales agency in London 1855 Founding of the Russian company as the first foreign branch 1904 First permanent office in China 1905 Founding of Siemens Brazil 1924 Founding of Siemens India Ltd. 1961 Exports exceed 1 billion DM for first time 1968 Siemens passes the 100 -country mark 1970 Founding of Siemens Corporation, USA 1994 Founding of Siemens Ltd. China in Beijing 3 Hong Kong December 2009

Problems - Independent Investigations & Findings After raids by Munich prosecutor: Appointment of Debevoise as Independent investigators Ø Report only to chairman of Supervisory Board Ø Unrestricted access to all employees and records Ø Investigatory work in 32 countries Ø Over 2, 050 interviews + 900 informational meetings Ø Collection of over 100 million documents Ø Analysis of 10 million and target searching of 40 million banking records Ø Extended participation by more than 100 lawyers and more than 100 support staff from Debevoise mandate ended March 2009 4 Hong Kong December 2009

From Reaction to Transformation to Sustainability: Outline of the change process Immediate Actions (Nov. 06 – Mar. 07) § Independent investigation & external advisors appointed § External ombudsman active § "Tone from the top": town hall meetings; letters of CEO; etc. § Monitor and review of cases § Use of business consultants restricted § Payments and bank accounts centralized Implementation (April 07 – Mar 08) § Definition and creation of a comprehensive compliance program: Prevent – Detect – Respond Prevent Detect Respond § Compliance Organization § Compliance investigations Continuous improve ment § Compliance reviews § Compliance controls § Consequences for misconduct § Global case tracking § Monitoring effectiveness § Compliance helpdesk (incl. Global Ombudsman function) § Integration with personnel processes § Implement effective global compliance organization and processes § Anti-corruption training for managers and sensitive functions 5 § Elimination of material weakness § Compliance tools and simplification of processes § Compliance incentive system § "Tone from the Top" § Training § Policies & Procedures § Program communication § Centralization How to become a "recognized leader" ? (Apr 08 – Sep 10) § NGO cooperation and collective market approach § Settlement with DOJ/SEC and Appointment of a Monitor § Extended scope of compliance and creating a culture of integrity § …. Hong Kong December 2009

Importance of the Compliance Efforts for the Settlement – “Extracts” “The reorganization and remediation efforts of Siemens have been extraordinary and have set a high standard for multi-national companies to follow. These measures, in conjunction with Siemens‘ agreement to retain a Monitor (with support from a U. S. law firm with FCPA and compliance expertise) for a term of four years, highlight the serious commitment of Siemens to ensure that it operates in a transparent, honest, and responsible manner going forward. ” (DOJ Sentencing Memorandum, December 2008) “…the Department of Justice advised the Court that Siemens AG and its subsidiaries have demonstrated extraordinary cooperation with the Department of Justice‘s investigation, and have engaged what we view as extraordinary remediation and self-cleaning efforts, including the replacement of top leadership with management committed to compliance with anti-corruption laws, centralization of its compliance and audit functions, company-wide training, discipline of wrongdoers, implementation of due diligence, and other best-in-class measures to prevent future violations. ” (Letter of DOJ, December 2008) The settlement would not have been possible without the Compliance efforts of Siemens and its Global Compliance Organization 6 Hong Kong December 2009

Siemens AG Monitor work plan: Year one The four major activities of the Monitor are… Make on-site observations Inspect relevant documents 1 Review reports, minutes etc. that demonstrate how anti-corruption Compliance policies and procedures operate 2 Conduct analyses, studies and testing Informational meeting with relevant stakeholders 3 Attend meetings like Supervisory Board‘s Compliance Committee, Managing Board, SOA 404 Subcommittee, Corporate Disciplinary Committee and anti-corruption training sessions, to learn how Compliance issues are addressed Supervisory Board, Managing Board 4 Key employees Corporate Departments incl. Cross-Sector-Services and Businesses Analyze and assess the effectiveness of several of primary anti-corruption Compliance controls through a series of walkthroughs Business Partner toolkit Key employees Sector and Division Level: CEO and CFO, General Counsel, Compliance Officer and other functions (e. g. Accounting & Controlling, Sales, etc. ) Lo. A and G&H tool Tools used for approving Donations, Memberships and Sponsoring Key employees RC Level: CEO and CFO, General Counsel, Compliance Officer and selected employees from certain functions likely to face corruption risk Review reports of corruption related misconduct RC site visits schedule from May till Sept: Austria, Mexico, Russia, Brazil, China, South Africa, Argentina, India and United States Enterprise Risk Management and Corruption Exposure Assessments 7 Hong Kong December 2009

Video from Peter Löscher is shown in all training – sets the tone from the top "Only Clean Business is Siemens business. Everywhere – everybody – every time!" "Compliance as part of Corporate Responsibility is 1 st priority!“ Source: P. Löscher; Compliance Officer Conference October 2007 8 Hong Kong December 2009

Compliance Program Objectives: Prevent – Detect – Respond Prevent Detect Respond "Tone from the Top" Compliance Organization § Training § Policies & Procedures § Program communication § Centralization Continuous improvement § Compliance investigations § Compliance reviews § Compliance controls § Consequences for misconduct § Global case tracking § Monitoring effectiveness Compliance helpdesk (incl. Global Ombudsman function) § Integration in personnel processes 9 Hong Kong December 2009

Compliance-related Incentive System For Senior Management: Compliance Performance Matters Compliance impacts the FY 2008 annual bonus by approximately 17% Metrics Implementation kit 1) – tested quality on time § Tone from the top & training § Policies implementation § Compliance organization and transparency 2 Impact / effectiveness of Compliance program § Incidence of new serious cases (systematic failure) § Adequate sanctions taken § On time reporting 3 Compliance perception survey 1 Assessment Evaluation Corporate Finance – Audit (CF A) Re-Testing report Compliance Legal: Case tracking and evaluation, Disciplinary sanctions Survey team: § Evaluation of each division/ country § Proposal for multipliers prepared in compliance round table Average multiplier in FY‘ 08 Compliance index and benchmark § Employee perception Evaluation scheme: 0. 75 0. 9 1. 0 1. 1 1. 25 1) If unit not tested, criteria does not apply in this fiscal year Source: CL CO / CD E 10 Hong Kong December 2009

Global Compliance Organization 2009 – Corporate Functions Siemens: An example how to integrate Investigations into the Compliance Organization Member of the Managing Board General Counsel § Compliance represented in Managing Board § Strong corporate governance § Embedded in Business units and Regions P. Solmssen Chief Compliance Officer A. Pohlmann Corporate Units Compliance Officers Sector Compliance Officers Industry; Energy; Healthcare Division Compliance Division Officers (DCOs) Cluster Compliance Officers 17 Geographic clusters Compliance Policies, Communication & Training Compliance Program, Projects & Reporting Compliance Operating Officer K. Moosmayer Regional Compliance Officers (RCOs) Compliance Helpdesk & Monitoring Compliance Legal Compliance Investigation Disciplinary Sanctions R. -D. Buehrer 11 Hong Kong December 2009

Compliance Operating Officer: Tasks Compliance Helpdesk and Monitoring § Advise on compliance issues § Responses to "Ask us" questions § Reporting on "Tell us" cases 2 Compliance Legal § Legal guidance and advice for all compliancerelated matters (defense of cases handled outside of Compliance) § Prepare and review compliance policies 3 Compliance Investigations § Investigation of compliance cases § Add to ‘Prevention & Remediation’ Disciplinary Sanctions § Legal guidance and advice on disciplinary cases and proceedings § Legal recommendations for Corporate Disciplinary Committee 1 4 12 Hong Kong December 2009

Compliance Helpdesk Consists of Five Parts Over 680 reports (448 actionable) since Q 1/2008 Over 4600 questions since Q 1/2008 "Ask Us" Partly available "Tell Us" “Find It" Do you have any questions about compliance? You can ask them at any time via the Compliance Help. Desk “Ask Us. ” The Compliance Help. Desk “Tell Us” function provides global, round-theclock facilities for making statements on compliance-related breaches. New Gift & Hospitality Policy “Approve It" Use “Find It” to search for compliance related information, such as FAQs, policies & guidelines or training material. Compliance Helpdesk & Monitoring “Improve It" “Approve It” is the platform for approval requests regarding gifts and hospitality Now available With “Improve It” you can help to improve the Compliance program by adding your ideas and suggestions. 13 Hong Kong December 2009

Categories of Compliance Cases Compliance cases are cases where a legal requirement or an internal rule based on such requirements is violated. Information Request Criminal Proceedings Non-public Corruption Public Corruption Theft Administrative Proceedings Anti-trust violations Human Resources 14 Fraud Other Hong Kong December 2009

Compliance Investigations – Workflow Overview CCO 1) mandate investigation Compliance Investigation / Forensic Audit 2) conduct investigation Compliance Legal 7) report results 3) request collection Legal Clearance Office for Data Collections 4) clear collection 15 6) provide data CF A IT Audit 5) collect & prepare user data Hong Kong December 2009

Phases of an Investigation Pre-Investigation Mandating Research & Planning Investigation Reporting Consequences & Remediation Compliance Legal Compliance Investigation Disciplinary Sanctions & PPR Clarify if matter should be dealt with by an investigation CCO creates legal basis for specific investigation Non-invasive actions to plan investigation and inform relevant stakeholders Establish facts of case through background research, interviews and data collections Report on facts, violations of laws and regulations, draw conclusions & recommendations Take / advise on disciplinary measures and manage the implementation of recommendations Detailed Investigation Process 16 Hong Kong December 2009

Investigation Process 1. Mandate Investigation 2. Plan Investigation 3. Conduct Investigation 4. Report on Investigation 5. Close Investigation File 6. Review Process 1. 1 Clarify Mandate 2. 1 Receive Mandate 3. 1 Kick off Investigation 4. 1 Draft Report 5. 1 Archive Case 6. 1 Collect Feedback 1. 2 Issue Mandate 2. 2 Identify Legal Frame. 3. 2 Collect Information 4. 2 Review Report 5. 2 Close Inv. Mandate 6. 2 Evaluate Feedback 2. 3 Establish Work Plan 3. 3 Review Information 4. 3 Request Evaluations 2. 4 Approve Work Plan This process phase establishes a mandate for an investigation based on specific facts. The legal framework is defined and all investigation steps are planned. The stakeholders are informed. 6. 3 Implement Improvements 4. 4 Distribute Report Background research is conducted, interviews are done and electronic data is collected. The approved work plan is carried out. 17 The results of the investigation will be consolidated and reported to relevant stakeholders. The investigation is closed and the data is archived. The mandate is closed. The investigation is reviewed to identify process improvements. Hong Kong December 2009

TRACI Global Compliance Case Tracking Tool 18 Hong Kong December 2009

Introduction of Global Case Tracking Tool in FY 20097 FY 2010 Old tool Case tracking tool "PAULA": All cases (resulting from the reporting + from other sources) at Compliance Legal are entered into a data recording, tracking and reporting system ("Paula") by the resp. lawyer. Paula was introduced in October 2007 and has since then been updated or adjusted to new requirements several times. From May 2008 to November 2009, Compliance Investigations used basic excel spreadsheet to manage all cases under mandate. New Tool “TRACI” Global Case Tracking Tool: In FY 2009 a global case tracking tool was introduced. This tool includes a global process / progress tracking of all cases worldwide including creation of a workflow, a local administration and reporting on compliance issues for all Compliance delegates. Tool requirements: to manage and track status of cases… which supplies reporting functionality, which includes both predefined, . . . …this includes automatic acknowledgements, . . . Web based solution …and user defined reports (graphical and chart) . . . notifications (queuing), escalations, reminders, … …task management and bring forward / follow-up tasks. 19 Hong Kong December 2009

Advantages of TRACI? Global platform for the recording, management and documentation of Compliance Cases Supporting the global collaboration of the Compliance organization Transparency and reporting functions Supports us in the settlement requirement of an effective and complete reporting system of suspected or actual non-compliant behavior of Siemens employees 20 Global case tracking … … supporting central and local workflow … … according to US requirements. … and reporting on compliance violations, Hong Kong December 2009

Users and Numbers § Chief Compliance Officer § Compliance Operating Officer § Compliance Legal § Investigation § Corporate Unit Compliance Officer § Disciplinary Sanctions § Sector Compliance Officer § Cluster Compliance Officer § Division Compliance Officer § Regional Compliance Officer § Remediation Numbers § 600 Users (globally) already more than 300 working with the system § 82 Countries §Siemens AG and approx. 1030 affiliated companies 21 Hong Kong December 2009

Users and Numbers § Chief Compliance Officer § Compliance Operating Officer § Compliance Legal § Investigation § Corporate Unit Compliance Officer § Disciplinary Sanctions § Sector Compliance Officer § Cluster Compliance Officer § Division Compliance Officer § Regional Compliance Officer § Remediation Numbers § 600 Users (globally) already more than 300 working with the system § 82 Countries §Siemens AG and approx. 1030 affiliated companies 22 Hong Kong December 2009

Users and Numbers § Chief Compliance Officer § Compliance Operating Officer § Compliance Legal § Investigation § Corporate Unit Compliance Officer § Disciplinary Sanctions § Sector Compliance Officer § Cluster Compliance Officer § Division Compliance Officer § Regional Compliance Officer § Remediation Numbers § 600 Users (globally) already more than 300 working with the system § 82 Countries §Siemens AG and approx. 1030 affiliated companies 23 Hong Kong December 2009

“Treu. Info” – a reporting & control system Treu. Info is a global electronic system which facilitates the reporting of economic loss and material damages. Treu. Info has now been integrated into the Siemens compliance setup. There are three criteria which have to be fulfilled to enter a case into the Treu. Info System: • Damage to the company’s property • Amount of loss higher than € 100 and under € 50, 000 • Deliberate act. The compliance officer has to ensure that all such incidents are reported; The correct reporting of ALL cases is certified by the responsible CEO quarterly. 24 Hong Kong December 2009

Meeting the challenges Ø Investigation Manual – Circular & Process Ø Prioritizing of Investigations Ø Training – investigators & compliance organization Ø Developing Regional Hubs (South-East Asia; Americas; USA and Canada; Africa) Ø Creation of pool of investigative expertise on regional basis Ø Launch international forum for private sector investigators (collective action) 25 Hong Kong December 2009

Cooperation & Joint Activities Cooperation: the SIEMENS position Ø History of Cooperation Ø Disclosure Policy: Transparency the key to build trust Ø Company wide agreed investigation process encouraging cooperation The way forward Ø Working with MDBs to define policy on joint activities Ø Workshop with other investigative offices to define best practices Ø Use results to define international standards (collective action process) 26 Hong Kong December 2009

Siemens needs to go beyond internal programs in order to become a recognized leader in compliance “Collective Action" can have a key role fostering equal compliance standards for all market players and thus reducing the risk of corruption. Collective Action External Internal Siemens Compliance Program § Prevent § Detect § Respond Share internal policies, experiences, best practices and success stories Become a recognized leader in transparency and compliance Reach out to industry peers via neutral facilitators (such as Transparency International) and initiate joint activities to fight corruption Siemens achieved best score in the 2009 Dow Jones Sustainability Index (Electronic Equipment industry) regarding category code of conduct / compliance 27 Hong Kong December 2009

Collective Action – Joint Forces Against Corruption Three ways to drive Collective Action 1 Siemens & competitor Approach competitors to set up long-term industry initiative against corruption 2 Siemens Customer 3 Independent 3 rd party (NGO) 28 Approach Public Sector customers directly and propose project-specific Integrity Pact Approach Public Sector customers via independent 3 rd party and propose project-specific Integrity Pact Hong Kong December 2009

Building a world class compliance structure is one process Sustaining the clean business message to 405, 000 staff globally is another Creating a level playing field for all stakeholders is the absolute objective 29 Hong Kong December 2009

Mark Gough Compliance Investigations Tel. Office: + 49 (89) 636 -32844 Tel. Mobile: + 49 1522 8874914 Email: mark. gough@siemens. com 30 Hong Kong December 2009