Skip to article navigation Skip to content
Downloads My report

Notes to the consolidated non financial statements

2.1 Ethics and integrity

Our purpose unites us as an organisation. We aim to serve our clients with distinction and integrity – making a measurable and attributable impact and inspiring our people to deliver value. The number one action to achieving our purpose is to stand firm in doing the right thing.

Our NSE Code of Conduct sets out our values and ethical principles. These are critical to our reputation and continued success, and are embedded in everything we do: how we serve clients, how we direct our businesses, how we work together and how we contribute to society. Fundamentally, the reputation of our firm rests on the personal ethics of every Deloitter. Our ethics programme is designed to build trust in our professions and among our professionals, strengthen our reputation and relationships with stakeholders, minimise ethical risk, and help all our people to make the best professional choices. This becomes even more important given our growing and more diverse organisation.

Governance

There is an appointed Ethics Leader in the Netherlands, who engages leadership, addresses and resolves ethics reports and consults on tough issues. The Ethics Leader is also responsible for ensuring a strong tone at the top regarding the importance of ethics and integrity in the workplace. Communication is key to building a consultative and “speak-up” culture. Our Chief Quality Officer is - in her role of NSE Ethics Leader - responsible for ethics within the NSE Firm. The NL- and NSE Ethics Leaders are supported by a Deputy Ethics Officer. Furthermore, the NL Ethics team consists of three confidential counsellors (‘vertrouwenspersonen’). The confidential counsellors are tasked with the reception of reporters, guidance during the process and aftercare, and have a duty of confidentiality according to the law. It’s not their role to find out the truth but to only support the reporter in proposing and discussing possible solutions. Employees, suppliers, business relationships, and other parties can also file a report - if they wish anonymously - using Speak Up, our 24/7 hotline that is run by an independent party. Twelve ethics ambassadors (partners and directors) in our businesses help to broaden the scope of the ethics programme, reaching out to all partners and Deloitte professionals, acting as linking pin between the business and the ethics team, and promoting our core values at a business level. On a periodic basis, the NL Ethics Leader reports on ethics issues and the progress on the ethics programme to the NL Executive Board and NL Supervisory Board.

Learning

In FY21, more than 97% of our partners have attended the ‘Leading with Integrity workshop’, an interactive two-hour session that is delivered across the Deloitte network to all our partners around the world to help them drive consistency in the way they lead and build our Deloitte culture. 93% of our professionals completed the ‘Speak Up for Values’ e-learning for all partners and employees. This e-learning dives deeper into acting on our values and supports the building of a speak-up culture. 98% participated in the Respect & Inclusion e-learning designed to support our partners and professionals in their contribution to an inclusive and ethical workplace, where everyone feels treated fairly and respectfully, regardless of their visible or invisible characteristics.

Case trends

We have observed a decline in the number of reported incidents this year (a total of 64 in 2020/2021, compared to a total of 91 FY2019/2020 and 81 in 2018/2019). Although we cannot be sure about the exact explanation, we assume a year of remote working contributes to this observation. We are taking action to further improve the visibility of our Ethics Office and reporting channels, to encourage Deloitters to report - also when working remotely.

Table 09: Incidents: number of reported occurrence1

Type

2020/2021

Professional conduct

16

Fair treatment or inequality

25

Harassment and sexual harassment

5

Corruption

0

Other or inquiry

18

  • 1 As indicated in the About this report section, due to a new classification of incidents, we are unable to provide historic data

The presentation of our ethical incidents in above categories is meant to provide improved insight in the diversity of reports (and differs from the categorisation we presented in previous years which is the reason that we cannot provide historical data at present). 

Ethics Survey

In September 2020, we have measured the effectiveness of the ethics programme through our annual ethics survey. With an almost 38% response rate and a good spread of respondents across businesses, we have obtained a clear view on how partners and employees see Deloitte as an ethical employer.

The survey results show that:

  • An increased 97% of all respondents agree that Deloitte is an ethical place to work;

  • The overall level of awareness (ethics team, learning, values and Code of Conduct) is strong and has increased compared to last year. There is even a good level of awareness of the recently launched anti-harassment and anti-discrimination policy (84%), and non-retaliation policy (73%);

  • There is a clear understanding of the responsibility to report conduct which is perceived to be unethical and trust that independent, confidential action will be taken. The trust of being able to report misconduct without fear of retaliation is growing, while the feeling of being pressured to compromise ethical standards to achieve business objectives is decreasing;

  • There are still a number of people who have indicated that they have experienced or perceived misconduct without reporting this. Reasons for example, were that they believed no corrective action would be taken or it would negatively affect relationships with co-workers;

  • Next to this, we see an opportunity for our partners, leadership and management to regularly discuss the importance of ethics and integrity within their teams. In relation to this, recognition for ethical leadership also continues to deserve our attention.

Our Ethics Operational Plan 2021-2023 is based on the number and nature of the ethics incidents and the ethics survey results. The main priorities are:

The main priorities are:

Setting strong tone at the top

  • Strengthen ethical leader behaviours and voice, facilitate leaders to handle ethical reports and discussions, and prepare to foster teams with high integrity. We aim to achieve this by continuing and extending ethics training, and activating towards showing and rewarding / recognising ethical behaviour.

Manifesting a safe environment

  • Encouraging reporting of observed / experienced unethical conduct, reducing the fear for retaliation and increasing awareness of and trust in reporting channels. Demonstrate that corrective action will be taken, by a strong communication approach that focuses on cascaded communication and effective messaging. Communication should include special attention for speak up, non-retaliation and share an appropriate level of detail around cases, consequences, and the reporting / investigations processes (storytelling / transparency reports).

Reinforcing our team and connections

  • Strengthen and diversify the ethics team by broadening the ethics ambassador network and appointing an extra confidential counsellor;

  • Organising stronger connection and cooperation with inclusion and diversity, and intensifying the connection and cooperation with Talent to be able to anticipate on early warning signals.

Anti-Corruption

Anti-Corruption is one of our Global Key Commitments and requires the attention of all our partners, employees and external hires. We are against corruption in all its forms and want to contribute to good governance, economic development, and the improvement of social welfare wherever we do business. Our professionals are required to comply with the applicable Anti-Corruption laws, including at a minimum the provisions of the Dutch Criminal Code, the UK Bribery Act (2010) and, if applicable, the Foreign Corrupt Practices Act (FCPA).

Our fully implemented and comprehensive Anti-Corruption Framework, in which our colleagues are intrinsically motivated to comply with our Anti-Corruption values, consists of seven different elements that mitigate the risk of corruption within Deloitte and supports our employees and partners with guidelines to report corruption if needed. These elements include:

  1. Governance
    Programme strategy and objectives are determined by our Anti-Corruption Committee and the progress of our operational plan is periodically discussed within this governing body. Our Reputation & Risk Leader is also part of the Anti-Corruption Committee and fulfils the role of Anti-Corruption Champion, and has the final responsibility of the NL Anti-Corruption Programme. Other members of this Committee are all subject matter experts and relevant stakeholders of the Anti-Corruption programme. The Committee is responsible for actively overseeing the Anti-Corruption programme.

  2. Policies, procedures and guidelines
    Anti-Corruption is fully implemented in our policies, procedures and guidelines. The policies that are in place for Anti-Corruption are: DPM 1550, DPM 1551, DPM 1552 and the NSE ABC policy with a list of the applicable NSE ABC laws.

  3. Training and communications
    Every employee and partner within Deloitte Netherlands has to successfully complete the Anti-Corruption e-learning biennially. In September 2020, we have launched the refreshed and mandatory Deloitte Global Anti-Bribery and Corruption training, which has been completed by 96% of our partners and professionals. The e-learning is also mandatory for all new hires. Our communications will mainly be tone at the top messages to emphasise the importance of Anti-Corruption.

  4. Risk assessment
    We will update our Anti-Corruption risk assessment along with ethics risk assessment to be performed at NSE level in June 2021. Therefore, the conclusions of the risk assessment performed in 2019/2020 still stand. During the assessment the key risks for Anti-Corruption and Ethics will be discussed and weighed with all NSE relevant stakeholders of the Anti-Corruption programme. The results will be shared with and challenged by the Anti-Corruption Committee. Furthermore, during the year, Anti-Corruption as a risk will be discussed with our Assignment Partners in the Portfolio Risk Reviews. The Assignment Partners are asked to take a critical look at their portfolio concerning the corruption risks that they face and how they make sure that all necessary mitigating measures are implemented.

  5. Testing & Monitoring
    The Anti-Corruption Framework is tested and monitored yearly. The focus will be upon two aspects: the operating effectiveness of the Anti-Corruption elements and process level testing, e.g. hiring of referrals and gifts & entertainment. Internal Audit (IAD) performed specific internal audit procedures for Deloitte the Netherlands in the period from March – April 2021. For this year, process level testing was in scope for the following corruption related topics: 1) Gifts, entertainment and hospitality, 2) Interaction with government officials, 3) Third party due diligence. We have continued our second line of defence monitoring activities. This (bi-monthly) gives us the opportunity to act more quickly and pro-actively upon identifying risks.

  6. Third Party Due Diligence
    Anti-Corruption is not only implemented in our client processes but also for Third Parties, which we call the Third Party Due Diligence process. An Anti-Corruption risk is assigned for every new Business Relation. Furthermore, our procurement policies ensure that suppliers and contractors are selected through a fair, honest and transparent process.

  7. Consultation, Incident Response and investigations
    Anti-Corruption is integrated in our Ethics consultation and incident response procedures. For 2020/2021, no confirmed Anti-Corruption incidents involving partners or employees from Deloitte were reported, and none were brought to the attention of our Reputation & Risk Leader.

2.2 Privacy and data security

Working from home during the COVID-19 crisis has accelerated the demand for new and innovative tooling to connect both with clients and colleagues. For all new tooling, a solid and robust assessment of privacy and data security measures is needed in order to safeguard client- and Deloitte data. In addition, many new initiatives from our Cyber Acceleration Programme have been approved by our privacy and security teams ensuring privacy and data security by design. Our IT and security teams stepped up to the challenge enabling all our practitioners to work from home in safe and secure environments while also offering additional tooling and other items, thus providing a robust environment for our people, also at home. Software tools and vendors are assessed through the Global Technology Operating Model (GTOM) process, meaning all relevant Subject Matter Experts (SME’s) will review the application in one meeting from a privacy, security and IT perspective. This way Deloitte only cooperates with vendors that ensure the same level of data protection and confidentiality as Deloitte. Moreover, to ensure employees operate in a privacy and confidentiality minded manner, privacy and security awareness is on the top of Deloitte’s agenda. This is reflected in the “Secure the Future” privacy & security training that all employees must complete.

In order to safeguard and address Deloitte’s privacy compliance, strategy and governance, a privacy policy is implemented and a dedicated Privacy Office that is part of the Reputation & Risk Leadership Office is in place. The Privacy Office is – among other responsibilities – tasked with examining privacy aspects of processes and systems through our internal Data Privacy Impact Assessment (DPIA). In addition, the Deloitte has selected Privacy and Cyber Champions both within our business and in our Support Organisation. These champions are trained to be the first line of defence in the organisation concerning privacy and confidentiality aspects that arise within the business. By making use of Privacy and Cyber Champions, Deloitte creates privacy and security awareness within the organisation. Having the Privacy and Cyber Champions as the first line, the Privacy Office as the second line, the Data Protection Officer as the third line of defence and a robust internal audit Member Firm standard programme in place enables Deloitte to operate in a privacy and GDPR compliant manner. Lastly, Deloitte aims to organise a quarterly “Privacy committee” in which multiple key topics regarding privacy and confidentiality are discussed on high level. Examples are the privacy strategy, trends and other possible attention points.

As always, the prevention of data leakage is a top priority as data leaks can harm our clients and our reputation as a trusted business partner, and lead to significant monetary fines. Deloitte follows a well-defined data breach procedure in order to adequately address any data breach.

Despite our efforts, in 2020/2021 we discovered 95 data leaks. We received no complaints regarding breaches of client privacy or loss of customer data. In one case, we notified personal data breaches to the supervisory authority in conformity with the legal requirements of the ‘Wet meldplicht datalekken’ (Law on mandatory reporting of data leaks).

Add to My report