Conducting our business with integrity
Trust, responsibility, and ethical behavior define how we operate across our value chain.
Our business is built on the foundation of trust. Our Code of Conduct expresses our personal commitment to earn this trust every day, in all of our business activities and in every country where we work. It reflects our values through clear and simple direction for all of our employees and business partners and defines the principles of ethical and compliant business practices.
In February 2021 we were named for the fourth consecutive year (2018-2021) and the fifth time overall as one of the World’s Most Ethical Companies® by Ethisphere and were one of three winners in the telecommunications industry and the only Finnish company to be honored.
World’s Most Ethical Companies” and “Ethisphere” names and marks are registered trademarks of Ethisphere LLC.
Code of Conduct
Our Code of Conduct is applicable to all our employees, directors and management, and is available in 23 languages here.
We also have a Code of Ethics applicable to the President and CEO, Chief Financial Officer and Corporate Controller. Leadership involvement and oversight on ethics and compliance are provided by the Board of Directors via the Audit Committee. Compliance management is further supported by both global and regional compliance committees.
Nokia also has a dedicated Third Party Code of Conduct to address the unique needs of the relationship with third parties and is available in eight different languages (Arabic, Chinese, English, French, German, Japanese, Korean and Spanish).
Ethics and compliance - what we do
Nokia has created and maintains an Anti-Corruption policy and related standard operating procedures. Our Anti-Corruption Center of Excellence reviews hundreds of transactions, third parties, and requests to give or receive gifts, travel and entertainment, to name just some of the work happening every day.
All Nokia employees are prohibited from offering, giving, or receiving improper payments. Any agent acting on behalf of Nokia must meet the same standards.
Dealing with government officials
Giving to a third party “anything of value” that is intended to influence a business action may be considered bribery. Nokia employees are expected to exercise extraordinary caution when dealing with government officials which can include employees of a state-owned customer enterprise.
Nokia’s Ombuds program is designed to champion a speak-up culture that empowers employees to raise and discuss compliance questions and concerns. The vast network of local ombuds leaders promotes the program and serves as confidential and neutral resource for any compliance questions, concerns and requests for guidance.
Nokia’s compliance training portfolio consists of online mandatory and targeted training and live sessions. To supplement our annual mandatory Ethical Business Training, we also deploy online microlearning modules on high-risk topics to specific target audiences based on location and/or job function.
Conflict of interest
Nokia has a Conflict of Interest (COI) policy which provides important information and guidance to help employees understand, recognize, disclose and resolve conflicts of interest. Consistent with the COI policy, all employees are required to disclose conflicts of interest using the confidential web-based COI disclosure tool.
All Nokia employees are empowered to raise concerns and speak up about potential violations of our Code of Conduct. Retaliation of any kind is not permitted, and we take seriously all allegations regarding any form of reprisal and investigate such concerns thoroughly.
How we protect the data of our customers, employees and other sensitive data is critical to our business and reputation. With the growth in the deployment of new technologies towards a world where everything and everyone are connected and interconnected, data privacy and security issues are also on the increase.
Providing the tools to enable a speak-up culture
All employees are empowered to raise concerns and speak up about potential violations of our Code of Conduct. Retaliation of any kind is not permitted, and we take seriously all allegations regarding any form of reprisal and investigate such concerns thoroughly.
Our commitment to compliance with all relevant laws and regulations and to building and maintaining trust and credibility with all stakeholders is unwavering. We ensure the tools and means are available for any employee or other stakeholder to raise a concern and bring an issue to the attention of the compliance team. Whichever way the individual chooses to report a concern, it is handled confidentially by a diverse team of compliance professionals. Reporting of concerns can be done anonymously. We offer email, website and call options as well as an expanding network of ombuds individuals who can be approached personally for advice and support.
The Nokia Business Ethics Helpline is managed by an independent supplier and is available 24 hours a day, 7 days a week. Calls and conversations are entirely confidential, and a reporter may remain anonymous. The Helpline enables persons to report concerns in more than 23 different languages. In addition to the Nokia Business Ethics Helpline and ombuds representatives, concerns may always be raised with line managers, HR personnel, and Legal and Compliance members.
Our global Ombuds Program
At the end of 2020 we had 200+ local ombuds leaders and 85% of our employees work in locations with an onsite Ombuds Leader. Ombuds Leaders provide a safe and strictly confidential space to speak up. They remain completely neutral, impartial, and non-judgmental. Over 1 500 questions and concerns have been raised to the Ombuds network over the past three years.
We are committed to respect and support the Human Rights principles and values laid out in the International Bill of Human Rights (consisting of the Universal Declaration of Human Rights and its related covenants), the International Labor Organization’s Declaration on Fundamental Principles and Rights at Work, Organization for the Economic Co-Operation and Development (OECD) guidelines for Multinational Enterprises and the United Nations Guiding Principles on Business and Human Rights.
We fundamentally believe that connectivity and the technologies we provide are a social good that can support human rights by enabling free expression, exchange of ideas, education and economic development. Simply put, our technology allows billions of people around the world to communicate and access information and we are proud of this.
While we embrace fully our technological advancements, we are humbled by the responsibility that comes with this and acknowledge the risks. The most salient human rights risks related to our company and business involve the potential misuse of the technology we provide to infringe on the right to freedom of expression and right to privacy. As with any large enterprise, Human Rights risks also exist across our entire operations from our supply chain to our own operations. We have processes and policies in place for those.
Human rights across our business
For more information on Human Rights across aspects of our business visit the pages below.
Human Rights Due Diligence
The Nokia Human Rights Due Diligence (HRDD) process is a non-commercial cross company investigative process covering sales as well as R&D. This process is pre-emptive and rigorous. It is used to identify the potential risk level of human rights violations through the misuse of our technology before any sale is done or a solution is developed, while also attempting to identify ways to mitigate these risks to ensure compliance to our Human Rights Policy.
HRDD case investigations in 2020, internal training and continued experience with our due diligence processes may have helped sales teams identify cases that would likely be denied and either therefore avoid them completely or structure the offerings to avoid undue risk to human rights. Hence, in 2020, there have been more cases that require conditions attached and no cases which were determined to be a “No go.”
were resolved as “Go”
as “No go”
as “Go with conditions”.
HRDD is centrally managed by a full-time Head of Human Rights who reports to a senior manager, using a global process to ensure accountability, reportability and consistent practices across Nokia. The Head of Human Rights function is part of the Sustainability team in Corporate Affairs and works across the entire business ecosystem from business groups to sales to ensure adherence to the Human Rights Policy. The Human Rights Panel, chaired by the Head of Human Rights, is a cross functional senior group including technical, legal, marketing and communications senior experts that is called upon when needed to analyze cases from all angles in terms of potential risk to Human Rights. In addition, the Human Rights Governance Council consists of senior executives who review cases where agreement could not be reached earlier, with the final decision being made by the Nokia President and CEO.
Training and transparency
Training is a key aspect of ensuring our commitments to Human Rights are upheld. Training, tracking results, communication of Human Rights Due Diligence findings, checkpoints are reviewed and, where needed, improved on an ongoing basis.
Nokia communicates more on its commitment to transparency in our annual People and Planet Sustainability report. Anonymized Human Rights Due Diligence case outcomes are also published in this report. Nokia was the first telco equipment vendor to publish these.
We aim to be transparent and active by working with key industry stakeholders including, amongst others, through membership in the Global Network Initiative (GNI). GNI is a unique multi-stakeholder group involving leading ICT companies, investors, academics and civil society groups.
In April 2020 the public version of our first ever GNI human rights assessment conducted by the independent assessor Foley Hoag LLP was released. We are honoured to report that the GNI Board found Nokia has made good faith efforts over time to implement the GNI Principles on freedom of expression and privacy.
Responsible supply chain
Our supply chain is an important but complex part of our business and our reputation, and despite its complexity and depth we work hard to try to ensure it is transparent, and ethically, socially and environmentally well-managed.
We have robust procedures and processes in place and we continually improve them where necessary. These are supported by clear, well communicated policies. We identify and understand the risks associated with our supply chain and build and implement the programs and actions that help mitigate those risks. We employ a variety of audits and assessments to verify the integrity of our supply chain. We engage and increase supplier capabilities through learning and where necessary instigate remediation activities.
We maintain a Corporate Responsibility risk map of our suppliers which we update regularly.
Climate and our supply chain
We have set new supply chain related climate targets as part of our recalibrated overall science based targets. We require all suppliers, except those with very low environmental impact, to have a documented Environmental Management System (EMS) and along with key suppliers to be certified to ISO 14001. We work with our suppliers through CDP Climate Change program. We encourage our key suppliers to report their climate impacts and set carbon reduction targets through CDP and work with them to build improvement programs.
In February 2021 we again made it to the CDP Supplier Engagement Leaderboard, among the top 7% assessed for supplier engagement on climate change, based on our 2020 CDP disclosure.
Modern slavery and forced labor
We do not tolerate slavery, servitude, trafficking in persons, and forced or compulsory labor in our own operations or in our supply chain. Labor and working conditions are an integral part of our monitoring, assessment and onsite auditing in our supply chain. We have also increased our vigilance and follow up on the issue of potential mistreatment of ethnic and other minorities in supply chains globally. Our supplier training, communication, and workshops emphasize the importance of this issue and our non-tolerance. We have also set new KPIs for follow up and reporting.
Materials traceability and conflict minerals
Potential risks remain related to the mining, extraction and trade of metals industry that provide key minerals in electronic components. These risks include but are not limited to military conflict, potential human and labor rights abuses, and environmental damage. Our due-diligence approach is aligned with the OECD Due Diligence Guidance for Responsible Supply Chains of Minerals.
Highlights related to audits
supplier assessments conducted using the EcoVadis sustainability rating scorecards.
onsite supplier audits despite the pandemic restrictions.
suppliers disclosed climate data, which covers over 50% of Nokia spend.
Collaboration expands coverage and scale
In order to drive greater impact and a broader coverage and scope for our work in driving a responsible , transparent supply chain, we work with a number of key organizations.
Click the links to learn more about some of the organizations we work with in sourcing responsibly.
Our participation in the Responsible Business Alliance (RBA)
The RBA is a coalition of the world’s leading companies working together to improve efficiency and social, ethical, and environmental responsibility in the global supply chain. Nokia endorses the role that industry collaboration plays in improving challenging issues and we have historically participated in various networks and working groups within RBA, such as the Responsible Minerals Initiative. We will now take up membership in the RBA. We join the RBA as a member in support of the overall mission of the Alliance and have adopted the RBA Code of Conduct as the basis for the requirements we place on our suppliers, further supplemented by Nokia own supplier requirements. Sourcing and supply chain issues are ever more complex and we believe can be addressed more effectively via industry collaboration and shared efforts that are built on common working groups and understanding. We also look forward to contributing with our years of experience in sustainability and responsible sourcing issues worldwide.
Data Privacy & Security
Protecting customer, employee, and other sensitive data is critical to our business and reputation. It underpins the trust our stakeholders put in us as a company, in our technology and in our people every day.
Products with built-in trust
With new technologies that enable instant content and connections, where everything and everyone are connected and interconnected, data privacy and security issues must remain top of mind. Security and privacy are embedded into all Nokia products. We employ an holistic and life-cycle approach to security and mandatory Design for Security requirements are applied across our product and services portfolio.
Contributing and driving security standards
We take an active role in security standards such as GSMA SECAG which defined NESAS (security assurance scheme for networks), GSMA Fraud and Security group, 3GPP SA3 (defining security standards for 5G), in ETSI and others.
We committed to the Cybersecurity Tech Accord when we signed up to the Digital Declaration initiated by the GSM Association (GSMA).
Threat intelligence report
Each year Nokia releases its threat intelligence report. The report provides insights into what security leaders need to know about the risks posed by unmanaged IoT devices, why cyber criminals are shifting their interest in device attacks, and what digital transformation leaders need to know about the widespread proliferation of malware and how to stop it, and more.
Getting privacy right
We have established a comprehensive company-wide privacy program that builds privacy into our processes, products and services. Our privacy management model is set out in our group-wide Privacy Management Policy and is supported by Nokia Executive Leadership. Our Privacy statement can be found here Privacy | Nokia.