Skip to main content

Our compliance corner

The fight against corruption

Maintaining a culture of integrity requires the continuing commitment of everyone at Nokia:  our leaders, who must lead by example and demonstrate deep engagement in driving compliance; our employees, who must know and understand the rules and raise their hand when they have concerns; and our Legal & Compliance team that is responsible for educating and empowering employees, establishing clear guidelines, and implementing effective procedures to address the complex and varied risks inherent in today’s business environment.  Likewise, Nokia’s Ethics & Compliance team (E&C) constantly seeks to improve our already robust compliance program and find new and effective ways to lessen risk.  Our Ombuds team helps drive our open reporting culture, our Investigations team responds promptly to reports of potential issues, and our Anti-Corruption Center of Excellence reviews hundreds of transactions, third parties, and requests to give or receive gifts, travel and entertainment, to name just some of the work happening every day.

Recently, in an effort to further mitigate the risk associated with engaging third parties, E&C began to proactively engage with our third parties to ensure they share our commitment to integrity and have their own robust compliance programs.  This engagement is strengthened further by Nokia’s Third-Party Code of Conduct, which was launched in 2018, and Nokia’s decision to become a signatory to the World Economic Forum’s Partnering Against Corruption Initiative (PACI) and commit to an active role in the global fight against corruption. 

In the current enforcement environment, the work of Ethics and Compliance is more important than ever. Indeed, the number of anti-corruption and anti-corruption-related enforcement actions continue to climb globally. Recently, we’ve seen the largest-ever settlement in a case brought under US anti-corruption law, as well as fines meted out for a potpourri of wrongdoing, including improper payments to government officials in order to obtain permits and the use of agents to funnel bribes. In sum, anti-corruption prosecution continues at a vigorous pace, and it shows no signs of slowing.

What can we take away from the many cases we have seen of late? While obvious, it bears repeating that the consequences of corruption are profound. Beyond massive fines, disruptive investigations, and loss of business, careers are destroyed, individuals go to jail, companies may never recover their former reputations, and investors and consumers may be harmed.

Nokia is committed to the hard work necessary to maintain a best-in-class ethics and compliance program because having a reputation for integrity has become a true commercial differentiator. We are proud of our deeply embedded culture of integrity, where our leaders and employees care about ethics, want to “win” with integrity, and embrace the “Speak Up” culture. At Nokia, we make it a priority to maintain our values – even in a competitive and difficult market. Put simply, staying out of trouble takes work, and that work is never done as we strive continuously to improve our ethics and compliance program.

The trust equation

We have all seen first-hand the erosion of trust in institutions that have long served as cornerstones of free and open societies – the media, corporations, and freely-elected governments to name a few. From “fake news” to Brexit to yellow vest protests, it can feel as if the fabric that binds us together is stretched to the breaking point. Pessimism abounds. But the latest results from an annual survey on trust1 reveal something surprising: trust has become “localized,” with the majority of respondents now naming “my employer” as their most trusted institution or relationship, far outpacing NGOs, business and media. But it can’t be one way; employees expect something in return. In exchange for their trust, employees expect their companies to act as agents of change, working to improve the lives of employees and for the overall betterment of society. The payoff for employers who can meet these expectations is significant: employers who have earned the trust of their employees reap the benefits of a workforce that is engaged, loyal, and committed.

As one noted management consultant has observed,

“The secret to getting people engaged isn’t about showing them why it’s good for them. It’s the exact opposite. It’s about providing people with a purpose that’s bigger than they are.”2

We understand the importance of trust, engagement, and a greater purpose. As a trusted employer, we know our success is based not only on providing cutting edge technology but equally on a dedicated, happy, productive workforce that trusts the company to do the right thing for them, for the business, and for the communities in which we work. As employees we appreciate an inclusive, stable work environment where our leadership is committed to not only driving growth in an ethical way but also providing employees with fair pay and benefits, multi-dimensional growth opportunities, and the opportunity to make a difference. Our customers, suppliers, shareholders, and partners likewise want to work and invest with us because of our commitment to these ideals.

In the Legal & Compliance organization, the trust equation is central to what we do. We support our business partners in complex commercial negotiations, dispute resolution, protection of our intellectual property and much more. And as guardians of Nokia’s hard-earned and longstanding reputation as a company that leads with integrity and serves as a model of corporate ethics, we strive to raise the bar on transparency and compliance everywhere we do business. We work diligently to ensure that the actions and behaviors of our partners, affiliates, suppliers and others with whom we do business follow the same principles and values we expect of our employees. 

We also work hard to improve our communities and the lives of others. Nokia has been recognized for its commitment to pro bono work, ranging from improving the delivery of health care services in rural Africa, to education in remote parts of India, to groundbreaking work supporting employment opportunities for asylum-seekers across southeast Asia.

We don’t shy away from doing business in tough places where transparency is lacking and the rule of law is weak. After all, the need for advanced communication technologies is at least as great in such places as in more developed nations. Instead, recognizing the vital nature of our products and services, we go in with clear eyes, recognizing the challenges and partnering with our business leaders to craft effective and creative solutions to address these risks, never compromising on our values and our commitment to integrity. This is how our Legal & Compliance team furthers the trust equation: by partnering to achieve business objectives, enabling the provision of communications and technology solutions to millions, setting an example for ethical business practices globally, and never straying from our values and our unyielding commitment to integrity.

12019 Edelman Trust Barometer, an annual survey carried out by Edelman, a global communications firm.

2Lisa Earle McLeod, author of Leading with Noble Purpose (2016) and other leading works. 


A solid foundation of integrity

The evolution of compliance in our company reflects our journey from humble beginnings as a paper and rubber maker to a global leader in communications infrastructure and technology. While integrity has long been a core value, our compliance program has adapted to address new and emerging risk areas every time we enter into new industries and markets.

Compliance in our company remains agile in a world of constant change, as issues such as privacy, information security and trade compliance take on ever-greater importance. Adaptability and flexibility must be the watchwords of an effective compliance program.

Our compliance program has two aims: enabling business and protecting the company. Balancing these competing objectives is central to our role. We strike the balance by understanding our business colleagues’ strategies and goals and working closely with the business to assess, analyze, and mitigate compliance risks.

We believe our reputation for integrity is well-deserved, and as a team we feel a strong responsibility to preserve and enhance it. We were especially proud to have been named once again by Ethisphere as one of 2023’s World’s Most Ethical Companies®, recognizing us as a global leader in corporate ethics.

Though our compliance program has several key elements, including effective and engaging compliance training and communications, robust audits and risk assessment processes, and more, it ultimately comes to this: compliance is a shared responsibility at Nokia. It starts with every employee. They are expected to know and understand the rules, to ask questions when they are uncertain, and to speak up whenever they see something that doesn’t seem right.

Our leaders at every level – managers, supervisors, and executives – own compliance, meaning they, rather than lawyers or compliance officers, are responsible for making and being accountable for decisions. We expect leaders to set the tone and to lead by example. Our compliance experts educate and support employees and leaders to help ensure that decisions are sound and consistent with the company’s commitment to integrity and that matters are escalated when needed.

It is this vision of compliance as a shared responsibility that serves as our foundation for compliance. As a company we are recognized for offering world-class products and services and cutting-edge technology. As we build on our long tradition of integrity, we strive every day to ensure that excellence and innovation also define compliance in the company.


Compliance risk assessment and mitigation

Our Ethics and Compliance team manages our robust compliance program, strives to embed integrity as a core value in our operations and among our employees and partners, and implements and enforces policies and practices that enable the compliant growth of our business while safeguarding our longstanding reputation for ethics and integrity.  Evaluating ethics and compliance risk is critical to our success and is a fundamental driver of Nokia’s compliance program. Nokia employs a systematic and structured approach to risk management across our business operations and processes. Key risks and opportunities for improvement of our risk mitigant processes are identified, either in business operations or at the global level, and are analyzed and monitored as part of our overall performance management to ensure efficacy.

Our Risk and Monitoring function evaluates the current risk assessment processes, proactively identifies strategic initiatives and other changes that may impact the risk profile, and implements improvements. This includes the addition of enhanced data analytics to create continuous monitoring processes for certain risk areas as well as measuring ethical culture.

Some of the key components of our compliance risk assessment process include:

Nokia Compliance Risk Assessment Key Components

Compliance Control Framework Reviews

Provide a deep analysis of compliance risks and controls associated with a specific business, country, or region

Compliance Operational Reviews

Provide an in-depth assessment of a region/business’s compliance programs and status, including a review of the strength of the culture of integrity

External Data

Includes risk perception rankings from Transparency International as well as information from other respected anti-corruption organizations and prosecuting agencies (such as agreements reached with the United States Department of Justice)

Internal Input

Includes findings from internal audit, compliance investigations, and third-party reviews

Non-quantifiable Risk Inputs

Includes anticipated geopolitical changes, business strategy plans, and business or region-specific information from business and compliance leaders

The Compliance Control Framework Review is an internally developed process for evaluating corruption and other compliance risks, as well as the controls in place to mitigate these risks; the goal is to strengthen the compliance programs within our businesses, regions, and at our Nokia sites. These assessments are used to determine effectiveness and identify gaps and improvement areas in processes and risk mitigants. Compliance Operational Reviews are high-profile exercises led by the region/business head and the regional/business compliance leader and are attended by the Chief Compliance Officer and key stakeholders of the region/business. The reviews focus on the compliance culture, program, and risks within a particular region or business group, providing an opportunity to revise and strengthen compliance processes and controls in the business/region.

Beyond these inputs, we apply an early warning approach to compliance risks, including employee surveys to measure culture, leadership engagement, and comfort with speaking up, and we regularly monitor data related to investigations, concern reporting, high risk third parties, corporate hospitality, regulatory and legislative activity, and enforcement trends.

After identifying and assessing our risks, the efficacy of our controls, and process improvement opportunities, we engage with stakeholders to empower them with knowledge and partner with them for implementation of improvements. We follow the data, develop targeted training and compliance communications, and strengthen internal controls and oversight with clear policies and procedures.