Doing the right thing even when no one else is looking
Bidvest has a deeply entrenched functional governance structure that places significant reliance on the ethical behaviour of all employees. This places a very high hurdle of responsibility and accountability on everyone. Rather than having many policies and manuals, we have a Bidvest Code of Ethics that sets out our behaviour. When someone missteps, decisive action is taken, and communicated back into the business. An authority matrix forms the backbone of day-to-day governance.
Formal reporting structures complement business-level processes that result in dynamic and iterative risk assessments and mitigation actions as well as operational agility. Relevant management and executive committees have been structured into each of the seven divisions and report into divisional boards. Matters from these divisional board meetings are escalated further to the Group Exco, which is comprised of Group directors and functional executives (covering strategy, finance, transformation, ESG, business development) as well as the seven divisional chief executives. The three executive directors in turn report into the main Group board of directors, directly or through the established committees.
ALICE, the Group's autonomous, intelligent capability robot, has become embedded in the operations of each of the environments across the Group as our governance mindset has shifted from annual audit, risk and compliance reviews to continuous monitoring of their control environments.
| Topic | Our aim | We will | Measurement | FY2019 base |
FY2025 target |
FY2022 actual |
||
Governance |
G1 |
Ethics | To conduct business with uncompromising integrity | Be honest, respectful and accountable at all times to all stakeholders | Cases reported via the Ethics Line and the resolution thereof | 146 | ||
|---|---|---|---|---|---|---|---|---|
| Transparently and actively monitor and manage
product and service safety as well as egulatory compliance |
# of product recalls | 10 | ||||||
| # regulatory violations/fines | 0 | |||||||
G2 |
Governance structures |
To provide assurance to all stakeholders through independent oversight | Uphold the established governance structures and have a B-BBEE Level 2 rating by 2025 | B-BBEE audited rating | L3 | L2 | L3 | |
| % board independent | 75% | |||||||
G3 |
Risk management |
Identify material risks, qualitative and quantitative, and mitigating them | Formulate mitigating actions for all identified material risks. | Risk register | Refer pg 6 | |||
G4 |
Data privacy | To comply with legislation and reduced ITsecurity risks | Deploy ALICE across all businesses to continuously assess data governance and basic IT hygiene. We target a score of 25% or lower by 2023 | ALICE IT score | <25% | 33% | ||
| # of reported cyber/information breaches | 6 | |||||||
| Implement a data privacy framework and raise internal awareness | # of employees trained | 35% externally trained; balance internal awareness |
Ethics
The Group subscribes to a philosophy of transparency, accountability and integrity in all our business dealings, as captured in the Bidvest Code of Ethics.
There are established grievance and whistle-blower processes at individual businesses, in addition to an independently administered Ethics facility. This free-to-use facility is administered by Deloitte and is available to all stakeholders. The Tip-Offs Anonymous system provides whistle-blowers with three channels to raise their concerns, namely telephonic, email and a website form. These communication channels are monitored 24 hours, seven days a week and Deloitte offer correspondence in all 11 South Africa official languages as well as Oshiwambo and Otjiherero for Namibians, together with Portuguese and German.
Coverage of the Ethics facility has in the period under review, been extended to our European operations in augmentation of the existing in-country processes of these businesses. Concerns received outside of the Ethics facility, for example via social media, the Bidvest website or emails, are also logged by IA.
All logged complaints are investigated by divisional management and, where appropriate, criminal civil and/or disciplinary actions is instituted, and control improvements introduced to remedy the identified weakness.
Awareness campaigns are run across the Group, using mechanisms such as SMS and posters being prominently displayed in high traffic areas to encourage employees to “not support it, but rather report it”.
The oversight process was enhanced in FY2021. The Group chief executive reviews calls and responses and initiate the necessary further investigation with focus on calls relating to racism, discrimination and harassment. The Group executive director responsible for transformation and sustainability, together with the Head of Internal Audit, also reviews quarterly calls and progress in detail.
During FY2022, a total of 146 calls were logged through the Ethics facility. Of these, 16 remain open with ten human resource related, two each to corruption and general enquiries, and one each to fraud and theft. No calls from previous periods remain open.
| Category | Closed | Waiting | Total |
| Corruption | 6 | 2 | 8 |
|---|---|---|---|
| Enquiry | 5 | 2 | 7 |
| Fleet Management | |||
| irregularities | 4 | – | 4 |
| Fraud | 21 | 1 | 22 |
| Governance | 14 | – | 14 |
| Human Resources | 75 | 10 | 85 |
| Other Crime | 2 | – | 2 |
| Theft | 2 | 1 | 3 |
| Violent Crime | 1 | – | 1 |
| Total | 130 | 16 | 146 |
As a consequence of calls received via the Bidvest Ethics facility:
53 internal control enhancements were implemented;
17 disciplinary actions were taken;
four employees were dismissed; and
no civil or criminal cases were opened
Toll-free telephone number 0800 506 090 or bidvest@tip-offs.com
Code of Ethics
We are committed to conducting healthy business practices which support our Company values of respect, honesty, integrity and accountability, ensuring a stable employment environment and the ongoing success of Bidvest.
We believe in empowering people, building relationships and improving lives. Entrepreneurship, incentivisation, decentralised management and communication are the keys.
We subscribe to a philosophy of transparency, accountability, integrity, excellence and innovation in all our business dealings.
What does this mean:
| Respect | To hold in esteem, in honour of others and oneself |
| Honesty | Respectability, trustworthiness, truthfulness, sincerity, freedom from deceit and fraud |
| Integrity | Uncompromising adherence to moral and ethical principles |
| Accountability | The state of being responsible, liable and answerable |
| Transparency | The quality of being clear, honest and understood |
| Excellence | The quality of distinction; possessing good qualities in high degree |
| Innovation | Introduction of new, creative products, methods and ideas |
Compliance with the Bidvest Code of Ethics (Code) is mandatory at all levels of the organisation. Directors and senior management are committed to being role models of this Code for the Group. All employees should always measure their behaviour in terms of the spirit of the Code, as well as against the practical guidelines.
Guidelines on ethical behaviour:
| Conflicts of interest | Employees have different responsibilities towards their employer, families and communities. Without negating other responsibilities, employees are expected to look after the interests of the Group and conflicts (real or perceived) should therefore be avoided or managed properly and adequately disclosed. |
| Having a second job | It is not acceptable to have a second job that would have a negative impact on the ability of the employee to serve the interests of the Group. |
| Interests in suppliers or customers | Any substantial interest (direct or indirect) in a supplier or customer of the Group would constitute an unacceptable conflict of interest and should be avoided altogether. |
| Affected parties | Immediate family members (spouse, sibling, children) are also affected by the policy and are not allowed to work for, or to have a substantial interest in a customer or supplier without proper disclosure. |
| Disclosure | All existing, potential or perceived conflicts of interests should be disclosed to management. Based upon full disclosure, a decision will be made how to manage the situation – this will be done on a case-by-case basis. |
| Business courtesies | Giving or accepting business courtesies is accepted within a common business environment, provided that such courtesies are not excessive and are not given or received in order to unduly influence a business decision. Management must maintain a gift register, and all courtesies (offered or received) above a certain value must be recorded. |
| Kickbacks and bribes | No kickbacks or bribes may be accepted or given. If they are offered to a Group employee, it should be reported immediately to management, who will decide what further action might be required. |
| Cyber liabilities | Access to facilities such as e-mail and internet should not be abused. As far as possible, employees should avoid using e-mail for sending or receiving personal messages (especially if they contain large attachments) or junk mail. Sending or receiving chain mail is prohibited. No employee should access or distribute any material that could offend others (e.g. pornographic material or material that could incite racial hatred). Any involvement in activities such as computer hacking and wilful virus transmission is prohibited. |
| Collusion | Any agreement between employees, competitors, suppliers or customers, to limit open competition by deceiving, misleading, or defrauding others to obtain an objective by defrauding or gaining an unfair advantage, for example an agreement to divide the market, set prices, limit production, wage fixing, kickbacks, etc will not be tolerated, or acceptable. |
| Expense accounts | All expense accounts being an accurate reflection of actual expenses incurred on behalf of the Group should be supported by the original documentation, submitted regularly and approved by a designated manager. |
| Insider trading | The Group adheres to the Insider Trading Act making it illegal for any person to trade in any shares/securities when in possession of non-public material information. |
| Divulging trade secrets | All Group proprietary information should be protected and may not be disclosed to third parties. |
| Competitor relations | Within the competitive environment of a market economy, the Group appreciates the opportunity to compete fairly and responsibly. The Group will not attempt to access any confidential competitor information, nor will it engage in any activities that would constitute – or could be perceived as – collusion or price-fixing. |
| Privacy | The Group respects the rights of individuals to privacy. Any activities that could be perceived as an invasion of privacy (e.g. monitoring of e-mails, telephone calls, internet usage) will be fully disclosed by the Group, and will include a sound business motivation for such actions. |
| Private use of Group assets | Although limited and occasional private use of Group assets is not prohibited, all employees should be aware that such assets should be used, first and foremost, to achieve the Group's objectives. |
| Copyright infringement | The infringement of copyright is illegal, and will not be tolerated. In particular, any software that is used on the Group's computer equipment must be properly licensed. |
| Discrimination | Discrimination based on any of the following: race, religion, age, pregnancy, marital status, sex, gender, sexual orientation, ethnic or social origin, disability, colour, conscience, belief, culture, language and birth – is illegal and will not be tolerated. Any employee that experiences any kind of discrimination should report this immediately. |
| Sexual harassment | Any unwanted conduct of a sexual nature is totally unacceptable and will not be tolerated. Any employee who experiences sexual harassment should report this immediately. |
| Work/life balance | The Group acknowledges the needs of employees to fulfil responsibilities and commitments other than those to the Group, and encourages all employees to maintain a healthy balance between their personal and professional lives. |
| Sustainability | The Group is committed to the natural environment and also to be a responsible corporate citizen. The Group will report annually on the nature and extent of its social, transformation, ethical, safety, health and environmental management policies and practices. |
| Political contributions | No political contributions (either monetary or in-kind) will be made by the Group, unless prior authorisation is obtained from the Bidvest board and disclosed in the annual report. |
| Whistle-blowing | The Protected Disclosures Act ensures that those individuals who speak up against unethical or illegal behaviour will be protected. The Group encourages employees to make such disclosures, and for this purpose has created a confidential toll-free telephone number. |
Product and service safety
Most products distributed and retailed are backed by manufacturer guarantees and South Africa Bureau of Standards (SABS) approved. Vehicles sold by McCarthy generally have maintenance or service plans, backed by Original Equipment Manufacturer (OEM) warranties. Included in the post purchase support provided by McCarthy is a complementary one-year roadside assistance programme. BidAir Cargo has safety processes in place in line with aviation requirements while Bidvest Lounges and King Pie have food safety programmes in place. PHS recycle sanitary bin waste in line with regulations.
A total of ten product recalls across the Group during the year:
2 related to OEM components at Bidvest McCarthy;
5 instances of product contamination and/or loss in Freight;
2 in Bidvest Lounges relating to product recalls by brand owners; and
1 product recall in King Pie
There were three professional indemnity claims against Compendium's professional indemnity policy relating to inadequate insurance cover recommended following the riots and floods.
Regulatory compliance
While users act as a human “firewall” and can be critical in preventing and/or detecting cybersecurity attacks, the deployment and use of Cybersecurity Awareness Training programmes are well underway across the Group, augmenting the assurance achieved from the ALICE monitoring.
A formal Cybersecurity Incident Response Policy and Plan was rolled out across the Group in May 2022. This policy and plan informs the Group of the steps to be followed in the event of a cybersecurity incident, from protocols to be followed for containment and eradication of the breach, recovery of the environment, communication to internal and external stakeholders and reporting to the Regulator in terms of the exposure of personal information. As part of this policy and plan, the Group contracted an Incident Response Team to supplement the Group and company resources in responding to a cybersecurity incident.
POPIA compliance in the form of policies, procedures and training will be an ongoing process in the Group to ensure legal compliance with data privacy.
Voltex, Waco, Lithotech, Rotolabel, Masterpack, Aluminium Foil Converters and Lufil registered in terms of the Extended Producer Responsibility legislation.
No regulatory fines
35% of Group employees underwent externally accredited Cybersecurity Awareness Training and the remainder underwent internal training
4 cybersecurity and 3 POPIA breaches were reported to the Regulator
Every subsidiary is expected to transform in its own right, fully integrating B-BBEE as part of their operations:
98% of the Group's businesses have a Level 1-4 rating; and 73% of the Group's businesses have a Level 1-3 rating
Level 2 Group rating
The Group B-BBEE certificate and annexures are available on www.bidvest.co.za.
Governance structure
The board remains committed to upholding sound governance processes and high ethical leadership through providing strategic direction, approving policies for the effective implementation of formulated strategies, maintaining informed oversight on strategy implementation processes and disclosing pertinent issues to stakeholders. As the focal point and custodian of corporate governance, the board discharges its responsibility through policies and frameworks supported by six standing board committees and executive management. To further strengthen oversight of the Group’s governance processes and internal control, the board has a reporting structure comprising seven divisional boards and Audit committees chaired by independent non-executive individuals.
The board has a unitary structure, comprising of nine independent non-executive directors and three executive directors functioning within the ambits of an approved charter. The board charter is subject to the provisions of the Companies Act, the Listings Requirements and the Group’s Memorandum of Incorporation (MoI). The board consists of an appropriate balance of knowledge, skills, experience, diversity and independence required to objectively and effectively discharge its governance role and responsibilities. The board takes due consideration of race, gender, age, ethnicity, tenure, educational background and skills in determination of its diversity profile. The board is comfortable that Bidvest complies with the Companies Act, its MoI and the Listings Requirements. The board accepts that it is ultimately accountable and responsible for the affairs of the Group.
Key matters reserved for the board include:
- Overseeing the Group's strategic direction and satisfying itself that the strategy and business plans do not give rise to risks that have not been thoroughly assessed by management;
- Exercising objective judgement on the Group's business affairs, independently from management;
- Approving major capital projects, acquisitions or divestments;
- Providing effective leadership on an ethical foundation;
- Ensuring appropriate governance structures, policies and procedures are in place;
- Ensuring the effectiveness of the Group's internal controls;
- Ensuring that the Group is and is seen to be a responsible corporate citizen by having regard to not only the financial aspects of the business but also the impact that business operations have on the environment and the society within which it operates;
- Assuming responsibility for information and technology governance, including cybersecurity; and
- Approving the annual and interim financial results and shareholder communications.
