Description
The risk that NS fails to comply with laws and regulations or that NS violates (internal) norms and values, which may result in disadvantages for passengers, staff or other stakeholders, reputational damage, financial losses or sanctions imposed by regulatory authorities.
Explanation
NS aims to ensure effective control of its business operations, in which incidents are rare occurrences and regulatory compliance is safeguarded. To keep the number of incidents to a minimum, NS needs to fulfil a number of conditions. We need to create a safe environment in which we can openly discuss incidents and investigate their causes in a way that enhances our understanding. Learning from incident reports and occurrences allows NS to generate insights and take measures to prevent recurrences.
New and changed regulatory requirements must be translated into specific policies that we can then implement in our organisation with supporting processes and systems.
Measures
In order to remain on top of compliance within the organisation and further reduce the risk of non-compliance, NS took further compliance control measures in 2019. These measures included:
-
introduction of compliance-related KPIs in several fields characterised by high inherent risks, such as competition, public procurement, privacy and hiring external staff. We have set quantitative targets for each of these topics, and monitor them permanently;
-
monitoring of compliance risks and issues. These concern potential non-compliance with laws and regulations, and are presented from within the business based on current developments in operations, and the associated measures. High-impact compliance risks and issues are also discussed in the Executive Board and the Supervisory Board;
-
shows the current status of the compliance-related KPIs, risks and issues. We also use the dashboard to monitor current developments in the field of compliance, such as the introduction of new laws and coordination with regulatory authorities. The information from the dashboard is presented to and discussed within the Executive Board and the Supervisory Board on a quarterly basis.
Alongside these measures, we have continued the measures already launched back in 2018. The Regulations for Reporting Integrity Issues serve as the framework for dealing with integrity violations. In 2019, all reports were processed in accordance with those regulations and appropriate measures were taken. NS has also launched a nationwide programme for tackling undesirable behaviour such as harassment and discrimination through a regional and team-based approach. This should lead to permanent improvements in the social culture within NS.
Additionally, NS held sessions in all parts and at all levels of the organisation to promote an open and safe corporate culture and to address any questions or dilemmas within particular teams of departments. We also ran a number of internal campaigns on compliance in the fields of competition, privacy and information security, aimed at securing the requisite level of knowledge among all relevant NS employees.
Risk control trend
Compliance management attracted a great deal of attention in 2019 as part of NS's planning and control cycle. This is a component of the company's long-term programme aimed at anchoring integrity and compliance more firmly in its structures and processes. The measures taken in 2019 serve as the foundation for a full-fledged compliance management and monitoring mechanism. As a result, the management of non-compliance risks has greatly improved.