Governance & Human rights
Ensuring sound governance practices at all levels is a key part of our sustainability work. Our Code of Conduct defines a common set of rules for sustainable business.
Governance model
ESL Shipping’s highest decision-making authority lies with the Board of Directors. Chaired by the CEO of Aspo Group, the members are external to the company and support operative business management. There were no changes in the composition of the Board of Directors in 2022. At the end of 2022, ESL Shipping’s management team consisted of seven members.
Sustainability activities in the group are led by the Managing Director in accordance with the group’s ESG Policy. The Management team of the group has shared the specific areas of responsibility in ESG matters between Kirsi Ylärinne (environment), Mikko Rausti (social) and Petter Ruda (governance).
ESL Shipping actively participates in industrial cooperation. Managing Director Mikki Koskinen is Chairman of the Board of Finnish Shipowners' Association and a Member of the Board at the International Chamber of Shipping. Frida Rowland is a Member of the Board of Swedish Shipowners’ Association.
Compliance at ESL Shipping
At ESL Shipping group, compliance means ensuring that we act in accordance with requirements that are derived from laws and regulations, our compliance manual and internal guidelines, the parent company Aspo’s Code of Conduct and the UN Global Compact principles. The company’s compliance is the responsibility of the CFO.
Knowing the counterparties we work with is an essential part of our compliance work. ESL Shipping checks possible sanction risks as well as solvency of all counterparties with modern and efficient tools. No business is allowed prior to sanction risks being checked and evaluated thoroughly. In addition, the Group closely monitors sanction risks of current counterparties as the sanction schemes evolve constantly and new sanction risks may suddenly emerge.
Our internal guidelines set clear guidelines regarding the monetary acceptance limits of individual employees and management team members. Furthermore, all financial transactions require the approval of two individuals.
Anti-corruption and bribery
At ESL Shipping, we have a strict policy of zero tolerance towards bribery and corruption. Our vessels operate in international traffic and occasionally visit countries where corruption is prevalent. However, we firmly prohibit any form of corruption and bribery through our Code of Conduct. Our comprehensive Code of Conduct training equips our personnel with the knowledge to identify and address any unethical situations or practices. In 2022, all of ESL Shipping's shore personnel successfully completed the Code of Conduct training.
We are proud members of the Maritime Anti-Corruption Network (MACN), a collective of more than 180 shipping companies and institutions dedicated to fighting corruption. Despite our vessels primarily trading in Northern Europe, we recognize that corruption remains a significant issue in certain countries where our vessels occasionally operate.
To mitigate the increased risks of corruption, bribery, and security concerns during port calls to these areas, our safety department performs thorough risk assessments using various sources, including the MACN database. We provide our vessels with valuable information and clear instructions on how to effectively manage and minimize potential risks.
Furthermore, we have established a dedicated whistleblowing channel that allows our employees and stakeholders to report any violations of our policies promptly. In 2023, we received two reports through the channel. These reports were processed and responded to in accordance with the Group’s processes. The reports were mainly related to minor violations of internal policies. No new cases of fraud were discovered in the investigations conducted, and no confirmed violations related to corruption or bribery were reported through the whistleblowing channel.
Cybersecurity and IT risk management
As society becomes increasingly reliant on functioning IT systems, it is crucial to protect our critical IT systems from a wide range of threats such as spyware and malware. Our group has made significant investments in modern and efficient tools to safeguard our IT and operational technology environment.
We evaluate IT risks annually based on industry best practice templates, fully integrating them into our corporate risk management program. Our information security roadmap includes a maturity and gap assessment, as well as an investment timeline for cybersecurity matters.
We provide mandatory cybersecurity guidelines in our intranet and have incorporated them into our Safety Management System. Additionally, our staff receives training in cybersecurity matters. In the event of a breach of confidential information, we have established procedures to report these incidents to the relevant authorities in accordance with applicable laws and regulations.
To ensure that access to our systems is restricted to authorized users only, we have implemented several measures. We tightly control and monitor third-party service providers' access to our IT systems and require them to sign non-disclosure agreements. As part of our group-wide auditing plan, our IT control procedures undergo annual audits.
ESL Shipping actively participated in the national cybersecurity exercises organized by the Finnish National Emergency Supply Agency in 2022 and 2023.
Handling of personal data
ESL Shipping collects only the personal data necessary for contract performance and employment purposes. Our Privacy Statement and Cookie Policy on the website describe how we process visitor data. We strictly adhere to GDPR guidelines and offer mandatory training modules for GDPR compliance.
We collect employee data in compliance with our Employee Data Privacy Policy and the law to fulfil our employer obligations. The retention schedule for employee data records is based on the local laws of the operating countries.
When sharing personal data with third-party service providers outside the company, we require a Data Processing Agreement before the data can be shared.
Whistleblowing system
Our whistleblowing system is managed by an external company which ensures the full anonymity for a person who wishes to report behaviour against our compliance requirements. The link to the whistleblowing system is available on the websites of all three group companies.
Whistleblowing provides an opportunity to report suspicions of misconduct. Individuals have an important role in raising concerns if there is suspicion of serious misconduct, that should be prevented or corrected. There is no need for proof of suspicions, but all messages and reports must be made in good faith.
Individuals can raise their concerns anonymously by using our reporting channel, managed by a third-party company. The service is separate from our IT environment. The system does not track IP addresses or other data that could identify a person sending a message. Messages are encrypted and can only be decrypted by designated individuals. The system provider cannot decrypt and read messages.
Supplier Code of Conduct
The key tool in the prevention of corruption and bribery is the responsible management of the supply chain. To ensure appropriate operating methods, ESL Shipping has its own Supplier Code of Conduct. The compliance with the code is required from all suppliers.
A significant number of the partners of ESL Shipping are major international companies, with many of these businesses having been engaged in long-term cooperation. Many of the companies also have their own stabilised processes for the responsible management of supply chains.