Governance & Human rights
Ensuring sound governance practices at all levels is a key part of our sustainability work. Our Code of Conduct defines a common set of rules for sustainable business.
Governance model
ESL Shipping’s highest decision-making authority lies with the Board of Directors. Chaired by the CEO of Aspo Group, the members support the operative business management. The current composition of the Board of Directors and the Management team is available here.
Sustainability activities in the group are led by the Managing Director following the group’s ESG Policy. The Management team of the group has shared the specific areas of responsibility in ESG matters between Kirsi Ylärinne (environment), Mikko Rausti (social) and Erkka Repo (governance).
ESL Shipping actively participates in industrial cooperation. Managing Director Mikki Koskinen is Vice President of the European Community Shipowners' Association and a Member of the Board of the Finnish Shipowners' Association. Frida Rowland is a Member of the Board of the Swedish Shipowners’ Association.
Anti-corruption and bribery
At ESL Shipping, we have a strict policy of zero tolerance towards bribery and corruption. Our vessels operate in international traffic and occasionally visit countries where corruption is prevalent. However, we firmly prohibit any form of corruption and bribery through our Code of Conduct. Our comprehensive Code of Conduct training equips our personnel with the knowledge to identify and address any unethical situations or practices.
We are proud members of the Maritime Anti-Corruption Network (MACN), a collective of more than 180 shipping companies and institutions dedicated to fighting corruption. Despite our vessels primarily trading in Northern Europe, we recognise that corruption remains a significant issue in certain countries where our vessels occasionally operate.
To mitigate the increased risks of corruption, bribery, and security concerns during port calls to these areas, our safety department performs thorough risk assessments using various sources, including the MACN database. We provide our vessels with valuable information and clear instructions on how to manage and minimise potential risks effectively.
Cybersecurity and IT risk management
As society becomes increasingly reliant on functioning IT systems, it is crucial to protect our critical IT systems from a wide range of threats such as spyware and malware. Our group has made significant investments in modern and efficient tools to safeguard our IT and operational technology environment.
We evaluate IT risks annually based on industry best practice templates, fully integrating them into our corporate risk management program. Our information security roadmap includes a maturity and gap assessment, as well as an investment timeline for cybersecurity matters.
We provide mandatory cybersecurity guidelines in our intranet and have incorporated them into our Safety Management System. Additionally, our staff receives training in cybersecurity matters. In the event of a breach of confidential information, we have established procedures to report these incidents to the relevant authorities in accordance with applicable laws and regulations.
To ensure that access to our systems is restricted to authorized users only, we have implemented several measures. We tightly control and monitor third-party service providers' access to our IT systems and require them to sign non-disclosure agreements. As part of our group-wide auditing plan, our IT control procedures undergo annual audits.
ESL Shipping actively participated in the national cybersecurity exercises organized by the Finnish National Emergency Supply Agency in 2022 and 2023.
Handling of personal data
ESL Shipping collects only the personal data necessary for contract performance and employment purposes. Our Privacy Statement and Cookie Policy on the website describe how we process visitor data. We strictly adhere to GDPR guidelines and offer mandatory training modules for GDPR compliance.
We collect employee data in compliance with our Employee Data Privacy Policy and the law to fulfil our employer obligations. The retention schedule for employee data records is based on the local laws of the operating countries.
When sharing personal data with third-party service providers outside the company, we require a Data Processing Agreement before the data can be shared.
Reporting of suspicious activity
If there is a suspicion of an activity that violates the law or ethical guidelines, the matter should always be brought up and reported appropriately. ESL Shipping supports a discussion culture that encourages everyone to make their voice heard. Employees are expected to report their suspicions or observations regarding activities that violate laws, ethical guidelines or other ESL Shipping guidelines. We do not tolerate retaliation against any person who, in good faith, reports suspected misconduct or participates in an investigation to resolve suspected misconduct.
The notification can be made to a supervisor, directly to the Managing Director, parent company Aspo's legal department, personnel department or a representative of the internal audit team. ESL Shipping's vessels have a procedure under the Maritime Labour Convention (MLC) that allows seafarers to lodge a complaint about any alleged breach of the Maritime Labour Convention.
In addition to the channels mentioned above, a report can be made via a whistleblowing system managed by an external company, which ensures full anonymity for a person who wishes to report behaviour violating our compliance requirements. The link to the whistleblowing system is available on the websites of all the Group companies. The service is separate from our IT environment and does not track IP addresses or other data that could identify a person sending a message. Messages are encrypted and can only be decrypted by designated individuals. The system provider cannot decrypt and read messages.
Responsible value chain
ESL Shipping works with a wide range of suppliers, ranging from shipyards and bunker suppliers to small service providers. Knowing the counterparties we work with is an essential part of our compliance work. ESL Shipping checks possible sanction risks as well as the solvency of all counterparties with modern and efficient tools. No business is allowed to be conducted before sanction risks are checked and thoroughly evaluated. In addition, the Group closely monitors the sanction risks of current counterparties as the sanction schemes evolve constantly and new sanction risks may suddenly emerge.
Our compliance manual sets clear guidelines regarding the monetary acceptance limits of individual employees and management team members. Furthermore, all financial transactions require the approval of two individuals.
Supplier Code of Conduct
The key tool in the prevention of corruption and bribery is the responsible management of the supply chain. To ensure appropriate operating methods, ESL Shipping has its own Supplier Code of Conduct. The compliance with the code is required from all suppliers.
A significant number of the partners of ESL Shipping are major international companies, with many of these businesses having been engaged in long-term cooperation. Many of the companies also have their own stabilised processes for the responsible management of supply chains.