1. Home
    Item seperator
  3. Item seperator
    Our compliance corner

Our compliance corner

The fight against corruption

The consequences of corruption are profound, and the number of anti-corruption enforcement actions continue to climb globally, resulting in reputational damage, large settlements, and substantial fines.  In addition, companies and individuals are subject to investigations, loss of business, and harm to careers, investors, and consumers.  Nokia is committed to maintaining a culture of integrity and fighting against corruption. 

Maintaining a culture of integrity requires the continuing commitment of everyone at Nokia:  our leaders, who must lead by example and demonstrate deep engagement in driving compliance; our employees, who must know and understand the rules and raise their hands when they have concerns; and our Legal & Compliance team that is responsible for educating and empowering employees, establishing clear guidelines, and implementing effective procedures to address the complex and varied risks inherent in today’s business environment.  

We constantly seek to improve our compliance program and mitigate risks as is evidenced by the many elements of our compliance program, designed to prevent, detect, and respond to compliance issues as well as firmly embed integrity as a core value. Our Ethics and Compliance team is structured to ensure comprehensive compliance coverage in our businesses, regions, and central functions. Our investigations team responds to concerns raised about potential violations of our Code of Conduct, Nokia policies, and the laws of the various countries in which we operate. Our compliance leaders serve as our eyes and ears on the ground everywhere we do business and work to increase awareness on our program, policies, and procedures.  Regulatory specialists are integrated into our Ethics and Compliance team and apply a strategic mindset to their domains to enable growth and business development while protecting the company from legal, financial, and reputational risks.  We are committed to compliance with all applicable trade and sanctions laws and regulations that impact operations, including export control and customs compliance.  Our privacy team safeguards Nokia’s data and business processes and ensures that our products and services meet customer and market expectations for security, compliance, and data protection. The anti-corruption center of excellence (CoE) manages risks arising from third parties, entertainment, and hospitality.  At the foundation is our speak-up culture which is supported by multiple options for reporting concerns, including our Ethics Helpline and our global Ombuds network of Ombuds leaders, who are a neutral and confidential avenue for employees to raise concerns, receive guidance, and stay compliant. 

We understand that maintaining a reputation for integrity is a commercial differentiator and make it a priority to maintain our values in a competitive and difficult market.  We want to “win” with integrity!

On this page
train station

Trust is based on a foundation of integrity

Nokia values an inclusive, stable work environment where leadership is committed to driving growth ethically and providing fair pay, benefits, and growth opportunities.  Our commitment to these ideals attracts customers, suppliers, shareholders, and partners.  Our compliance program is agile and adaptable, constantly adjusting to the changing landscape of issues such as privacy, competition law, and trade compliance.  We address new and emerging risk areas as we expand into different industries and markets. Our program has two main objectives: enabling business and protecting the company. We achieve this balance by understanding business strategies and goals and partnering to assess and mitigate compliance risks.  

Our compliance program has several key elements, including but not limited to effective and engaging compliance training and communications; a thriving speak-up culture and concern reporting process; and a robust risk assessment process.  Every employee plays a crucial role in compliance, and they are expected to know and understand the rules, ask questions when unsure, and speak up if they notice anything amiss. Our success is based not only on providing cutting-edge technology but also on a dedicated, happy, productive workforce that feels valued and trusts the company to do the right thing.  

Many individuals consider employers as their most trusted institution or relationship, outpacing NGOs, business, and media.  The 2024 Edelman Trust Barometer survey shows that business is the most trusted institution to introduce innovation into society.1  Employees expect companies to act as change agents , working to improve their lives and society.  Employers who meet these expectations benefit from an engaged, loyal, and committed workforce.  We understand the importance of trust, engagement, and a greater purpose.  

In the Legal & Compliance organization, trust is central to what we do.  We strive to raise the bar on transparency and compliance everywhere we do business. We also work hard to improve communities and the lives of others through pro bono work.  Our Legal & Compliance team furthers the trust equation by supporting our business partners in complex negotiations, business objectives, and dispute resolutions; protecting intellectual property; providing communication and technology solutions; and setting an example for ethical business practices.  Our culture of trust and shared responsibility serves as a foundation for compliance.

We were especially proud to have been named once again by Ethisphere as one of 2024’s World’s Most Ethical Companies®, recognizing us as a global leader in corporate ethics.  We strive every day to ensure that excellence, innovation, and compliance continue to define our company. 

12023 Edelman Trust Barometer, an annual survey carried out by Edelman, a global communications firm. 2024 Edelman Trust Barometer | Edelman

people
Stop watch in hand

Compliance risk assessment and mitigation

Our Ethics and Compliance team manages our robust compliance program, strives to embed integrity as a core value in our operations and among our employees and partners, and implements and enforces policies and practices that enable the compliant growth of our business while safeguarding our longstanding reputation for ethics and integrity.  Evaluating ethics and compliance risk is critical to our success and is a fundamental driver of Nokia’s compliance program. Nokia employs a systematic and structured approach to risk management across our business operations and processes. Key risks and opportunities for improvement of our risk mitigant processes are identified, either in business operations or at the global level, and are analyzed and monitored as part of our overall performance management to ensure efficacy.

Our Risk and Monitoring function evaluates the current risk assessment processes, proactively identifies strategic initiatives and other changes that may impact the risk profile, and implements improvements. This includes the addition of enhanced data analytics to create continuous monitoring processes for certain risk areas as well as measuring ethical culture.

Some of the key components of our compliance risk assessment process include:

Nokia Compliance Risk Assessment Key Components

Compliance Control Framework Reviews

Compliance Operational Reviews

External Data

Internal Input

Non-quantifiable Risk Inputs

Provide a deep analysis of compliance risks and controls associated with a specific business, country, or region

Provide an in-depth assessment of a region/business’s compliance programs and status, including a review of the strength of the culture of integrity

Includes risk perception rankings from Transparency International as well as information from other respected anti-corruption organizations and prosecuting agencies (such as agreements reached with the United States Department of Justice)

Includes findings from internal audit, compliance investigations, and third-party reviews

Includes anticipated geopolitical changes, business strategy plans, and business or region-specific information from business and compliance leaders

The Compliance Control Framework Review is an internally developed process for evaluating corruption and other compliance risks, as well as the controls in place to mitigate these risks; the goal is to strengthen the compliance programs within our businesses, regions, and at our Nokia sites. These assessments are used to determine effectiveness and identify gaps and improvement areas in processes and risk mitigants. Compliance Operational Reviews are high-profile exercises led by the region/business head and the regional/business compliance leader and are attended by the Chief Compliance Officer and key stakeholders of the region/business. The reviews focus on the compliance culture, program, and risks within a particular region or business group, providing an opportunity to revise and strengthen compliance processes and controls in the business/region.

Beyond these inputs, we apply an early warning approach to compliance risks, including employee surveys to measure culture, leadership engagement, and comfort with speaking up, and we regularly monitor data related to investigations, concern reporting, high risk third parties, corporate hospitality, regulatory and legislative activity, and enforcement trends.

After identifying and assessing our risks, the efficacy of our controls, and process improvement opportunities, we engage with stakeholders to empower them with knowledge and partner with them for implementation of improvements. We follow the data, develop targeted training and compliance communications, and strengthen internal controls and oversight with clear policies and procedures.