Reporting
It is the objective of Merck KGaA, Darmstadt, Germany, to provide the latest information to all shareholders, media, financial analysts, and interested members of the public, while creating the greatest possible transparency. For this reason, the Group uses a wide range of communication platforms to engage in a timely dialog with all interested parties about the company’s situation and business changes. Our principles include providing factually correct, comprehensive, and fair information.
Information subject to disclosure requirements, as well as information that is not, can be accessed worldwide on the website of Merck KGaA, Darmstadt, Germany (www.emdgroup.com), which is the company’s most important publication platform. In addition to a comprehensive financial calendar, quarterly statements and/or quarterly and half-year financial reports covering at least the past five years are available there in German and English. In line with the legal requirements, ad hoc announcements are also published on the website. These contain information on circumstances and facts that could impact our share price.
Regular press conferences, investor meetings on the occasion of investor conferences, and roadshows offer another platform for dialog. The company presentations prepared for this purpose are also available on the website of Merck KGaA, Darmstadt, Germany. In addition, the Investor Relations team is available to private and institutional investors who wish to receive further information. To ensure the greatest possible transparency, all documents concerning the General Meeting are available on the company website. Additionally, at least some parts of the General Meeting are generally webcast live on the Internet. The Annual General Meeting on April 22, 2022, was again held virtually and hence was webcast live on the Internet in full.
Dealing with insider information
Dealing properly with insider information is very important to us. Our Insider Committee examines the existence of insider information, ensures compliance with legal obligations, and prepares any necessary measures. The members of the Insider Committee are appointed by the Executive Board; at least two members work in Group Legal & Compliance. The Insider Committee meets at regular intervals or when circumstances require. The Chief Financial Officer is vested with the authority to make the final decision on handling potential insider information.
In order to ensure a high level of protection for insider information, the Executive Board issued internal insider guidelines applicable throughout the Group worldwide. The guidelines inform employees about their responsibilities under insider trading laws and give clear instructions for compliant behavior. In addition, they describe the function of the Insider Committee in detail. Moreover, our Code of Conduct, which is binding for all employees, also contains an explicit, detailed reference to the ban on using insider information. Within the scope of obligatory training courses on the Code of Conduct as well as specific training courses on insider law, all employees are instructed on the key stipulations of insider trading.
Accounting and audits of financial statements
Merck KGaA, Darmstadt, Germany, prepares its consolidated financial statements and Combined Management Report in accordance with the International Financial Reporting Standards (IFRS) effective at the end of the reporting period and adopted by the European Union and the additional provisions of section 315e of the German Commercial Code (HGB). The Consolidated Financial Statements and the Combined Management Report are prepared by the Executive Board and examined by an auditor, taking into account the German generally accepted standards for the audit of financial statements promulgated by the Institute of Public Auditors in Germany (Institut der Wirtschaftsprüfer, IDW).
The Supervisory Board commissioned KPMG AG Wirtschaftsprüfungsgesellschaft, Berlin, to audit the Consolidated Financial Statements and the Combined Management Report for 2022. KPMG AG Wirtschaftsprüfungsgesellschaft, Berlin, is obliged to inform the Supervisory Board without delay of any grounds for disqualification or bias occurring during the audit if these cannot be immediately rectified. Additionally, the auditor shall immediately report to the Supervisory Board any findings and issues that emerge during the audit that have a direct bearing upon the tasks of the Supervisory Board. The auditor shall inform the Supervisory Board or note in the audit report any circumstances determined during the audit that would render inaccurate the Declaration of Conformity made by the Executive Board and the Supervisory Board. It has also been agreed with the auditor that in order to assess whether the Executive Board has fulfilled its obligations in accordance with section 91 (2) of the German Stock Corporation Act (AktG), the audit will also cover the company’s early warning risk identification system. Moreover, the auditor is required to examine and evaluate the accounting-relevant internal control system insofar as this is necessary and appropriate for assessing the accuracy of financial reporting.
Since 1995, KPMG AG Wirtschaftsprüfungsgesellschaft, Berlin, has been the auditing firm responsible for the statutory audit of the Annual Financial Statements and Consolidated Financial Statements of Merck KGaA, Darmstadt, Germany. The auditor responsible for auditing the Consolidated Financial Statements changes regularly. Dirk Janz is currently leading the audit engagement. Mr. Janz has been the auditor in charge of the engagement since fiscal 2020. KPMG AG Wirtschaftsprüfungsgesellschaft, Berlin, has assured the company that it is independent of the group entities in accordance with the requirements of European law and German commercial and professional law, and that it has fulfilled its other German professional responsibilities in accordance with these requirements. The Supervisory Board has found no grounds to doubt the independence of KPMG AG Wirtschaftsprüfungsgesellschaft, Berlin. Neither party identified any conflicts of interest. The Audit Committee reviews the quality of the audit, including the performance of the auditor in charge of the engagement, annually on the basis of objective indicators.
Due to the requirement to change auditors at regular intervals, Merck KGaA, Darmstadt, Germany, must appoint a new auditor (different than the current one) no later than for fiscal 2024. In fiscal 2019, the Supervisory Board of Merck KGaA, Darmstadt, Germany, therefore decided to prepare a public request for tender for the audit of the Annual Financial Statements and Consolidated Financial Statements of Merck KGaA, Darmstadt, Germany, and to voluntarily change auditors for the fiscal 2023 audit, earlier than required. The public request for tender was published in the German Federal Gazette in February 2020. Based on this request for tender, the Supervisory Board of Merck KGaA, Darmstadt, Germany, resolved at its meeting on July 30, 2021, to propose to the Annual General Meeting that Deloitte GmbH Wirtschaftsprüfungsgesellschaft, Munich, be elected as the auditor of the Annual Financial Statements and Consolidated Financial Statements of Merck KGaA, Darmstadt, Germany, for fiscal 2023. The Annual General Meeting followed this proposal on April 22, 2022, and elected Deloitte GmbH Wirtschaftsprüfungsgesellschaft, Munich, as the auditor of the Annual Financial Statements and Consolidated Financial Statements of Merck KGaA, Darmstadt, Germany, for fiscal 2023.
Further reports
The combined management report of Merck KGaA, Darmstadt, Germany, and the Group includes the compensation report and a combined non-financial declaration. The latter incorporates the non-financial declaration of the Group in accordance with section 315b HGB and the non-financial declaration of Merck KGaA, Darmstadt, Germany, in accordance with 289b HGB and section 315b (1) HGB in conjunction with section 298 (2) HGB. It is included as a separate chapter of the management report. An overview of the information contained in the combined non-financial declaration can be found at “Topics for the non-financial statement”. In addition, the Group publishes a sustainability report that meets the requirements of the Global Reporting Initiative (GRI) standards and contains reports in accordance with the standards published by the Sustainability Accounting Standards Board (SASB) and the Task Force on Climate-related Financial Disclosures (TCFD). This will be available from April 13, 2023, as an online version on the company’s website at https://www.emdgroup.com/en/sustainability-report/2022. The report on equality and equal pay pursuant to sections 21, 22 of the German Act on the Promotion of Pay Transparency between Women and Men is attached to the combined management report and published in the companies register. It is available at https://www.emdgroup.com/en/investors/corporate-governance/reports.html.
Values and compliance
First and foremost, responsible entrepreneurship means acting in accordance with the law – also known as compliance. All our activities are required to adhere to the applicable laws, regulations, and international ethical standards around the world. Compliance violations would result not only in possible legal action but also could seriously compromise our reputation as an employer and business partner.
Our Group Compliance function is responsible for the core topics: our Code of Conduct, anti-corruption and anti-bribery (including healthcare compliance, third-party due diligence, transparency reporting), anti-money laundering, antitrust and conflict of interest. Group-wide and local policies, procedures, and processes are in place for these important compliance topics in order to ensure that our business activities are consistent with the relevant laws, regulations, and international ethical standards.
Our compliance management system encompasses eight core elements and ongoing consultation with the business fields that make up our compliance portfolio:
Elements of our compliance program
Living our values together is the underlying principle of our compliance management system. The Compliance department adopts a specific brief in this respect.
A global framework for ethical and legally compliant business processes serves to minimize risk. We achieve this by identifying specific compliance risks and requirements. Suitable policies and effective controls are implemented in order to reduce risk. Our goals also focus on our employees: It is up to us. This serves to strengthen employees’ sense of responsibility and accountability. We achieve this by informing employees about the applicable compliance rules and ethical standards and by giving them the responsibility for complying with these requirements. As compliance is the second line of defense against risks, it is important that we consistently safeguard what really matters. This is why we regularly monitor key indicators that allow us to assess risks and the effectiveness of controls. Compliance not only contributes to company growth but also creates targeted value added by allowing us to advise the business sectors and help them to navigate the respective compliance requirements. Our advice takes into account and adapts to changing business requirements.
Based on a corporate culture that places the fundamental company values – courage, achievement, responsibility, respect, integrity, and transparency – at the center of our entrepreneurial actions, our Code of Conduct (http://www.emdgroup.com/company/responsibility/en/regulations-and-guidelines/code-of-conduct.pdf) helps us implement these when dealing with one another daily.
With our Code of Conduct, we have established a set of rules intended to help our employees to act responsibly and to make the right decisions in their daily work. The Code of Conduct applies to all Group employees in all countries and at all levels of our organization.
It explains the company principles for dealings with business associates, shareholders, colleagues, and employees, and within the scope of our responsibility for society. Therefore, it supports all employees in acting ethically – not only in their dealings with one another but also outside the company. Accordingly, the Code of Conduct is also the main set of rules for our Compliance Program. We have aligned the content of our Code of Conduct with our values and integrated important topics such as data privacy, healthcare compliance, and bioethics. For us, compliance means observing legal and internal regulations and the basic ethical principles anchored in the company’s values. With the Code of Conduct and the various unit-specific ethical compliance rules, the values are integrated into daily work and business practice. We also expect our business associates (e.g. customers, suppliers, distributors etc.) worldwide to accept these principles or to have their own comparable principles. While supplier management ensures compliant behavior of suppliers, global business partner risk management encompasses the relations with sales-related business associates such as distributors and wholesalers.
The Compliance department monitors observance of the Code of Conduct with support from corresponding monitoring and training programs throughout the company. Suitable controls and tailored training programs across the company ensure monitoring of the Code of Conduct. All employees are called upon to report potential compliance violations to their supervisor, Legal, HR, or other relevant departments or via the Compliance hotline. In cooperation with Group Internal Auditing, the Compliance Office regularly reviews the implementation of Group-wide compliance measures at the subsidiaries. The audits regularly focus on the local compliance structure, the compliance measures taken, and the existence of corresponding compliance guidelines and processes.
The Group Compliance Officer is responsible for the establishment, maintenance, and further development of our global Compliance Management System. Among other things, the Group Compliance Officer and its team, consisting of a global Compliance Center of Expertise and Compliance Officers, take appropriate measures to help lower the risk of serious compliance violations and implement the compliance program across our company globally. Our Compliance Center of Expertise is a central body responsible for designing and structuring our compliance program in all business areas and Group functions.
Our Group Compliance Officer reports on the status of our compliance activities, potential risks and serious compliance violations to the Executive Board and Audit Committee twice a year at a minimum. As part of our regular reporting processes, we compile a comprehensive compliance and data privacy report annually for the Executive Board. This includes the status of our compliance program, continuous improvement initiatives and key figures on compliance and data privacy cases. Additionally, we prepare a mid-year update to highlight ongoing developments and the status of relevant projects and initiatives.
A further focus area of the Compliance Program is ensuring legally and ethically correct dealings with medical stakeholders and adhering to the transparency requirements. The Compliance organization has agreed on extensive measures with the affected areas of the company in order to establish an internal framework of rules as well as the corresponding processes for approving and documenting interactions with healthcare professionals that ensure our company complies with reporting obligations. We, of course, also ensure compliance with the respectively valid data protection regulations.
The importance of compliance is also reflected in the subsidiaries, which ensure via country representatives that compliance measures are implemented in the countries. Compliance tasks in the countries and on a regional basis are largely performed by full-time compliance officers. As a result, a higher level of compliance expertise is based locally, and the growing number of tasks in all business sectors are taken into account. The compliance officers in the countries and regions report to the dedicated compliance officers for the respective business sectors (Life Science, Healthcare, and Electronics). A separate responsibility was also created for Group functions. Regular regional and global compliance meetings are held to promote the exchange of information within the Compliance organization. This is supplemented by a global concept for local compliance forums and global compliance committees, at which relevant compliance-related topics are discussed with senior management. These constitute an important element of risk assessment and quality assurance.
Newcomer trainings are run for newly appointed compliance officers. These seminars serve to build up compliance expertise and strengthen cooperation within the Compliance organization. This Group-wide network is used to steer the global Compliance Program. The Compliance organization is also involved in the relevant due diligence processes for the incorporation of new business units as well as possible divestments and acquisitions, and the subsequent integration of companies. Within the scope of the global compliance program, a high degree of importance is given to regular compliance trainings of our Compliance Training Plan, which are conducted as web-based training courses and classroom sessions. The various training topics addressed, particularly on the Code of Conduct, anti-corruption and bribery, conflicts of interest, anti-money laundering, antitrust and competition law, and healthcare compliance, serve to sensitize employees and management on the consequences of compliance violations. Since we set up a central Compliance hotline, our employees and individuals outside of our company have been able to report compliance violations by telephone or via a web-based application in their respective language. The Compliance hotline is available 24 hours a day, free of charge. Case numbers enable anonymous, two-way communication. The reports received are individually reviewed. If a compliance violation exists, corresponding corrective measures are taken based on concrete action plans. If necessary, disciplinary measures are taken which can range from a simple verbal warning up to the dismissal of the employee who violated a compliance rule. The Group has set up a Compliance Case Committee to guide these processes. The Compliance Case Committee consists of senior members from various Group governance functions; they are involved in reviewing compliance violations and introducing countermeasures. The joint work in the Compliance Case Committee enables processes between the various Group functions to be optimally coordinated and designed efficiently.
Data Privacy
Our Group Data Privacy is integrated into the Group’s Compliance organization. As required by law, this department operates independently and without being required to follow instructions. The department regularly prepares Data Privacy updates and produces a comprehensive Data Privacy report at regular intervals as part of our broader compliance reporting efforts. The Group Data Privacy Officer has a team currently comprising around 20 employees who work around the world as local Data Privacy Officers. Other individuals around the world also perform as local Data Privacy Officers alongside their primary activity for the Group. A Center of Expertise also provides support in the form of structures and tools.
Our Data Privacy Management System encompasses various elements of our portfolio alongside the pillars of people and communication. The portfolio is composed as follows:
Elements of our Data Privacy program
The Data Privacy organization has put specific guidelines in place in order to ensure that Data Privacy processes comply with the relevant regulations. The ”Group Data Privacy Policy” defines the standards according to which data is processed, stored, used, and transmitted within our company. This enables us to provide a high level of privacy when it comes to processing the data of our employees, contract partners, customers, suppliers, patients, healthcare practitioners, and participants in clinical trials. The statutory documentation requirements are realized in a central IT tool that also serves as the basis for key Data Privacy processes: documenting processing activities, defining the Local Data Privacy Officers, documenting video recordings and surveillance, and processing potential data privacy violations. Our understanding of Data Privacy throughout the Group is based on European legislation in particular, including the data privacy principles of the EU’s General Data Protection Regulation (EU GDPR), which has been in force since May 2018. However, we also comply with and implement local data privacy regulations.
Risk and opportunity management
Systematic and responsible risk and opportunities management is a key aspect of corporate governance for the Group. Our company-wide risk management, compliance and control system is based on the “three-lines of defense” model, which describes the interlinked risk structures and responsibilities at various levels.
At the first level (1st line), activities (including the management of financial and non-financial risks) and the use of resources are managed in line with external and internal regulations. Risks are to be prevented/recorded and reduced where they could arise, i.e. at operational level. Risk owners, i.e. the heads of the business fields, the managing directors of the Group subsidiaries and the heads of the Group Functions, establish processes in accordance with the requirements of the second level (2nd line) to ensure that risk mitigation measures can be identified, assessed, monitored and developed. Through the heads of the business fields and Group Functions, planned, actual and expected results in connection with the organization’s goals and risks are regularly discussed with the Executive Board.
The second level (2nd Line) sets the framework for the design of the internal control system, the risk management system and the compliance management system by defining appropriate minimum requirements for governance, systems and processes to be applied in the 1st line. The specific structure of this governance is risk-based and at the discretion of the Executive Board. The Executive Board and the Audit Committee of the Supervisory Board receive regular reports on risk management, the financial internal control system and compliance. For further information on governance and the processes in place for risk management, compliance management and the financial internal control system, please see the “Risk and Opportunity Report” and the section “Values and compliance” in the Statement on Corporate Governance.
At the third level (3rd line), the Internal Auditing Group function monitors the accuracy, security, appropriateness and effectiveness of existing governance and processes, internal controls and risk management using independent audits. These are covered by the risk-based annual audit plan or, in individual cases, ad-hoc audits during the year. It helps the Executive Board perform its monitoring function and reports directly and independently to the Executive Board. The independence of Internal Auditing ensures that both the planning and execution of its work are not subject to obstacles or bias, as well as guaranteeing unrestricted access to the persons, resources and information required. The head of Internal Auditing reports activities and results to the Executive Board at least once a quarter or, where required, on an ad hoc basis, and also reports to the Audit Committee twice a year. Internal Auditing itself undergoes an external quality audit every five years. A quality audit was conducted in fiscal 2022.
The "three-lines-of-defense" model is supplemented in terms of accounting by the activities of the external auditor. With the “three-lines-of-defense” model described, the Executive Board has implemented a governance framework for our aims to ensure appropriate, effective internal control and risk management. The measures put in place in this context are also designed to ensure that internal control, compliance and risk management are effective and appropriate and are discussed, for example, in the Risk and Opportunity Report in the combined management report. Independent monitoring and audits are also carried out as part of implementing the “three-lines-of-defense” model and the statutory framework, in particular through the audits by Internal Auditing described and other external audits. In particular, the pace at which requirements for non-financial reporting and non-financial risks change makes it necessary to regularly review and, where necessary, adjust the monitoring systems for this area.
Relevant Group functions and representatives from the business fields reported on the control systems in place to the Executive Board in 2022. In this context, areas where potential for improvement and optimization had been identified and relevant ongoing projects were also presented to the Executive Board. Finally, the individual functions and business fields issued an assessment to the Executive Board of the appropriateness and effectiveness of the control system, where applicable taking account of recommended improvement opportunities. Based on this, the review of the non-financial internal control system and reporting by Internal Auditing, as of December 31, 2022 the Executive Board was not aware of any indications with regard to material issues that the system is not appropriate or effective. Given the multi-layered process landscape and the high speed of change regarding the catalog of requirements for non-financial information, the maturity of the non-financial internal control system does not yet match that of the (Group) accounting-related internal control system. Based on regular reviews of the financial internal control system, compliance and risk management and reporting by Internal Auditing, as of December 31, 2022 the Executive Board was not aware of any indications with regard to material issues that this system is not appropriate or effective.
Avoidance of conflicts of interest
Within the framework of their work, all Executive Board and Supervisory Board members of Merck KGaA, Darmstadt, Germany, are exclusively committed to the interests of the company and neither pursue personal interests nor grant unjustified advantages to third parties.
Before an Executive Board member takes on honorary offices, board positions, or other sideline activities, this must be approved by the Personnel Committee of the Board of Partners of E. Merck KG, Darmstadt, Germany. The Chair of the Executive Board, Belén Garijo, and the Chief Financial Officer, Marcus Kuhnert, are both members of the Executive Board of E. Merck KG, Darmstadt, Germany. This does not, however, create conflicts of interest.
In its report to the General Meeting, the Supervisory Board discloses any conflicts of interest involving its members and how they were dealt with. Consultancy agreements as well as other service and work contracts of a Supervisory Board member with the Group require the approval of the Supervisory Board. In fiscal 2022, there were neither conflicts of interest nor consultancy agreements or other service or work contracts with Merck KGaA, Darmstadt, Germany, involving Supervisory Board members.
Adherence to environmental and safety standards
At our company, environmental protection is based on closed-loop thinking and the integration of precautionary measures into our process, procedural, and product development planning. The principles and strategies set out in our Environment, Health and Safety Policy implement the guidelines formulated by the national and international associations of the chemical industry in the Responsible Care guidelines. The Responsible Care Global Charter developed by the International Council of Chemical Associations (ICCA) emphasizes overall responsibility for products, supply chains, and society. We have signed this expanded version of the Responsible Care Global Charter for the entire Group. It is implemented by us at an international level. We report our ecological, economic, and social performance transparently in accordance with the internationally recognized principles of the Global Reporting Initiative (GRI).
We have set ourselves the goal of climate-neutral business operations along the entire value chain by 2040. By 2030, we intend to reduce our direct (Scope 1) and indirect (Scope 2) emissions by 50% compared with 2020. Our goal is to achieve this primarily by reducing process-related emissions, implementing energy efficiency measures, and obtaining more electricity from renewable sources. In terms of our Scope 3 emissions, we want to reduce emissions throughout the entire value chain by 52% (per € of value added) by 2030. These short-term targets for 2030 were approved by the Science Based Targets Initiative (SBTi) in May 2022. The independent initiative assesses and approves companies’ targets based on its strict climate science criteria. By receiving this confirmation, we are helping limit global warming to 1.5 °C, meeting the requirements of the Paris Agreement.
We are also aiming to source 80% of our purchased electricity from renewable energies by 2030.
Furthermore, we intend to reduce the environmental impact of our waste by 5% between now and 2025 (based on our Waste Score), as well as reducing water consumption by 10% by 2025 and improving the quality of our waste water by 2030.
We aim to lower the lost time injury rate (LTIR) to below 1 by 2025. We are also developing a Global Health Concept for the entire Group. Many guidelines specify how the sites and employees of the Group are to observe the principles in their daily work. The Group function Corporate Sustainability, Quality and Trade Compliance steers these global activities and ensures compliance with statutory requirements, internal standards, and business needs throughout the entire Group. In this way, Group-wide risks are minimized, and continuous improvement is promoted in the areas of environment, health, safety, security, and quality. Corporate Responsibility reports are also published at regular intervals.