Reporting
It is the objective of Merck KGaA, Darmstadt, Germany, to provide the latest information to all shareholders, media, financial analysts, and interested members of the public, while creating the greatest possible transparency. For this reason, the Group uses a wide range of communication platforms to engage in a timely dialog with all interested parties about the company’s situation and business changes. Our principles include providing factually correct, comprehensive, and fair information.
Information subject to disclosure requirements, as well as information that is not, can be accessed worldwide on the Merck KGaA, Darmstadt, Germany, website (www.emdgroup.com), which is the company’s most important publication platform. In addition to a comprehensive financial calendar, quarterly statements and/or quarterly and half-year financial reports covering at least the past five years are available there in German and English. In line with the legal requirements, ad hoc announcements are also published on the website. These contain information on circumstances and facts that could impact our share price.
Regular press conferences, investor meetings on the occasion of investor conferences, and roadshows offer another platform for dialog. The company presentations prepared for this purpose are also available on the website of Merck KGaA, Darmstadt, Germany. In addition, the Investor Relations team is available to private and institutional investors who wish to receive further information. To ensure the greatest possible transparency, all documents concerning the General Meeting are available on the company website. Additionally, at least some parts of the General Meeting are generally webcast live on the Internet. The Annual General Meeting on April 28, 2023, was again held virtually and hence was webcast live on the Internet in full.
Dealing with insider information
Dealing properly with insider information is very important to us. Our Insider Committee examines the existence of insider information, ensures compliance with legal obligations, and prepares any necessary measures. The members of the Insider Committee are appointed by the Executive Board; at least two members work in Group Legal & Compliance. The Insider Committee meets at regular intervals or when circumstances require. The Chief Financial Officer is vested with the authority to make the final decision on handling potential insider information.
In order to ensure a high level of protection for insider information, the Executive Board issued internal insider guidelines applicable throughout the Group worldwide. The guidelines inform employees about their responsibilities under insider trading laws and give clear instructions for compliant behavior. In addition, they describe the function of the Insider Committee in detail. Moreover, our Code of Conduct, which is binding for all employees, also contains an explicit, detailed reference to the ban on using insider information. Within the scope of obligatory training courses on the Code of Conduct as well as specific training courses on insider law, all employees are instructed on the key stipulations of insider trading.
Accounting and audits of financial statements
Merck KGaA, Darmstadt, Germany, prepares its Consolidated Financial Statements and Combined Management Report in accordance with the International Financial Reporting Standards (IFRS) effective at the end of the reporting period and adopted by the European Union and the additional provisions of section 315e (1) of the German Commercial Code (HGB). The Consolidated Financial Statements and the Combined Management Report are prepared by the Executive Board and examined by an auditor, taking into account the German generally accepted standards for the audit of financial statements promulgated by the Institute of Public Auditors in Germany (Institut der Wirtschaftsprüfer, IDW).
The Supervisory Board commissioned Deloitte GmbH Wirtschaftsprüfungsgesellschaft, Munich, to audit the Consolidated Financial Statements and the Combined Management Report for 2023. Deloitte GmbH Wirtschaftsprüfungsgesellschaft, Munich, is obliged to inform the Supervisory Board without delay of any grounds for disqualification or bias occurring during the audit if these cannot be immediately rectified. Additionally, the auditor shall immediately report to the Supervisory Board any findings and issues that emerge during the audit that have a direct bearing upon the tasks of the Supervisory Board. The auditor shall inform the Supervisory Board or note in the audit report any circumstances determined during the audit that would render inaccurate the Declaration of Conformity made by the Executive Board and the Supervisory Board. It has also been agreed with the auditor that in order to assess whether the Executive Board has fulfilled its obligations in accordance with section 91 (2) of the German Stock Corporation Act (AktG), the audit will also cover the company’s early warning risk identification system. Moreover, the auditor is required to examine and evaluate the accounting-relevant internal control system as part of its audit insofar as this is necessary and appropriate for assessing the accuracy of financial reporting.
Since 2023, Deloitte GmbH Wirtschaftsprüfungsgesellschaft, Munich, has been the auditing firm responsible for the statutory audit of the Annual Financial Statements and Consolidated Financial Statements of Merck KGaA, Darmstadt, Germany. The auditor responsible for auditing the Consolidated Financial Statements changes regularly as required by law. Daniel Weise is currently leading the audit engagement. Mr. Weise has been the auditor in charge of the engagement since fiscal 2023. Deloitte GmbH Wirtschaftsprüfungsgesellschaft, Munich, has assured the company that it is independent of the group entities in accordance with the requirements of European law and German commercial and professional law, and that it has fulfilled its other German professional responsibilities in accordance with these requirements. The Supervisory Board has found no grounds to doubt the independence of Deloitte GmbH Wirtschaftsprüfungsgesellschaft, Munich. Neither party identified any conflicts of interest. The Audit Committee reviews the quality of the audit, including the performance of the auditor in charge of the engagement, annually on the basis of objective indicators.
Further reports
The Combined Management Report of Merck KGaA, Darmstadt, Germany, and the Group includes a combined non-financial declaration that incorporates the non-financial declaration of the Group in accordance with section 315b HGB and the non-financial declaration of Merck KGaA, Darmstadt, Germany, in accordance with 289b HGB and section 315b (1) HGB in conjunction with section 298 (2) HGB. It is included as a separate chapter of the Combined Management Report. An overview of the information contained in the combined non-financial declaration can be found at “Topics for the non-financial statement”. In addition, the Group publishes a sustainability report that meets the requirements of the Global Reporting Initiative (GRI) standards and contains reports in accordance with the standards published by the Sustainability Accounting Standards Board (SASB) and the Task Force on Climate-related Financial Disclosures (TCFD). This will be available from April 11, 2024, as an online version on the company’s website at https://www.emdgroup.com/en/sustainability-report/2023. In addition, the remuneration report, which is also published on the company’s website, is included as a separate item of the disclosures on corporate governance.
Values and compliance
First and foremost, responsible entrepreneurship means acting in accordance with the law – also known as compliance. All our activities are required to adhere to the applicable laws, regulations, and international ethical standards around the world. Compliance violations would result not only in possible legal action but also could seriously compromise our reputation as an employer and business partner.
Our Group Compliance function is responsible for the core topics: our Code of Conduct, anti-corruption and anti-bribery (including healthcare compliance, third-party due diligence, transparency reporting), anti-money laundering, and conflicts of interest. Group-wide and local policies, procedures, and processes are in place for these important compliance topics in order to ensure that our business activities are consistent with the relevant laws, regulations, and international ethical standards.
Our compliance management system encompasses eight core elements and ongoing consultation with the business fields that make up our compliance portfolio:
Elements of our compliance program
Living our values together is the underlying principle of our compliance management system. The Compliance department adopts a specific brief in this respect.
A global framework for ethical and legally compliant business processes serves to minimize risk. We achieve this by identifying specific compliance risks and requirements. Suitable policies and effective controls are implemented in order to reduce risk. Our goals also focus on our employees. We achieve this by informing employees about the applicable compliance rules and ethical standards and by giving them the responsibility for complying with these requirements. This serves to strengthen employees’ sense of responsibility and accountability. As compliance is the second line of defense against risks, it is important that we consistently safeguard what really matters. This is why we regularly monitor key indicators that allow us to assess risks and the effectiveness of controls. Compliance not only contributes to company growth but also creates targeted value added by allowing us to advise the business sectors and help them to navigate the respective compliance requirements. Our advice takes into account and adapts to changing business requirements.
Based on a corporate culture that places the fundamental company values – courage, achievement, responsibility, respect, integrity, and transparency – at the center of our entrepreneurial actions, our Code of Conduct (http://www.emdgroup.com/company/responsibility/en/regulations-and-guidelines/code-of-conduct.pdf) helps us implement these when dealing with one another daily. The Code of Conduct applies to all Group employees in all countries and at all levels of our organization.
With our Code of Conduct, we have established a set of rules intended to help our employees to act responsibly and to make the right decisions in their daily work.
The Code of Conduct explains the company principles for dealings with business associates, shareholders, colleagues, and employees, and within the scope of our responsibility for society. Therefore, it supports all employees in acting ethically – not only in their dealings with one another but also outside the company. Accordingly, the Code of Conduct is also the main set of rules for our Compliance Program. We have aligned the content of its Code of Conduct with our values and integrated important topics such as data privacy, healthcare compliance, and bioethics.
For us, compliance means observing legal and internal regulations and the basic ethical principles anchored in the company’s values. With the Code of Conduct and the various unit-specific ethical compliance rules, the values are integrated into daily work and business practice. We also expect our business partners (e.g. customers, suppliers, distributors etc.) to comply with these principles or to have their own comparable principles. Our Business Partner Code of Conduct describes our expectations and requirements regarding human rights, health and safety, integrity, environmental protection, and continuous improvement. While supplier management ensures compliant behavior of suppliers, global business partner risk management encompasses the relations with sales-related business associates such as distributors, commercial agents, dealers and high-risk suppliers.
The Compliance department monitors observance of the Code of Conduct with support from corresponding monitoring and training programs throughout the company. Suitable controls and tailored training programs across the company ensure monitoring of the Code of Conduct. All employees are called upon to report potential compliance violations, so that the necessary and appropriate action can be taken. In cooperation with Group Internal Auditing, the Compliance Office regularly reviews the implementation of Group-wide compliance measures at the subsidiaries. The audits regularly focus on the local compliance structure, the compliance measures taken, and the existence of corresponding compliance guidelines and processes.
The Group Compliance Officer is responsible for the establishment, maintenance, and further development of our global Compliance Management System. Among other things, the Group Compliance Officer and its team, consisting of a global Compliance Center of Expertise and compliance officers, take appropriate measures to help lower the risk of serious compliance violations and implement the compliance program across our company globally. Our Compliance Center of Expertise is a central body responsible for designing and structuring our compliance program in all business areas and Group functions.
Our Group Compliance Officer reports on the status of our compliance activities, potential risks and serious compliance violations to the Executive Board and Audit Committee twice a year at a minimum. As part of our regular reporting processes, we compile a comprehensive compliance and data privacy report annually for the Executive Board. This includes the status of our compliance program, continuous improvement initiatives and key figures on compliance and data privacy cases. Additionally, we prepare a mid-year update to highlight ongoing developments and the status of relevant projects and initiatives.
A further focus area of the Compliance Program is ensuring legally and ethically correct dealings with medical stakeholders and adhering to the transparency requirements. The Compliance organization has agreed on extensive measures with the affected areas of the company in order to establish an internal framework of rules as well as the corresponding processes for approving and documenting interactions with healthcare professionals that ensure our company complies with reporting obligations. We, of course, also ensure compliance with the respectively valid data protection regulations.
The importance of compliance is also reflected in the subsidiaries, which ensure via country representatives that compliance measures are implemented effectively in the countries. Compliance tasks in the countries are largely performed by full-time compliance officers. In terms of the functional structure, compliance officers in the countries report directly and indirectly to the Group Compliance Officer. A separate responsibility was created for Group functions. Regular regional and global compliance meetings are held to promote the exchange of information within the Compliance organization. This is supplemented by a global concept for local compliance forums and global compliance committees, at which relevant compliance-related topics are discussed with senior management. These constitute an important element of risk assessment and quality assurance.
Newcomer trainings are run for newly appointed compliance officers. These seminars serve to build up compliance expertise and strengthen cooperation within the Compliance organization. This Group-wide network is used to steer the global Compliance Program. The Compliance organization is also involved in the relevant due diligence processes for the incorporation of new business units as well as possible divestments and acquisitions, and the subsequent integration of companies. Within the scope of the global compliance program, a high degree of importance is given to regular compliance trainings of our Compliance Training Plan, which are conducted as web-based training courses and classroom sessions. The various training topics addressed, particularly on the Code of Conduct, anti-corruption and bribery, conflicts of interest, anti-money laundering, antitrust and competition law, and healthcare compliance, serve to sensitize employees and management on the consequences of compliance violations.
As described in various compliance training courses and the Code of Conduct, whistleblowers may choose from various reporting channels. The choice of reporting channel may depend on the reason for the report and the whistleblower’s preferences in the respective circumstances. Reports to the central reporting channels, including the Compliance hotline, are received directly by an independent and qualified team at Group Compliance and examined. The report may be forwarded to a different responsible function for further processing depending on the nature and content of the report. Employees and individuals from outside the company can report potential compliance violations to the Compliance hotline by telephone or via a web-based application in their respective language. The Compliance hotline is available 24 hours a day, free of charge. The system enables anonymous, two-way communication. If there is evidence of a compliance violation, corresponding corrective measures are taken based on concrete action plans. If necessary, disciplinary measures are taken which can range from a simple verbal warning up to the dismissal of the employee who violated a compliance rule. The Group has set up a Compliance Case Committee to guide these processes. The Compliance Case Committee consists of senior members from various Group governance functions; they are involved in reviewing certain compliance violations and initiating appropriate and necessary measures. The joint work in the Compliance Case Committee enables processes between the various Group functions to be coordinated optimally and designed efficiently and potential risks to be addressed adequately.
Data privacy
Our Group Data Privacy is integrated into the Group’s Compliance organization. As required by law, this department operates independently and without being required to follow instructions. The department regularly prepares data privacy updates and produces a comprehensive data privacy report at regular intervals as part of our broader compliance reporting efforts. The Group Data Privacy Officer has a team of dedicated local data privacy officers working in countries that are particularly privacy-sensitive for the Group. Other individuals around the world also serve as local Data Privacy Officers alongside their core activity for the Group. The tasks of these two groups of local data privacy officers include implementing and applying the global data privacy policy in the countries, performing regular efficiency tests, and promoting awareness of data privacy. They also advise the company on relevant and critical matters relating to data privacy. A Center of Expertise also provides support in the form of structures and tools.
Our data privacy management system encompasses various elements of our portfolio alongside the pillars of people and communication. The portfolio is composed as follows:
Elements of our Data Privacy program
The Data Privacy organization has put specific guidelines in place to ensure that Data Privacy processes comply with the relevant regulations. The Group Data Privacy Policy defines the standards according to which data is processed, stored, used, and transmitted within the Group. This enables us to provide a high level of privacy when it comes to processing the data of our employees, contract partners, customers, suppliers, patients, healthcare practitioners, and participants in clinical trials. The statutory documentation requirements are realized in a central IT tool that also serves as the basis for other key data privacy processes: documenting processing activities, performing a general risk audit and – if required by law – a specific data privacy impact assessment, reporting and evaluating potential data privacy violations, and processing requests from data subjects. Our understanding of data privacy throughout the Group is based on European legislation in particular, including the data privacy principles of the EU’s General Data Protection Regulation (EU GDPR), which has been in force since May 2018. However, we also comply with and implement local data privacy regulations.
Corresponding training and awareness measures are a core element of any data privacy management system. The effective communication of relevant standards, procedures and other guidelines in the form of regular training is important, as are regular awareness measures in order to establish an appropriate culture of data privacy within our company. Our data privacy services comprise general awareness measures, such as e-learning on data privacy that is mandatory for all Group employees, and broad-based communication using various channels including e-mail and the company intranet, as well as targeted training, e.g. interactive training for certain subsets of employees and standardized training sets focusing on specific topics and tailored to corresponding groups of companies.
Risk and opportunity management
For detailed information, including a description of the main characteristics of the entire internal control system and risk management system and the statement on the appropriateness and effectiveness of these systems, please refer to the “Internal control system” section of the “Report on Risks and Opportunities” in the Management Report.
Avoidance of conflicts of interest
Within the framework of their work, all Executive Board and Supervisory Board members of Merck KGaA, Darmstadt, Germany, are exclusively committed to the interests of the company and neither pursue personal interests nor grant unjustified advantages to third parties.
Before an Executive Board member takes on honorary offices, board positions, or other sideline activities, this must be approved by the Personnel Committee of the Board of Partners of E. Merck KG, Darmstadt, Germany. The Chair of the Executive Board, Belén Garijo, the Chief Financial Officer until June 30, 2023, Marcus Kuhnert, and the Chief Financial Officer from July 1, 2023, Helene von Roeder, are also members of the Executive Board of E. Merck KG, Darmstadt, Germany. This does not, however, create conflicts of interest.
In its report to the General Meeting, the Supervisory Board discloses any conflicts of interest involving its members and how they were dealt with. Consultancy agreements as well as other service and work contracts of a Supervisory Board member with the Group require the approval of the Supervisory Board. In fiscal 2023, there were neither conflicts of interest nor consultancy agreements or other service or work contracts with Merck KGaA, Darmstadt, Germany, involving Supervisory Board members.
Adherence to environmental and safety standards
Our thinking and actions with regard to environmental protection and safety are based on the principle of sustainability and the guidelines for responsible action as set out by the International Council of Chemical Associations (ICCA) in its Responsible Care Global Charter, which emphasizes overall responsibility for products, supply chains, and society. We have signed up to this charter and declared its principles to be binding throughout the Group in our Environment, Health and Safety (EHS) Policy.
We also adopt environmental safety and protection targets with the aim of permanently improving our environmental protection and safety:
- We have set ourselves the goal of climate-neutral business operations along the entire value chain by 2040. By 2030, we aim to reduce our direct (Scope 1) and indirect (Scope 2) emissions by 50% compared with 2020. Our goal is to achieve this primarily by reducing process-related emissions and implementing energy efficiency measures. In terms of our Scope 3 emissions, we want to reduce emissions throughout the entire value chain by 52% (per € of value added) by 2030. These short-term targets for 2030 were approved by the Science Based Targets Initiative (SBTi) in May 2022. The independent initiative assesses and approves companies’ targets based on its strict climate science criteria. By receiving this confirmation, we are helping limit global warming to 1.5 °C, meeting the requirements of the Paris Agreement.
- In addition, we are aiming to source 80% of our purchased electricity from renewable energies by 2030.
- We also intend to reduce the environmental impact of our waste, reduce water intensity, and improve the quality of our wastewater by 2030. Having achieved our short-term targets for waste and water consumption to 2025 ahead of schedule in 2023, we have adopted new ambitions for the period to 2030. By the end of the decade, we want to achieve a circularity rate of 70% in our waste flows and improve our water intensity (per euro of value added) by 50%.
- To improve occupational safety, we aim to lower the lost time injury rate (LTIR) to below 1 by 2025.
We have also rolled out BeHealthy, a global program aimed at maintaining and promoting employee health. The objective of the program is to strengthen the physical, mental, social and workplace-related health of all employees for the long term. The focal points of the content are healthy leadership, mindfulness, and delivering a diverse healthcare offering that is accessible globally.
Based on the EHS Policy, many guidelines specify how the sites and employees of the Group are to observe the principles in their daily work. The Group function Corporate Sustainability, Quality and Trade Compliance steers these global activities and ensures compliance with statutory requirements, internal standards, and business needs throughout the entire Group. In this way, Group-wide risks are minimized, and continuous improvement is promoted in the areas of environment, health, safety, security, and quality.
We report on our ecological, environmental and social performance transparently in accordance with the internationally recognized principles of the Global Reporting Initiative (GRI), the standards issued by the Sustainability Accounting Standards Board (SASB), and the recommendations of the Task Force on Climate-related Financial Disclosures (TCFD).