Information on corporate governance practices

Reporting

It is the objective of Merck KGaA, Darmstadt, Germany, to provide the latest information to all shareholders, media, financial analysts, and interested members of the public while creating the greatest possible transparency. For this reason, the Group uses a wide range of communication platforms to engage in a timely dialog with all interested parties about the company’s situation and business changes. Our principles include providing factually correct, comprehensive and fair information.

Information subject to disclosure requirements, as well as information that is not, can be accessed worldwide on the Merck KGaA, Darmstadt, Germany, website (www.emdgroup.com), which is the company’s most important publication platform. In addition to a comprehensive financial calendar, annual reports and quarterly statements and/or quarterly and half-year financial reports covering at least the past five years are available there in German and English. In line with the legal requirements, ad hoc announcements are also published on the website. These contain information on circumstances and facts that could impact the our share price.

Regular press conferences, investor meetings on the occasion of investor conferences and roadshows offer another platform for dialog. The company presentations prepared for this purpose are also available on the website of Merck KGaA, Darmstadt, Germany. In addition, the Investor Relations team is available to private and institutional investors who wish to receive further information. To ensure the greatest possible transparency, all documents concerning the Annual General Meeting are available on the company website. Additionally, at least some parts of the Annual General Meeting are generally webcast live on the Internet. The Annual General Meeting on April 26, 2024, was again held virtually and hence was webcast live on the Internet in full.

Dealing with insider information

Dealing properly with insider information is very important to us. Our Insider Committee examines the existence of insider information, ensures compliance with legal obligations and prepares any necessary measures. The members of the Insider Committee are appointed by the Executive Board; at least two members work in Group Legal & Compliance. The Insider Committee meets at regular intervals or when circumstances require. The Chief Financial Officer is vested with the authority to make the final decision on handling potential insider information.

In order to ensure a high level of protection for insider information, the Executive Board issued internal insider guidelines that are applicable throughout the Group worldwide. The guidelines inform employees about their responsibilities under insider trading laws and give clear instructions for compliant behavior. In addition, they describe the function of the Insider Committee in detail. Moreover, our Code of Conduct, which is binding for all employees, also contains an explicit, detailed reference to the ban on using insider information. All employees are instructed on the stipulations of insider trading within the scope of obligatory training courses on the Code of Conduct as well as specific training courses on insider law.

Accounting and audits of financial statements

Merck KGaA, Darmstadt, Germany, prepares its Consolidated Financial Statements and Combined Management Report in accordance with the International Financial Reporting Standards (IFRS) effective and adopted by the European Union at the end of the reporting period and the additional provisions of section 315e (1) of the German Commercial Code (HGB). The Consolidated Financial Statements and the Combined Management Report are prepared by the Executive Board and examined by an auditor, taking into account the German generally accepted standards for the audit of financial statements promulgated by the Institute of Public Auditors in Germany (Institut der Wirtschaftsprüfer, IDW).

The Supervisory Board commissioned Deloitte GmbH Wirtschaftsprüfungsgesellschaft, Munich, to audit the Consolidated Financial Statements and the Combined Management Report for fiscal 2024. A corresponding proposal was approved by the Annual General meeting on April 26, 2024. Deloitte GmbH Wirtschaftsprüfungsgesellschaft, Munich, is obliged to inform the Supervisory Board without delay of any grounds for disqualification or bias occurring during the audit if these cannot be immediately rectified. Additionally, the auditor shall immediately report to the Supervisory Board any findings and issues that emerge during the audit that have a direct bearing upon the tasks of the Supervisory Board. The auditor shall inform the Supervisory Board or note in the audit report any circumstances determined during the audit that would render inaccurate the Declaration of Conformity made by the Executive Board and the Supervisory Board. It has also been agreed with the auditor that, in order to assess whether the Executive Board has fulfilled its obligations in accordance with section 91 (2) AktG, the audit will also cover the company’s early warning risk identification system. Moreover, the auditor is required to examine and evaluate the internal control system relevant to sustainability and accounting as part of its audit insofar as this is necessary and appropriate for assessing the accuracy of financial reporting.

Since 2023, Deloitte GmbH Wirtschaftsprüfungsgesellschaft, Munich, has been the auditing firm responsible for the statutory audit of the Annual Financial Statements and Consolidated Financial Statements of Merck KGaA, Darmstadt, Germany. The auditor responsible for auditing the Consolidated Financial Statements changes regularly as required by law. Daniel Weise is currently leading the audit engagement. Mr. Weise has been the auditor in charge of the engagement since fiscal 2023. The combined sustainability statement is also audited by Deloitte GmbH Wirtschaftsprüfungsgesellschaft, München. Jan Joos has been the German Public Auditor responsible for the engagement since fiscal 2023. Deloitte GmbH Wirtschaftsprüfungsgesellschaft, Munich, has assured the company that it is independent of the group entities in accordance with the requirements of European law and German commercial and professional law, and that it has fulfilled its other German professional responsibilities in accordance with these requirements. The Supervisory Board has found no grounds to doubt the independence of Deloitte GmbH Wirtschaftsprüfungsgesellschaft, Munich. Neither party has identified any conflicts of interest. The Audit Committee reviews the quality of the audit annually, including the performance of the auditor in charge of the engagement, on the basis of objective indicators.

Further reports

The Combined Management Report for Merck KGaA, Darmstadt, Germany, and the Group includes a (Group-) Sustainability Statement that complies with the reporting requirements of the Corporate Sustainability Reporting Directive (CSRD) and the German CSRD Implementation Act and that is also audited by Deloitte GmbH Wirtschaftsprüfungsgesellschaft, Munich. It follows the requirements of the European Sustainability Reporting Standards (ESRS) for companies that are obliged to prepare non-financial reports in accordance with section 315b HGB. The (Group-) Sustainability Statement is included as a separate chapter of the Combined Management Report. An overview of the information it includes can be found in a separate index. In the chapter “Other Information”, we also make disclosures referring to the GRI Standards 2021 and integrate the requirements of the Task Force on Climate-related Financial Disclosures (TCFD) and the Sustainability Accounting Standards Board (SASB Standards). In addition, the compensation report is included as a separate item of the disclosures on corporate governance. The compensation report for the last fiscal year and the auditor’s report, including details of the compensation system currently in force, and the most recent compensation resolutions are available at https://www.emdgroup.com/en/investors/corporate-governance/reports.html.

Values and compliance

Responsible entrepreneurship starts with compliance. We aim to ensure that all our activities adhere to relevant laws, regulations and ethical standards around the world. Compliance violations would result not only in possible legal action but also could seriously compromise our reputation as an employer and business partner.

Our Group Compliance function is responsible for the following core topics: our Code of Conduct, anti-corruption and anti-bribery (including healthcare compliance, business partner due diligence, transparency reporting), anti-money laundering and conflicts of interest. Group-wide and local policies, procedures and processes are in place for these important compliance topics in order to ensure that our business activities are consistent with the relevant laws, regulations and international ethical standards.

As a global company, we have set very strict requirements for effective compliance management. Our Compliance Management System comprises eight core elements and ongoing consultation with the business areas that make up our compliance program:

Elements of our compliance program

Our Compliance Program Elements (Infographic)

The Group Compliance Officer is responsible for establishing, maintaining and further developing of our global Compliance Management System. The Group Compliance Officer and its team, consisting of a global Compliance Center of Expertise and compliance officers, take appropriate measures to help lower the risk of serious compliance violations and ensure the implementation of the compliance program throughout the Group. Our Group Compliance Officer reports to the Executive Board and the Audit Committee twice a year, at a minimum, on the status of our compliance and data privacy activities, potential risks and key figures on compliance and data privacy violations.

The importance of compliance is reflected in the subsidiaries, which ensure via country representatives that compliance measures are implemented effectively. Regular global and regional compliance meetings are held to promote the exchange of information within the Compliance organization. This is supplemented by a global concept for global compliance committees and local compliance forums at which relevant compliance topics are discussed with senior management. These compliance forums and committees constitute an important element of risk assessment and quality assurance.

To ensure the effectiveness of our compliance program, we review it regularly and update our initiatives and programs as required to take account of new requirements and internal and external risks. We engage in a dialog on current compliance issues, trends and targets with the stakeholder groups within our Compliance organization and with external parties.

Values and Code of Conduct

Our corporate culture places our fundamental values – courage, achievement, responsibility, respect, integrity, and transparency – at the heart of our business activities. Our Code of Conduct plays a central role in implementing these values in our daily interactions. It guides our employees in conducting business ethically and responsibly – in compliance with our values and the law. The Code of Conduct applies to all employees of the Group, in every country and all levels of our organization, and is available in 22 languages.

With the Code of Conduct and the various unit­specific compliance rules, our values are integrated into our daily work and business practice. We also expect our business partners (including customers, suppliers, distributors, etc.) to comply with these principles or to have their own comparable principles. Our Business Partner Code of Conduct describes our expectations and requirements regarding human rights, health and safety, business integrity, environmental protection, continuous improvement, and continuous management at the respective suppliers. Our Human Rights Charter supplements the Business Partner Code of Conduct with globally recognized human rights principles.

Risk management

Adequate compliance risk management is also essential in order to identify potential compliance risks and requirements and protect our company for the long term. To this end, we have established a process for evaluating compliance risks in all of our business sectors. This risk-based evaluation uses a comprehensive risk matrix and focuses on bribery and corruption risks. We regularly implement and monitor key performance indicators that allow us to assess risks and the effectiveness of controls. A global framework for ethical and legally compliant business processes serves to minimize risk. This is supplemented by suitable policies and effective controls for reducing risk. The Compliance department monitors compliance of the Code of Conduct with support from corresponding monitoring and training programs throughout the Group. All employees are called upon to report possible compliance violations so that the Group can take the necessary and appropriate action. In cooperation with Group Internal Auditing, the Compliance Office regularly reviews the implementation of Group-wide compliance measures at the subsidiaries.

Antitrust and competition law

In addition, we perform regular antitrust risk assessments in a separate process. Our Group-wide Antitrust Standard stipulates that all business activities throughout the Group must always be conducted in accordance with applicable antitrust regulations and standards. We ensure that all employees receive regular training on this matter. We recognize the importance of fair competition and expect the parties acting on our behalf to do the same.

Supplier management

While supplier management ensures that suppliers act in compliance with regulations, third-party risk management encompasses relations with sales-related business partners such as commercial agents, distributors and wholesalers as well as suppliers we consider to be high risk. We expect our third parties worldwide to adhere to our compliance principles. We only enter into business relationships with third parties that pledge to act in accordance with the law, reject all forms of bribery and comply with environmental, health and safety guidelines. We apply a risk-based approach to selecting the third parties with which we do business. The higher the estimated risk in connection with a particular country, region or service, the more carefully we examine the third party before entering into a business relationship. Depending on the outcome, we may decide to reject the potential third party, impose conditions to mitigate identified risks or terminate an existing business relationship.

Anti-money laundering

We also have a global program for combating money laundering. This is supported by our Anti-Money Laundering Group Standard, which describes specific processes and assurance measures aimed at ensuring that warning signs and high-risk transactions are identified, reported and investigated. The implementation of these measures is supported by corresponding training.

Conflicts of interest

Our Conflict of Interest Policy defines conflicts of interest and the associated risks. It sets out clear guidelines for avoiding such situations and contains specific rules for identifying, disclosing, mitigating, and managing the risks that could arise.

Dealing with medical professionals and transparency reporting

We support healthcare systems by collaborating with expert groups, including professional medical associations, patient organizations and caregiver advocacy groups, university hospitals and other healthcare institutions.

Our Anti-Corruption Standard stipulates that all business activities must be conducted in line with applicable anti-corruption regulations and standards. All forms of bribery are strictly prohibited. We enforce strict limits on the value of gifts and invitations. These limits are stored in the company´s internal tool we use to reimburse travel costs and expenses. Additionally, we have specific rules and procedures for dealing with healthcare professionals.

To ensure legally and ethically correct dealings with medical professions and compliance with transparency requirements, the compliance organization, together with the affected business units, has taken extensive measures to establish an internal regulatory framework as well as the corresponding processes for approving and documenting interactions with experts that ensure correct publication in line with the applicable data privacy regulations.

We publish the financial and non-financial contributions we make to healthcare experts, such as medical professionals and health organizations, in accordance with local laws and regulations. In addition to disclosing individual non-cash contributions, we publish information on our overall Research and Development expenditure as required.

Compliance training

Within the scope of the global compliance program, a high degree of importance is attached to regular compliance training, which is conducted both as e-learning and classroom courses. The aim of this training, in particular, is to sensitize employees and management to the Code of Conduct, corruption and bribery, conflicts of interest, money laundering, antitrust and competition law, and healthcare compliance, as well as the consequences of compliance violations, and to show them ways of avoiding them. By providing employees with targeted training and information about the applicable compliance rules and ethical standards and giving them the responsibility for complying with these requirements, we strengthen their sense of responsibility and accountability. Further information can be found in the “Compliance awareness and training” chapter.

Compliance hotline

As described in various compliance training courses and the Code of Conduct, whistleblowers may choose from various reporting channels. The choice of reporting channel may depend on the reason for the report and the whistleblower’s preferences in the respective circumstances.

Our Whistleblowing and Investigations Standard reinforces our commitment to maintaining and strengthening a corporate culture in which employees are encouraged and empowered to report potential incidents and compliance violations. The standard provides guidance on the available reporting channels and our procedures for investigating reports of misconduct while ensuring confidentiality and protecting whistleblowers.

Reports to the central reporting channels, including the Compliance hotline, are received directly by an independent and qualified team at Group Compliance and are examined. The report may be forwarded to a different responsible function for further processing depending on the nature and content of the report. Employees and individuals from outside the company can report potential compliance violations to the Compliance hotline by telephone or via a web-based application in their respective language. The Compliance hotline is available 24 hours a day, free of charge. The system enables two-way communication, including anonymous communication. If there is indications of a potential compliance violation, corresponding corrective measures are taken based on concrete action plans. If necessary, disciplinary measures are taken. These can range from a simple warning up to the dismissal of the employee who violated a compliance rule. The Group has set up a Compliance Case Committee to guide these processes. The Compliance Case Committee consists of senior representatives of various Group governance functions; they are involved in reviewing certain compliance violations and initiating appropriate and necessary measures.

In 2024, 89 compliance-relevant cases were reported via the Compliance hotline and other channels. In 30 closed cases, it was confirmed that the principles of the Code of Conduct or other internal or external guidelines had been violated.

Internal Auditing

Compliance is ensured by the Group Compliance and Group Internal Auditing functions as the second and third lines of defense, respectively. As part of its audits, Group Internal Auditing regularly reviews functions, processes and legal entities worldwide. This includes an assessment of the effectiveness of the respective compliance guidelines, processes and structures. The units also check for violations of our Code of Conduct, Anti-Corruption Standard, Anti-Money Laundering Group Standard and Antitrust Standard. Our audit planning aims to provide comprehensive risk assurance through the best possible audit coverage of our processes, countries and projects. If an internal audit gives rise to recommendations for corrective actions, Group Internal Auditing performs a systematic follow-up and monitors the implementation of the recommendations. In 2024, Group Internal Auditing conducted 43 internal audits. This included 30 operational risk audits and 13 IT risk audits. A total of 30 internal audits involved bribery and corruption-related risks.

Certification

Since November 2022, we have had our compliance management system externally audited and certified in accordance with the principles of proper auditing of compliance management systems (IDW PS 980). The focus is on anti-bribery, anti-corruption and anti-money laundering with the aim of identifying areas with potential need for improvement and assessing whether the measures we have taken ensure that regulations, policies and procedures are adhered to. The effectiveness assessment will be conducted on a region-by-region basis until 2025.

Stakeholder engagement

We take care to ensure that our activities comply with the codes of conduct of the associations of which we are a member. We are members of various organizations, including the German Chemical Industry Association (VCI), the German Institute for Compliance (DICO), the European Federation of Pharmaceutical Industries and Associations (EFPIA), Pharmaceutical Research and Manufacturers of America (PhRMA), the German Association of Voluntary Self-Regulation for the Pharmaceutical Industry (FSA), the International Federation of Pharmaceutical Manufacturers and Associations (IFPMA), Alliance for Integrity, the German Association for Supply Chain Management, Procurement and Logistics (BME), the capital market association Deutsches Aktieninstitut (DAI), and the International Association of Privacy Professionals (IAPP).

Data privacy

Our Group Data Privacy is integrated into the Group’s Compliance organization. As required by law, this department operates independently and without being required to follow instructions. The department regularly prepares data privacy updates and a comprehensive data privacy report as part of our broader compliance reporting efforts. The Group Data Privacy Officer has a team of dedicated local data privacy officers working in countries that are particularly sensitive to data protection in our company. Other individuals around the world also perform a local data privacy function alongside their core activity for the Group. The tasks of these two groups of local data privacy officers include implementing and applying the global data privacy policy in the countries, performing regular efficiency tests and promoting awareness of data privacy. They also advise the company on relevant and critical matters relating to data privacy. A Center of Expertise also provides support in the form of structures and tools.

Our data privacy management system encompasses various elements of our portfolio alongside the pillars of people and communication. The portfolio is composed as follows:

Elements of our Data Privacy program

Our Data Privacy Program Elements (Infographic)

The data privacy organization has put specific guidelines in place in order to ensure that data privacy processes comply with the relevant regulations. The Group Data Privacy Policy defines the standards according to which data is processed, stored, used, and transmitted within the Group. This enables us to provide a high level of protection when it comes to processing the data of our employees, contract partners, customers, suppliers, patients, healthcare practitioners, and participants in clinical trials. The statutory documentation requirements are realized in a central IT tool that also serves as the basis for other key data privacy processes: documenting processing activities, performing a general risk audit and – if required by law – a specific data privacy impact assessment, reporting and evaluating potential data privacy violations, and processing requests from data subjects. Our understanding of data privacy throughout the Group is based on European legislation in particular, including the data privacy principles of the EU’s General Data Protection Regulation (EU GDPR), which has been in force since May 2018. However, we also comply with and implement local data protection regulations in the individual countries.

Corresponding training and awareness measures are a core element of any data privacy management system. The effective communication of relevant standards, procedures and other guidelines in the form of regular training is important, as are regular awareness measures in order to establish an appropriate culture of data privacy within our company. Our data privacy services comprise general awareness measures, such as e-learning on data privacy that is mandatory for all Group employees, and broad-based communication using various channels, including e-mail and the company intranet, as well as targeted training, e.g., interactive training for certain subsets of employees and standardized training sets focusing on specific topics and tailored to corresponding groups of companies.

Management of opportunities and risks

For detailed information, including a description of the main characteristics of the entire internal control system and risk management system and the statement on the appropriateness and effectiveness of these systems, please refer to the “Internal control system” section of the “Report on Risks and Opportunities” in the Management Report.

Avoidance of conflicts of interest

Within the framework of their work, all Executive Board and Supervisory Board members of Merck KGaA, Darmstadt, Germany, are exclusively committed to the interests of the company and neither pursue personal interests nor grant unjustified advantages to third parties.

Before an Executive Board member takes on honorary offices, board positions or other sideline activities, this must be approved by the Personnel Committee of the Board of Partners of E. Merck KG, Darmstadt, Germany. The Chair of the Executive Board, Bélen Garijo, and the Chief Financial Officer, Helene von Roeder, are both members of the Executive Board of E. Merck KG, Darmstadt, Germany. This does not, however, create conflicts of interest.

In its report to the Annual General Meeting, the Supervisory Board discloses any conflicts of interest involving its members and how they were dealt with. Consultancy agreements, as well as other service and work contracts of a Supervisory Board member with the Group, require the approval of the Supervisory Board. In fiscal 2024, there were neither conflicts of interest nor consultancy agreements or other service or work contracts with Merck KGaA, Darmstadt, Germany, or another Group company involving Supervisory Board members.

Adherence to environmental and safety standards

Our thinking and actions with regard to environmental protection and safety are based on the principle of sustainability and the guidelines for responsible action as set out by the International Council of Chemical Associations (ICCA) in its Responsible Care Global Charter, which emphasizes overall responsibility for products, supply chains and society. We have signed on to this charter and declared its principles to be binding throughout the Group in our Environment, Health and Safety (EHS) Policy.

We also adopt environmental safety and protection targets with the aim of permanently improving our environmental protection and safety:

  • We have set ourselves the goal of climate-neutral business operations along our entire value chain by 2040. By 2030, we aim to reduce our direct (Scope 1) and indirect (Scope 2) emissions by 50% compared with 2020. Our goal is to achieve this primarily by reducing process-related emissions and implementing energy efficiency measures. In terms of our Scope 3 emissions, we want to reduce emissions throughout the entire value chain by 52% (per euro value added) by 2030. These short-term targets for 2030 were approved by the Science-Based Targets Initiative (SBTi) in May 2022. The independent initiative assesses and approves companies’ targets based on its strict climate science criteria. This confirms that we are helping to limit global warming to 1.5 °C, thus meeting the requirements of the Paris Agreement.
  • In addition, we are aiming to source 80% of our purchased electricity from renewable energies by 2030.
  • We also intend to reduce the environmental impact of our waste, reduce water intensity and improve the quality of our wastewater by 2030. Having achieved our short-term targets for waste and water consumption to 2025 ahead of schedule in 2023, we have adopted new ambitions for the period to 2030. By the end of the decade, we want to achieve a circularity rate of 70% in our waste flows and improve our water intensity (per euro value added) by 50%.
  • To improve occupational safety, we aim to lower the lost time injury rate (LTIR) to below 1 by 2025.

We have also rolled out BeHealthy, a global program aimed at maintaining and promoting employee health. The objective of the program is to strengthen the physical, mental, social, and workplace-related health of all employees for the long term. The focal points of the content are healthy leadership, mindfulness and delivering a diverse healthcare offering that is accessible globally.

Based on our Environment, Health and Safety (EHS) Policy, a number of guidelines specify how the sites and employees of the Group are to observe the principles in their daily work. The Group function Corporate Sustainability, Quality and Trade Compliance steers these global activities and ensures compliance with statutory requirements, internal standards and business needs throughout the entire Group. In this way, Group-wide risks are minimized, and continuous improvement is promoted in the areas of environment, health, safety, security, and quality.

We report on our ecological, environmental and social performance transparently in accordance with the internationally recognized principles of the Global Reporting Initiative (GRI), the Sustainability Accounting Standards Board (SASB), and the recommendations of the Task Force on Climate-related Financial Disclosures (TCFD).

Share this page: