3.1 Compliance and ethics Our commitment to ethical standards is demonstrated by Both business partners and suppliers are required to sign a integrating AI ethics into all our business processes, products, code of conduct. In addition, depending on their risk classi- and solutions. This includes: fication, audits can be conducted on the business partners’ premises by the Siemens audit function or external service → Applying generally accepted and trustworthy AI frameworks providers. SUSTAINABLE SUPPLY CHAIN PRACTICES to AI tools in anticipation of the upcoming AI regulation in the EU. To support the compliance experts on business partner topics, → Raising awareness and providing guidance to employees Siemens established the Business Partners Network. This and stakeholders on ethical implications in AI decision- network operates in different workstreams, some of which making. are connected with specific projects and others that are related to specific questions on the subject of collaboration Collaboration with business partners with business partners. Each Siemens department is responsible for its own business partners. They must be carefully selected by the responsible Preventing money laundering and terrorism operational department and must undergo a risk-based financing compliance due diligence process. Business partners have to Siemens strives to only maintain business relationships with be adequately monitored for the duration of the business reputable customers, suppliers, partners, and companies relationship. This means that we regularly assess the need whose business activities comply with legal requirements for the continued relationship and provision of services, and whose financial resources are of legitimate origin. We taking into account remuneration and other relevant circum- use a risk-based approach to verify the identity and economic stances. background of customers, suppliers, business partners, and other third parties and the origin of payments to ensure they We have established mandatory processes and the associ- come from legitimate sources. When necessary, Siemens ated tools for this purpose that are continuously refined to reports suspicious activities to law enforcement authorities. cover any risks that may arise. Handling of compliance cases Decisions about engaging a business partner are transparent At Siemens, compliance cases are handled in accordance and risk-oriented. They are also based on the most recent with a clearly structured process that includes key steps such compliance due diligence procedures. Appropriate remediation as reporting channels, internal investigations, and responses measures are initiated depending on the risk classification of to identified violations (see the diagram below). the business relationship and the risks identified. Company-wide process for handling compliance cases (simplified presentation) Compliance investigation Assessment carried out by examining or Research Preparation of Disciplinary Allegation received evaluating the Mandating and planning Investigation the investigation measures and allegation before report remediation mandating an investigation SIEMENS SUSTAINABILITY REPORT 2023 35