Annual report 2016

Managing responsibility

At Posti, sustainability and responsibility are part of our daily work and management. Management is based on Posti’s corporate values:

  • succeeding with the customer,
  • driving for improvement and innovation,
  • taking responsibility, and 
  • winning together.

Good management supports the achievement of these targets and fosters a positive work atmosphere.

Posti’s corporate values are also the foundation of the Posti Corporate Responsibility Principles. The principles were updated in 2016. Posti’s responsibility policies take into account the UN Global Compact principles, the UN Guiding Principles on Business and Human Rights and the UN Sustainable Development Goals (SDGs). The Global Compact principles comprise self-regulation pertaining to human rights, the environment and corruption. The UN Guiding Principles specify a company’s responsibility with regard to human rights and call on companies to respect human rights. The UN Sustainable Development Goals contain guidelines aimed at ensuring sustainable development.

Posti is committed to operating in a responsible and ethical manner. Posti’s Code of Conduct, which is aimed at the company’s personnel, covers legal and regulatory compliance, good business practices, principles concerning equality and non-discrimination, the avoidance of conflicts of interest, the prohibition of unethical commercial practices and environmental responsibility. The Code of Conduct also documents the principles concerning the consequences of misconduct. The Code of Conduct also specifies the anonymous whistleblowing channels established by the Group for employees to confidentially report suspected cases of misconduct or other problems.

The Group’s partners are required to adhere to the corporate responsibility principles outlined by Posti. Posti’s Supplier Code of Conduct covers legal and regulatory compliance, good business practices, principles concerning equality and non-discrimination, the avoidance of conflicts of interest, the prohibition of unethical commercial practices and environmental responsibility.

Sustainability is the responsibility of Posti’s Vice President, Stakeholder Relations. The Vice President, Stakeholder Relations is a member of the Group Management Board. Matters related to sustainability are discussed at least once per year by the Board’s Audit Committee and the Management Board.

Management of sustainability risks

The objective of Enterprise Risk Management is to safeguard the achievement of Posti’s strategic and key targets from unexpected risks and to enhance Posti’s business opportunities and corporate image. For this reason, the process is designed to support the strategy and annual planning process.

The risk management unit prepares information security guidelines and supports the management in implementing them. In all Group companies, the management is responsible for the management of business risks.

Risks related to sustainability are updated at least twice per year as part of Posti’s Enterprise Risk Management process. They are reported as a separate item in the Group’s risk report. Sustainability risks are discussed by the corporate responsibility steering group, the Executive Board, the Board of Directors of Posti Group and the Board’s Audit Committee.

Taking sustainability risks into consideration

Sustainability risks include, for example:

  • risks related to potential personnel arrangements and, in particular, outsourcing measures, that may have a negative effect on our reputation and, consequently, cause us to lose customers;
  • potential information leaks and information security deviations, particularly those related to personal information;
  • potential accidents that cause substantial damage to people or the environment;
  • potential human rights infringements;
  • potential risks related to supplier management, involving corruption and the failure of internal control. These are particularly important in Russia, Poland and the Baltic countries.

Posti processes all information in strict confidence, taking information security requirements into account. Privacy is crucial to Posti’s business. Posti’s corporate security policies determine the minimum level for all of its countries of operation. They take into account the information security requirements of Posti customers, the business environment and risk management. In terms of protection, Posti considers as particularly important customer and personnel information as well as Posti’s and its partners’ confidential information and the related systems and business processes.

The EU General Data Protection Regulation (GDPR) sets out new provisions concerning the processing of personal data. Posti has prepared for the changes brought about by the new Regulation by setting up a preparatory project.

Improving and promoting occupational safety are important development areas for Posti. The focus is on proactive measures. Posti’s goal is to be a healthy and accident-free workplace.

The Corporate Responsibility Principles were updated in 2016. The principles take into account, among other things, the UN Guiding Principles that specify a company’s responsibility with regard to human rights and call on companies to respect human rights. As a work community, Posti is equal, international and diverse.

Posti has a Group-wide uniform sourcing policy that defines how the sourcing function and supplier cooperation are managed. As part of responsible sourcing, Posti has defined its Supplier Code of Conduct. Posti has around 8,000 suppliers, of which approximately one fifth are considered key suppliers. All key suppliers are covered by a self-assessment system.