Compliance Policy


Version 2.1

Date last reviewed: March 2025

Next review date: March 2026

Policy approved by – Executive Leadership Team

Policy maintained by – Human Resources

 

1.0      Purpose

The purpose of this policy is to detail how Unipart complies with legislative, regulatory, contractual and policy requirements associated with its activities in all territories in which it operates.

The policy provides the context for the management of our compliance obligations and provides guidelines and structures for all accountable persons under the policy.

2.0      Scope

This policy applies to all established and fixed term employees who work under a contract of employment.

This policy does not form part of any employee’s contract of employment and it may be amended at any time.

3.0     Policy Statement

The Board and senior management of Unipart are committed to ensuring the organisation meets its compliance obligations.

Compliance is concerned with not only externally imposed laws, regulations, codes and standards, but also with internal organisation standards, codes of conduct and ethics, and adoption of industry best practice.

Compliance and safety are defined at the highest level within Unipart as “mandated”. Where appropriate, key compliance objectives will be incorporated into the strategic and operational planning processes.

A compliance framework is an important element of corporate governance and is intended to:

  • Promote a culture of compliance within Unipart, highlighting its importance and connection to Unipart’s values;
  • Foster continuous improvement in compliance processes, ensuring obligations are always met by establishing monitoring and reporting mechanisms that will assist in identifying instances of non-compliance and tracking remedial actions;
  • Maintain the reputation of Unipart in the marketplace and to demonstrate its Environmental, Social and Corporate Governance responsibilities.

4.0       Responsibilities

4.1   Executive Leadership Team

  •  has the primary responsibility for the execution of this policy;
  • all ELT and Board members will complete mandated compliance training modules as and when required;
  • will review all compliance-related risk assessments as part of the annual risk review.

4.2     Group Risk Committee

  •  ensure all compliance-related risks are understood and documented;
  • take oversight of the Group Risk register and ensure all parts of the business are adequately reflected;
  • report annually to the ELT and Unipart Board, Audit and Risk Committee on the effective management of our compliance obligations and risk register;
  • immediately flag any new/emerging compliance-related risks to the ELT and Unipart Board, Audit and Risk Committee;
  • monitor completion of all mandatory compliance training and ensure appropriate steps are taken where gaps exist.

4.3   Managing Directors and Leadership Teams

  • ensure that this policy and all related policies are deployed effectively across their area of the business and reinforce and enforce any mandatory training compliance requirements for their part of the business;
  • identify any capability or industry-specific compliance obligations and ensure appropriate policies and training are deployed accordingly;
  • ensure suitable Risk Assessments are produced for their part of the business and the results recorded on the Risk Register;
  • establish appropriate management controls and procedures within their operations and ensure that heads of business units are held responsible for the effective implementation of the policies and procedures in their area of responsibility;
  • ensure that their senior management team have completed all mandated compliance training and that relevant information and training is cascaded throughout their organisation;
  • ensure suitable compliance standards and procedures and relevant training for contractors and agents are in place;
  • ensure that any employee or other person working on behalf of Unipart is not penalised for enforcing our compliance standards even if it results in the Company losing business;
  • provide suitable information annually to the Group Risk Committee to facilitate the creation of an annual, suitable and transparent Unipart Compliance and Risk report.

4.4    Local/Functional risk and Compliance Managers

  •  ensure that suitable Risk Assessments are produced for their functions that identify any potential compliance issues and these are recorded on the appropriate Risk Register;
  • ensure that appropriate management controls and procedures are implemented, monitored and enforced in their division and/or functions;
  • ensure that the appropriate Unipart People are identified to undertake mandatory compliance training in accordance with this policy;
  • ensure that relevant compliance training is available across the division/function;
  • ensure suitable Compliance Procedures for consultants and agents used by their functions are in place;
  • will ensure that any employee or other persons working in their function is not penalised for enforcing our compliance standards even if it results in Unipart losing business.

4.5  All Unipart People

  •  Unipart promotes high standards of professional conduct and compliance across global operations. As such all Unipart people are required to:
  • Operate within Unipart’s compliance framework at all times;
  • Comply with all national and regional laws and regulations;
  • Complete all mandated compliance training within the required timescale;
  • Carry out their job and/or contractual responsibilities in a professional, conscientious, and ethical manner, and in accordance with all applicable laws, regulations, rules, and policies;
  • Report any actions or behaviours they believe, in good faith, violate ethical practices, compliance standards, law, or regulation using normal escalation procedures up to and including Whistleblowing. They may report such actions without fear of reprisal or
    retaliation. However, if an individual fails to report these violations, they may be subject to disciplinary procedures;
  • Cooperate in the investigation of any unethical or unlawful action and/or breach of our compliance standards and this policy;
  • Where there is uncertainty as to the most appropriate course of action to maintain compliance standards and/or report a breach of these standards, Unipart people should seek advice from their line manager or HR in the first instance.

5.  Compliance Training

Sometimes, conduct undertaken with good intentions but with inadequate knowledge may violate applicable laws or regulations.

Training is required to provide all Unipart People with the knowledge and skills to carry out their responsibilities in accordance with legal and regulatory requirements and Unipart’s compliance framework. Proper and continuing training is, therefore, a significant element of an
effective compliance programme.

All Unipart People must, as a condition of their employment, complete any and all required compliance training (including policy affirmation and achievement of the set pass mark in any test) within the set deadline.

Unipart People will not have the identical amount of training, nor will the focus of training efforts or the manner in which training is completed be the same for all. Compliance training will be targeted at Unipart People based upon their role and/or their level of seniority in the organisation and based upon an assessment of risk as set out in Appendix 1 of this policy.

The frequency of refresher training shall be every 12 months as a standard.

Records of compliance training will be retained for the duration of employment/contract.

5.1   Failure to complete Compliance Training

Unipart People who do not complete their required training without an acceptable explanation will not be able to achieve a “Consistently and fully meets standards” rating in their end of year review. Furthermore, persistent failure to complete compliance training without an acceptable explanation may result in disciplinary action.

Line managers who cannot demonstrate they have made every reasonable effort to ensure their direct reports have completed their required training without an acceptable explanation will similarly not be able to achieve a “Consistently and fully meets standards” rating in their
end of year review.

Acceptable explanations for failure to complete compliance training are:

  • Absence due to maternity leave
  • Absence due to long term sickness
  • Secondment to an external organisation

5.2   Workplace Adjustments

In the event a Unipart Person requires an adjustment in order to be able to complete their Compliance Training they should advise their manager and/or HR of the nature of the adjustment required in order that it can be reviewed and, where appropriate, accommodated.

6.  Key Related Policies and Documents

7.  Further information and guidance

Where clarification is required on any aspect of this policy, this may be obtained from the Chair of the Risk Committee, Company Secretary, HR Director, Policy & Compliance or Chief People Officer.

8.  Review and maintenance of this policy

All those persons referred to within the scope of this policy are required to adhere to its terms and conditions.

Individual managers are responsible for ensuring that this policy is adhered to.

Any queries on the application or interpretation of this policy must be discussed with the Human Resources Department prior to any action being taken.

The Human Resources Leadership Team, in conjunction with the Risk Committee, has the responsibility for ensuring the maintenance, regular review and updating of this policy.

The Unipart Executive Leadership Team will review the implementation of this policy in respect of its suitability, adequacy and effectiveness and make improvements as appropriate.

This policy will be reviewed annually. Any material amendments will be subject to the approval of the Executive Leadership Team.

 

9. Version history

Version
no.
Version
Date:
Amended by: Summary of changes
2.1 March 2025 D Astles ● Update to format and language
● Addition of clause 5.1 relating to non
completion of training
● Addition of clause 5.2 relating to
workplace adjustments
● Addition of hyperlinks to other policies
● Addition of Risk Committee as joint
owner of this policy
● Addition of Security and Insider threat
modules to training matrix
● Addition of version history table

 

APPENDIX 1 COMPLIANCE TRAINING MATRIX

Compliance
area/legislation
Functional Owner Employee group for mandatory training UK or Global? Frequency
Anti-bribery &
Corruption/Gifts/ Conflicts of
interest
Company
Secretary
All employees in Finance, Sales, Purchasing and all Execs
U92/Equivalent managers and above in all other areas
Global On commencement
Annual refresher
Modern slavery and human
trafficking
Company
Secretary
All employees Global On commencement
Annual refresher
Criminal
Finances Act
Finance All employees in Finance, Sales, Purchasing and all Execs
U94 and above in other areas.
UK On commencement
Annual refresher
Data Protection IT All employees Global On commencement
Annual refresher
Competition
Law
Legal All employees in legal, commercial and finance and all Execs UK On commencement
Annual refresher
Equal
Opportunity
and inclusion
HR All employees Global On commencement
Annual refresher
IR35 HR/Finance All Managers who engage off payroll workers;
HR Directors, Managers, BPs and Consultants,
All Finance Directors and Controllers
UK Ad hoc
Prevention of
tax evasion
Finance All Managers who engage off payroll workers;
HR Directors, Managers, BPs and Consultants,
All Finance Directors and Controllers
UK Ad hoc
Health and
Wellbeing
related
HR/Health and Safety All employees Global On commencement
Annual refresher
Acceptable use of Social Media Marketing All staff on Skillcast Global Ad hoc
Security
Awareness and Insider threats
Security All staff on Skillcast Global On commencement
Annual refresher
IT security
awareness and Insider threats
IT All staff on Skillcast Global On commencement
Annual refresher
Business Travel Risk Finance Business travellers Global Ad hoc when required
Introduction to Risk Finance All U96+ Global Ad hoc when required
Risk
Management
Finance Risk Committee members Global Ad hoc when required
Risk
Identification
Finance Risk Committee members.
Anyone else involved in Risk process
Global Ad hoc when required
Risk Appetite Finance Risk Committee members Global Ad hoc when required
Risk Assessment Finance Risk Committee members
Anyone else involved in Risk process
Global Ad hoc when required
Risk Treatment Finance Risk Committee members
Anyone else involved in Risk process
Global Ad hoc when required
Risk Monitoring Finance Risk Committee members Global Ad hoc when required
Risk Reporting Finance Risk Committee members Global Ad hoc when required
Good
Distribution
Practice
NHS Quality and Compliance NHS Supply Chain team leaders + UK On commencement
Annual refresher