Legal structure and the Deloitte network
Deloitte Oy is a limited liability company, incorporated under the laws of Finland, and it is wholly owned by its members (which comprise the Finnish equity partners, Deloitte NSE LLP (hereafter, ‘Deloitte NSE’), and Deloitte NSE No2 CLG).
The Finnish parent company, Deloitte Oy, provides Audit & Assurance (A&A), financial advisory, risk advisory, and tax and legal services to its clients. The company’s wholly owned subsidiary, Deloitte Consulting Oy, provides management consulting services. In addition, Deloitte Corporate Finance Oy and Deloitte ICM Oy are also wholly owned subsidiaries of Deloitte Oy.
Deloitte Oy is a Finnish affiliate of Deloitte NSE, a UK private company and a member firm of the Deloitte network. The Deloitte network is a globally connected network of member firms and their respective related entities, operating in more than 150 countries and territories across the world. UK private company, Deloitte Touche Tohmatsu Limited (DTTL or ‘Deloitte Global’), serves a coordinating role for the member firms and their related entities by requiring adherence to policies and protocols with the objective of promoting a consistently high level of quality, professional conduct and service across the Deloitte network.
Governance and leadership
The leadership structure at Deloitte Finland is established to comply with the requirements of the Finnish Companies Act and to support an active and involving partnership. Deloitte Finland operates as a limited liability company in which each shareholder (with the exception of Deloitte NSE and Deloitte NSE No2 CLG) works as a partner. The governance of Deloitte Finland is executed through the following organs: the annual general meeting, the leadership team, the CEO, the board of directors and the partnership council. More information on the governance and leadership of Deloitte Finland can be found in the 2023 Transparency Report.
Ethics
Ethics and integrity are deeply embedded in Deloitte’s culture. Our ethics programme works to build trust in our professions and among our professionals, strengthen our reputation and relationships with stakeholders, minimise ethical risk and help all of our people make the best professional choices.
There is an appointed Ethics Officer in Finland who is responsible for the ethics programme and helping the professionals and leaders in our firm to understand what is expected of them, ensuring that they comply, and seeing that there are appropriate consequences for ethical lapses.
We conduct an annual Ethics Survey to measure the effectiveness of our ethics programme and hear our people’s insights into our ethical working environment. In the latest survey, conducted in autumn of 2022, 99% of the respondents stated that Deloitte is an ethical place to work in and that they understand it is their responsibility to report unethical conduct.
Deloitte’s shared values
At the root of everything we do are our shared values that serve as the basis for every decision we make and the actions we take. Our shared values describe the core principles that distinguish Deloitte culture, which is consistent worldwide.
The Deloitte NSE Code of Conduct sets out our Shared Values and Global Principles of Business Conduct. These are critical to our reputation and continued success and are embedded in everything we do: how we serve clients, how we direct our businesses, how we work together and how we contribute to society. Fundamentally, the reputation of our firm rests on the personal ethics of every Deloittee.
Speaking up / raising concerns
Consultation goes to the heart of Deloitte culture. Our professionals are encouraged to speak openly and are expected to speak up if they observe or experience any conduct which they perceive to be unethical or against our company values and policies. Similarly, we hope that our stakeholders contact us and speak up if they suspect or encounter any unethical behaviour concerning Deloitte.
Our professionals, as well as our stakeholders, can also use our whistleblowing channel, Deloitte Speak Up. The Deloitte Speak Up channel is administered by a third party to maintain confidentiality and, when requested, anonymity. We fully and fairly work to address issues and concerns as they come to our attention.
Responsible business practices
As a purpose-led organisation, we are thoughtful about the company we keep and committed to responsible business practices. Deloitte’s commitment to responsible business is rooted in our purpose: making an impact that matters to our people, society and clients. We have fulfilled this purpose for over 175 years. Our purpose defines who we are and why we exist. Our commitment to responsible business practices outlines the responsible business principles we believe in and the commitments we have made. These are embedded in our policies and inform our decision-making. Deloitte is a proud signatory to numerous external pledges.
Our supplier code of conduct
Our expectation is that Deloitte suppliers support Deloitte’s commitment to not only doing what is good for business, but also doing what is good for Deloitte people and the communities in which they live and work. We are committed to evaluating suppliers and other third-party relationships, including alliances and ecosystems, through appropriate requirements and screening. The Deloitte Supplier Code of Conduct sets out responsible business expectations for Deloitte suppliers. Every supplier is expected to meet these standards in connection with the operations of its business.
Our approach to anti-corruption
Anti-corruption has always been part of Deloitte’s ethical principles. We are against corruption in all its forms and want to contribute to good governance, economic development and the improvement of social welfare wherever we do business. Our comprehensive anti-corruption programme consists of different elements that mitigate the risk of corruption within Deloitte. Deloitte Global was an early signatory to the United Nations Global Compact and to the World Economic Forum’s Partnering Against Corruption Initiative.
Independence
The execution of high-quality audits requires independence, objectivity and professional scepticism. We have-quality responses that address quality objectives and quality risks as they relate to the relevant ethical requirements for independence. These responses include policies and procedures that are based on expectations that are set out in Deloitte Global independence policies and which are supplemented, if appropriate, to reflect additional national or regional requirements that may be more restrictive than Deloitte Global policies.
Our leadership reinforces the importance of compliance with independence and the related quality management standards, thereby setting the appropriate tone at the top and instilling its importance into the professional values and our culture. Each individual’s responsibility to understand and meet the independence requirements is emphasised. The Director of Independence is responsible for overseeing independence matters, including the design, implementation, operation, monitoring and maintenance of the Standard on Quality Control related to independence.
Risk and opportunity management
As the risk landscape remains volatile, uncertain and complex – with increasing demands from clients and greater scrutiny from regulators, legislators and other governmental authorities – we continue to focus relentlessly on quality and risk management (QRM), actively monitoring and strengthening and improving our risk procedures.
Many risks, if they materialise, could impact on our ability to achieve our business strategies – including the protection of our reputation and brand, and global delivery of consistent, high-quality services. That is why our vigilant enterprise risk framework (ERF) is designed to proactively identify, manage, monitor and respond to risks and opportunities. The ERF includes processes with which to analyse the internal and external environment for developments that could impact on our ability to achieve our strategic priorities, meet our public interest obligations and protect our reputation and people. Emerging risks are also discussed, and any necessary mitigation actions are agreed upon and executed.
Risk management governance
The ultimate responsibility for our risk management lies with the Board of Directors, but the development and operations of risk management are managed by the CEO and the Reputation and Risk Leader. The Reputation and Risk Leader works closely with Deloitte’s international risk management organisations established at Nordic, NSE and global level. In addition, the Reputation and Risk Leader is supported by a group of professionals specialising in different areas of risk management and other professionals responsible for certain service areas’ risk and quality supervision. The Reputation and Risk Leader reports actions to the Board of Directors and to the Partnership Council.
Policies, processes and reviews
The Deloitte Global Policies Manual (DPM) is the central repository for policies applicable to all Deloitte firms around the world. It provides the basis for establishing and implementing globally consistent and rigorous QRM processes. We are required to develop, implement and document a risk management framework that is integrated into our key decision-making processes.
Internal reviews serve as an inspection and monitoring mechanism and are a critical component of our system of quality control and risk management. We conduct our own practice reviews under the guidance and oversight of Deloitte Global. These reviews assess our compliance with the DPM policies, the quality of work performed and services delivered by us and the operational effectiveness of our DPM policies.