VARSLING. Finn Berg Jacobsen Compliance Officefr

VARSLING Finn Berg Jacobsen Compliance Officefr

COMPLIANCE FUNKSJONEN MISSION Forhindre Rapportere Utilbørlig adferd og handlinger Overvåke Undersøke

Utilbørlig adferd og handlinger Misligheter og utilbørlig Etiske Korrupsjon finansiell rapportering brudd og bestikkelser Underslag Brudd på etiske Søke urettmessige Tyveri regler fordeler gjennom bruk av Villedende finansiell utilbørlige midler rapportering

LOVKRAV INTERNASJONALE KRAV Sarbanes-Oxley (finansiell rapportering) Foreign corrupt practices act (korrupsjon) Internasjonale konvensjoner (korrupsjon og etisk adferd) NORSKE KRAV Arbeidsmiljøloven Straffeloven (korrupsjon)

Sarbanes-Oxley (SOX) krav The periodic report states that financial information complies with the Exchange Act and fairly presents financial condition and results of operations SECTION 906 SECTION 409 Disclosure to the public on a rapid and current basis of material changes to financial condition or results of operations SECTION 302 SECTION 404 Various statements by certifying officers, similar to Section 906 plus additional statements related to disclosure controls and procedures, internal controls and fraud Perform ANNUAL assessment of the effectiveness of internal controls over financial reporting and obtain attestation from external auditors

SARBANES-OXLEY KRAV SECTION 404 REQUIRES Audit committees must establish mechanisms for receipt, retention and treatment of anonymous employee concerns about potential accounting improprieties or fraud Legal protection against retaliation Transparency within corporate boundaries irrespective of geographical location Most companies have gone beyond the SOX requirements

EU KRAV EU (Frankrike og Tyskland) er mer moderate angiveri er straffbart misbruk av persondata negative til anonyme henvendelser krav til fjerning av data etter bruk begrenset omfang lokal rapportering Sarbanes-Oxley krav aksepteres av EU

COMPLIANCE FUNKSJONEN Arbeidsmiljøloven (Norge) 2 4 ansatte har rett til å varsle varsling skal være forsvarlig omvendt bevisbyrde 2 5 beskyttelse mot represalier omvendt bevisbyrde krav på oppreisning uansett skyld 3-6 Arbeidsgiver må legge forholdene til rette for varsling

RAMMEVERK Styrende dokumenter CODES OF CONDUCT ANTI-CORRUPTION PEOPLE PROSEDYRER UTRULLING AV COC GJENNOMFØRING AV UNDERSØKELSER Temaer: Menneskeverd Miljø Data/IT informasjon Finansiell informasjon Forhold til eksterne parter gaver etc. bestikkelser Interessekonflikter Etc.

TELENOR ORGANISERING AV COMPLIANCE GROUP Audit committee CEO SUBSIDIARIES Group compliance officer Audit committee (if applicable) CEO LOCAL COMPLIANCE FUNCTIONS

AUDIT COMMITTEE CHARTER Compliance avledede oppgaver Establishing and reviewing procedures for the correct handling and registering of any complaints regarding accounting, internal accounting controls or auditing matters. These procedures shall ensure that employees may confidentially and if desired, anonymously submit complaints about any accounting and auditing matter. Reporting of breach on ethical guidelines Oversight of accounting and auditing issues Identifying, understanding and assessing operational and financial risks

Compliance officer Ansvar og arbeidsoppgaver Maintenance of Telenor Governance Documents Monitor laws and regulations important to ethical behaviour and activities Develop and implement a worldwide CoC and compliance program oversee the development of training material monitor conduct of training monitor local implementation of CoC Provide communication channels for reporting of non-compliance Initiate/supervise investigations Liase with local management/local compliance officer in selected investigations Recommend/support resolution of reported incidents Report without delay material incidents to Audit Committee and External auditor Report periodically to Audit Committee and Group Management

Compliance function Forhindre Roll-out of CoC Training Reputation e-learning Awareness building Roll-out of Coc Line management Audit Committee Group Compliance Rapportere Material cases 6-months summary Knowledge sharing Combat improper business practices Undersøke Overvåke CoC acceptance Training & preparation Certification Hot line Self assessments Local CEO certification Reported/observed cases Conduct of investigations Case logging Investigate Inform Report preparation

Telenor Integrity Alert (på ansattes hjemmeside) Everyone associated with Telenor is obliged to comply with applicable local law, the Codes of Conduct adopted by the Local Board of Directors and any other governing documents and policy. Our internal rules are about more than just interpretations of laws; indeed, our Codes of Conduct reflect our core values and ethical standards. We strive to conduct business within the framework of high standards of business ethics. We seek to be recognized as a company of Integrity without compromise and a company respectful of our environment and fellow human beings. If any of our employees become aware of a perceived breach, it is our expectation that they report promptly in good faith to either their superior, their Local Compliance Manager Function or the Telenor ASACompliance Officer. Failure to report is a breach of our internal governing rules. Examples of governing rules include: Breaches of health, environment and safety regulations Unlawful financial reporting Corruption and/or bribery Unreasonable commissions / "kickbacks" / inappropriate gifts Conflicts of interest Embezzlement Insider trading, improper use of confidential or price sensitive information Discrimination Violations of competition laws Although it is desirable that contact information be furnished by an individual providing information, it is perfectly acceptable to report confidentially and if desired, anonymously. Irrespective of whether the reporting is anonymous or open, all submissions will be treated confidentially when the reporting is made in good faith and to safeguard the interests of the company and/or other employees. Telenor does not seek reprisals against those who, in good faith, report a breach or suspicion of an infringement of any law, regulation, Codes of Conduct or any other Group or Local policies, standards and/or procedures. Reporting should be done to compliance officer in Telenor ASA or your local compliance manager. Compliance Officer: Telenor ASA NO-1331 Fornebu Norway E-mail: compliance@telenor.com Tel.: +47 678 90 000 Mob.: +47 908 19 668 For local compliance managers, please see the attached file for detailed contact information.

VARSLING - RAPPORTERINGSVEIER Media Gjerne internt før de går eksternt Unnlatelse av rapportering er brudd Styre Revisjonskomite Myndighetsorganer Toppleder Compliance Staber e.g.hr Linjeleder Tillitsmenn

BEHANDLING AV MOTTATTE KLAGER Mottak av meldinger Oversendelse til compliance Logging Foreløpig vurdering Tilbakerapportering Bestemme omfang og gjennomføring Utarbeide rapport Anbefalinger

LOGGING/FORELØPIG VURDERING 2006 ERFARINGER Måling mot CoC bestemmelser Spam,ads,annet 80% 15% operasjonelle forhold Noen få klager til Audit Committee 15 % 5% 5 % klager/bekymringsmeldinger Misligheter/korrupsjon Trakassering Nærstående parter Tyveri/underslag

RAPPORTERING GROUP High priority cases Umiddelbart Audit committee CEO Line Management Summary cases 2 ganger pr. år Audit committee CEO Ethical coucil Self assessment Årlig All stakeholders LOCAL High priority cases Umiddelbart CEO Audit committee/board Line Management Summary cases 2 ganger Pr. år CEO Audit committee/board

SELF ASSESSMENT Årlig temperaturmåling av governance 335 personer (99 % svarprosent) i 2006 Områder som dekkes Alle policies inkl. Codes of Conduct og Anti-Corruption Detaljert complianc gjennomganger av utvalgte områder Systematiserte rapport-data Forbedringsprogrammer