Upholding the highest business standards, and applying them rigorously.
In every transaction at every level, it’s imperative that we do the right thing. All stakeholders, including our customers, shareholders and employees deserve nothing less than unconditional excellence. As our business evolves, we continue to evaluate and update our compliance and ethics policies to address our risks and to provide appropriate guidance for our employees and business partners.
Our code of business conduct and ethics provides the framework for honest and ethical conduct within our company. Our CCEO and CEO review our code annually, prior to final review and approval by our board. As part of our annual compliance and ethics training, all eligible employees certify that they have received, understand and agree to adhere to the code.
We work with suppliers who meet our standards of ethical business conduct and require suppliers to comply with all applicable laws, including labor and health, safety and environmental laws. We conduct risk assessments of suppliers during the prequalification process and provide our expectations in the areas of environmental stewardship, health and safety and regulatory compliance in our supplier code of conduct. We monitor our suppliers on a range of issues including regulatory compliance and financial stability. Collectively, these policies support our employees, contractors and business partners in maintaining the highest levels of conduct and ethics.
Anti-Bribery and Corruption Policy
Cheniere has established executive and Board-level oversight of the Anti-Bribery and Corruption Program. Cheniere’s Code of Business Conduct and Ethics and Anti-Corruption and Economic Sanctions Policy govern the Anti-Bribery and Corruption Program. The Chief Compliance & Ethics officer is responsible for developing these policies, which are reviewed by the Audit Committee of the Board, as well as approved by the Chief Executive Officer (CEO) and General Counsel. Further, the Chief Compliance & Ethics Officer provides monthly updates to the Global Risk Committee and quarterly updates to the Audit Committee of the Board and Cheniere’s Leadership Team, including the CEO, on the Anti-Bribery and Corruption Program. Cheniere has a robust due diligence process for the Anti-Bribery and Corruption Program and closely monitors compliance. Each director, officer, and employee are required to certify annually to the Company that he or she acknowledges receipt of, understands and agrees to be bound by, and comply in full with, the Code of Business Conduct. All new employees must sign a statement of agreement to be bound by this Code. Cheniere’s Anti-Bribery and Corruption Program is independently audited on an annual basis.
All employees are required to undergo anti-bribery and corruption compliance training at the start of their employment and, at a minimum, annually thereafter. Completion of all required training by the given deadline is included in the 2018 performance goals of all employees. A director, officer or employee may not personally benefit from their relationship or employment with the Company except through compensation received directly from the Company. Directors, officers and employees are strictly forbidden from offering, promising, or giving money, gifts, loans, rewards, favors or anything of value to any governmental official, employee, agent or other intermediary (either inside or outside the United States) that is prohibited by law. Those paying a bribe may subject the Company and themselves to civil and criminal penalties. When dealing with government customers or officials, no improper payments will be tolerated. The Company prohibits improper payments in all of its activities, whether these activities are with governments or in the private sector.
If an employee observes a violation of our code or policies, they have been trained to contact their supervisor or human resources representative. Employees may also report concerns confidentially with the option to remain anonymous, through our hotline which ensures that all ethics and compliance-related communications are managed in accordance with applicable legal protections. Employees are also able to report concerns via email. We explicitly prohibit any form of retaliation against employees who make good-faith complaints, report a violation of our code or report other illegal activities.
Cheniere’s IT Security Policy follows an identify, assess and mitigate approach to cybersecurity, in alignment with the National Institute of Standards Technology (NIST) Cybersecurity Framework (CSF). We conduct regular internal audits and risk strategy sessions to assess cybersecurity threats and respond accordingly. To complement this effort, Cheniere contracts with third parties to perform facility and system penetration tests, compromise assessments and security maturity assessments of both our corporate and operational networks.
Under the oversight of Cheniere’s Vice President and Chief Security Risk Officer (VP-CSRO), our Chief Information Security Officer (CISO) manages the technology security team. This team is responsible for maintaining our technology defense posture and program, educating and informing Cheniere’s users of information security risks and how to best avoid them, and developing end-to-end incident response and recovery plans throughout the company. Our CSRO and CISO report cybersecurity issues and performance to the board several times a year.
On an annual basis Cheniere conducts comprehensive cybersecurity training for its personnel to assist them in identifying and mitigating cybersecurity and data security threats.