Management processes that meet and adhere to international standards
Constantly improving the efficiency of corporate governance and production management is the most effective way to ensure customer satisfaction, enhance competitiveness and provide sustainable benefits to stakeholders. Moreover, this is an indispensable tool for ensuring compliance and achieving FPT’s sustainable development goals according to international standards.
In 2021, FPT continuously implemented the OKR management method throughout the Corporation. The OKR methodology helped maintain the consistency between personal targets and the objectives of their department, subsidiary, and the entire Corporation. It contributed to improving operational efficiency and labor productivity. Objectives and key results of the Corporation, its subsidiaries, functional departments, and every employee were measured, updated, and monitored by the OKR online management tool to accurately track goal completion levels while adhering to the annual targets.
In addition, FPT and each core business area also achieved prestigious international standard certifications.
Operating sector | Certifications |
The Corporation |
|
Technology |
|
Telecommunications |
|
Education |
|
Data management
The collection, processing, storage, and protection of data were uniformly regulated throughout the Corporation to ensure four factors, including:
04 factors to ensure
- Comply with legal data protection requirements and practices.
- Protect the legitimate interests of data subjects.
- Protect data processing from risks of data breaches.
- Protect the Organization from the risks of reputational loss.
07 principles to follow
- Legality: Data must be processed to the extent required by law.
- Right purposes: Data is processed only for the registered and approved legitimate purposes.
- Minimalist: Data is processed only to the extent necessary to achieve the specified purpose.
- Restricted Use: Data is only used with the consent of the data subject or approval by the authority.
- Accuracy and integrity: Data must be appropriately handled based on respecting the accuracy of the data, legitimate rights, and interests of the data subject.
- Confidentiality: The data is protected with protection measures during processing.
- Storage: Data processing records need to be archived for legitimate query purposes.
FPT’s data management model is defined to ensure the following factors simultaneously:
- Leadership is committed to the highest levels of data collection, processing, storage, and use.
- Authoritative determination of the Corporation’s data-related decisions.
- Defining standards, procedures, and processes to guide the management and exploitation of data.
- Identifying technology and infrastructure to be used uniformly in the Group to ensure safety and security when exploiting data.
- Strictly enforcing relevant policies issued throughout the Corporation.
- Monitoring compliance and identifying risks in the event of data leaks.
In addition, at the Corporation or subsidiaries, we all have specialized departments to ensure customer privacy and security. As a result, we are highly aware and seriously protect customers’ data safety.
Response plans when data security incidents arise fully adhere at two levels:
- Prevention: Based on understanding the root causes, prevention plans will also be devised and strictly enforced.
- Fix: Immediately, security breaches will be prevented, highly specialized security departments will remedy security holes. Impact assessment to check relevant data areas will also be performed to avoid spreading out the risk.
The critical point of all the above data safety plans is that all procedures and actions are systematically designed throughout the Corporation. The tasks and responsibilities of each department are strictly controlled, monitored and reported.
Risk management
Despite the complicated developments of the pandemic, the effective operation results and social contributions throughout 2021 show that FPT has been successful in its risk management efforts, especially risks related to the sustainable development of the Corporation and the community. With the preparation of policies, human resources, finance, and technology infrastructure from 2020, FPT has ensured the health of personnel and working performance, helping to increase revenue and profit respectively 19,5%, and 20.4%.
Depending on the characteristics of each business sector, the risk management framework will be directed, approved, and improved by the CEO every year. For sustainable development, FPT identified four core risk groups.
Strategic risks
Type | Risk management measures |
Strategic risks |
|
Competitive threats |
|
Operational risks
Type | Risk management measures |
Risks of information disclosure |
|
Human resources risks |
|
Reputation/brand risk |
|
Cybersecurity risks |
|
Financial risks
Type | Risk management measures |
Exchange rate risk |
|
Business risks |
|
Regulatory risks
Type | Risk management measures |
Regulatory risks |
|
Corruption and tax risk management
FPT Corporation always takes precautions against conflicts of interest and strictly handles any violations of financial discipline. To avoid conflicts, it requires employees to practice the following codes of conduct voluntarily:
- Avoid conflicts of interest in outside business investment activities, affecting decision-making and negatively affecting the interests of the Corporation.
- Avoid conflicts of interest with investment activities of employees’ relatives. Employees must declare to the Corporation and report to their Direct Managers if any of their relatives contribute capital/ hold executive positions at enterprises as our customers, suppliers, or competitors.
- Be transparent in the selection and management of human resources, based on clear criteria of capacity, experience, and appropriate skills.
Anti-corruption and fraud policy
As one of the large-scale enterprises operating in many countries, FPT has developed a policy and a code of conduct to ensure that personnel at all levels and departments comply with legal regulations on anti-corruption:
- All gifts sent to relevant authorities, partners, or third parties are required to be approved in writing by the legal and compliance control department.
- Continually organizing personnel training globally on the code of conduct, especially on corruption issues and conflicts of interest between FPT and third parties.
- Establishing a specialized department and defining a process for receiving and handling reports of violations of anti-corruption and fraud policies, strictly complying with the regulations of the Corporation.
FPT always complies with all strict tax regulations in Vietnam and the countries and territories worldwide. It has built a transparent and effective management system and promoted the digital transformation of the internal financial and accounting system. In addition, FPT continuously organized internal inspection and control meetings to ensure the compliance of the entire system with relevant local tax regulations and related industries.
Anti-corruption policy for suppliers
FPT, together with its direct and indirect subsidiaries, has a zero-tolerance policy against bribery and corruption of any kind. The purchase of goods and services and the selection of suppliers should be made based on actual needs. Quality, price, and criteria are determined in a specific and reasonable way and must put the organizational interests first. FPT also expects customers and suppliers to behave in a civilized manner, comply with the law, and in accordance with the following principles:
- Do not directly/indirectly offer, promise or authorize payment of any money or material benefits to any FPT employee, leader, or third party to secure improper advantage;
- Do not suggest, solicit, accept any money material benefits from employees, leaders, or any other third party in exchange for improper advantages;
- Do not instigate or assist others in violating the above policies. If any violation is detected, it should be reported immediately to FPT and related parties;
- Suppliers should keep accurate and complete documents, records, and books for future retrieval. Invoices should fully be kept with receipts and other supporting documentation for any expenses paid on behalf of FPT.
In the event that FPT reasonably suspects any supplier has violated this policy term, it may terminate/restrict the business relationship with the supplier. In addition, any FPT employee or leader found to be infringing or assisting others to violate the above principles may be subject to appropriate disciplinary action.
Internal control
In order to improve the governance capacity of FPT and its subsidiaries, ensuring transparency and the interests of shareholders and stakeholders, FPT designed an internal control system in compliance with relevant legal regulations and in reference to international standards.
Internal control model
Subject | Responsibility |
CEO |
|
Head of Compliance Monitoring Board |
|
Chief Quality Officer |
|
Head of functional departments |
|
To ensure practical internal control activities and minimize risks mainly related to sustainable development, FPT also developed a detailed plan for the operation of the internal control apparatus. Accordingly, the Head of Compliance Monitoring Board, the Chief Quality Officer, and the Heads of functional divisions are responsible for developing a compliance control plan corresponding to the scope/area.
At the same time, to review the system to make timely adjustments, FPT will implement unscheduled control sessions depending on the business situation.
During the year, FPT implemented key control activities, including:
- Consolidate the internal control system and risk management policy throughout the Corporation.
- Supervise the compliance with legal regulations in the management and operation of production and business activities of the Corporation and its subsidiaries.
- Coordinate with specialized divisions to implement irregular and periodical control sessions.
- Supervise activities between FPT/subsidiaries and its suppliers/partners to ensure transparency in the spirit of mutually beneficial cooperation and risk prevention.
- Propose solutions to manage potential risks that may occur in operations.