qwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmrtyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyu

Report GCR

18-10-2015

Ivo Saes306533

Inhoud

1. Abstract..........................................................................................................................................3

2. Introduction....................................................................................................................................4

3. Methodology..................................................................................................................................5

4. Governance, risk management and compliance.............................................................................6

5. The new incidents..........................................................................................................................7

5.1 Individual reflection................................................................................................................7

5.2 Selection of 1 new incident....................................................................................................7

6. Conclusions.....................................................................................................................................8

7. References......................................................................................................................................9

8. Appendices...................................................................................................................................10

2

1. Abstract

This report clarifies the usefulness and the importance of GCR in business. By describing the link between Governance, Compliance and Risk Management, related to several incidents, I hope that it is going to be clear of what a good GCR policy contains, and again the usefulness and importance for a company.

Afterwards, there are made some conclusions related to GCR, combined with the incidents.

3

2. Introduction

In business, but also in general life, the principle ‘GRC’ is often applicable. GRC stands for Governance, Risk management and Compliance. Organizations leveraging GRC processes desire to establish a regulatory or internal framework for satisfying governance requirements, evaluate risk across their enterprise and track how the organization complies with the established governance requirements ( EMC, 2011). Basically, it are three pillars that are completely different from each other, but they have to work together for the purpose of assuring that an organization meets its objectives (Kurt F. Reding, etc., 2013)

What you see often, is that the coordination on GRC within enterprises, isn’t very good. They have a good governance policy, but the compliance doesn’t coordinate. Or they have a good compliancy policy, but governance is balanced with that. I think that these are some reasons that enterprises fail in their policy, which has a linearly effect on their business.

In this report is described the GRC-principle and the link within these components.

4

3. Methodology

To write this report and to substantiate my section of GRC and my conclusions, information is used what was given in the lectures by Eric Voerman and Arnd Mehrtens. I have also discussed with my group members, and for the substainting of my opinion concerning the incidents, I have analyzed several cases. Furthermore, I have used several sources which can be seen in the references.

5

4. Governance, risk management and compliance

The business and management in companies, and certainly in multinational companies, can be very complicated. Managers have to deal with several issues, such as the corporate culture, their employees with different cultures and languages,.. After that, they also have to take care of their business, and make sure that the company makes money and grows. Now, to make that a little bit easier, there is a term called ‘governance’, which involves the entirety of policy, rules, responsibilities and processes in a company. It is the overall approach for controlling the business environment and how to give direction to the organization led by our core values and ethics (voluntary boundaries). This includes the various processes, rules, policies and laws that affect the success of a business (Boeren, 2011). Basically, it is a framework for managers how the company works and can deal with several issues.

When I first heard of Governance, I thought it was just a term which was related to the government. So in the next part, I will discuss the difference between governance and government. But there is more. During the research, it became clear that governance is an ambiguous concept. Apparently, there are several forms of governance, depending on the sector or discipline namely: Netwerk Governance, Multi-Level Governance, Social-Political Governance, Deliberative Governance, Good Governance, Global Governance, Governance as New Public Management, Corporate Governance and Economic Governance (Rhodes et al., 2000)

As already said, which I think is really interesting to discuss about, is the difference between governance and government. The words are almost the same, but there is one big difference between government and governance. Government is only one arm of modern society and it derives its legitimacy and powers from its taxes, spending, laws and regulations. To reiterate, the difference between government and governance is that government is only part of the governance of managing our large and complex society ( Weil, 2015).

Risk management, the word says it itself, is the understanding of how a firm has to deal with all sorts of risks. So basically, when a company engages in risk management, they have to have a risk management plan to foresee risks.

Risk are inflicting damage to people, means and organizations. Risk can endanger the continuity. Daily, an enterprise is exposed to al kind of risks. It can endanger an enterprise its market position. Risk management involves controlling risks. For effective risk management, the enterprise has to create the awareness that between the employers that they might always have risks (VRIMS, 2015).

A good risk management process has five steps to deal with, to make sure that every risk can be rectified. The first step is to establish goals. The enterprise has to look at its own and make what are the several risks that a company can have, whereas they can make a difference between strategic risks and operational risks. Strategic risks are related to the goals, for example the products and services of the company, the structure and management of the organization, etc. The operational risks relate to the daily activities, for example financial risks, technical risks, legal risks, liability risks, etc. The second step is the risk-analyse. By means of a analyse, the risks can be mapped out. It is also an effective way to indicate the effect of the risks on the goals (VRIMS, 2015).

6

The third step are the so-called control measurements, which is divided in three parts, namely: avoid the risk, prevent the risk and reduce. The penultimate step is to anchor the risk management-structure. The management of the enterprise has to take the lead in this point. The responsibilities, support and advice are very important issue in this case. The fifth and last step is of course the evaluation. The evaluation is one of the most, if not, the most important task. An evaluation looks after the whole process and the measures. It also helps to find out which adjustments has to be taken (VRIMS, 2015).

There is another term in risk management, namely integral risk management. Integral risk management looks after the mutual coherence, search for commonly backgrounds and is looking to the wider relation. If the enterprise performs the integral risk management well, than there is going to be a better process of circumstances. Eventually, integral risk management is a profit for the enterprise (VRIMS, 2015).

Compliance in general shows how a company or individual works in accordance with the law and regulations. A compliance department overall, has five sorts of key functions. The first is the risk that a company can have, and advise them what to do. The second is prevention, meaning the design and implementation of controls. The third one is monitoring and detection. The next is the resolve of compliance difficults as the occur. The last part is the advisory part.

The concept of compliance is in general to make sure that corporations act responsible (How to learn, 2015). It makes the company obeying all of the legal laws and regulations in regards to how they manage their staff, the business and their treatment towards their consumers.

In the next part, there will be some benefits which the concept of compliance brings into any business.

The first one is the avoidance of criminal charges. In general, there is no business who wants to do criminal activities and wants to have criminal charges for not adhering to the law. But on the other hand, it is hard to follow everything by law, because there are so many different regulations and laws, according of how a company should manage its business. Then we’re talking about several components, such as, the staff, the stock, advertising, engagement when the company buys or sells something, rules on negotiating with costumers, safety rules, how to deal with all kind of risks, etc (How to learn, 2015)

To make sure that the company have a good compliance policy, it’s important that they have two different things. First, they must have a compliance department, headed by a Chief Compliance Officer (CCO), who is responsible for the whole compliance in the entire company. The second thing is a so-called compliance kit, which is software and databases. It will help audit court cases, compliance risk, management factors, performance management and other ( How to learn, 2015)

The second benefit of a good compliance policy, is the building of a positive reputation. Public image is very important for a company. When companies are dealing with criminal activities, the general public will lose their trust in the company and the products they are offering. Eventually, the shares of the company will drop. Then it’s the compliance department, who has to make sure that the company’s image stays positive, and build consumer trust. It’s not only for the consumers. It can also help with sponsors, advertisers and government requirements.

7

The last benefit is the higher productivity in the company. Internal compliance will create a positive environment in the work. The employees wants to work more when they feel safe and well compensated for their efforts. Eventually, internal compliance will be a profit for the company.

The question of how Governance, Risk Management and Compliance are related to each other, is easy to answer: Governance makes the rules, Compliance makes sure that the rules are followed and Risk Management has to solve the incidents that come up when the rules are not achieved very well.

I would like to explain that based on the case of Volkswagen.

One of the biggest car builders in the world is in crisis over its rigging of engine emissions test in America and Europe. The company fitted more than 11 million diesel vehicles worldwide with software that could cheat nitrogen oxide emissions tests. The group halted U.S. sales of 2-liter diesel cars soon after the scandal broke in September, and extended the suspension to include 3-liter vehicles from its Volkswagen, Audi and Porsche ranges ( CNN, 2015)

So in general, in this case it went wrong with the compliance. There are people who must have known that they were doing criminal activities, according to the emission tests. So they brought the company in some horrible circumstances.

Now, what are they going to do with this circumstances? They have stakeholder, employees, customers,..

Volkswagen is exploring options that range from a simple 22 dollar software upgrade to simply buying back the nonconforming cars, scrapping them, and replacing them with new emissions-compliant cars. That second opinion would cost the company billions. Another plan what are considering, is to install bigger catalytic converters that would store and neutralize harmful emissions on the affected cars (Hanley, S., 2015). An analyst at Sanford C. Bernstein Ltd., said in a note to investors: “We need a clear statement from VW and regulators about the European situation.”

Volkswagen will pay an enormous price for those few extra sales they did with the diesel cars in North America, and the extent of the damage can only be guessed at for the moment (Hanley, S., 2015).

Then, the former CEO of Volkswagen, Martin Winterkorn, has apologized for manipulating US diesel emissions tests. In a statement, he said: “I personally am deeply sorry that we have broken the trust of our customers and the public. We will cooperate fully with the responsible agencies, with transparency and urgency, to clearly, openly and completely establish all of the facts of this case.”(DW, 2015)

This is the risk management part. They have made mistakes, but they have to get back the trust of their costumers, and their shareholders, because otherwise, the continuity of the company is in danger.

8

5. The new incidents

During class, we have had 4 incidents we had to deal with. There were all kinds of criminal activities or malfunctions within de organization, and the goal was to figure out what the consequences were for the company and the stakeholders. Afterwards, with the conclusions we have made and the research we did, we had to complete the research question.

A cartel is an agreement between two competing companies to control prices or exclude entry of a new competitor in a market (Sullivan et. Al, 2003).

5.1 Individual reflection

New Incident number 1: Cartel creationDuring our first New Incident we had to deal with the creation of a cartel. Our main competitor announced that they have contacted to European Commission in Brussels and confessed the cartel between them, us and 3 other industry leaders. Our second largest business division was involved in the cartel. We had been part of the cartel for the last 15 years and during this period we charged prices 15% higher than normal.

During our investigation into the cartel creation we found various effects that the cartel has on Unilevers’ consumers, stakeholder and the company itself. Since the European Commission brought Unilever to court, there will be a high change of receiving a fine. When we did research into other cartels, 90% of the companies involved did received a fine so changes are we will be punished the same way. Besides a fine the European Comission may also impose other regulations. Since Unilever is a leader in its industry, the discovery of a cartel will create a lot of (negative) media attention. Consequently, the strong image and reputation of Unilever and its stakeholders will deteriorate. All these effects will likely negatively influence its financial results.

The customers of Unilever will experience the effects of the creation of the cartel. During the cartel, customers paid on average 15% more for their products. After the removal of the cartel, prices will drop which is beneficial for the customers. Because Unilver created a ‘’perfect market’’ with the cartel, they faced little competition and therefore hey did not have the need to innovate. This meant less products to choose from for the consumers. After the deletion of the cartel other companies were able again to compete with Unilevers’ products

The stakeholders are also influenced by the creation of a cartel. Since prices on final goods were raised with 15% this meant a higher profit margin for Unilever. This positively affects the share price and is thus beneficial for the shareholders. After the annaunciation of the cartel, shareprices dropped sharply. Since Unilever has not been honest with the creation of a cartel, stakeholders will find that the company is not transparent, they lost trust in the company. It can take a long time before that trust is regained.

After this thorough investigation we came with solutions that Unilever has to implement to deal with this crisis situation as best as possible. First of all, the CEO of Unilever has to apologize. He must say something like: ‘’I personally am deeply sorry that we have broken the trust of our customers and

9

stakeholders. We will give transparency and full co-operation for the investigation of the European Commission.’’

We based our response on the response of the CEO of Volkswagen. His respond was not a denial but an apology and people appreciated this kind of response.

The co-operation and transparency towards the European Commission will lower the judgment for the company. Together with the fact that it is better to apologize than to deny, we decided to co-operate.

New Incident number 2: Introducing new regulation from the SECThe second New Incident was an interesting one. What would happen if the SEC would introduce a new regulation: The SEC is introducing new regulation which makes both board members as well as supervisory board members personally liable up to 1 billion $ maximum in case one or more of the following events occur:

Creative accounting practices Lack of internal controls or organization Promoting or favouring one shareholder at the expense of another Careless management of the company

This case became a whole lot more interesting when Mr. Voerman announced that there is one answer that is spot on. If a group would come up with the solution that he had in mind this group would receive a ten.

We started off with an example. In light of the recent Volkswagen scandal, we believed that the case appointed to us is strongly related to what happened at the car company and its management decisions. Volkswagen vehicles have been equipped with software that makes sure that the emission is less harmful during a test in a garage, than during normal usage on the road. This will of course positively influence the sales of the cars, since customers view them as environmentally friendly, while they actually aren’t. Since the investigation about who gave order to the implementation of this software is still going on, we do believe that the resigned CEO Mr. Winterkorn knew about the software, or at least put his subordinates under so much pressure that they were forced to come up with a creative solutions like the software. Mr. Winterkorn was able to set these high demands and ask for unconventional measures because, he knew, that whatever happed to the cars or to the company, he would not be personally liable. The consequences that would occur due to his (mis)management would never affect him personally. The worst case scenario would be that he would lose his job. For a man at the end of such a successful career, this would not be a big problem. If these new measures of the SEC were in place while Mr. Winterkorn was CEO, would he have acted differently, knowing that he would receive a fine up to 1 bln $? We firmly believe so.

For Unilever this would mean that the company itself wouldn’t be liable until US$1 billion, however, the Board and the Supervisory Board would be liable, this would mean: A company won’t have the burden of being liable, however it will be governed as if it is liable, because the decision makers have potentially US$1 billion to lose. Possibly, a hierarchy chance would happen at the top management. There will also be a lot more control on the management of the board members. The current board members are to be less important, because of the new law from the SEC. The Governance-, Risk

10

management-, and Compliance-department are going to be more important. Governance decides what has to be done, risk management has to have a back-up plan, and the compliance-department is going to check the whole procedure. Furthermore, we believe that the external stakeholders will only benefit from this new regulation.

Lastly, the solution that Mr. Voerman had in mind was simple, yet very effective and logical. No sane person would consider accepting a job with such risks, unless the company would insure itself against such regulations.

New Incident number 3: EbolaFor the third incident we had to deal with the consequences of the Ebola virus. Namely, The CEO of Sierra Leone Kweke Daramy, who was attending the 3 day obligatory COMPLIANCE course for senior management at our corporate headquarters, fainted at day 3 of the course and was transported by ambulance to the university hospital. Here it was confirmed that he had the EBOLA virus. Notwithstanding round the clock efforts of the whole medical team, one day after being hospitalized Kweke sadly passed away.

For the purpose of this incident we started with investigating the Ebola virus. What is it? What are the effect of the virus? How frequently does the virus appear? How fast will the virus spread after a break out? And how can an outbreak be combated?

In order to inform all employees of Unilever, we released a press release. After medical confirmation that the Ebola virus was identified by Mr. Daramy, we contacted the Ministry of Health and an Contagious Prevention Plan was launched (CPP). Moreover, at the time of the medical confirmation it was our main priority to find and locate the people Mr. Daramy had been in contact with at the corporate headquarters and in the previous 72 hours. Next to that, Unilever expressed its deepest sympathy to the relatives and friends with the loss of Kweke Daramy. Finally, since Unilever wanted to speed up the investigation of the spread of the virus, they highly requested every person who had been in contact with Mr. Daramy during the conference to get in touch with them as soon as possible.

However, Unilever also had to deal with internal hierarchy problems since Mr. Daramy’s position had to be taken over. As well as that there needed to be a backup plan in case more board executives would be affected. Which was likely since it was a conference for all senior management. Whenever other executive directors would be affected, new board members are needed. Therefore, on the short run, Unilever decided that executives of the non-affected headquarters had to take over the day-to-day business of the headquarters where the executives could have been affected by the virus. If an executive would not be able to return to his or her position due to the affection of the virus, their position has to be taken over by a new person as soon as possible.

The convention plan which was launched by the Ministry of Health will not only be applicable to the Ebola virus, it will be applicable to all contagious diseases. The prevention plan is a guideline which can be used by management and employees whenever an incident occurs. It specifically states all the step to be taken and the consequences when these steps are not followed. According to the contagious prevention plan, Mr. Daramy would not have been allowed to attend the conference. The Ebola virus has a high death rate, meaning it would be part of the special cases.

11

New Incident number 4: overstated earningsThe fourth and last incident we had to deal with, was described as: “Last week it became known that your company overstated its earnings by more than 6.3 bln. EURO over the last nine years. “

For this case, we did some research for an example within another company, and its effects. We have also discussed the consequences for Unilever and the impact it will have on the stakeholders. A company who did the same as our company, was Toshiba. It was called as one of the country’s largest corporate accounting scandals. The roots have a lot of similarities with the Volkswagen Scandal. Many leaders of the company knew about the illegal, criminal practices. The findings can lead to hefty fines, board overhaul and the restatement of earnings ( Reuters, 2015).

Now, what will happen with the company and even more important, what will be the impact on the stakeholders of this scandal? The stakeholders will dump their shares on the market because their confidence in the company has fallen. The result is that the values of the shares will decrease and maybe bring Unilever to court. Then there is more supply than demand of shares from Unilever, so that will drop the value even more. Subsequently, the banks will adjust their financial conditions because they are dealing with an organization that has committed a criminal act.

Potential shareholders will be very cautious in the future for buying shares. Another possibility is that they go in discussing with Unilever, to get a refund of the suffered damage.

Unilever must take a look at their company culture and find out why employees found it necessary to inflate the earnings. Eventually, we think that the CEO of Unilever will resign, and other people who knew that they were doing a illegal criminal activity. This is happening all the time when scandals like this are discovered. The advice to Chief Executive Officer will be that he has also have to make a kind of apology. We have an excellent example from the former Chief Executive Officer of Volkswagen: ‘’I personally am deeply sorry that we have broken the trust of our customers and stakeholders. We will give transparency and full co-operation for the investigation.’’ Of course this is a way to minimize their guilt. But there is also another reason: Considering the investigation, it can make a difference for the judge if a company give their full cooperation and transparency.

We based our conclusion and decisions on several previous incident, but the most on the most recent scandal of Volkswagen of course. I think this is the best decision for the company and the shareholders, because the company has to accept that they made a mistake, even more because the Chief Executive Officer and other people from the top management must have known what they were doing and that it was nog legal. And if you as one of the biggest companies in the world, betray your shareholders with inflated earnings, than you must accept your fine and your punishment.

5.2 Selection of 1 new incident

Let’s see what will happen when we take the third incident ( of the ebola incident), and applies that on the Dutch airline company KLM?

The Dutch is one of the biggest employers in the Netherlands, with approximately 32.000 employees. They fly to approximately 130 destinations all over the world for passenger and cargo services. The

12

mission of KLM is clear: They want to take care or a safe, effective and service oriented operation with active attention for sustainability. They attempt to a profitable grow, who not only contributes to the company goals, but also at the economical and social development (KLM, 2015).Their vison is the following: “In the aviation, KLM wants to be the leader by being smarter than other. By the merger with Air France, KLM plays a leading role in the world aviation. KLM wants to be the first choice for customers and employees, an attractive employer for the employees and for the stakeholders a company that grows profitable. Through smart partnerships and leadership, KLM provides global accessibility in new destinations through an extensive network. By responding to market opportunities and technological developments, KLM offers customers a contemporary product (KLM, 2015)

When KLM is affected by Ebola, things going to be different and a lot of measures have to be taken. But what exactly is Ebola, and why is this disease so dangerous?

The Ebola virus is often a fatal illness for humans. It is transmitted from wild animals to humans. It spreads into the population through human-to-human transmission. Ebola is a very dangerous disease, first of all because it’s deadly, but also because it can have a negative influence on the economy and the food can be scarce after a while. In addition, 60 to 90 percent of the people infected with ebola, dies (WHO, 2015)

When for example the CEO of KLM, is infected with ebola, what do you do as company? How do you inform the press, the employees and the stakeholders? But maybe even more important, how do you as a company, make sure that your activities continue?

When this happens, the risk management department has to act. To prevent is always better that to heal. Therefore, the risk management department has developed a policy to prevent these sort of dangers to KLM. This an overall plan, so it is not limited specific to ebola, it will be applicable to all contagious diseases. It is the task of the health department to stay up-to-date with risks. In case an infectious disease is notified in a certain area of an KLM location, a process will be put in place.

How does that prevention plan looks like?

1. The health department asses the probability of the disease penetrating into the company

2. The health department sends out an e-mail to all possibly endangered employees. In this e-mail, the disease is explained as follows:

- What is the disease?

- How can you get infected?

- What can you do to prevent infection?

- What are the symptoms?

3. If someone has a meeting with somebody outside the initial possible endangered area, it is his duty to inform the other parties and to have himself checked by the health department. Falling to do so will have consequences.

13

4. When the employer believes the employee is infected, the employee has to inform the health department. The health department has full authority to make decisions they feel are necessary to prevent an outbreak.

5. When the employee and the health department agree the risk of contagion is completely gone, the employee will be allowed to reenter the workspace again.

- Entering the workspace while not having the permission of the health department will have consequences.

There is one big rule what has to be followed by the whole company: if the infectious disease has a high death rate, all employees must be tested. The amount of times tested, the moment of testing etc. are all decided by the health department in correspondence with the disease.

Often, it is a lot more easy to visualize what you’re trying to say. Below, you can find a moodboard, which explains the above described steps.

As methodology is used the information given in the lectures of Eric Voerman. An example of the used information is the case of the Ebola-case of Unilever.

Furthermore, other sources are used e.g. Ebola. Those sources can be found in the Literature Analyses.

14

6. Conclusion

In this report is described the difference and the link between Governance, Risk Management and Compliance. It is familiar that these three components are in a linear relation with each other. Companies who have a good GRC-policy, are prepared for any risk, can deal with any risk and are able to continue their activities when it goes wrong. With the Volkswagen case, I explained that a good GRC policy is essential for companies.

With the incidents is described several incidents, which in some cases were extremely, but it made clear that a huge multinational has to be prepared, otherwise the continuity of their company can be in danger.

Than there is the case of KLM. It was described with the case of Ebola. I have explained the several steps they have to take with the prevention plan, that has been developed by the Health department. These are the steps that can keep the company healthy when Ebola infects one of the employees. The moodboard is additional, it visualize it.

Finally, we can make one big conclusion: without a good GCR policy, the company is less strong that with a good GCR policy.

15

7. References

 Frequently Asked Questions - Compliance & the Regulatory Environment ICA . 2015. Frequently Asked Questions - Compliance & the Regulatory Environment ICA  . [ONLINE] Available at: http://www.int-comp.org/faqs-compliance-regulatory-environment. [Accessed 22 October 2015].

. 2015. . [ONLINE] Available at:http://www.emc.com/collateral/about/news/ponemon-report-egrc.pdf. [Accessed 03 November 2015].

Governance, Risk & Compliance Software - Open Pages. 2015. Governance, Risk & Compliance Software - Open Pages. [ONLINE] Available at:http://www.performance-ideas.com/2011/09/21/governance-risk-compliance/. [Accessed 03 November 2015]

Kurt F. Reding, Paul J. Sobel, Urton L. Anderson, Michael J. Head, Sridhar Ramamoorti, Mark Salamasick, Cris Riddle (2013), "Internal Auditing: Assurance & Advisory Services"

 2015. . [ONLINE] Available at: http://maartenhajer.nl/upload/RIVM.pdf. [Accessed 04 November 2015].

Government vs. Governance | Frank A. Weil. 2015. Government vs. Governance | Frank A. Weil. [ONLINE] Available at:http://www.huffingtonpost.com/frank-a-weil/government-vs-governance_b_6858646.html. [Accessed 04 November 2015].

VRIMS. 2015. VRIMS. [ONLINE] Available at:http://www.riskmanagement.nl/vijfst.htm. [Accessed 04 November 2015].

Importance Of Compliance In Business | HowToLearn.com. 2015. Importance Of Compliance In Business | HowToLearn.com. [ONLINE] Available at:http://www.howtolearn.com/2012/08/importance-of-compliance-in-business/. [Accessed 05 November 2015]

Sullivan, Arthur; Steven M. Sheffrin (2003). Economics: Principles in action. Upper Saddle River, New Jersey 07458: Pearson Prentice Hall. p. 171. ISBN 0-13-063085-3

Toshiba inflated profits by $1.2 billion with top execs' knowledge: investigation | Reuters . 2015. Toshiba inflated profits by $1.2 billion with top execs' knowledge: investigation | Reuters  . [ONLINE] Available at:http://www.reuters.com/article/2015/07/20/us-toshiba-accounting-idUSKCN0PU0E920150720. [Accessed 05 November 2015]

KLM - Missie en visie. 2015. KLM - Missie en visie. [ONLINE] Available at:http://www.missieenvisie.nl/klm/. [Accessed 05 November 2015]

WHO | Ebola virus disease. 2015. WHO | Ebola virus disease. [ONLINE] Available at: http://www.who.int/mediacentre/factsheets/fs103/en/. [Accessed 10 October 2015].

Volkswagen scandal...in two minutes - Sep. 28, 2015 . 2015. Volkswagen scandal...in two minutes - Sep. 28, 2015  . [ONLINE] Available at:http://money.cnn.com/2015/09/28/news/companies/volkswagen-scandal-two-minutes/. [Accessed 05 November 2015]

16

How Will Volkswagen Go About Fixing its Dirty Cars?. 2015. How Will Volkswagen Go About Fixing its Dirty Cars?. [ONLINE] Available at:http://gas2.org/2015/10/06/dieselgate-will-volkswagen-fix-cheating-cars/. [Accessed 05 November 2015]

Volkswagen CEO apologizes for cheating | Business | DW.COM | 20.09.2015. 2015. Volkswagen CEO apologizes for cheating | Business | DW.COM | 20.09.2015. [ONLINE] Available at: http://www.dw.com/en/volkswagen-ceo-apologizes-for-cheating/a-18726156. [Accessed 05 November 2015]

17

8. Appendices

18