Overview

Corporate Governance

Vitol is committed to high standards of corporate governance. Our governance framework and controls have been developed to take account of the nature of our business and the ownership model.

Ownership
Vitol’s holding company is incorporated in the Netherlands where Vitol was founded in 1966. Since inception, Vitol has been employee-owned. Today it is owned by circa 450 employees, with no single shareholder holding more than 5%. Vitol believes that this broad employee ownership ensures that the interests of key employees are aligned with its long-term interests, fostering a responsible and cautious approach to risk.

Governance
Vitol is led by a board and management team, headed up by CEO, Russell Hardy. Its members are responsible for both the commercial business and core business critical functions. In addition to the business’s financial performance, the board is responsible for setting purpose, ethos and strategy. Major decisions, such as investments or participation in a financing arrangement where Vitol’s capital is put at risk, are governed by established protocols that assess the financial implications, as well as considering broader issues such as reputational risk and ESG impact. To ensure proper governance Vitol has shareholder representatives, elected by the non-board shareholders, who participate in board meetings and communicate decisions to the wider group.

Enterprise risk management

A number of functions exist in Vitol to mitigate the risks of the business. These functions report regularly to the board and include specialised and experienced employees. To ensure oversight is in full alignment with Vitol’s ethos, each of these functions reports directly to a board member.

Vitol has a careful and considered approach to risk. It believes its ownership structure encourages a long-term outlook and that the proprietary systems which underpin the business and are developed and built in its Geneva hub, enable it to manage enterprise and market risk across its global operations.

Capturing, assessing and monitoring ESG risk
The board is ultimately responsible for ESG risk and approves all material ESG decisions, but day-to-day oversight has been delegated to the ESG committee.

ESG committee
The ESG committee is responsible for reviewing and considering the ESG impacts of the business. The ESG committee meets approximately every six weeks, with quarterly reporting to the board. Three board members are members of the ESG committee. Its members comprise: the Chief Financial Officer (CFO), the Chief Information Officer (CIO), head of Vitol Asia, head of business development Vitol Asia, head of E&S, head of compliance, the chief of staff, head of communications, treasurer and the Chief Operating Officer (COO) of Vitol Inc. All employees are expected to consider the ESG implications of the business’s activities and to raise any queries or concerns with the head of E&S or the committee.

The group E&S department oversees and manages an ESG risk register which covers a number of material environmental and social risks, some of which relate to climate change. Risks are identified in the course of business activities or as part of discussions in the groups outlined in the climate risk governance section and added to the register.

All ESG risks are assessed using Vitol’s risk assessment matrix, which allows risk of all natures to be compared with one another in terms of significance and materiality e.g. comparing a climate-related risk with a social or a process safety risk. The risk assessment matrix is used to assess likelihood (from very likely to very unlikely) and also a range of potential consequences (health & personal safety, process safety, human rights and community, reputation, environment and financial impacts on a graduated scale from $0 to > $200M). Risks are assessed both quantitatively and qualitatively. If multiple consequences are highlighted, Vitol takes the one with the highest potential consequence. The risk register contains a broad set of current, emerging and potential future ESG risks including those related to regulation, but focusses on materiality to Vitol.

In the controlled and non-controlled companies in which we are invested the approach varies. More granular and technical risk registers are managed, reviewed and updated periodically at some of the companies in which Vitol is invested. This includes emerging risk relating to emissions as well as other ESG risks. Vitol will continue to focus on this in the coming years.

Market risk
Market risk exposure arises from the core business of physical delivery and price arbitrage. Vitol aims to maintain a conservative approach to market risk, addressing the volatility inherent in the commodity markets with business policies and practices based on sound risk management and capital preservation. This includes the hedging of directional price risk where possible. The market risk function is independent and reports directly to the board. Its role is to assist the trading desks in analysing and managing their risk to ensure there is an accurate, real-time picture of trading positions.

Operational risk
Vitol takes an active role in the oversight and, where possible, management of any investment in which Vitol holds equity, regardless of how small the stake. For material holdings, Vitol seeks board representation. In terms of physical operations, e.g. shipping, barging, railcar movements and trucking, a risk-based approach to the management of operational risk is adopted.

Credit risk
Trading is conducted on an unsecured basis only with the most reliable counterparties. Counterparty credit lines and country risk are managed by the credit function within the finance team.

Financial risk
Vitol uses the bank and capital markets for working capital and general corporate requirements, managed from our global treasury headquarters in Switzerland. Vitol holds a significant shareholders’ equity balance relative to the size of its business and the carrying value of its debt and working capital requirements. For the past 10 years, Vitol has maintained an investment-grade corporate credit rating due to its highly liquid balance sheet, conservative capital structure, and prudent risk management.

Cyber risk
The cyber security programme’s objectives are to protect Vitol and facilitate new opportunities, while reducing the risk of exposure to cyber-attacks or data privacy incidents. The cyber strategy is driven by industry best practice objectives of “Confidentiality, Integrity and Availability”, delivered via the three pillars of governance, technology and employees. Metrics are presented to the board every quarter.

Legal risk
Legal risk is the risk arising from non-compliance with legal and regulatory requirements including, in Vitol’s case, the risks arising from violations of laws and regulations concerning sanctions, anti-bribery and corruption, market conduct, competition law and the environment. A failure to comply with these could result in significant reputational damage, as well as financial and other penalties which may impact the business’s ability to trade. The management of legal risk is led by the Chief Legal Officer, with the full support of the board.

Environmental & Social governance

Vitol created the three-year E&S strategy in 2019, which is updated at the end of each calendar year. It comprises six core pillars.

Environmental & Social Governance

The Vitol E&S framework
Since its inception, Vitol has been focused on the safety and environmental risks associated with its operations. We have also invested in physical assets with diverse E&S standards. Some of our assets are majority owned and controlled and others via partnerships or minority stakes.

Vitol’s E&S framework covers all business activities and sets out Vitol’s beliefs and requirements. Vitol expects companies in which we have a shareholding to follow these or similar standards, but recognises our influence will be commensurate with our shareholding. The E&S framework sets out the requirement for KPIs covering E&S related metrics to be submitted to Vitol.

During 2021 we continued to work with current and newly acquired businesses to implement and embed the requirements of the E&S framework and support our investments from an ESG perspective. This is an ongoing and continuous process and also forms one of the underpinning blocks of our ESG audit programme.

Additional procedures sit beneath the E&S framework, e.g. Vitol E&S management obligations, which provide internal guidance on how to apply it to business activities. Proprietary standards were created to cover some of the key risks faced in the industry, such as truck vetting or the selection and management of contractors and suppliers and to provide guidance where required by our investments. Vitol continues to add to these procedures and standards as needed.

E&S performance monitoring
Vitol has more than 40 KPIs covering human resources, personal safety, process safety, environment, auditing, human rights, security and community topics. Monitoring KPIs enables Vitol to understand performance and take appropriate action, report performance to the ESG committee and the board, and adjust the ESG audit programme as appropriate.

E&S KPIs are aligned with relevant industry-accepted definitions such as those of the American Petroleum Institute (API), the US Occupational Safety & Health Administration (OSHA), the IOGP and the WBCSD. During 2021, all E&S KPIs submitted to Vitol in the prior three years were validated to ensure data accuracy and allow appropriate targets to be established.

In terms of KPI reporting, Vitol does not differentiate between investments based on operational control. We need to understand and monitor the performance of any investment in which we hold shares. All investments with operational activities (e.g. a refinery, retail stations, a pipeline, a windfarm, solar infrastructure) where Vitol holds an equity interest must report the relevant E&S KPIs regardless of how small the percentage of equity ownership. Over 50 businesses are reporting data on a quarterly basis via Vitol’s web-based E&S platform. We also include relevant data from our office-based staff in these statistics. During 2021 we have also worked to include KPI data from some operations across different geographies such as in Latin America and East Africa. We will continue to broaden this out and include data from operations going forward.

On-site E&S governance audit programme
Vitol first implemented a formal risk-based E&S audit programme across all investments in which it holds any equity in 2019. Each year, site visits across investment companies are assessed against the E&S framework and a bespoke audit protocol. The duration of each audit depends on factors such as location, asset complexity, geographic profile and risk. Third-party advisers are used where required to bring an independent or specialist perspective to these reviews.

During 2021 we updated the risk assessment methodology that feeds the five-year ESG audit programme, by incorporating additional indices: The Corruption Perception Index, the Environmental Performance Index, the Fragile State Index and the International Trade Union Confederation (ITUC) Labour Rights Index. The output is a risk score covering both operational and country risk for each investment. The risk assessment is undertaken every two years.

ESG Audit Programme: Risk Assessment Methodology



Scope & approach

1 Country risk is assessed where operations take place (not where the company is registered)



The same process is followed for each audit: the completion of an E&S questionnaire supplemented with on-site testing to ensure the robustness of controls. Any observations are ranked against the Vitol risk matrix, discussed with local and Vitol management, recommendations for improvements made and timelines agreed. A final report is sent to the investment management team, the ESG committee and the relevant Vitol board members for the specific investment. E&S findings of particular concern are reported to the board, and the head of E&S will work with the relevant department or company to implement the required changes. Observations are followed up quarterly by the Vitol E&S department.

The Covid pandemic and consequent travel restrictions disrupted the delivery of the 2021 audit schedule. It led to a greater reliance on locally-based external consultants and site visits being postponed. Four audits were undertaken in 2021 across LatRosTrans, LSC, Ventspils nafta terminals (VNT) in Latvia and Liquind GmbH in Germany.

Vitol’s E&S department undertakes additional ad-hoc assurance and advisory work to support matrices and operations, e.g. for new business activities or when entering into new jurisdictions.

Incident management
Vitol has a formal incident management process which covers major incidents. It also includes links to function-specific response plans for areas such as IT security and cyber risk, or physical asset categories such as shipping or upstream. Vitol’s incident management system ensures any incident outside of the E&S platform is captured in real time. Typically, these relate to minor and common shipping incidents. Reported incidents are communicated to the global incident management committee immediately. This comprises legal, compliance, operations, E&S, management, insurance managers plus the Vitol CEO. This system provides 24-hour, 365-day coverage. The incident management process was updated during 2021.

Environmental & Social due diligence
Vitol undertakes environmental and social due diligence on all potential acquisitions, and uses external consultants as necessary. Its scope will depend on various risk factors: location, previous owners, operating partners, the risk to rightsholders, as well as business activities and other factors.

Networking and training

The Vitol E&S network acts as a sounding board for E&S, CSR (Corporate Social Responsibility) and ESG managers from the investment companies. They can seek advice from peers, raise concerns and share results from incident investigations. We continue to add employees to this network from the companies in which we are invested.

The Vitol E&S department continues to develop tailored training to relevant internal stakeholders. Some examples are contained within this report. The E&S function, along with our Houston operations department, provided tailored ESG related training to approximately 13% of Vitol employees during 2021. Specific training regarding governance was also provided to all EMEA new joiners.

Compliance

The compliance programme is a key pillar underpinning Vitol’s commitment to the highest standards of corporate responsibility and to doing business with integrity. It is designed to reflect the high standard of ethics to which Vitol holds itself, the complex and multi-faceted business in which it operates and to ensure compliance with appropriate laws, regulations and international standards. The compliance programme is continuously reviewed and enhanced, alongside policies, processes and controls, to meet evolving compliance needs.

Compliance governance

To manage compliance risk effectively, a robust governance structure has been established. It is led by the board, supported by the compliance committee and managed daily by the regional compliance teams led by the head of compliance.

The compliance committee is chaired by the CEO. It supports the board and the management in the fulfilment of their compliance responsibilities, which include demonstrating the effectiveness of compliance with respect to regulatory, corporate and reputational compliance risks. Its remit is global and it advises and assists in the development, implementation and ongoing oversight of the compliance programme.

The compliance programme is implemented by the compliance team supported, when required, by the compliance working group (CWG). The CWG was created to provide technical expertise from multi-disciplines within the business and support functions. The group meets on an ad hoc basis, as needed, to advise on proposed new policies, changes being considered to existing policies or procedures from the perspective of impacted business lines and administrative functions. It supports specific initiatives and provides a dedicated group outside the compliance team to review and champion compliance activities.

The global compliance team comprises 17 experienced professionals in London, Houston, and Singapore. In addition to these dedicated compliance professionals, Vitol has implemented a programme to create 39 ‘compliance champions’ in local offices and Vitol-controlled businesses that do not otherwise have compliance personnel. The compliance champions programme is designed to make compliance more accessible on the ground, as well as to send feedback to compliance about local compliance challenges. In addition, compliance liaises with, and draws additional resources from, other risk functions to ensure an integrated approach to implementing the compliance programme.

Our key policies are highlighted below:

Know Your Customer (KYC) Policy
The policy has been designed based on the Joint Money Laundering Steering Group (JMLSG) guidance. In addition, the policy and related controls use resources and recommendations from international standards such as the OECD and UN Principles, as well as Transparency International’s Corruption Perception Index, Know Your Country Rating and Control Risks Corruption Index.

The policy aligns with the highest standards in KYC, requiring the beneficial owners of a company to be disclosed, with no minimum threshold of ownership. It also requires the disclosure of board members and, in certain circumstances, the list of the approved signatories. This enables Vitol to understand its exposure to sanctions, state ownership and public officials.

Anti‐Bribery and Corruption (ABC) Policy
The policy was designed using resources such as the UK Ministry of Justice and the US Department of Justice guidelines, as well as international standards published by the OECD and the UN. It was designed following an extensive process to map the ABC risks Vitol faces globally, and takes into consideration its activities, countries of operation, the way Vitol transacts, how it manages its relationships with its intermediaries and its trading counterparties.

Sanctions policy
The principal objective of Vitol’s sanctions policy is to ensure compliance with relevant laws and provide a framework for employees to seek advice from compliance and legal in relation to a transaction or potential transaction.

Changes to all relevant sanction regimes, including but not limited to US OFAC, EU Official Journal, Swiss SECO, and UK HM Treasury are monitored and tracked on a daily basis.

Training
Training is essential to the implementation of the compliance framework. The compliance teams are responsible for developing and implementing a training programme which covers key compliance risks, as well as the technical, complex and ever-changing nature of the laws and regulations that govern our business. Because different roles and jurisdictions have different compliance requirements, training is tailored as required and uses online tools as well as face-to-face classroom method of delivery.

Monitoring
Compliance has a mandate to monitor and evaluate the programme. This monitoring aims to identify the effectiveness of controls and reduces the risks of breaches of laws, regulations or procedures. The frequency and extent of the monitoring is risk-based. When monitoring or audits detect weaknesses with the programme, the appropriate corrective action is taken.

Reporting and managing breaches
All employees are shielded by our commitment to protect whistleblowers. Employees are required to report any breach, or the risk of any breach, of Vitol policy. We have in place a global integrity hotline. Operated by an independent third party, the hotline enables employees to raise any issues of concern with senior management, anonymously and in confidence.

The compliance programme



The Compliance Programme

INTERVIEW

Odile Roy de Puyfontaine, head of compliance

I’m Odile Roy de Puyfontaine, and I’ve been at Vitol for the last 12 years. I’ve always specialised in commodities compliance and have over 25 years’ experience in this industry.

Odile Roy de Puyfontaine

Whilst I’ve been in position, our compliance operations have grown to become a global function. For me, compliance is about enabling the business, supporting our people to assess risk and make the right decisions for them and the company.

What is a compliance culture?
A lot of people believe that having a compliance culture is a matter of following rules, rules which compliance teams articulate and enforce. But if the reality of compliance is transposed outside of a working environment, then it’s clear that all of us make daily decisions with some concept of compliance. Some of that is driven by the law; we all abide by parameters that society has set for us. But some of it is driven by ethical values we use to decide whether we should cross predetermined boundaries. I see our compliance culture at Vitol as an ethical compass that helps colleagues interpret business decisions in the best interests of the organisation and each other.

How does a compliance culture manifest in practice?
As part of our compliance new joiner training at Vitol, we use a driving analogy. You are taught how to drive, you pass your test and then on the first trip it’s up to you to decide whether you’re going to break the speed limit or whether you will follow what you’ve been taught. It becomes your decision whether you’re willing to risk your safety, that of the people in your car and the people around you. In our day-to-day lives, we learn that we don’t make decisions in isolation and in business I see this as a vital role of the compliance function. This means that whilst we empower colleagues to take decisions, we encourage them to think about how their decisions impact other people, the reputation of the company and the legacy that they will leave behind. Our leadership team strongly believe in this and set the culture from the very top: that we operate as a collective. Vitol is a flat-structured organisation and therefore there is also a heightened sense of responsibility in our middle management positions to accurately cascade our cultural values across our teams.

What challenges does the company’s culture present for you and your team?
Vitol’s culture is unique. It’s highly entrepreneurial and agile. The compliance teams’ challenge is to ensure that the company’s bottom line is not driven solely by commercial impetus. There is such a thing as a bad transaction and our role is to make sure that this is ingrained in our decision making. It takes time to implement such an approach and compliance is not about quick wins. We are pragmatic and we want to achieve sustainable changes.

How do you communicate the compliance culture?
The key to communicating our compliance culture successfully is positivity. I’ve seen significant culture changes over the last 25 years in how compliance communicates. We have gone from a “see what happens when someone has done the wrong thing” message to a “look at all the benefits that flow from doing the right thing” approach to communicating compliance. This has helped change the idea that compliance is the “business prevention unit” to compliance as a “business enabler”. One of the core ways Vitol has embedded compliance into its operations is by articulating all the ways we have been successful by doing things in the right way. Ensuring that compliance frames the way we conduct business makes us a reliable, professional company who partners want to engage with and people want to join. By focusing on the commercial benefits, we have been able to raise the profile of compliance within the organisation not just as a necessary partner but a strategic one, which generates greater impact because our colleagues want to engage with us.

What particular challenges do you face at present?
Our business, and the people who make up that business are changing. We’ve expanded into new areas in the last two years and its compliance’s role to bring new colleagues on board and help explain who we are and what our company values are. In addition, we need to understand and adapt to the compliance challenges and risk these new businesses bring, as well as to the expectations of the new generation and how they view compliance culture in their company. This is a very interesting new horizon for the team. which is getting stronger year-on-year. We have a global team of colleagues who have a shared ethos around what compliance is and how we can support the business.

What plans do you have for the future?
Over the next few years we are going to expand our communication and reinforce our key messages globally. We’re looking at how we can diversify the platforms we use to communicate to the organisation, particularly the new generation that we are hiring. Consistency is vital, regardless of whether you join in London, Beijing or Lagos, the tools available to you to use, and how the company’s expectations of you are communicated need to be the same. We owe it to our colleagues to provide them with what they need to succeed because that is the only way Vitol will succeed as well.