Environmental, Social & Governance
SoftwareOne’s Environmental, Social & Governance (ESG) programme was created with a passion for our people, our communities, and our planet at its core. Building on the success of ongoing local and regional initiatives across the company, our global programme was expanded in 2022 to create an ESG strategy and vision which would allow for it to be embedded across SoftwareOne’s business.
Our first ESG report will be published in H2 2023. This report will provide further detail on our ESG strategy, upcoming initiatives, 2030 ambitions and current progress, including our carbon footprint and associated reduction targets and measures. The report will align with the international reporting standard, Global Reporting Initiative (GRI), to support our growing efforts and contributions to Environmental, Social and Governance (ESG).
ESG programme & vision
Our ESG programme was further developed in 2022 based on four key elements:
- Engaging with our stakeholders for a people-centric approach to our goals.
- Identifying and assessing material topics and how these issues are important to SoftwareOne, our business and our clients.
- Developing ambitious ESG goals that align with our business objectives.
- Creating tangible initiatives and defining roadmaps to deliver on our promises effectively and efficiently.
Materiality assessment & ambitions
As we continued our materiality assessment in 2022, it was crucial to align every step of our journey to the priorities and passions of our employees, clients, investors and other stakeholders, not only to ensure that their needs are met, but also to drive further engagement. With the support of an external advisor, the assessment was completed in four stages:
- Identifying our key stakeholders
- Benchmarking our organisation against the technical materiality requirements of our peers
- Discuss, interview and assess these material topics with our stakeholders to understand their impact
- Analysing these results to create a materiality matrix which maps the impact on our stakeholders to the relevance of SoftwareOne’s business.
Five key areas stood out as important to all our stakeholders, thereby contributing to shaping our programme and upcoming strategy, vision and ambitions in alignment with the United Nations Sustainable Development Goals (UN SDGs):
Our ESG governance structure
To ensure the success of our global ESG programme, a dedicated sub-committee of the Board of Directors was established. This ESG Committee (ESGC) consists of three Board members, Isabelle Romy (chairwoman), Daniel von Stockar and José Duarte, and Dieter Schlosser, CEO. The ESG Team consists of our full-time staff to manage and oversee the strategy and programme.
Three further committees were created, focusing on the five ESG ambitions:
- The Global Environmental committee is chaired by our President of Services, Bernd Schlotter, and comprises business representatives from Sales, Services, local green initiative representatives, GreenOps and MTWO colleagues.
- The Global Social committee is chaired by our Chief HR Officer, Julia Braun, and comprises business representatives from Sales, The Academy, OneImpact, Compliance and Marketing.
- The Global Governance committee is chaired by our Chief Legal Officer, Frank Rossini, and comprises business representatives from Sales, Compliance, Investor Relations, Data Privacy and Cyber Security.
Comprehensively embedding and aligning our ESG strategy with SoftwareOne’s overall strategy was always our aim. To achieve this, we took a three-fold approach: we integrated our Materiality Matrix into our enterprise risk management process, incorporated ESG priorities into management KPIs and finally we will fully align our ESG reporting with local and international reporting standards and regulations.
ESG governance structure
Ongoing programmes and the alignment of our ESG programme with the UN SDGs
1. Being climate responsible at SoftwareOne
As a software company it is our responsibility to ensure that we are not only aware of our carbon footprint, but actively taking steps to reduce our CO2 emissions.
In 2022 we started to collect carbon emission data sets for 2021 on a global scale, expanding the data collections that had already taken place in UK, DACH (Germany, Austria and Switzerland) and the Netherlands. For every country in which we operate, we have assigned one Environmental Data Expert to support local data collection. We determined that 2021 is our Carbon Emission Baseline year. Based on the Baseline year carbon footprint and inventory, we will define our carbon emission reduction targets, KPIs, and reduction measures.
Whilst more details of our reduction plans and local offsetting initiatives will be published in our 2023 ESG report, through the Academy we have so far donated over 3,000 planted trees supporting reforestation and biodiversity projects through our partnership with the ONE Tree Planted initiative.
Spotlight stories: DACH carbon emission calculations
In 2021 the DACH Green team started to collect data sets with the support of the software tool OneTrust/Planetly to calculate their Scope 1, 2 and 3 emissions according to the Green House Gas (GHG) standards.
- To help reduce their overall carbon footprint, DACH started initiatives to reduce operational emissions. We promoted our company car sharing portal, started offering eBikes for business travellers, replaced our Diesel 'VIP-Shuttle' with a full electric vehicle and encouraged our employees to use public transport for business travel and commuting.
- In November 2022 the team in DACH compensated for its emissions on buildings & fleet (Scope 1), energy, cooling & heating (Scope 2) and business travel (Scope 3) based on their 2021 data collection. This was achieved by investing in GOLD-Standard-certified projects in India (wind energy), Bulgaria (biomass) and Costa Rica (rainforest reforestation).
2. Helping to cut downstream emissions by supporting our clients on their ESG journey
We believe it is our responsibility to support our clients with their sustainability and ESG journeys. As part of SoftwareOne FinOps, our GreenOps programme is taking shape, helping our clients to make informed decisions on the cloud initiatives they choose to join, and supporting their movement to NetZero.
Spotlight stories: MTWO
SoftwareOne is taking steps to digitally transform the AEC (Architecture, Engineering and Construction) industry as the global distribution and service provider of MTWO Construction Cloud. Through our partnership with Schneider Electric, RIB Software and Microsoft, we are supporting the construction industry to become more sustainable.
MTWO is at the forefront of green building practices, constantly exploring new ways to reduce the environmental impact of construction, including its integration with the Building Transparency’s Embodied Carbon in Construction Calculator (EC3). This new tool empowers stakeholders to evaluate a project’s overall carbon emissions and utilise that information to procure low-carbon material alternatives. This is critical in an industry that produces 38% of global energy-related CO2 emissions.
MTWO seeks to connect all project stakeholders throughout the project lifecycle, from initial planning through building maintenance, increasing productivity and efficiency while reducing waste and rework. We aim to enable construction companies to assess and measure their lifecycle carbon impacts.
3. Creating an inclusive and diverse culture, focusing on caring for our people
Promoting an equal and inclusive culture, as well as a workplace that allows individuals to be the best versions of themselves within SoftwareOne, is and always will be at the core of who we are.
We aim to have a positive impact on our local communities by working with our SoftwareOne Academy, fostering a diverse workforce, and assuring employee engagement in this area through additional local resources and events.
During 2022, we celebrated important events such as International Women’s Day and Pride Month, and organised regular 'Culture Days' to celebrate the diverse and brilliant cultures that make up SoftwareOne.
On International Women’s Day, our motto was 'Break the Bias', focusing not only on gender, but more generally on equality and inclusion. SoftwareOne encouraged employees to share those biases they would like to see addressed.
Specific initiatives were also rolled out and can be used as a blueprint across other regions. In North America, a revision of the handbook for gendered words, gendered language and heteronormative language was published. An inclusion survey and a strategic plan were completed to further build on progress made in terms of inclusion.
Spotlight stories: The Academy
Now in its third year, the SoftwareOne Academy is in 14 countries delivering 10 curricula across Sales, Services, BIT and Global Services Delivery (GSDC) Operations. Over 300 associates transitioned from the Academy to SoftwareOne in 2022.
With the Academy, we continue our mission to source, recruit, train, and transition young and career-changing talent from grassroots-level communities across the world. We offer a career in technology to those from both traditional and non-traditional educational backgrounds, and offer learning that is customised to service line, role, functional and geographic needs. Our curriculum covers technical, business, soft and consulting skills to enable associates to succeed in our global organisation.
Our measures are business oriented – the reduction in the cost of recruitment, in time to competency and in attrition, as well as faster times to billability. As a testament to our success, the Academy is a finalist at the prestigious Global Learning Awards in two categories – Global Learning Impact award, and our lead, Serena Gonsalves-Fersch is a finalist for the Learning Leader of the Year award.
In the past year, we have been proud of the partnerships we have nurtured to support social causes, as well as the new ones we have built. We continue to be recognised by the EU Pact for Skills and the EU’s European Alliance for Apprenticeships. We work with SoftwareOne’s Impact team and Microsoft Philanthropies to create the Springboard programme – whereby Academy students and experienced Swomies work together on not-for-profit projects, helping them to raise the bar on their technology. We are particularly proud of a new partnership we developed this year between the Academy and AWS Re:start in their ITSkills4U programme. Through this, we offer learning and job opportunities in our DACH operations to Ukrainian tech refugees who have been displaced by the conflict.
In 2023, the Academy will continue to expand with the aim of 30% of recruitment in Software & Cloud Services being sourced by the Academy.
4. Ensuring we fully support a direct positive digital transformation of NPO’s and local communities
We support the communities in which we operate and strive to be good corporate citizens.
As in previous years, many local initiatives took place in 2022. In Mexico, our team made donations to a charity that provides homes, food and education to homeless children. In Spain, our employees provided school supplies and toys to a Sahrawi refugee camp in Algeria. There was also considerable urgency to help people in Ukraine this year. SoftwareOne organised a fund for employee donations and matched the amount, which was donated to four charities (Prytula Fund, NBU Fund, Red Cross and Save the Children) selected by SoftwareOne’s CEE and Ukrainian leadership teams.
Working with non-profit organisation clients to support them in their digital transformation journeys is core to SoftwareOne’s vision. We aim to provide non-profit industry clients and local communities with digital services which help them achieve their Sustainable Development Goals.
Spotlight stories: SoftwareOne Impact
In 2022, we expanded the collaboration with Microsoft Tech for Social Impact and solidified a strong partnership with Amazon Web Services, achieving the Non-profit Competence.
In 2022, SoftwareOne Impact launched Digital Communities – a programme to provide technology enablement to small non-profit organisations (<20 staff) – in Microsoft data center communities across the Americas, UK, Europe and Asia Pacific. In only one year, we completed 15 engagements via Digital Communities. These were funded by Microsoft and delivered by SoftwareOne.
SoftwareOne Impact also launched SoftwareOne Recess in 2022, a programme to accelerate coding and software development skills with kids. In partnership with AWS, SoftwareOne brings an immersive experience with AWS’s DeepRacer Student product which encourages exploration of Machine Learning and Artificial Intelligence. SoftwareOne launched the programme with the Boys & Girls Clubs in Chester, PA, USA, and is expanding to schools and youth services organisations in 2023. More information on our community-focused initiatives can be found here.
5. Further developing our ethical and compliant Corporate Governance
At SoftwareOne, achieving long-term success and realising ambitions hinges on ethical and responsible business operations.
Codes of Conduct
At SoftwareOne, we are guided by our Code of Conduct for Board Members and Employees and expect that our partners respect the Code of Conduct for Business Partners. As a useful resource, it is embedded with hyperlinks and references to online documents posted on the internet/intranet, of which some were newly adopted in 2022. These include an Anti-Bribery and Corruption Policy, a Conflict-of-Interest Policy, a Gifts and Entertainment Policy and a Recusal Policy to protect US citizens from economic sanctions and exposure to trade embargoes. Additionally, we provide helpful guides that now assist all colleagues in their interpretation of the Code.
Our employees are required to complete mandatory online training on the Code of Conduct on an annual basis, allowing us to measure their understanding and engagement. The training is deployed in different formats and includes metrics tracking completion. Since 2020 we have continued to operate an externally managed alternative channel to disclose improper or unlawful misconduct; our Integrity Line, run by EQS, is available 24/7 for all our employees.
Our Code of Conduct for Business Partners was used as the basis for the newly adopted third-party onboarding process, which considers the expectations outlined in the Code that are imposed on our suppliers, distributors, contractors, and others entering into a contractual relationship with us. We now place more stringent requirements on our partners to meet the demands imposed by supply chain laws in various jurisdictions worldwide that focus on child labour, modern slavery, and environmental issues.
We support and respect the protection of internationally proclaimed human rights and ensure that we are not complicit in any human rights abuses. As a corporation, we will only hire people who are above the minimum legal age for employment and demand equal commitment on the part of our partners. We provide all employees with a safe work environment that respects their health and well-being. As far as any relevant laws allow, all our employees are free to form and join or not join trade unions or similar external representative organisations and to bargain collectively. We are subject to collective bargaining agreements or similar labour contracts in Brazil and Mexico. In other jurisdictions, including Spain, Austria, Italy and the Netherlands, a workers’ council is in place. Forced, bonded or compulsory labour is not tolerated and employees are free to leave their employment after reasonable notice as required by national law or work contract.
Conflicts of interests
Our employees and other SoftwareOne representatives must avoid conflicts of interest and, if unable to do so, must disclose conflicts internally for appropriate action to be taken to avert challenging situations or allegations of impropriety. These principles are set out in our Conflict-of-Interest Policy passed in 2022 which describes conflicting situations and the disclosure, recusal, and management processes. Alongside the Conflict-of-Interest Policy, we have introduced a disclosure management tool covering outside opportunities, close personal relationships, gifts, donations, sponsorships, entertainment, intellectual property, and other potential situations of conflict to facilitate disclosures and the approval process. To introduce the new disclosure tool and strengthen employees’ awareness, an important part of our Code of Conduct 2022 training was devoted to this subject.
Anti-corruption, ethical business conduct
We tolerate no form of extortion or bribery, including improper offers for payments or entertainment to or from our employees or organisations. We forbid bribery of office holders, clients, business partners, suppliers, or any other party, accepting improper payments from such persons or inciting these persons to such behaviour in order to achieve unfair advantages.
We are committed to complying with all applicable competition and antitrust laws and regulations. We also strive to comply with all applicable export control regulations to prevent the proliferation of software and/or technology that can be used for military purposes.
We expect our third parties to abide by all applicable laws and regulations and uphold values and principles that compare with their own. To ensure that this is the case, we have introduced a third-party risk management process that entails onboarding for new and existing business partners, with automated workflows for assessments, risk mitigations, reporting, monitoring, and offboarding. Our business partners, including suppliers, distributors, and contractors, will be successively evaluated and undergo a scrutiny process that covers aspects of Compliance, Data Privacy, Procurement and Security and will be rated accordingly. The rollout of this third-party risk management process commenced in 2022, first targeting third parties with higher risk ratings.
We are certified to international standards on systems management, including ISO 9001:2015 on quality management systems, ISO 14001:2015 on environmental management systems, ISO 27001:2013 on information security management and ISO/IEC 27017:2015 on information security controls for cloud services. Our team in Brazil is ISO 37001:2016 certified.
A SOC2 Type II report examining the design and operating effectiveness of our Cyber Security Practice was completed in 2021 and a SOC3 report examining the controls relevant to security, availability, processing integrity, confidentiality and privacy was completed in 2022.
We are also pleased to announce that for the eighth year in a row, we have been honoured with an EcoVadis award. We have been recognised with the Silver EcoVadis award as featuring among the top 25% of companies in the Computer programming, consultancy and related activities industry category, in the top 20% of companies with a Sustainability Procurement score and an Ethics score in the top 13% in our industry category. This award endorses our Corporate Social Responsibility programme as a supplier of choice for our clients who can feel safe in the knowledge that we are committed to our long-term environmental and social goals.
Privacy and data protection
Our employees must comply with all applicable data protection and privacy laws.
To ensure that personal data is obtained properly, kept securely and only used for those business purposes for which it was initially intended, our IT policies, namely the IT end-user policy and Data Protection Policies, guide our employees in compliance and have been updated to the new standard. The main data protection regulation which governs the group’s operations is the European Union’s Regulation (EU) 2016/679 (General Data Protection Regulation or GDPR). However, other data privacy regulations of different countries/regions also need to be observed, for example the legislation of California/USA (California Consumer Privacy Act – CCPA), Brazil (Lei Geral de Proteção de Dados – LGPD), UK (UK-GDPR) or Switzerland (Datenschutzgesetz – DSG). All these regulations provide frameworks containing the principles for legitimate data processing in the respective country/area. We continue to incur costs of implementing various measures throughout our operations (including our employee training, documentation and monitoring duties and process adjustments) as a result of applying these laws.