The California Transparency in Supply Chains Act of 2010 and United Kingdom Modern Slavery Act of 2015 require certain businesses to disclose efforts to prevent or otherwise eradicate slavery and human trafficking from their supply chains. NetApp is committed to complying with these laws and ensuring that its employees and suppliers across the globe take appropriate steps to mitigate the risk of human trafficking and slavery in our supply chain.
Our commitment to human rights which covers topics such as forced labor, slavery, child labor and human trafficking is outlined in our own Human Trafficking Policy PDF and NetApp’s Supplier Code of Conduct PDF. As an active member of the Electronic Industry Citizenship Coalition (EICC), NetApp has adopted the EICC Code of Conduct which prohibits the use of forced labor, including bonded, indentured labor or involuntary prison labor, human trafficking and child labor. Fundamental to adopting the Code is the understanding that a business, in all of its activities, must operate in full compliance with the laws, rules, and regulations of the countries in which it operates. The EICC Code contains specific requirements covering slavery and human trafficking and encompasses a broader vision than simply the elimination of human trafficking, to include compliance with global labor standards and applicable laws; worker health and safety; the environment; business ethics; and the management of internal systems and controls to ensure effective compliance. In addition to adopting the EICC Code, NetApp actively participates in the EICC activities.
NetApp’s internal policies and practices implement the EICC Code and are consistent with international labor and human rights standards. NetApp is committed to complying with the changes to the U.S. Government’s Federal Acquisition Regulation with regards to Combating Trafficking in Persons and expects our suppliers to comply (see our Trafficking in Persons Purchasing Policy PDF). We work with our supply chain to create an environment where workers may freely choose employment. This focus on labor and worker rights is part of a larger effort around supply chain transparency and accountability.
Certification and Verification
NetApp has taken actions to ensure transparency and the prevention of abuses in our supply chain, including:
Supplier Code of Conduct. NetApp verifies that all first-tier suppliers have adopted the EICC Code of Conduct. NetApp’s Supplier Code of Conduct is aligned with the EICC Code of Conduct and implements its key sections, including workers’ rights, the eradication of forced labor, working conditions, and supplier accountability and reporting of non-conformance. First-tier suppliers are required to demonstrate their compliance with the Code – including implementation of a management system, self-assessments, and audits – by completion of the EICC Self-Assessment Questionnaire (SAQ). Acknowledgements of the EICC Code of Conduct are required from all of NetApp’s Tier 1 suppliers.
NetApp Supplier and Partner Agreements.Compliance with the EICC Code of Conduct is part of NetApp’s standard contract language being implemented with all new suppliers. Where NetApp contracts with services suppliers who participate in a U.S. Government contract or subcontract, it flows down applicable clauses to its suppliers, such as FAR Clause 52.222-50, Combating Trafficking in Persons.
Supplier Risk Assessments and Audits. NetApp conducts initial assessments of its top suppliers to identify the risks of non-compliance with NetApp’s Supplier Code of Conduct and EICC Code of Conduct, including the actual or potential risks of slavery and human trafficking occurrences. As a part of NetApp’s overall participation in the EICC's collaborative audit effort, we expect our suppliers to annually assess their conformance with the tenets of the Supplier Code of Conduct and EICC Code of Conduct with the completion of the EICC SAQ, which includes an assessment of the supplier’s policies and practices that may give rise to human trafficking risks. NetApp also requires audits, via a third party, if deemed necessary to verify our supply chain’s conformance to the EICC Code of Conduct and related standards and policies. Third-party audits follow the EICC Validated Audit Process (VAP), which includes an assessment of the supplier’s risks and controls regarding human trafficking. If non-conformance is identified, we work closely with our suppliers to develop corrective action plans and close audit findings.
NetApp’s Code of Conduct PDF, which contains specific provisions on procurement from suppliers, vendors, and contractors and supply chain relationships, provides guidance to enable employees to put our company’s values into practice. It is available in 9 languages on NetApp’s intranet and in English on our company’s external website.
The principles embodied in our Code of Conduct reflect NetApp’s policies on, among other topics, compliance hotline, speaking up, investigations, anti-retaliation, diversity and discrimination, conflict minerals, antitrust, anti-bribery and anti-corruption and protecting our company’s assets and reputation. To ensure compliance with our Code and policies, NetApp conducts annual Code of Conduct training for all employees. Courses are administered and tracked through our NetApp University, an internal program that serves the technical and sales learning needs for NetApp employees, partners and customers. Employees who are new to NetApp are also required to take an interactive Code of Conduct course. Additionally, every employee is required to read the Code and certify that he or she has done so prior to joining NetApp.
NetApp’s Ethic and Compliance Program includes an Integrity & Compliance Office (“ICO”) and Global Business Conduct Councils. ICO oversees and administers NetApp’s Code of Conduct and is NetApp’s primary resource for developing and implementing programs and tools to ensure compliance with global laws and NetApp’s policies. Our Business Conduct Councils (“BCC”) are cross-functional governance bodies, comprised of senior leaders from Business, Human Resources, Finance, Internal Audit, Legal and Integrity and Compliance Office that identify and address compliance issues. They review company investigations, drive control improvements and identify and prioritize areas for global compliance focus. NetApp maintains a robust process for reporting slavery and human trafficking, including online channels, and our Code of Conduct contains a non-retaliation policy. Processes for informing senior management about allegations of slavery and human trafficking include periodic internal reports on the supply chain and details about key investigations that are in progress or completed.
Training and Awareness
NetApp offers specific training through forums and workshops to our employees who are responsible for supply chain management and our suppliers on slavery and human trafficking, specifically regarding how to identify and respond to supply chain issues in accordance with the EICC Code and applicable laws.