Telia Company purchases goods and services from tenths of thousands of suppliers. Choosing suppliers with sustainable operations is a way for us to create positive impacts that extend beyond our own operations.

Strategic objective

2018 goals

2016 progress

  • All suppliers comply with our sustainability requirements.
  • All suppliers have signed our supplier code of conduct.
  • 75 percent of assessed suppliers compliant with the supplier code of conduct.
  • 25 percent reduction of supplier base (baseline 2015).
  • 60 percent (58) of suppliers assessed through audits or Eco-Vadis compliant with the supplier code of conduct.
  • Launched a standardized supplier due diligence platform, 1,443 due diligence assessments carried out.
  • 169 on-site audits carried out.
  • Launched focus area programs in seven critical supply chain areas.

Telia Company relies on a vast number of suppliers and sub-suppliers, many of which are located in countries or industries with challenges in upholding ethical business practices, human and labor rights, health and safety, and environmental protection. Despite our efforts, we know that some of our suppliers and sub-suppliers violate Telia Company’s supplier requirements or national and international laws, regulations and conventions.

Ensuring that suppliers live up to our requirements and implementing common ways of working with responsible procurement across Telia Company will take several years. It requires joint efforts that are only possible if suppliers, sub-suppliers and distributors are transparent about their challenges.


The supplier code of conduct is the guiding document that outlines our sustainability requirements and shall be included in all new or renegotiated contracts. Exceptions can be made when a supplier has demonstrated that corresponding or higher requirements are already in place. Other governing documents such as the security directives that specify IT security requirements for suppliers handling customer data are used for certain products and services.

Supplier sustainability due diligence is part of the supplier due care process and is carried out in high-risk categories such as network maintenance and manufacturing of electronics before suppliers and contractual agreements are approved. A dedicated team in group sourcing and procurement is responsible for evaluating and developing suppliers’ sustainability performance, for example through on-site audits and training. Local procurement teams are responsible for initiating the due diligence process.


Supplier due care process


Work during the year

Developing common processes

A high priority in 2016 was to further develop and implement a common process and governance framework for procurement throughout the group. By using a common process and standardized contracts that include our supplier code and improving the supplier approval process, we increased control of payees and decreased administration.

New due diligence platform

To strengthen the due diligence assessment process, we developed and implemented a due diligence platform based on an online supplier self-evaluation questionnaire available in several languages. The platform, which evaluates supplier fulfillment of the requirements in the supplier code and security directives, replaces previous due diligence processes that were carried out mainly manually using different templates. It was implemented in region Eurasia during the year and will be gradually introduced in regions Sweden and Europe in 2017. For potential high-risk suppliers, an extended due diligence is performed to identify specific risks related to the supplier and its owners.

We performed 1,443 due diligence assessments based on supplier self-evaluations. 102 of these indicated major deviations from our requirements, mainly related to potential risks in the areas of information security and corruption. 18 suppliers that did not meet our requirements were given conditional approval before contracting with Telia Company, complemented by a plan for risk mitigating activities.

As the new due diligence platform was implemented, we begun phasing out the EcoVadis supplier assessment tool. 35 EcoVadis assessments were carried out during the year.

Supplier audits

169 on-site supplier audits by Telia Company and another 79 by the Joint Audit Cooperation (JAC) were carried out in 24 countries. Audits are selected mainly based on supplier risk category, spend and the focus area programs. The audit focus was on supplier code compliance, OHS, quality and security. Out of the audits compliant with Telia Company's standardized scoring methodology, 13 audited suppliers met the requirements, and 57 had minor deviations but were still approved. 29 suppliers did not meet critical requirements within areas such as illegal overtime, financial punishment or forced labor and were not approved. Corrective action plans are monitored and continuously followed up.

For the remaining 152 audits, Telia Company's standardized scoring methodology was not applied. Standardization of audit evaluations will be carried out in 2017.

During the year we closed 661 compliance deviations identified during audits in 2016 or earlier.

Supplier assessments

Supplier assessments (cumulative)



Due diligence



Self assessments










Supplier audits

Supplier and sub-supplier audits



Audits performed by Telia Company



Audits performed by JAC







Focus area programs

Based on findings from audits conducted in 2015, industry discussions, new customer requirements and new EU guidelines, we defined the following focus area programs for 2016 and onwards. Considering the scope and nature of the challenges, some of these programs will take several years to complete.

Occupational health and safety (OHS)

The program aims to support suppliers performing hazardous work in achieving OHSAS 18001 certification or the equivalent and to improve their reporting of work-related accidents and fatalities. In 2016, a number of site visits to increase expertise in OHSAS 18001 requirements within Telia Company and with local suppliers were carried out mainly in region Europe.

Mapping and managing privacy risk

The program aims to prepare our supply chain for the new EU privacy and data security regulations (GDPR). In 2016, we focused on taking inventory of processes and systems where suppliers handle customer data and identifying suppliers where we will conduct audits and training in 2017 to prepare them for the new requirements.

Financial punishment

Financial punishment, for example withholding salary for lack of performance, is a widespread disciplinary measure found in our supply chain in almost all regions where we have performed audits. In 2017, we will focus on training and strengthening requirements to reduce this practice where it is in conflict with national laws.

Overtime at suppliers in China

In eight out of ten audits of Chinese suppliers in 2015 and 2016, we identified consistent use of overtime in violation of Chinese labor law and our supplier code requirements. In 2017, we will engage in dialogs and training with these suppliers.

SIM card suppliers in China

In a pre-assessment for a SIM card tender in 2015, we conducted audits of manufacturers in China. We identified several serious compliance deviations from our supplier code as well as security and quality requirements. This program has addressed these deviations and we now have a list of four pre-qualified suppliers and two more to audit before the program is completed.

Responsible sourcing of minerals

We aim to strengthen our supplier code requirements to ensure that our supply chain sources minerals responsibly and does not contribute to potential human rights violations in high-risk regions. Fulfillment of revised requirements will be evaluated through the due diligence platform.

Bond contracts in India

See case.

Planned work in 2017

In addition to the focus area programs, we will continue to develop our suppliers’ capacity to meet our requirements through audit programs and supplier training covering our supplier code and security directives. The due diligence platform will be improved, based on internal and external feedback, mainly to increase ease of use and scope. We aim to strengthen local due diligence expertise especially in region Eurasia to enable local companies to conduct sustainability risk evaluation prior to contracting vendors.

There is need for further development of common systems, templates, definitions and reporting processes, to ensure that we measure and report internally and externally in a consistent way. Alongside this we aim to revise the 2018 goals, to ensure that they are aligned with strategic and organizational changes in sourcing and procurement.


Addressing bond contracts in the
Indian IT sector

In 2015, audits of Indian IT service suppliers revealed the use of bond contracts between the suppliers and recent IT graduates. This practice seems to be common and may be in violation of national labor laws, and at the moment, labor unions to protect labor rights barely exist in the Indian IT sector.

According to these bond contracts, companies may offer two-year employee contracts that stipulate the employee’s right to training to carry out work tasks. If the employee terminates the contract, he or she may be forced to pay back training fees and accumulated earned salary.

In seven out of eight audits conducted, we found evidence of such bond contracts. We initiated audits of all eleven main suppliers and found this practice at nine of them. In response, we initiated a joint effort with these suppliers to develop a training program to address the issue. The program focuses on identifying solutions to maintain employee motivation without the use of bond contracts and to create top management commitment to these solutions.

Tackling this and other labor rights challenges is complex and requires multi-stakeholder collaboration to arrange recurring training sessions and knowledge sharing. We have initiated a dialog with the Birmingham Business School and Advisory for Sustainable and Responsible Business in India to explore potential ways of reducing the use of bond contracts in the ICT supply chain.