Compliance and risk

The fundamental principle underlying all the tax decisions within the Company is that of seeking to pay the right amount of tax in the right place at the right time. This is mandated at a global level by the Board of Management of our parent company, Volkswagen AG, and by the management of our internal Brand Group headed by Audi AG. The aim is to disclose all relevant facts and circumstances to the tax authorities and to claim reliefs and incentives where these are made available by tax legislation.

The Company seeks to build transparent and collaborative relationships with the UK Tax Authorities to create and maintain “Good Corporate Citizenship”. We aim to achieve this by engaging with HMRC with honesty, integrity, respect and fairness.

HMRC is kept informed about business developments to the extent they have a tax impact, at periodic meetings or through regular correspondence, to ensure a “no surprises” approach is maintained. We will always seek to disclose all relevant facts to HMRC to enable them to fully understand the matter in question, and to enable the appropriate tax treatment to be applied.

In the event that a disclosure to HMRC is required, these are made voluntarily and with full co-operation from the business.

This open, transparent approach would also apply to any dealings with overseas tax authorities, where relevant.

Ultimate responsibility for the tax affairs of the Company sits with the Board of Directors. The Board has assigned a Director with overall responsibility for its on-going tax affairs. This Director is the nominated Senior Accounting Officer for tax purposes.

The Company has a dedicated professionally qualified tax team covering all tax matters. The Company supports the tax team in maintaining their continuing Professional Development requirements. The team also adheres with the ethical standards of their relevant professional institutions.

Members of the tax team actively participate in various tax fora, both those with an industry specific focus and those with a tax technical base. This assists with understanding current best practice and developments.

The Company will also engage with specialist external advisors for particular matters as may be required. This is to further ensure that tax risk is adequately managed and that the Company remains up to date with the latest tax changes that may affect the business.

Given the size and global nature of our business, tax risks will arise. The individuals responsible for tax are appropriately skilled to handle these matters and receive regular tax updates to ensure knowledge is always up to date. Controls are also in place to seek to ensure that the tax team are involved with all significant business decisions with potential tax consequences.

The Group places a strong emphasis on tax risk management and robust global policies are in place to minimise risks. The Company adheres to these policies.

The above, taken together, enables the teams to identify, monitor and manage tax risks within the business. External advisors may also be engaged to help manage the risk and ensure that the Company meets its tax obligations.

The primary tax objective of the Company is to pay the correct amount of tax at the point at which it is properly due. The Company will utilise exemptions and reliefs that are legitimately available and in accordance with the wording and spirit of the law.

The Company is mindful of its reputation in the marketplace and seeks to operate in the manner of a responsible taxpayer.

Transactions between group companies are conducted on an arm’s-length basis and in accordance with OECD principles. The group do not undertake profit allocation on the basis of tax rates, and profit allocations follow the business activities of the group.

Where tax incentives are implemented by the Government to support investment, employment and economic development, the Company will only ever seek to implement these in the manner intended.

Engagement in artificial tax arrangements (i.e. those without commercial substance) is not undertaken. Where a point of law is unclear or uncertain, the Company may seek clarification from HMRC, external advisors or the judiciary as appropriate. This is to ensure that the Company complies with its tax objectives as set out in this document. Tax is not the commercial driver for decision making within the Company nor is tax a key performance indicator.

IT systems

All hosts in the ownership of Bentley Motors Apps

All apps, that are published by Bentley Motors, e.g. My Bentley

Vehicles that were sold under the brand Bentley Motors

Equipment that was sold under the brand Bentley Motors

Web pages of Bentley partners – occasionally Bentley partner use a subdomain of .bentleymotors as address for their web site. Bentley Motors has no control over those web pages. Please contact the corresponding dealer if you find a vulnerability there.

Vulnerabilities outside the scope

Denial-of-service attack (DoS / DDoS)

Brute-force attack

Social engineering

Vulnerabilities without an impact on safety or security (Vulnerabilities must have a security or safety impact in order to be considered)

URL forwarding

Reports, generated by automatic scan tools

Missing TLS communication

Expired TLS certificates

Physical destruction of locks, anti-theft devices etc.

Gaining access to a vehicle by physical destruction

Use of valid diagnostic functions

Denial-of-service attacks on ECUs or bus systems via flooding attacks

Injection

Broken Authentication

Cross-Site-Scripting (XSS)

Insecure Direct Object References

Security Misconfiguration

Sensitive Data Exposure

Missing Function Level Access Control

Cross-Site-Request-Forgery (CSRF)

Using Known Vulnerable Components

Unvalidated Redirects and Forwards

Firmware updates and cryptographic signatures

Identity management

Embedded software frameworks

Debug interface

Network protocols

Authentication procedure

Buffer and stack overflow

Sending of arbitrary data on in-vehicle bus systems (CAN, LIN, Flexray etc.)

Unlocking a vehicle

Remote-code-execution

Compromise of the update mechanism, e. g. flashing an ECU with unauthorized firmware

Infringement of GDPR-specifications: collection, usage, storage and revealing of sensitive data

Complying with statutory regulations and internal rules, and the principles laid down in our Code of Conduct and the Code of Conduct for Business Partners, has top priority at Bentley Motors Ltd. The success of our company is based on Integrity and Compliance. To meet these standards, it is important to learn of potential employee or supplier misconduct and to put a stop to it. Therefore, we have entrusted the Audi Investigation Office to operate an independent, impartial and confidential Whistleblower System on our behalf.

A key pillar of our Whistleblower System is the principle of procedural fairness. It also guarantees the greatest possible protection for whistleblowers, persons implicated and employees contributing to the investigation of reported misconduct.

This also includes offering opportunities for anonymous reporting and communication. We assure not to perform any steps in order to identify anonymous whistleblowers, who do not misuse our Whistleblower System. Retaliation of whistleblowers and all persons who contribute to investigations at Bentley will not be tolerated. Persons implicated are presumed innocent until the violation is proven. Investigations will be conducted with the utmost confidentiality. The information will be processed in a fair, fast and protected process.

The qualified and experienced colleagues at the Investigation Office examine every report for potential misconduct by a Bentley employee thoroughly and follow it up systematically. First, you will get a confirmation of receipt. The Investigation Office then assesses your report. This includes gathering facts particularly from the whistleblower. Only if this initial evaluation shows grounds for suspicion of a violation an investigation by a dedicated Investigating Unit will be started. Afterwards, the results of the investigation will be assessed by the Investigation Office and appropriate measures will be recommended. Information about the status* and the outcome of the procedure will be given to you without undue delay.

Potential violations of the Code of Conduct for Business Partners by suppliers, including serious risks and violations of human rights and environment by direct and indirect suppliers, can also be reported to the Investigation Office - as well as reports requiring otherwise immediate action. The Investigation Office will inform the responsible departments, who will process the issue accordingly. This particularly includes taking the necessary measures to minimise or end violations and/or risks.

 _{* The processing time varies depending on the subject of the procedure.}

More information on the respective procedural principles can be found here.

For complaints or feedback about vehicles and services of Bentley or our business partners (e.g. car dealerships, workshops), please contact:

https://www.bentleymotors.com/en/pages/contact-us.html 

Please understand that we will not be able to forward your request or take any action for reasons of responsibility.

The Whistleblower System offers various channels to report potential misconduct by Bentley employees, violations of the Code of Conduct for Business Partners violations of the Code of Conduct for Business Partners or serious risks and violations of human rights and environment in our Supply Chain. However, this does not affect your statutory right to contact designated authorities.

Please read the Audi data privacy statement and the Audi statement of consent before getting in touch.

Use this link to find out more information about the Whistleblower System: https://cdn.bentleymotors.com/downloads/corporate/2024-11-01 Basic Information WBS Communication.pdf

The Investigation Office of Bentley can be reached via E-mail (in any language): 

whistleblower-office@audi.de

For customer complaints, please contact the channels listed under "A complaint about products or services to our customer service".

AUDI AG

Postal address: 

Audi AG Whistleblower System

D-85045 Ingolstadt, Germany

In person:    

Audi Investigation Office

AUDI AG

I/FG-H

85045 Ingolstadt, Germany

Appointments may be arranged in advance via whistleblower-office@audi.de. 

Bentley has appointed external lawyers to act as Ombudspersons. They advise on the Whistleblower System or ensure that reports from whistleblowers are forwarded anonymously to the Audi Investigation Office if desired.

If you want to get in contact with the Ombudsperson you can find their contact details here: https://www.ombudsmen-of-volkswagen.com/. 

You have the option of using a web-based communication platform SpeakUP* to contact the Investigation Office in more than 65 languages. This system is confidential and technically secured and allows you to submit reports anonymously.

Use this link to access the online reporting channel: https://goto.speakup.report/audi 

Use this link to access detailed instructions on how to make reports online, by app or by phone: https://cdn.bentleymotors.com/downloads/corporate/2021-11-01 SpeakUp - How To Report Guide.pdf

Find out more about how to use the speak up online reporting in this short video.

You can leave a voice message by phone 24 hours a day, 7 days a week.

After entering the phone number (specific to the country you are in), you will be prompted to enter the organisation code. Then, you can submit your report as a voice recording. Only a written transcript will be received by the Audi Investigation Office. Dial back in to listen to the reply or further questions by the team. 

Select a phone number from the below list for your country or region (UK: 0800 022 4118) and have the organisation code 122237 ready. 

Access the full list of phone numbers using this link: https://cdn.bentleymotors.com/downloads/corporate/2024-11-01%Bentley%SpeakUp%Line%Phone%Numbers.pdf

You can also download the Speak Up App “SpeakUp - Listen for a change “ by People Intouch (personal devices only) to access the secure reporting system. Through this app, you can submit your report in writing or leave a voice message (also anonymously). Log back in to see our team's reply or answer further questions. Find out more about how to use the speak up app in this short video.

Once you have downloaded the app, you will need the organisation code 122237

A report should be as specific as possible. Use the following questions to help:

• Who? is affected? who might be responsible? has is happened before?

• What? happened? what damage has occurred?

• When? did the incident occur? is it still ongoing? are there witnesses?

• Why? was the potential violation committed? (if known), why do you think this a violation? e.g. which law/ policy has been allegedly violated?

• Where? did the potential violation take place?

• How? can the potential violation be substantiated? can you provide any evidence?

Questions or suggestions for improvement concerning the Whistleblower System can also be addressed to the Audi Investigation Office. 

If you have been interviewed in terms of an investigation, you have the possibility to give feedback to the Ombudsperson as independent body.

Furthermore, our local Integrity & Compliance Officer can also be addressed in all matters of the Whistleblower System via compliance@bentley.co.uk.