Responsible business conduct

Over the years Leonardo has built an integrated responsible business conduct model with the aim to prevent the risk of illicit practices, at all work levels and in any geographical area, by disseminating and promoting its ethical values as well as by defining clear rules of conduct and implementing effective control processes, in line with the requirements set forth by applicable laws and international best practices. The best practices include the "Common Industry Standards” Common principles against corruption of the companies operating in the Aerospace and Defense sector (ASD- AeroSpace and Defence Industries Association of Europe) and the "Global principles for business Ethical Conduct" of the companies operating in the Aerospace and Defense sector (IFBEC - International Forum for Business Ethical Conduct).

In order to improve constantly its business conduct, Leonardo collaborates with organisations such as TRACE International and the Institute of Business Ethics.

Leonardo's integrated model for responsible business conduct is based on a system of rules and internal codes, including the Charter of Values, the Code of Ethics, the Anti-corruption Code, the Whistleblowing Management Guidelines, the Organizational, Management and Control Models pursuant to Leg. Decree no. 231/2001 for Leonardo Spa and the Italian subsidiaries, as well as the compliance programs in line with local laws.

Continuous training

Leonardo invests in the training of its people with the objective to raise awareness of expected behaviour and reinforce its model for responsible business conduct. We carry out training differentiated for the different functions, from the Board of Directors, to managers and employees, available in in the languages of its domestic markets (Italian, English and Polish).

In this respect, the Compliance Council is a core moment for the Company, in which the Top Management along with internal and external specialists take part. The business and trade compliance topics dealt with during the Compliance Council are disseminated throughout the Divisions by means of dedicated workshops.

Internal Controls

The Group Internal Audit organizational unit (o.u.), subordinated to the Board of Directors, supports the Control and Supervisory Bodies in assessing the adequacy and the effectiveness of the internal control and risk management system.

ROSQA organizational unit has been established, within the Group Internal Audit, with the aim of monitoring the Internal Audit activities and to improve the related effectiveness, efficiency and quality through the execution of the Quality Assurance & Improvement Program.

According to the International Standards for the Professional Practice of Internal Auditing (International Professional Practices Framework), at the end of 2016 the Chief Audit Executive of Leonardo began implementing a Quality Assurance & Improvement Program (QAIP) of the Internal Audit. The program includes both internal - on an ongoing basis - and external assessment to be conducted at least once every 5 years by a qualified, third party independent assessor.

In 2021 a Quality Assurance Review (QAR) has been performed by the indipendent assessor PwC, through a “full external assessment” approach, to achieve the renewal of he Quality Assurance Certificate, released for the first time in 2017. The assessment, confirmed the “General Conformance” of the Internal Audit to the International Standards and to the Code of Ethics of the Institute of Internal Auditors.

The Chief Audit Executive communicates annually the results of both internal and external assessments to the Board of Directors, the Control and Risk Committee and the Board of Statutory Auditors.

Internal and external assessment

The internal assessments consist in on-going monitoring of internal audit activity and periodic self-assessment conducted according to the annual Quality Assurance & Improvement Program that includes:

  • Internal Quality Assurance Review of Internal Audit Engagements;
  • Support on the updating activities of Internal Audit Governance and requirements;
  • Methodology development like KPI, Knowledge sharing days, tool implementation etc..

Furthermore ROSQA organisational Unit verifies the conformance of the Internal Audit activities to the following:

  • IIA’s International Standards for the Professional Practice of Internal Auditing (Standards);
  • Audit Charter;
  • Group Internal Audit Operational Guidelines and other internal references.

The external assessments, include an opinion on the internal audit activities performed and about the conformance with the IIA’s Code of Ethics and Standards.

Audit Plan and procedural framework

  • Group Internal Audit internal managers ensure a proper supervision of the engagements, in particular in the most significant stages of the interventions (planning, execution and reporting). Through the supervision, it is also ensured that audit objectives (Work Program) are achieved and that Group Internal Audit Operational Guidelines are respected.
  • The internal procedural framework, the methodology and the investigation procedures (including Whistleblowing investigation procedures) are subject to regular updates that may be necessary as a result of specific requests of management or Supervisory Bodies, Chief Audit Executive’s guidance, organizational and business changes and/or any developments in the regulation of internal audit professional practices, and in any case at least every three years or in response to changes in the regulatory environment.


Internal auditors and all the related staff conducting investigations on anti-corruption receive dedicated and specific training courses through classroom session, on-line training, training on the job as well as participation in conferences, seminars and external professional courses.

With regard to training activities of Internal Auditors, the Project Management Office (“PMO”) performs assurance activities in accordance with the IIA’s Standard. In particular, the compliance with the Standard 1230 “Continuing Professional Development” is supervised through PMO’s Internal Auditors: 

  • professional development and training plans; 
  • membership and participation in professional organizations; 
  • certifications; 
  • on the job training and in house training. 

Internal Audit policies, training schedule, self-assessment and surveys contribute to the planning of continuing professional development.