A responsible citizen - Li & Fung

Our strategy

A responsible citizen

ESG strategy
Overview Protecting our planet Whistleblowing policy People in the supply chain Engaging our people and community A responsible citizen

We deliver long-term value to global supply chains.

Li & Fung is committed to creating long-term value for corporate partners and our society. Our business activities are carried out ethically and complies with all applicable regulations, overseen by an effective and transparent governance structure.

ESG Governance

Li & Fung believes that a scientific and comprehensive management mechanism is the cornerstone of integrating sustainable development into the Company’s operations and management. Our ESG governance structure allows our ESG activities and emerging issues to be escalated quickly for the Board and management attention and action.

The Risk Management & Sustainability Committee (RMSC) under the Board oversees corporate ESG practices, policies, procedures, strategies, and directions. Chaired by an executive director of the Company, the committee is comprised of members of the Board.

Under the RMSC, we have an ESG Committee which consists of key business leaders and key function heads from human resources, governance, vendor compliance, IT and corporate sustainability. The Committee members are well-equipped with both sustainability and industrial knowledge and a forward-looking mindset to propose insights, directions about embedding ESG and sustainability practices into business strategies.

At regional level, we established an ESG Working Group which facilitates ESG strategy implementation locally. The ESG Working Group is formed by local representatives from business, operations and supporting functions who not only report the periodic environmental, social, supply chain, human resources and governance data, but also share best practices and highlight critical incidents, risks and proposed solutions to the ESG Committee for reporting to RMSC.

Business integrity

Li & Fung is committed to managing our business responsibly, in compliance with the statutory requirements and regulations of the countries in which we operate. Our Code of Conduct and Business Ethics prohibits any forms of corruption, bribery, extortion, fraud, money laundering, and unfair competition. We have zero-tolerance for bribery and corruption and promote the highest standards of ethical conduct amongst our employees.

We encourage everyone to report actual or potential illegal or unethical behavior to appropriate senior management or Group Chief Compliance & Risk Management Officer. We will investigate and report to senior management any violation of the Code. Violations may result in disciplinary action. No retaliation of any kind is taken against employees who raise genuine concerns or those who participate in any investigations.

We believe that our success should be based on a common vision of shared values and a consistent standard of conduct. This includes:

Information security

Li & Fung is committed to Information Security throughout its business activities and is committed to preserving confidentiality, integrity and the availability (C.I.A) of information assets. The company utilizes some of the most advanced industry standard technology for cyber security available today, to secure and protect our networks and data. In addition to a dedicated internal cyber security team, we engage and contract with multiple independent external security companies providing services that include: monitoring, proactive scanning, standards setting, testing, auditing and certification.

At Li & Fung, we have a comprehensive data protection policy that outlines our commitment to safeguarding information. This policy follows all relevant data protection laws, including the General Data Protection Regulation (GDPR) of the European Union. Our information security system is certified to comply with the requirements of ISO/IEC27001:2013. Also, we are complying with the applicable regulations and ensuring that our data protection policies and procedures are regularly reviewed and updated. We take a risk-based approach to data protection, which means that we assess the potential risks associated with collecting and processing data and implement appropriate measures to mitigate those risks. To improve employee’s awareness on information security, we conduct various training programs on a regular basis such as monthly phishing simulation exercises, quarterly training on general IT cyber security knowledge, and monthly IT security tips emails.

Read our ESG Report 2022 to learn more about our progress.

Whistleblowing policy