This statement constitutes the Modern Slavery Act Transparency Statement for Red Hat, Inc. and its subsidiaries (hereinafter “Red Hat” or “the Company”) for the financial year ending 31 December 2021. As a global company, respect for human rights is an integral part of the corporate social responsibility commitments of Red Hat. We strongly oppose illegal human trafficking and forced labor (and all other forms of modern slavery) in any form. Accordingly, Red Hat strives to operate in accordance with the highest standards of conduct, ethics, and fair treatment and it is committed to improving our practices for identifying and minimizing the risk of modern slavery in our operations and supply chain.
Structure, Operations, and Supply Chain
Red Hat Inc., founded in 1993 and headquartered in the United States, has offices in more than 40 countries with over 20,000 employees located across the globe. Red Hat is wholly owned by International Business Machines Corporation (“IBM”), which is also headquartered in the United States.
Red Hat is the world’s leading provider of enterprise open source solutions, using a community-powered approach to deliver high-performing Linux®, cloud, container, and Kubernetes technologies. Red Hat helps customers standardize across environments, develop cloud-native applications, and integrate, automate, secure, and manage complex environments with award-winning support, training, and consulting services. By operating transparently and responsibly, Red Hat’s mission is to be the catalyst in communities of customers, contributors, and partners creating better technology the open source way.
As a services business that does not manufacture any tangible goods, Red Hat’s supply chain is limited and consists of goods and services procured to operate our business and enable our employees and ecosystem of partners to deliver our services. As such, we assess the risk of modern slavery or human trafficking occurring within our operations and supply chain to be relatively low. Notwithstanding this, we recognize that there is an inherently higher risk of modern slavery within some of our supply chains, particularly those that fall within higher risk product and service sectors, to include technology hardware, construction, food and beverage, and property and building services (e.g., cleaning, maintenance, and waste management). We recognize that this inherent risk is even higher for suppliers that have a global footprint, including in high-risk geographies.
We further consider Red Hat’s risk of modern slavery in its operations to be relatively low, given our hiring practices and the contractual, policy, and statutory protections provided to all employees. We strive to only hire employees that are authorized to work in accordance with applicable employment laws in the country in which they are located. We also have internal policies offering enhanced benefits including: additional overtime and on-call payments, home office stipends, car allowances, and tuition reimbursements. During the COVID-19 pandemic, Red Hat also introduced a number of support measures for employees. These measures included flexible working from home arrangements, quarterly paid “recharge” vacation days for all employees, stipends and reimbursements for home office purchases, and various webinars and online resources related to mental health and wellbeing. Employee salaries and benefits were maintained, and in some cases increased, during this time.
Red Hat employs skilled professionals in the functional areas of clerical, engineering, global support services, and sales. Given that the majority of our employees are skilled professionals, we believe that the risk of modern slavery practices and the vulnerability of our workforce is relatively low. Despite this diminished risk, we are committed to respecting human rights in our workplace and have a number of global policies and processes in place to promote a safe, diverse, and inclusive workplace, including, but not limited to, Red Hat’s Global Policy Prohibiting Discrimination, Harassment, Bullying, Favoritism, and Retaliation. Additionally, Red Hat’s global diversity, equity, and inclusion statement outlines the Company’s commitment to diversity, equity, and inclusion for all employees, as well as for the Company’s global communities of partners, customers, and open source contributors. Red Hat expects relationships with its customers, partners, and open source communities to exist in an environment based on mutual respect and professionalism. Red Hat’s global diversity, equity, and inclusion statement is publicly available here.
Actions Taken to Assess and Address Modern Slavery Risks
Red Hat maintains a global internal controls system, including many global policies and procedures, designed to create a unified approach to compliance with applicable laws and regulations in the places in which Red Hat does business around the world.:
The following section provides an overview of actions taken by Red Hat that enables Red Hat to assess and address risks, including the risk of modern slavery in our operations and supply chain.
Modern Slavery Working Group
During the current reporting period, Red Hat established and implemented a Modern Slavery Working Group (“Working Group”) that meets regularly to identify, consider, and discuss other ways to improve Red Hat’s policies and processes in order to combat the risks of modern slavery. The Working Group draws upon global expertise across Red Hat and its subsidiaries, and includes a number of stakeholders from a variety of functions across the Company.
Global Policies and Standards
- Red Hat Procurement Supplier Code of Conduct (Supplier Code). To ensure the integrity of supplier relationships across the globe, as part of Red Hat’s standard procurement process, Red Hat suppliers are required to operate in accordance with our Supplier Code and to apply this Supplier Code in all dealings with us. The Supplier Code applies to third parties supplying goods or services to or on behalf of Red Hat, including staffing agencies and independent contractors, as well as their agents and subcontractors, and it incorporates Red Hat’s commitments regarding health and safety, labor and human rights, ethics, and other responsible business practices. In 2019, Red Hat revised its Supplier Code in order to more clearly set forth minimum expectations for suppliers and third-party labor providers related to their ethical practices, including addressing modern slavery and human trafficking risks in their business. A supplier’s violation of the requirements of the Supplier Code may result in the immediate suspension or termination of the supplier relationship. The Supplier Code is publicly available here.
- Code of Business Conduct and Ethics (Code of Conduct). The Red Hat Code of Conduct is the cornerstone of Red Hat’s compliance program and provides all employees with a clear understanding of the high standards for ethical conduct by which Red Hat conducts business globally. Red Hat requires that all of our employees comply with our Code of Conduct, other Policies, and all laws, rules, and regulations applicable to wherever we do business. The Code of Conduct also requires employees, officers, and directors of Red Hat to deal honestly, ethically and fairly with its suppliers, customers, competitors, and employees, and to ask questions, seek guidance, report suspected violations, and express any concerns regarding compliance with it. During the current reporting period, Red Hat further revised its Code of Conduct to include a section outlining its commitment and expectations regarding human rights, including our expectation that employees help identify and prevent modern slavery in their Red Hat work and immediately report any concerns. All Red Hat employees must certify that they understand and will follow the ethical principles and compliance rules outlined in the Code of Conduct upon hire, followed by annual re-certification each subsequent year.
- Employee Training. Red Hat’s Annual Compliance and Ethics Training program is also a part of Red Hat’s bedrock commitment to maintaining a culture of compliance and ethical business practices in accordance with our Code of Conduct. Each year, Red Hat employees around the globe are required to complete training on a variety of ethics and compliance topics. During the current reporting period, Red Hat’s Annual Compliance and Ethics Training included a section for all employees focused on creating more awareness of human rights and modern slavery, including how to report potential concerns. Further, during the reporting period, Red Hat required additional tailored training for certain procurement employees across the globe to ensure that they are positioned to recognize and tackle risks of modern slavery in Red Hat’s operations and supply chains.
- Red Hat Business Partner Code of Conduct (Partner Code). Red Hat relies on partners to help maintain the trust of Red Hat’s customers and broader community and, therefore, Red Hat only works with entities who it believes are honest and ethical, and who commit to doing business ethically. The Partner Code applies to all Red Hat partners and their officers, directors, employees, independent contractors, and agents. Red Hat expects all partners to adhere to this Partner Code when conducting business with Red Hat and its customers, potential customers, and other partners. If Red Hat believes that a partner has failed or may fail to comply with this Partner Code, Red Hat may immediately suspend or terminate its relationship with the partner. The Partner Code is publicly available here.
Global Due Diligence Actions
- Supplier Certification. During the current reporting period, suppliers going through Red Hat’s standard procurement process, must agree to comply with the Supplier Code, or make an equivalent commitment, at the outset of the relationship. A supplier’s failure to sign and return the Supplier Code certification at onboarding may result in the supplier’s disqualification from providing future goods or services to Red Hat or any of its subsidiaries. The Supplier Code expressly states that the supplier “shall comply with slavery, human trafficking and child (and minimum age) labor laws of the country or countries in which they conduct business, shall ensure that slavery, servitude, forced or compulsory labor (including prison labor) and human trafficking are not taking place in their supply chains, and shall deal honestly, ethically, and fairly in these relationships.”
- Supplier and Business Partner Due Diligence. All Red Hat suppliers and partners are subject to various forms of due diligence, including the verification of information provided to Red Hat, as part of Red Hat’s standard procurement and business partner processes. Additional selective, risk-based due diligence exercises are also performed on certain Red Hat business partners and suppliers. These various measures allow Red Hat to make more informed decisions about who it does business with and in what capacity. These due diligence efforts include:
- Business Partner Vetting. Red Hat’s standard vetting process for partners includes an adverse media review that aims to identify potential concerns, including modern slavery and other human rights concerns.
- Continuous Monitoring. Red Hat conducts continuous monitoring of Red Hat partners that aims to identify a variety of potential concerns, including modern slavery and other human rights concerns. During the current reporting period, Red Hat also began exploring potential vendor options that will enable the Company to conduct continuous monitoring for Red Hat Suppliers as well.
- Supplier Validation. Red Hat launched a new global Supplier Validation Process during the current reporting period. As part of this Validation Process, on a risk-basis, certain new and existing Red Hat suppliers were asked to complete supplier questionnaires, which included a broad range of questions aimed at helping Red Hat identify and assess various risks including potential modern slavery risks, such as whether the supplier employs vulnerable workers (e.g., migrant workers or young workers). Following the initial global launch, Red Hat continues to review and adjust the Supplier Validation Process, with particular focus on suppliers that meet risk-based criteria.
- Supplier Audits. During the current reporting period, Red Hat and its parent company used various risk-based criteria to select certain Red Hat suppliers for broad audits.
- Employee Certification. As noted above, Red Hat employees are required to complete annual Compliance and Ethics Training, during which Red Hat requires employees to review and re-certify their commitment to the Code of Conduct.
- Reporting Mechanisms and Non Retaliation Protections. In order to encourage and foster a culture of reporting, Red Hat maintains a number of policies and reporting channels enabling employees, suppliers, business partners, and the general public to report potential violations of our Code of Conduct, policies, or other standards, including illegal or unethical business practices. Red Hat policies also prohibit retaliation or other adverse action against those that raise concerns in accordance with these policies. Reporting channels include a global Compliance and Ethics Hotline, maintained by an independent, third-party provider, that is available 24 hours a day, seven days a week and allows for reporting on a confidential or anonymous basis. Red Hat also has a dedicated supplier concerns reporting channel (firstname.lastname@example.org), which is referenced in the Supplier Code. Red Hat continuously monitors these reporting mechanisms and has internal teams dedicated to investigating such concerns. During the current reporting period, Red Hat received no reports involving complaints of modern slavery risks or incidents via these reporting channels.
Assessment of Effectiveness
Red Hat is monitoring the effectiveness of our global policies, procedures, and processes to address the modern slavery risks in our operations and supply chain. As noted in the preceding two sections, we have detailed our actions across four key performance areas: governance; due diligence; employee training & certification; and grievances and reporting. We currently utilize our global Compliance and Ethics Hotline and other reporting channels as part of our monitoring efforts. Over the reporting period, we received zero reports of instances of modern slavery whether actual or suspected.
Overall, Red Hat is taking a proactive and iterative approach to eradicating modern slavery risk in its operations and supply chains. Our iterative approach allows us to continuously review and improve our human rights efforts, as well as best practices across different regions, to try to prevent modern slavery and human trafficking within both our operations and our supply chains globally.
This statement is being published in satisfaction of the statutory obligations under section 54 of the UK Modern Slavery Act (2015) on behalf of Red Hat Inc. and its subsidiaries, which includes Red Hat UK Limited. This statement was reviewed and approved by the Board of Directors of both Red Hat, Inc. and Red Hat UK Limited.