Integrity is one of TPI’s Core Values and it guides our associates while conducting the Company’s business and performing our daily activities. TPI operates in multiple regions around the world with different cultural and business norms, yet we follow the highest ethical standards.

 

Code of Conduct and Anti-Corruption

Our Code of Business Conduct & Ethics (Code) sets the tone regarding ethical behavior and responsible business conduct. The Code covers conflicts of interest, confidentiality, preventing workplace harassment, human rights, anti-bribery and anti-corruption expectations, and many other important topics. TPI’s Board, in conjunction with its Audit Committee, is responsible for administering the Code, and has delegated day-to-day responsibility for ensuring compliance to TPI’s Office of the General Counsel. The Code, and our separate Foreign Corrupt Practices Act Policy (FCPA Policy), informs associates about the Company’s anti-bribery and anti-corruption practices and expressly prohibits direct or indirect payments that violate applicable laws. TPI has also implemented internal compliance mechanisms and processes to ensure alignment with both the UN Global Compact Principles and the Organisation for Economic Co-operation and Development (OECD) guidelines for Multinational Businesses. In 2024, TPI trained its global workforce on these critical policies to ensure awareness and to reinforce compliance with our company expectations. Completion of the mandatory compliance trainings are also linked to leadership performance plans.

 

Compliance Policies and Training

Compliance is an important part of TPI’s commitment to a strong ethical culture. TPI associates receive annual training on subjects that include the Code of Conduct, Diversity & Inclusion, Workplace Harassment, Insider Trading, and Cybersecurity, while new associates receive additional compliance training during onboarding. TPI’s Legal team regularly review and refresh our compliance training needs and requirements to reduce risks associated with TPI’s global operations. In addition, TPI reviews company policies on an annual basis to ensure we remain in compliance with all applicable regulations and requirements both for TPI and our stakeholders.

This year, TPI also retained a third-party to assess the effectiveness of our compliance program. The findings from the third-party highlighted TPI’s strong culture of integrity and transparency, effective policies, procedures, and controls, and impactful measures to prevent, detect, and respond to compliance violations.

 

Ethics Reporting

TPI strives to create a working environment with the highest ethical standards for our associates. Our Ethics Reporting, Open Door, and Non-Retaliation Policy (Ethics Reporting Policy), outlines numerous avenues to report policy, legal, compliance, or ethical violations to TPI. The Ethics Reporting Policy also encourages contact with the Office of the General Counsel, Board of Directors, or Audit Committee if there is an allegation regarding criminal conduct, violations of local laws, bribery or corruption, or financial statement irregularities. In addition, the policy describes TPI’s commitment to non- retaliation against associates that report concerns.

 

Associates are encouraged to report all concerns either directly or anonymously, through multiple reporting tools including the Ethics Hotline, which is operated by an independent third-party provider. Associates receive ongoing training and communication about how to report concerns, each TPI location displays posters in the local language on ethics reporting, and the Company’s intranet prominently displays reporting tools for associates, including a QR Code and mobile device reporting tool. Any reports submitted to the Ethics Hotline are only accessible by the Office of the General Counsel and Audit Committee Chair to protect the reporter’s identity. All reports regarding a procedural, ethical, or policy concern are taken seriously and investigated promptly by the human resources department, the internal audit department, the internal legal department, or an external law firm, depending on the nature of the concern. To ensure ethics reporting remains effective, we identify trends in reports received and then implement appropriate action plans such as associate trainings. TPI takes all allegations of misconduct seriously and investigates claims pursuant to our Investigation Policy. The Investigation Policy seeks to ensure that all investigations are done in a consistent and impartial manner while in compliance with TPI policies and laws in the countries in which we conduct business.

 

Human Rights

Respect for human rights is embedded throughout the culture at TPI. Human rights protections are included within the Code, our Supplier Code of Conduct, and our Human Rights Policy. Our Human Rights Policy highlights TPI’s explicit respect for internationally recognized Human Rights as established in the International Bill of Human Rights, the International Labor Organization’s Declaration on Fundamental Principles and Rights at Work, the United Nations Global Compact, the United Nations Guiding Principles on Business and Human Rights, the OECD Guidelines for Multinational Enterprises, and the International Labour Organization’s Core Conventions. Additionally, TPI’s Supplier Code of Conduct and Human Rights Policy addresses protections for associates’ safety at work, freedom of association, collective bargaining, and Inclusion, Diversity, Equity, and Awareness (IDEA) principles. We also expect our associates, contractors, and suppliers to abide by our Human Rights Policy to ensure respect for Human Rights in all our business dealings and TPI ensures the policy is communicated to all external stakeholders.

 

Cybersecurity: Safeguarding our Future

TPI recognizes that a sustainable business extends beyond environmental and social dimensions to include robust digital resilience. Our cybersecurity program is a foundational element of this commitment, ensuring the integrity, confidentiality, and availability of our digital assets while fostering trust among our associates, customers, suppliers, and stakeholders.

Our approach to cybersecurity is guided by leading industry practices and standards such as the National Institute of Standards and Technology (NIST) Cybersecurity Framework. This ensures a comprehensive strategy that addresses governance, risk identification, protection measures, detection capabilities, response readiness, and recovery protocols. This framework is applied across all facets of our operations, including enterprise systems, shared services, and supply chains, to help create a resilient and adaptable security posture.

 

Governance is central to our cybersecurity strategy. The program is managed by our Chief Information Security Officer (CISO) and overseen by our Audit Committee. Recurring external and internal assessments evaluate the effectiveness of our cybersecurity measures, enabling us to adapt swiftly to emerging threats and challenges. A multi-layered, risk-based defense strategy underpins this program, combining proactive threat identification, vulnerability management, and incident response planning. Incident simulations and tabletop exercises are conducted regularly with a reputable external agency to refine our preparedness and improve our responses to potential threats. These efforts not only ensure the highest standards of protection across our operations, but also strengthen our incident response capabilities, enabling rapid containment and mitigation in the event of an incident. Additionally, this proactive approach extends to our supply chain, where we collaborate with suppliers to meet stringent cybersecurity standards, reinforcing the integrity of our extended network.

 

The human element is a critical component of our cybersecurity framework and prevention efforts. We conduct annual cybersecurity training programs to enhance associates’ awareness of cyber risks and their critical role in protecting the integrity, confidentiality, and availability of our digital assets. These mandatory sessions ensure compliance with data handling laws, reinforce accuracy and confidentiality practices, while regular audits and assessments keep us aligned with evolving privacy laws. Periodic phishing simulations and targeted training sessions equip our workforce to recognize and respond to threats effectively. Through these initiatives, we cultivate a culture of vigilance and shared responsibility for digital security.

 

Our data protection framework is strengthened by advanced technologies and collaborations with trusted third-party experts to enhance risk management. These partnerships support independent assessments of our data privacy program and reinforce mechanisms for managing data access requests. By focusing on least privilege access, we ensure that individuals only have access to the data necessary for their roles, promoting transparency and safeguarding individual privacy rights.

Through our comprehensive cybersecurity measures, we not only protect our operations and digital assets but also strengthen our capacity for sustainable growth and innovation in an increasingly digital landscape. This commitment ensures the resilience and trust essential to achieving our long-term vision for sustainability.

 

Board and Executive Oversight

TPI’s Board represents our most senior governance body. Our Board of Directors reflects a diverse mix of backgrounds, experiences, and perspectives. Members of the Board comprise three committees:

(1) Audit Committee, which oversees fraud prevention and compliance; (2) Compensation Committee, which oversees director and executive compensation; and (3) Nominating and Governance Committee (NGC), which oversees sustainability, IDEA, and Board composition. Oversight for our strategies and activities related to sustainability initiatives falls under the responsibilities of the NGC, alongside the leadership team. Our Board delegates responsibility for sustainability to our CEO who manages strategy alongside our senior leadership team.

 

To help align our compensation and sustainability strategies, we have developed sustainability targets, which are included in our executive compensation plans. These sustainability targets include safety enhancement, IDEA, and waste reduction goals which can be found in TPI’s Proxy Statement.

 

Enterprise Risk Management

TPI Employs an Enterprise Risk Management (ERM) framework and process to help identify, assess, mitigate and monitor risks, including sustainability-related risks highlighted in TPI’s Task Force on Climate-Related Financial Disclosures (TCFD) on pages 57-58 of Sustainability Report. While many risks are measurable and controllable, others – such as geopolitical instability and global market volatility – are external and inherently unpredictable. Our strategic objectives include traditional priorities like revenue growth and profitability. However, as a renewable energy leader, we are steadfast in our commitment to setting the “Sustainability Gold Standard.”

We focus on our most critical enterprise risks and have implemented detailed action plans to mitigate their potential impact. Progress on these plans is reviewed regularly by our senior leadership team and reviewed by our Board of Directors at least annually.

 

External Certifications

We have implemented management systems at our nine manufacturing facilities according to the international standards for quality, environment, and health and safety, ISO 9001, ISO 14001, and ISO 45001, respectively. We perform internal audits and have annual third-party surveillance audits performed to maintain our certifications as well as ensure regulatory compliance.

 

Additionally, both of our facilities in Türkiye have obtained ISO 50001 (Energy Management) and ISO 27001 (Information Security) certifications. One of our facilities in Juarez achieved IATF 16949 (Quality). Furthermore, our Field Service entity in Spain received ISO 9001, ISO 14001, and ISO 45001 certifications. Our certifications can be found on our website.

 

Moreover, we require our top global raw material suppliers to maintain a Quality Management System (QMS), Quality Assurance (QA), or Product Quality Plan compliant with ISO 9001, in accordance with industry standards and TPI’s customers’ requirements. To ensure compliance, we audit our largest global raw material suppliers to ensure consistency and standardization throughout the value chain. Please see section 7 of Sustainability Report for more information.

 

TPI Composites Inc – EHS & Quality Certificates