As a company in the financial sector, acting in a legally binding and ethical manner is fundamental. To ensure this, GRENKE has numerous measures, structures, and processes in place that are controlled by a comprehensive compliance management system.
We secure our sustainable success through careful risk management. We integrate current developments and circumstances, such as the opportunities and risks of climate change, into our risk management.
The dialogue with our stakeholders and the results of our materiality analysis form the basis of our sustainability strategy and our non-financial reporting. For a constructive exchange with our stakeholders, we have several departments that interact with internal and external stakeholders.
Our Group-wide compliance management system (CMS) helps us to meet the various international requirements and prevent risks. In order to ensure compliance with all national and international requirements and guidelines, all countries in which we are represented also have local compliance officers. Our whistleblower platform "GRENKE Integrity Line" offers all internal and external stakeholders the opportunity to bring potential breaches of regulations to our attention - at any time and in complete anonymously.
We counter potential money laundering and criminal activities with our specially qualified staff, work instructions, guidelines and checks. For this purpose, we have appointed national money laundering officers throughout the Group who ensure legal compliance. Our business partners are regularly trained and informed about regulations and developments in money laundering. In addition, we are setting up an IT-supported transaction monitoring and KYC tool, which will automate and digitalise these processes.
We continuously develop our data protection management system further. In this way, we ensure that data processing in the Consolidated Group is carried out in compliance with the law at all times, that potential violations are recognised at an early stage, and that appropriate countermeasures are taken. In order to meet the major challenges in data protection, both GRENKE AG and its subsidiaries have each appointed data protection officers in accordance with legal requirements and created a central office for operational data protection. The data protection officers and operational data protection are also available to our customers, business partners and employees as expert contacts.
In order to protect the information we process in the best possible way, we are constantly developing our information security management system further. Compliance with regulations and laws, in particular the minimum requirements for risk management (MaRisk) and the banking supervisory requirements for IT (BAIT), are the basis of our actions. All measures, processes and controls are based on the ISO27001 standard and the IT security maturity model according to COBIT (internationally recognised framework for IT governance) and are being successively expanded.
Here you find further information regarding our Corporate Governance.