Energie AG’s compliance goals are:
- Ensuring a value-conscious compliance culture
- Preventing property damage and reputational damage
- Ensuring fair competition by compliance with the law and regulations
- Ensuring compliance with all Group-wide guidelines and standards
- Minimising/Avoiding liability risks and non-material damage
- Raising awareness among all Energie AG employees of compliance with guidelines and the Code of Conduct
- Implementing effective prevention measures
- Improving legal certainty
- Avoiding infringements of legal and in-house standards
Code of Conduct “This is how we think, this is how we act”
Compliance at Energie AG is based on a mutual understanding of values which is expressed in the Code of Conduct “This is how we think; this is how we act” and published for all stakeholders, managers and employees.
The Code of Conduct is the key element that supports action in compliance with laws and guidelines. It is the foundation for all business activities and decisions at the Energie AG Group. It is the basis for moral, ethical and legally sound behaviour on the part of all Group employees. The Code of Conduct is mandatory for everyone and contains essential rules concerning respectful conduct and open communication. All managers and employees throughout the Group have been and will continue to be informed about the in-house Code of Conduct. New employees receive the relevant compliance documents upon joining the Company.
Compliance management system
To establish compliance effectively throughout the Group of companies, a compliance management system was established, appropriate guidelines were authored and numerous face-to-face training sessions were held in recent years. The content, responsibilities, distributions of skills, and required documentation and reporting have all been decided. Information on compliance is provided to staff via e-learning, among other formats. Employees can decide for themselves when they want to use this interactive tool, allowing them to fit the sessions into their work routine in a way that best suits their needs.
As part of the Energie AG Group's due diligence measures, the experts in the various areas of legal specialism monitor the relevant national and European legislative frameworks. The Compliance Organisation is involved in issues relevant to the Group as a whole.
The conduct of Netz O֒s management and employees in relation to lobbying activities is based on its own Code of Conduct in accordance with § 7 of the Austrian Lobbying Act (LobbyG). Netz OÖ has created an equal treatment programme and appointed an equal treatment officer based on its legal obligations as an electricity and gas distribution grid operator.
The Group refers to legal databases, a range of legal commentaries, newsletters and legal registers from external providers to ensure that up-to-date versions of the relevant requirements are always used in the Legal Department’s operational activities. The Legal Department acts as one of a number of information channels, notifying the relevant departments and entities of new legal developments. The Group provides legal certainty and ensures compliance with the applicable requirements by attending seminars, specialist conferences, participating in various committees, keeping up to date with the latest legal developments and legislative plans, and scheduling visits to individual locations.
For further information about Energie AG’s internal control system, see the Group Management Report, Internal control system.
Energie AG’s entities and employees are subject to provisions regarding public officials (Amtsträger) within corruption law. Training sessions are held continuously to ensure the Group-wide implementation of the comprehensive compliance standards in force at the Energie AG Group to prevent corruption. The “Anti-Corruption” learning module offered in Austria has so far been completed by 78.8% of the employees in the country (previous year: 67.7%). The deviation from the previous year is due to changes in personnel.
There were no incidents of corruption in the Energie AG Group in the 2019/2020 fiscal year (previous year: 0).
Energie AG unconditionally declares its commitment to fair competition with its competitors, business partners and other market participants. For this reason, the existing antitrust manual is being updated. With its comments on the necessary market behaviour, the manual is primarily aimed at the sales-oriented divisions and is also available to all employees in the Energie AG Group via the Intranet.
Since the 2018/2019 fiscal year, a Group-wide learning module has been available on the subject of antitrust law/competition law to ensure that all members of staff (in particular, new employees) demonstrably have access to a well-prepared treatment of the topic. The primary target groups for graduating this module are all sales and sales-related units as well as procurement staff.
Energie AG maintains a data protection management system to ensure Group-wide implementation and compliance with the provisions of the General Data Protection Regulation (EU 2016/679; GDPR, in effect since May 2018) and the new Austrian Data Protection Act 2018 (Datenschutzgesetz; DSG).
Energie AG’s Data Protection Policy explains the data protection management system’s essential operational framework. Energie AG is aware of the trust that its customers place in the Company. As a result, the Group treats security, integrity and trust as a top priority when handling personal data in day-to-day operations.
The data protection processes the Group has implemented log and process valid complaints regarding breaches of customer data protection, resulting in corrective action if necessary. In the year under review, one data protection violation under GDPR Article 33 was reported to the data protection authorities. The proceedings were discontinued as a result of the steps taken (previous year: three proceedings discontinued).
Promoting a compliance-conscious culture
Management are responsible for promoting a compliance-conscious culture among staff. Energie AG ensures that its employees know the compliance values and put them into practice. Within the annual definition of targets, the Group Management Board has the opportunity to agree on measurable and adjustable compliance goals that form part of the management performance with the Company's managers and executives. The manager or executive further confirms his or her commitment to the relevant and compulsory compliance requirements of Energie AG in the individual target agreements.
The Compliance forum was set up to ensure that compliance questions are handled in a comprehensible manner. Regular meetings help to ensure the necessary exchange of information and consistent treatment of compliance-related matters throughout the Group. All areas of the Group have the opportunity to submit compliance queries and receive compliance advice.
Information security management
In order to be able to reliably guarantee continuous service to customers and other stakeholders in line with their needs, Energie AG has maintained a comprehensive, Group-wide information security management system for a number of years. Especially in the age of digitalisation and cyber-attacks, detecting and countering risks and attacks of this nature is of great importance. To this end, Energie AG periodically and systematically analyses and evaluates threats to its information security, decides its stance on any risks and takes effective steps to control and reduce these risks.
The cyber risk and fidelity insurance taken out in fiscal year 2018/2019 forms part of the information security management risk assessment 2019/2020. Key areas of activity are ISO 27001-certified and are regularly reviewed. The requirements stemming from the Austrian Network and Information System Security Act (Netz- und Informationssystemsicherheitsgesetz; NISG), which aim to ensure a high degree of security for networks and information systems, will be gradually implemented in the relevant areas. Staff users undergo annual (electronic) training programmes and are proactively notified of any particular threats.
In addition, Energie AG has taken a large number of steps to establish and maintain an adequate level of security. However, even the most strenuous effort cannot guarantee absolute security in today’s information and communication technology, meaning that there is always a certain residual risk. As a result, Energie AG has an emergency and crisis management system in place, enabling it to safely restore orderly operation and customer supply as quickly as possible in the event of a failure.
Respect for human rights
Respect for human rights is a natural part of life for the Energie AG Group. Energie AG expects all business partners to adhere to the statutory framework, along with the applicable laws and standards on human rights. In terms of respect for human rights, the Group cannot discern any material risks for compliance with the applicable legal standards in the European Union and in Europe. Risks in the earlier links of the supply chain cannot be entirely ruled out. For this reason, the Group exercises due diligence in procurement.
Equal treatment has been identified as a human rights issue that could fall within the Company's direct sphere of influence, although there is no significant risk in this regard. The parties available for employees to contact in the event of possible discrimination are the compliance officer, the Works Council or their respective supervisor. As in the previous year, no incidents of discrimination were reported to compliance staff in the 2019/2020 fiscal year, nor were any legal proceedings underway.
Energie AG does not tolerate any discriminatory conduct or any unequal treatment, whether on the basis of national or ethnic origin, religion, age, gender or other traits. Diversity presents valuable potential for Energie AG as an international company Group. Energie AG respects the unique nature of each individual, and are committed to tolerant and respectful conduct as well as open communication. The effects of this include promoting a climate of appreciation and respect for all employees within the Company. Behaviours aiming towards fair and trusting interaction with one another are supported.
The actions of Energie AG always abide by the Group's guiding principle “We care about tomorrow”. The Energie AG Group will continue to develop its sustainability management in the 2020/2021 fiscal year on the basis of environmental and social aspects.
Linz, 02 December 2020
The Management Board of Energie AG Oberösterreich
Chief Executive Officer
DDr. Werner Steinecker MBA
Chairman of the Management Board
Dr. Andreas Kolar
Member of the Management Board
Dipl.-Ing. Stefan Stallinger MBA
Member of the Management Board