Combating Corruption and Bribery
Within the context of the statutory requirements in the Non-financial Group Declaration, this aspect includes one material topic: “Governance and Compliance” (see Materiality Matrix).
Governance and Compliance
The foundation of our business model is based on reliable, transparent and trustworthy corporate governance, which the company manages and monitors responsibly and independently. Its function as a role model is decisive in terms of building and cementing credibility – and therefore trust among our stakeholders. As a result, our governance endeavors are geared toward the establishment and implementation of, and systematic compliance with, a transparent and modern system of rules. Group-wide policies and business principles serve as a framework: Our Business Philosophy, our Code of Conduct, the Business Partner Code and the Declaration of Respect for Human Rights act as the maxims guiding us in our actions. We live up to this attitude with our independent Supervisory Board and our commitment to the principles of the German Corporate Governance Code.
In order to acknowledge the increasing significance of compliance topics, the existing Compliance office became an independent Compliance and Data Protection department in April 2023. The role of Chief Compliance Officer, reporting directly to the Chief Executive Officer at least once a month, was created to head the department. In the reporting year, preparations were also made to establish an additional decentralized compliance structure from 2024. In relevant business areas, individual employees are being trained as local contacts for compliance issues in order to be able to answer initial questions directly on location and provide quick and straightforward support. The Compliance and Data Protection department is training the local contacts, providing technical advice and is maintaining constant contact with them.
The compliance management system (CMS) supports the corporate governance’s direction and guards the company against misconduct. At Vonovia, the CMS is based on three pillars: prevention, detection and response. These pillars are underpinned by an extensive system of measures and processes as part of the compliance program. The basis takes the form of the Compliance Guidelines, which follow the Principles for the Proper Performance of Reasonable Assurance Engagements Relating to Compliance Management Systems (IDW PS 980). The CMS is subject to a periodic audit, which is carried out by an external auditor. Preparations were made in the reporting year for the external CMS certification, which will be completed in 2024.
The Chief Executive Officer (CEO) is responsible for implementation of the CMS. A Compliance Committee comprising the Chief Compliance Officer, compliance managers, the ombudsperson, representatives of the Internal Audit, Risk Management and HR Management departments, the works council and companies outside of Germany meets on a quarterly basis and updates the system in line with current requirements. In this context, the Chief Compliance Officer acts as a central contact point within the company for compliance-related questions and suspicions. The Chief Compliance Officer’s activities are supported by the compliance managers and specialists in the individual departments. The Supervisory Board receives comprehensive information about compliance issues and corruption along with existing guidelines and processes on a quarterly basis. The compliance report, which is forwarded to the Audit Committee via the Chief Compliance Officer (following prior consultation with the CEO), provides information about potential breaches, measures and compliance training, as well as relevant data protection issues.
The CMS and whistleblowing system apply to the entire Group. Deutsche Wohnen also maintains its own legal and compliance department, which is supported by Vonovia’s Compliance and Data Protection department under the terms of the agency agreements. Whenever legislation in Austria or Sweden conflicts with Group-wide rules, a different rule is adopted for the subgroup in the form of a national guideline. Responsibility for this lies with the respective managing directors. Deutsche Wohnen already had its own established CMS for the Care segment, including a data protection concept that was tailored to, and appropriate for, this business area, which is why the decision was made to keep it in place. This also applies to the Care segment’s own whistleblower channel. Access to Vonovia’s whistleblower system was also expanded by setting up an additional category for the Care segment.
Regular Group-wide training sessions are the cornerstone for preventing misconduct before it happens. A comprehensive catalog of regular and mandatory training events is already firmly established and has been adapted for the various internal target groups. The compliance training program includes mandatory training on topics such as data protection, dealing with conflicts of interest, and combating corruption. The sessions are aimed at all employees with annual refreshers. The target group-specific training sessions are also run every year: The procurement department, for which the issue is particularly relevant, receives special training on corruption and criminal law pertaining to corruption, for example. Sales employees take part in anti-money laundering training, while employees in Development receive special training on concluding sales contracts. Another mandatory training course for the entire management level is dedicated to the topic of corruption and detecting fraud.
In the 2023 fiscal year, we once again carried out a compliance risk analysis at the level of senior company executives in Germany. As part of this analysis, information was requested on the topics of active and passive corruption, money laundering, social compliance and IT/data security. In order to meet the requirements under the German Supply Chain Due Diligence Act, the analysis and evaluation of human rights and environmental risks in the company’s own business area was also incorporated into the survey. These results are also being incorporated into the update of the Declaration of Respect for Human Rights. The aim of the survey was to systematically evaluate compliance risks and identify potential areas of focus for further development of the CMS. The compliance management team decided to implement a number of measures on the basis of their responses to the survey: Going forward, the frequency of the compliance risk analysis will be adjusted from every two years to every year, and will also include Austria and Sweden on a regular basis. In the reporting year, preparations were also made for the introduction of annual compliance self-assessments in the individual departments within the Group starting in 2024.
The reporting year saw an update to the Business Partner Code, in which Vonovia sets out clear expectations of its business partners, including with regard to respecting human rights and protecting the environment. We expect our business partners to subject their own business partners at all stages in their supply chain to the obligation to comply with the same standards and principles. The Group-wide Guidelines on the Whistleblower System and the Group-wide Guidelines on Approval Thresholds and Decision-Making Powers were also updated. In the 2024 fiscal year, the Anti-Money Laundering Guidelines will also be reviewed to identify any need for updates, and further preventive measures will be implemented in this area. Furthermore, process digitalization continued in the reporting year and preparations were made to introduce a fully digital file management system as of 2024.
Vonovia has a comprehensive system in place for complaints management and protecting whistleblowers that is also intended to meet the requirements of the Whistleblower Protection Act (Hinweisgeberschutzgesetz), which came into force in the reporting year. The anonymous whistleblower portal is available not only to employees, but also to external groups, such as customers and business partners. In the reporting year, six additional languages were added in addition to German and English. The portal complements and extends the existing system of the independent ombudsperson and has been integrated into the Vonovia partner portal. The whistleblower report, prepared externally every six months, is included with the company’s compliance report. Information on potential cases of discrimination within Vonovia‘s own business area can not only be submitted anonymously via the whistleblowing system, but can also be reported via a separate reporting mailbox in the HR department so that any potential violations of the German General Act on Equal Treatment can be recorded. In Germany, this covers four European anti-discrimination directives that have been issued since 2000. Suspected cases of discrimination in the process involved in initiating tenancies can be reported via the anonymous whistleblower portal, to the independent ombudsperson or directly to the Compliance and Data Protection department.
Material Performance Indicator – Total number of proven cases of corruption (in Germany)
Material performance indicator | |||||||
Category | Unit | 2022 | 2023 | ||||
Total number of proven cases of corruption (in Germany)* | number | 0** | 0** | ||||
- * A case of corruption is considered proven if a court conviction has taken place. Suspected cases of corruption under investigation during the reporting period are not included.
- ** Excl. Care segment.
In the 2023 reporting year, 29 suspected cases of corruption or compliance issues in Germany and Austria had been reported via the anonymous whistleblower portal and carefully investigated. The severity of all reported cases was determined to be minor. The reported cases can be assigned to the following categories, among others: incidents with tenants, conflicts of interest involving employees, information regarding allegations of fraud (involving commission) relating to employees, but also external persons, notifications of material theft and vehicle break-ins. One report involved a possible violation of human rights within Vonovia’s own business area, which was not confirmed. In Sweden, seven reports were received via the various reporting channels in the reporting year. None of the suspected cases in Germany, Austria or Sweden led to a court conviction. There were no proven cases of corruption, including in the Care segment.
This currently (up to the editorial deadline) also applies to the suspected cases in connection with the search conducted by the public prosecutor’s office. As reported, on March 7, 2023, Vonovia was informed by the public prosecutor’s office in Bochum during the course of necessary search measures connected to an ongoing investigation that former and, at that time, current technical employees were being investigated on suspicion of corruption. The persons under suspicion may also have caused damage for Vonovia by overriding and circumventing controls and compliance policies.
Vonovia continues to cooperate fully with the work of the investigating authorities. The auditing firm Deloitte and the law firm Hengeler Mueller have been commissioned to perform a forensic assessment of all the facts of the case. It is currently not possible to arrive at any conclusive assessment regarding the amount of any damages. For 2022,
it is estimated to come to a maximum of 1% of the order volume awarded by Vonovia. At the most, this amounts to a low single-digit million amount. Given that only fully completed proceedings are presented under material performance indicator “Total number of confirmed cases of corruption (in Germany)” in the reporting year in question, this incident has no impact on the key figures reported.