As a company in the financial sector, acting in a legally binding and ethical manner is fundamental. To ensure this, GRENKE has numerous measures, structures, and processes in place that are controlled by a comprehensive compliance management system.
We secure our sustainable success through careful risk management. We integrate current developments and circumstances, such as the opportunities and risks of climate change, into our risk management.
Our sustainability strategy and non-financial reporting are founded on the dialogue with our stakeholders and the findings of our materiality analysis. We have various departments dedicated to engaging in dialogue with both internal and external stakeholders, fostering a constructive exchange with these key groups.
We are constantly evolving our data protection management system to ensure that data processing within the Consolidated Group is always in compliance with the law, enabling early detection of potential violations and implementing appropriate countermeasures. To address the significant challenges in data protection, both GRENKE AG and its subsidiaries have appointed data protection officers in accordance with legal requirements and established a central office for operational data protection. These data protection officers and the operational data protection team serve as expert contact persons for our customers, business partners, and employees.
We combat potential money laundering and criminal activities through our specially trained employees, detailed work instructions, guidelines, and controls. In pursuit of this goal, we have designated national money laundering officers across the Group to oversee compliance with legal standards. Our specialized retail partners undergo regular training and receive updates on money laundering regulations and trends. Additionally, we are implementing an IT-supported transaction monitoring and Know Your Customer (KYC) tool to enhance automation and digitization of these processes.
We are constantly evolving our data protection management system to ensure that data processing within the Consolidated Group is always in compliance with the law, enabling early detection of potential violations and implementing appropriate countermeasures. To address the significant challenges in data protection, both GRENKE AG and its subsidiaries have appointed data protection officers in accordance with legal requirements and established a central office for operational data protection. These data protection officers and the operational data protection team serve as expert contact persons for our customers, business partners, and employees.
We continuously enhance our information security management system to ensure optimal protection for the information we handle. Our efforts are guided by compliance with regulations and laws, notably the Minimum Requirements for Risk Management (MaRisk) and the banking supervisory requirements for IT (BAIT). All our measures, processes, and controls are aligned with the ISO27001 standard and the IT security maturity model according to COBIT, a globally recognized framework for IT governance, and are progressively expanded over time.
Here you find further information regarding our Corporate Governance.