Partner der Haufe Gruppe in Compliance Fragen

Learning & Best Practices

of a Compliance Management System

Haufe Group Compliance Mindset

Internal 20th September 2018, Institut Risk & Compliance, Paris

AGENDA

Welcoming

09h15-10h30 Fundamentals

Beyond the theory

Lessons learned

10h30 - 10h45 Coffee and networking break

10h45 - 11h45 Integrity Now!© game

11h45 - 12h00 Wrap-up and closing

COO & CEO Haufe Group

Birte Hackenjos and Markus Reithwiesner

HAUFE GROUP

ISO 19600:2014

Quelle: https://www.iso.org/obp/ui/#iso:std:iso:19600:ed-1:v1:en

Anti-

CorruptionAntitrust

Data

Protection

IT Security Governance

CSR

1. Risk

Assessment

2. Awareness

& Prevention

3. Monitoring

4. Response

THEORY PLAN-DO-CHECK-ACT DEMING CYCLE

LEGAL STATUS OF COMPLIANCE IN GERMANY

DIFFERENT LEGAL PROVISIONS

❖ Corporate Risk & Compliance Management

German Stock Corporation

Sections 30 and 130 German Act on Regulatory Offences (OWiG)

❖ Bribe

German Penal Code applies to individuals

OWiG applies to companies, fines up to 10 million EUR

❖ Whistleblowing system

German Civil Code failed

German case law (§138 of the German Penal Code)

❖ Data Protection

European Data Protection Regulation replaced Federal German Act for Data Protection

KERNTEAM COMPLIANCEWhich Compliance guidelines

are binding for me?

I haven‘t found the guidelines on the

sharepoint

Some rules are not

consistent with

guidelines from other

departments

Where can I find the

Compliance guidelines?

EMPLOYEES OFTEN LOST IN COMPLIANCE

COMPLIANCE ORGANIZATIONAL STRUCTURE

& REPORTING LINES

Advisory Board

Board ofDirectors

Legal + Compliance

Legal ComplianceData

Protection

HR Project

ManagementBusiness Services

TEAM

Compliance Office

Risk Management

CREATING A COMPLIANCE MINDSET PROGRAM

CMS

Internal

Ambassadors

External

Ambassadors

Operational

Compliance

Compliance

Tool› Compliance

Communication

› Whistleblowing

portal

OUR COMPLIANCE PATH IN PRACTISE

1. Compliance RULES

Easy and understandable guidelines

i.e. Employee/Supplier Code of Conduct, Anti-Corruption guideline

2. Compliance TONE FROM THE TOP

Role model, responsibility and Compliance statement from the Top Management

Endorsement through the workers council

3. Compliance AWARENESS

Blended learning, in person trainings, workshops

Compliance champions, Compliance day

Welcoming day for newcomers

4. Compliance PROMOTION

Company Website

Whistleblowing portal

COMPLIANCE MINDSET GOES DIGITAL

❖ Risk Assessment

❖ Guideline Management

❖ Anti-Corruption Documentation

❖ Case Management

❖ Whistleblowing System

❖ Internal Control

NOT ONLY PROCESS Management!

▪ Automatized Workflow

▪ Data Intelligence

▪ Documentation

▪ Reporting

HOW? Compliance TOOL

COMPLIANCE MINDSET COMMUNICATION

➢ Guidelines only lays out the rules

➢ Applying the rules in the daily work is the task of each employee no

matter the hierarchical level

➢ Easy to say, more difficult to establish in an organization

CHANGE MENTALITY PROCESS

with the internal/external ambassadors!

▪ Corporate culture

▪ Trust

▪ Speak up https://whistleblowerportal.haufegroup.com/

▪ Strategy & business

▪ Compliance compass

➢ DOCUMENTATION

➢ TRANSPARENCY

➢ SEGREGATION

➢ ADEQUACY

TO ENSURE COMPLIANCE SELF CHECK FROM THE EMPLOYEES!!!!

COMPLIANCE COMPASS

14

INTEGRITY NOW! LET’S PLAY

Katharina Miller Corporate Compliance & Human Rights Lawyer and Partner,

3C Compliance, Madrid Spain

MERCI! VIELEN DANK!

Contact: Colline Jux colline.jux@haufe-lexware.com, Chloé Saby chloe.saby@haufe-

lexware.com, Katharina Miller miller@3ccompliance.com