4.5 Ethics in the conduct of business

Ethics management

[GRI 2-23] [GRI 3-3] Ethics in the conduct of business and anti-corruption

The fundamental principle that guides our business is compliance with the law. This is done by complying with statutory and supervisory regulations applicable to our operations, as well as internal legislative acts. Each employee, through his or her actions towards customers, upholds the good name of the ERGO Hestia Group and avoids actions that could create a negative image of STU ERGO Hestia SA and STU na Życie ERGO Hestia SA in the eyes of our customers. We strive to offer customers the best possible advice and provide them with all the information they need to make the right and accurate decision for their interests. We recognize that our business has an impact on the broader economic, social and environmental environment in which we operate. Therefore, we build our identity by following the principles of prudence, prevention and responsibility in selecting contractors and partners, and ensuring and maintaining integrity in all business transactions.

We cooperate with many partners, which is why it is so important for us to adhere to the principles and values that create an image of an ethical, professional, safe and conscious business, responsible for the role it plays economically and socially.

Wojciech Radwański. Photographer

These documents form the basis for many procedures, and their elements are also present in the criteria and information addressed to external stakeholders. Their role is to prevent potential negative consequences of violations of principles of ethics in the conduct of business.

The aforementioned policies, codes and other documents function in their entirety only in the internal circulation of the organization, which results from the adopted legislation and guidelines of the ERGO and Munich Re Group.

The ERGO Hestia Group is obliged not only to comply with the requirements of the law, but also to take full account of the broad recommendations issued by relevant supervisory authorities, including international institutions. The entire alignment with legal regulations and recommended solutions ensures that we are a stable, safe and transparent entity – trustworthy and dedicated to protecting the interests of both customers and employees.

We follow a Code of Conduct for employees (Code of Ethics). At the same time, we are obliged to adhere to the principles embodied in the Munich Re Group’s Code of Conduct, which sets guidelines for responsible action and is also made available externally through the ERGO and Munich Re Group’s communication channels.

Effectiveness of the measures taken

[GRI 3-3] Ethics in the conduct of business and anti-corruption

We have a zero-tolerance policy for any violations of the Code of Ethics and other fraud, including financial fraud, and have therefore put in place measures to prevent and detect fraudulent activities from occurring, and to respond appropriately when they are detected. We have equipped our employees with tools to identify and report fraud at an early stage. In addition, by systematically examining the operations performed and responding appropriately, we strengthen the protection of the entire system, including the financial system, and its individual participants.

We attach great importance to monitoring the effectiveness of the measures taken to comply with the ethics management and anti-fraud system developed in the Group through the activities undertaken by the Compliance Function and the person appointed to supervise it – the Compliance Officer. In the structure there is a separate substantively competent organizational cell – the compliance area, located autonomously in the Management Board Office. Expertise is concentrated in the compliance unit, but some of the compliance tasks, or compliance risk management tasks, are delegated to the business and operations units.

Employees performing the duties within the compliance area perform them independently and autonomously. They have unlimited right and access to information on relevant tasks. The Compliance Function reviews the established compliance policies and plans as needed, but no less frequently than once a year. The review covers all areas of ERGO Hestia Group’s operations. The Compliance Function submits to the Management Board periodic and ad hoc reports on the function’s activities, including information on identified compliance violations and corrective actions taken by management according to current needs.

All employees receive training on the principles laid down in the Code of Conduct for ERGO Hestia employees. General level training is part of onboarding training and is repeated every two years as part of the so-called refreshment training.

As of 2020, there is an online training formula in place that all employees can access. In addition, training courses that present anti-corruption issues comprehensively, at an expanded level, are implemented for employees directly exposed to such risks.

Due to the high effectiveness of the activities carried out, we have not identified the need to modify the existing procedures.

100%of employees have been trained in ethical behaviour.

Anti-corruption

The Code of Ethics includes provisions on anti-corruption. The Group has a zero-tolerance policy for all financial crime.

We have also adopted a Code of Conduct for suppliers and contractors. It contains important declarations and principles that we follow in accordance with the ERGO Hestia Group’s Business Strategy. The Code defines the basic standards of cooperation and business conduct that we expect our current and future partners to follow. We work only with suppliers and contractors proven for quality, reliability and flexibility of operations. Commitment to comply with the Code is part of the agreement concluded with the ERGO Hestia Group, as well as a declaration of voluntary compliance with the requirements contained in this document.

Individual terms such as corruption, bribery, conflict of interest or grease payments and facilitation payments have been defined by indicating what activities a Group employee should not engage in. The Code describes the question of giving and accepting business gifts, as well as offering gifts to functionaries, hiring relatives of employees, bribery and corruption behaviour, and when there is a conflict between private and professional interests. In addition, in case of doubt about the definition, it is reasonable to refer to generally applicable laws in this regard.

Daniel Remian. Photographer

Anti-corruption training by pay grade in the ERGO Hestia Group*

[GRI 205-2]

	Number of employees trained	Percentage of employees trained	Number of employees informed	Percentage of employees informed
senior management	2	100%	no data available	no data available
middle management	5	100%	no data available	no data available
other employees	398	99.7%	no data available	no data available
TOTAL	405	99.8%	no data available	no data available

Information on current employee training is published on the ERGO Hestia Group’s intranet, hence there is no way to monitor the number of and the percentage of the recipients of these messages.

99.8% – percentage of newly hired employees trained in anti-corruption
405 – number of all newly hired employees who received training on anti-corruption policies and procedures in 2022.

[GRI 205-3]

In 2022, no cases of corruption were reported in the ERGO Hestia Group, and therefore no further action was taken in this regard.

[GRI 2-15]

Members of the Management Boards of STU ERGO Hestia SA and STU na Życie ERGO Hestia SA are subject to regular primary and follow-up suitability assessments as members of the bodies of supervised entities, in which the area of conflict of interest is an independent part, as detailed in the Management Board Bylaws. At the general level, the area of conflict of interest is also managed through the relevant provisions of the Work Regulations, compliance with which is mandatory for all employees, including members of the Management Board.

In the event of a conflict of interest, stakeholders are informed directly by the Compliance Officer.

* The data relates to Sopockie Towarzystwo Ubezpieczeń ERGO Hestia SA and Sopockie Towarzystwo Ubezpieczeń na Życie ERGO Hestia SA. Management Board members are subject to individual training on anti-corruption policies and procedures at the Group level. In 2022, we did not collect data on the aforementioned training and on the number and percentage of business partners who were informed and trained on anti-corruption policies and procedures.

Communication of violations and critical incidents

[GRI 2-26]

Hestians can seek advice on the application of responsible business practices or specific policies. Relevant documents are available on our intranet or directly from individual business units. They form the basis of many procedures, and their elements are also present in criteria and information addressed to external stakeholders, such as suppliers. Our goal is to participate in the development of a friendly working environment, comply with laws and internal procedures, and respond to any irregularities.

The ERGO Hestia Group has a whistleblowing mechanism in place. Some of the channels are also available to external parties.

Violations can be reported:

If a report of a violation is received, the Compliance Officer immediately follows up, i.e. analyses the report to verify the violation information and decides whether to initiate an internal investigation of the case.

In addition to the Compliance Officer, the second unit in place to manage the negative consequences of violations arising from the ethics and anti-fraud management system is the Anti-Fraud Officer.

Since 2008, the ERGO Hestia Group has had a system for reporting suspected irregularities (whistleblowing), which allows employees to provide information anonymously or by name about suspected, observed or experienced non-compliance with the Code of Ethics. Reports can be made by phone, text message or e-mail. The system provides full protection of the whistleblower’s personal data.

[GRI 2-16]

Critical IT incidents include all incidents that have a negative impact on the stakeholders, the environment or the company’s image and for which a crisis management team is assembled by the Risk Department. Identified critical incidents, including IT critical incidents, are reported to the Management Board. In 2022, no such incident was reported at the ERGO Hestia Group.

[GRI 2-27]

In 2022, STU ERGO Hestia SA was fined for exceeding claims handling deadlines. https://www.knf.gov.pl/knf/pl/komponenty/img/Komunikat_Ergo_Hestia_I_instancja_79289.pdf . The penalty was for exceeding claims handling deadlines during the reporting period, i.e. 2022.

Last year, STU na Życie ERGO Hestia SA had a pending proceeding for a violation of the AML (Anti-Money Laundering) – Anti-Money Laundering and Countering the Financing of Terrorism Act, that occurred in 2020, and was not completed as at 31 December 2022.

As of 2021, legal proceedings are under way to appeal the decision of the Personal Data Protection Authority. The penalty imposed by the President of the Personal Data Protection Authority was overturned by the Court of First Instance, and an appeal proceeding at the initiative of the President of the Personal Data Protection Authority is currently under way. The case is pending and neither party has obtained a final judgement.

In accordance with the ISMS in effect at the Company (Instruction No. WS 50/22 of the Member of the Management Board for Finance and Organization of Sopockie Towarzystwo Ubezpieczeń ERGO Hestia SA, dated 30 November 2022, on the introduction of the Information Classification Standard in effect at the Company), information on ongoing litigation and legal services is subject to a confidentiality clause, and for this reason cannot be disclosed.

4. Governance