Integrity as a constant in times of digital change

In the wake of its own digital transformation, the A1 Telekom

Austria Group continues to practice honesty, fairness, and transparency. The compliance management system provides a clear framework for responsible conduct in the interest of safeguarding the Group’s economic success and reputation in the long term.

The A1 Telekom Austria Group not only has its sights set on achieving its business objectives but is also on the way that this is done. The overriding principle here is and will remain honest and responsible conduct toward its customers, employees, shareholders, creditors, suppliers, other partners, and the public.


For a fair, sustainably successful business developement: the compliance management system

On behalf of all its stakeholders, the A1 Telekom Austria Group is committed to keeping its standards of integrity as a key component of its corporate culture. Only honesty, fairness, and transparency will safeguard the Group’s economic success and reputation in the long term.


For this purpose, the A1 Telekom Austria Group has a sophisticated compliance management system, the appropriateness and efficacy of which are regularly reviewed. In order to avoid potential misconduct, the Group has defined clear rules for acting with integrity and in an ethically sound manner in all business re- lationships and has integrated appropriate controls into the business processes.


In order to respond appropriately to any misconduct, tips are collected via a dedi- cated whistleblower portal and dealt with in a strictly confidential mannor via a structured process. This makes it possible to remedy weaknesses and to continu- ously improve the compliance management system.


A scoping process identified the following as significant compliance topics: corruption prevention and integrity, antitrust law, data protection, and capital market compliance. Group Compliance, with support from local compliance man- agers at the subsidiaries, ensures that the corresponding measures and tools are implemented consistently in all business units. The A1 Telekom Austria Group’s compliance management system complies with internationally recognized stan- dards such as IDW PS 980, ISO 19600, and ISO 37001.


Code of Conduct: guidelines for acting responsibly and with integrity

The Code of Conduct is a key tool of the A1 Telekom Austria Group’s compliance management system. It is aimed at all employees and managers and helps to promote ethically and legally irreproachable conduct in the many decisions that

have to be made every day. For this purpose, it contains advice and rules for deal- ing fairly with stakeholders, gifts and personal benefits, confidentiality, conflicts of interest, protecting company assets, reporting violations, and communicating

the content of the Code of Conduct, and the Group’s whistleblower principles. The Code of Conduct was last revised in 2017, when it was expanded to include the group-wide Guiding Principles of “Team, Trust, and Agility” (see “Employees”).


Group-wide guidelines also provide detailed assistance regarding specific topics such as anti-corruption and conflicts of interest, capital market compliance, and anti-trust law. For the “Anti-Corruption and Conflicts of Interest” guideline, the ISO standards for compliance management systems (ISO 19600) and anti-cor- ruption management systems (ISO 37001) were taken into account.


Trainings on compliance topics is optimized for the target group and provided regularly in order to firmly embed the notion of integrity throughout the Group. In group-wide training, the topics of anti-corruption, integrity, data protection, in- formation security, antitrust law, and capital market compliance are elucidated with a focus on actual practice. Employees and managers were trained in 7,600 classroom trainings in 2018. In addition, employees and managers completed over 24,000 compliance e-learning courses in 2018. To resolve any unanswered questions, employees of the A1 Telekom Austria Group can contact the “ask.me compliance helpdesk, which dealt with a total of around 460 questions in 2018.


Embedding compliance in the corporate culture

Compliance is a central element of the corporate culture because it provides clear rules and guidelines for behavior in everyday business. Decisive factors here include the example set by top management and all managers and the re- sponsibility of all employees for their own actions. With the aim of permanently preventing and uncovering potential risks within the A1 Telekom Austria Group, employees and external individuals can use the “tell.me” whistleblower platform to anonymously report information about potential misconduct. In 2018, this compliance tool received around 20 compliance-relevant tips, which were fol- lowed up with the utmost care and confidentiality.


If necessary, the A1 Telekom Austria Group responds immediately with appropri- ate measures and sanctions. If actual misconduct is found, the potential conse- quences range from education measures, process improvements, and repri- mands to dismissals or the termination of business relationships.


Successful audit of the compliance management systems

In 2018, the A1 Telekom Austria Group’s compliance man-agement system was revised and its design was reviewed by a leading audit company. The A1 Telekom Austria Group was assured that the principles and measures presented are

“suitable for both identifying in due course and with reasonable assurance risks of material non-compliance with valid regulations concerning anti-corruption, capital market compliance, and anti-trust and for preventing such non-compli- ance.” In addition, it was attested that the compliance management system com- plies with the international ISO 19600 and ISO 37001 standards and meets the requirements of the US Foreign Corrupt Practices Act, the European Cartel

Law, and the UN Global Compact.

Digital audit approaches using advanced analytics methods enable a thorough and thus a more infor-

mative audit of the effectiveness of the compli- ance management system. They allow potential compliance risks to be identified much more pre- cisely and investigated much more comprehen- sively. For example, structured SAP data analyses and process flow analyses are used for purposes such as ascertaining compliance with require- ments and discovering irregularities in general.

DIGITAL TRANSFORMATION & COMPLIANCE

Reaction

Business

Processes,

incl. ICS

Evaluation

Communication

Detection

Governance

Business

Conduct,incl. Policies, Training

Investigation & Case Manage- ment

Effectiveness

Prevention

Audit

Compliance IT

Compliance Management System (CMS)

Compliance Organization

Remediation

Strategy

Continuous Improvement

Culture

Risik

Assessment /

Planning

Compliance Goals

Knowledge

Reporting

Support

Whistle-

Blowing

System