Combating Corruption and Bribery

Within the context of the statutory requirements in the Non-financial Group Declaration, this aspect includes one material topic: “Governance and Compliance” (see Materiality matrix).

Governance and Compliance

The foundation of our business model is based on reliable, transparent and trustworthy corporate governance, which the company manages and monitors responsibly and independently. Its function as a role model is decisive in terms of building and cementing credibility – and therefore trust among our stakeholders. This also applies with respect to legally compliant conduct. Trust can be built through reliability if all rules are followed systematically – both those set out by law and, in particular, also those that we impose on ourselves. By contrast, any abuse of trust can damage the reputation and the business success of the company.

As a result, our governance endeavors are geared toward the establishment and implementation of, and systematic compliance with, a transparent and modern system of rules. Group-wide  guidelines and business principles act as a framework in this regard: Our business philosophy, our Code of Conduct, the Business Partner Code, and our Management Board’s Declaration of Respect for Human Rights act as the maxims guiding us in our actions. We live up to this attitude with our independent supervisory board and our commitment to the principles of the German Corporate Governance Code.

The compliance management system (CMS) supports the corporate governance’s direction and guards the company against misconduct. At Vonovia, the CMS is based on three pillars: prevention, detection and response. These pillars are underpinned by an extensive system of measures and processes as part of the compliance program. The basis takes the form of the Compliance Guidelines, which follow the Principles for the Proper Performance of Reasonable Assurance Engagements Relating to Compliance Management Systems (IDW PS 980). The CMS is subject to a periodic audit, which is carried out by an external auditor.

The Group-wide (excluding Deutsche Wohnen), Web-based compliance risk analysis that was conducted at management level in the 2021 fiscal year had identified potential for improvement in the areas of money laundering prevention and IT security, while performance in the other areas were considered good to very good. One measure resulting from this was the restructuring of the data protection department, which was merged with the central compliance department on January 1, 2022. This serves to simplify internal processes, thus making them easier to safeguard.

Regular training sessions are the cornerstone for preventing misconduct before it happens. A comprehensive catalog of regular and mandatory training events is already firmly established and has been adapted for the various internal target groups. The procurement department, for which the issue is particularly relevant, receives special training on corruption and criminal law pertaining to corruption, for example. After focusing on the digitalization of training formats in 2021, such as mandatory training on the Code of Conduct and data protection, we were able to add five new formats to the compliance training we offer in the reporting year: Mandatory training on dealing with conflicts of interest and combating corruption is aimed at all employees and is repeated every year. The target group-specific training sessions are also run every year. We are acting on the recommendations made based on the compliance risk analysis by offering a new training format for the sales department on the topic of money laundering prevention. New additions to the program also include training on corruption and detecting fraud, which is aimed at all levels of management, and training on concluding contracts for the development department.

The complaints management and whistleblower protection system, expanded in 2021, has been in regular operation since that time. Bolstered by Group guidelines on preventing and tackling corruption, on preventing money laundering, on the whistleblower system and on compliance, the anonymous whistleblower hotline is not only available to employees, but also to external parties such as customers and business partners, in both German and English. Up to six additional languages are to be added in 2023 in order to minimize language barriers. The hotline complements and extends the existing system of the independent ombudsman. It is also integrated within the partner portal for business partners. The whistleblower report, prepared externally every six months, is included with the company’s compliance report. The various elements of our whistleblowing system mean that we consider ourselves well prepared for the implementation of the Whistleblower Protection Act (Hinweisgeberschutzgesetz), which is due to come into force in Germany in 2023.

Information on potential cases of discrimination can also be submitted anonymously via the whistleblowing system. An additional reporting mailbox has also been set up in the HR department to identify potential violations of the General Act on Equal Treatment (Allgemeines Gleichbehandlungsgesetz). In Germany, this covers four European anti-discrimination directives that have been issued since 2000.

The Chief Executive Officer (CEO) is responsible for implementation of the CMS. A Compliance Committee comprising the Compliance Officer (Legal department), Compliance Managers, the ombudsperson, representatives of the Internal Audit, Risk Management and HR departments, members of the works council and representatives of the companies outside Germany (with Austria joining in 2021 and Sweden in 2022) regularly updates the system in line with current requirements and is responsible for its ongoing development. In this context, the Compliance Officer acts as a central contact point within the company for compliance-related questions and suspicions. The Compliance Officer reports to the CEO on a regular basis, and also on an ad hoc basis when special cases arise. The Compliance Officer’s activities are supported by the compliance managers and specialists in the individual departments. The CMS and whistleblowing system apply to the entire Group. Deutsche Wohnen also maintains its own legal and compliance department, which is supported by Vonovia’s compliance and data protection department under the terms of the agency agreements. Whenever legislation in Austria or Sweden conflicts with Group-wide rules, a different rule is adopted for the subgroup in the form of a national guideline. Responsibility for this lies with the respective managing directors.

The Supervisory Board regularly receives comprehensive information about compliance issues and corruption along with existing guidelines and processes. The compliance report, which is forwarded to the Audit Committee via the Compliance Officer (following prior consultation with the CEO), provides information about potential breaches, measures and training relating to corruption, as well as relevant data protection issues.

In the 2022 fiscal year, there were individual suspected cases of corruption, which we investigated diligently. None of the cases were confirmed. Furthermore, several other compliance violations or suspected cases were reported, although these can be described as minor in total.

On March 7, 2023, Vonovia SE received information from the public prosecutor's office in Bochum regarding investigations against current and former members on the basis of a search warrant issued by the Local Court of Bochum. According to the information provided, Vonovia SE or selected affiliated companies are suspected of having suffered damage due to fraud, breaches of trust, anticompetitive agreements in connection with tenders and particularly serious cases of passive and active corruption in business transactions. The extent to which the actual damage may have also resulted in damage incurred by tenants has not yet been clarified with definitive effect. Measures have been taken to clarify the incidents in full. The auditing firm Deloitte has also been engaged to conduct an independent investigation. In this regard, we refer to the explanatory information in the combined management report concerning the Disclosures on the “appropriateness and effectiveness of the ICS“ and subsequent events. Given that only fully completed proceedings are presented under key performance indicator “Total number of confirmed cases of corruption (in Germany)” in the reporting year in question, this incident has no impact on the key figures reported for 2021 and 2022.