Anteil Frauen an der GesamtbelegschaftGesamtenergieverbrauch
Reporting 2022

Compliance

Compliance is an important basis for our corporate decisions and day-to-day business activities. We apply our ethical standards along the entire supply chain.

Applicable law and our own best practice principles are the yardstick that we as a company apply to all our actions and business decisions. This makes us a trustworthy and reliable partner for our employees, customers, business partners and shareholders. We are aware that violations of the law can cause serious and lasting damage to the company. To reliably counter this risk, our compliance management system actively safeguards against factors such as bribery and corruption, giving or accepting of undue advantage, embezzlement and collusion against the rules of fair competition. In order to ensure that this preventive approach is effective across the entire organization, we invest in education and provide our employees with regular and comprehensive information.

Responsibility for compliance matters lies with the central Legal, Insurance & GRC (Governance, Risk, Compliance) department, whose head reports directly to the Chief Compliance Officer, our CEO. We do not tolerate any form of corruption, do not permit discrimination and attach great importance to occupational health and safety. We utilize resources responsibly and regard fair competition as an indispensable prerequisite for a free market. In the reporting year, no violations of the law were documented that could result in the issuing of fines.

Regulations, monitoring mechanisms and reporting systems

The compliance officer appointed by the Board of Management is responsible for the ongoing development of our compliance strategy, including a regular review of the system’s effectiveness. Both are done in close consultation with the Chief Compliance Officer, to whom reports are made at routine intervals. Once a year, the Supervisory Board is also informed about all compliance-related issues, processes and incidents. In day-to-day operations, the compliance officer is the first neutral point of contact for our employees and is happy to receive tip-offs, answer questions or offer advice – also of a preventative nature – in the event of possible legal violations. As a second point of contact, an externally appointed and therefore independent and impartial ombudsperson offers employees as well as third parties the possibility of anonymously reporting suspected compliance violations. The contact details for both are freely available on our website and are also published in several of our policy guidelines. As a further link in the chain, our Internal Audit department regularly checks for possible compliance violations. In the reporting year, critical concerns regarding our business practices or possible negative impacts on people and the environment were not brought to the attention of the Board of Management through any of the available channels.

In matters pertaining to compliance, our Board of Management and senior executives have a responsibility to lead by example and are tasked with ensuring that the employees they supervise are informed about and observe all corresponding rules. In addition, each and every individual at BLG, regardless of position, is obligated to point out grievances or suspected violations of the law. With this in mind, it is essential to openly and repeatedly make our employees aware, for example, of the risks of corruption. Furthermore, in practice the dual control principle we prescribe for all relevant business processes protects both them and the company as a whole.

Our Code of Conduct and compliance policy are key elements of our compliance management system. Like all internal guidelines and policies, these apply to all companies in which we have a direct or indirect shareholding of more than 50 percent or in which BLG LOGISTICS is responsible for management, and are binding for all internal and external employees as well as consultants acting for us. Companies that are subject to foreign law must apply the guidelines in accordance with that law.

We revised both documents in the reporting year; the Code of Conduct due to changes in legislation. In addition to our requirements relating to working conditions, environmental and climate protection, it contains in particular guidelines for legally and ethically irreproachable dealings with business partners, competitors and authorities. It also regulates the arrangement of donations and sponsorships as well as conduct in the event of conflicts of interest. The updated compliance policy at the same time replaces the previous anti-corruption policy. It contains essential rules of conduct for the prevention of compliance risks typically encountered in globally operating companies and sets out the associated processes, including the “know your customer” principle.

The new version of the Code of Conduct was distributed to all employees and accompanied by intensive internal communication, including via the intranet and our employee app. New BLG employees receive it in their welcome pack; temporary workers are made aware of it during their onboarding. Like the compliance policy, the Code of Conduct is posted on the intranet. The intranet also contains information on our compliance system, the Code of Conduct and relevant contacts. At our international locations, the policies are available in English.

Information, education and raising awareness

Compliance concerns us all and can only be ensured if everyone in the company gets on board. To achieve this, we sensitize our decision-makers and managers to the relevant issues and keep them up-to-date on an ongoing basis. Mandatory training courses are held for the Board of Management, employees on management levels 1–3 and all employees in Purchasing and Sales. Training courses on compliance, antitrust and competition law were also held by rotation in 2022. Our target in the reporting year was to ensure that at least 90 percent of the relevant employees from each of the management levels 1–3 are trained within a three-year cycle. At 81.7 percent, the figure for the reporting year was once again someway short of this mark. The reason for this was primarily the revision of the compliance policy and the training concept with the aim to offer content that as far as possible reflects the state of the industry. Since, of course, this process also had to comply with the internal review and approval procedures, an idle period of several weeks was unavoidable.

We are continuously updating, expanding and broadening our training system in this area and will roll out new e-learning offerings on the updated Code of Conduct and the fundamentals of compliance as well as an advanced training course in 2023. Our central Tutorize training platform offers the possibility to complete all modules independently of time and place, with each completed course being documented by the system. Training for the aforementioned groups will continue to be mandatory, but at the same time will take place at more frequent yearly intervals. Managers below the above-mentioned levels will additionally receive appropriate training. We also use various communication channels to inform all other employees about compliance-related issues on a regular and need-to-know basis.

Our principle

When exercising their duties, no BLG employee may offer, promise or accept incentives, preferential treatment or other benefits that are intended to influence fair, objective and proper decisions, or that even appear to do so.

Assuming responsibility – also along the supply chain

The issue of compliance is also addressed in our General Terms and Conditions of Contract and Purchase. We require our suppliers and service providers along the entire supply chain to comply with the applicable regulations as well as with our Supplier Code of Conduct. In accordance with the German Supply Chain Due Diligence Act, this essentially encompasses the protection of international human rights, the right to collective bargaining, abolition of forced labor and child labor, elimination of discrimination in hiring and employment practices, responsibility for the environment and prevention of corruption.

www.blg-logistics.com/agbo

The importance of information security

Information technology now permeates all our processes, and our business relies on secure systems that are functional at all times. Our customers, suppliers and employees also trust in this. We are therefore constantly working to embed IT security in our projects, in our day-to-day business and in the mindset of the entire organization. We ensure a uniformly high level of security with the help of measures based on the recommendations of the German Federal Office for Information Security (Bundesamt für Sicherheit – BSI). Our corresponding information security management system (ISMS) is oriented toward the international standards ISO 27001 and ISO 27002. We also have the maturity and effectiveness of our measures reviewed externally on a regular basis. In the process, we give consideration to all information assets of BLG LOGISTICS, particularly those relating to our IT systems, and attach great importance to securing our operational technologies. Our information security policy as the basis for our ISMS provides the framework for all aspects that are relevant in this context. This policy applies to BLG LOGISTICS including all subsidiaries in which we hold at least 50 percent of the shares, as well as to non-controlling interests that utilize our IT systems, and is also binding for contractual partners and suppliers subject to deviating regulations. When working with service providers, we ensure compliance with all relevant certifications such as ISO 20000 for secure IT operations, ISO 27001 for the ISMS, and ISO 22301 for IT emergency management, and review these regularly.

Due to the increasing threat posed by cyberattacks, we not only constantly review all existing organizational and technical measures to secure our information and IT environment, but also implement new ones on an ongoing basis to ensure that installed systems always stay leading edge. This not only safeguards the company's ability to function, but also meets the requirements of our customers.

Overall responsibility for all matters relating to information security lies with the Information Security Officer (ISO) within the Information Security Management department, who reports directly to the head of the central Legal, Insurance & GRC department. The tasks of the ISO include the operation and continuous development of the BLG LOGISTICS information security system, issuing advice on information security issues, in-depth risk analysis, the implementation of awareness-raising and training measures, and emergency preparedness. They are also a point of contact for our employees to anonymously report security incidents or suspicious circumstances. They must be involved in all security-relevant processes Group-wide.

Responsible handling of data

The central Legal, Insurance & GRC department is responsible for matters relating to data privacy. Our internal policies and guidelines among other things take the requirements of the GDPR into account when it comes to processing personal data. Regular and systematic on-site checks serve to monitor compliance with coordinated processes and identify possible deviations as well as optimization potential. This ensures a uniformly high level of data protection implementation across the organization. In the reporting year, we were able to conduct 21 checks via online conferences and with the support of officers on site. E-learning modules are used to raise awareness of data privacy among employees. All commercial employees receive refresher training on data privacy every two years via a corresponding module. We additionally take advantage of events such as the European Data Protection Day to raise awareness of this important topic among everyone at BLG LOGISTICS. In the event of questions or suspected privacy breaches, our external data protection officer can be contacted at any time and also accepts reports of suspected data privacy violations anonymously. Their contact details are publicly available on our website.

Processes are documented using a centrally managed tool that maps numerous interfaces with IT and Information Security. We thus achieve a level of documentation that allows us to respond quickly and reliably to very short-term events or requests from the supervisory authorities.

Finding the best possible or sometimes the only way – that is what our colleague Ferdinand Möhring is concerned with as part of our partnership with the world's largest humanitarian organization . With his expertise, he helps ensure that aid supplies reach their destination quickly and safely .

View SDG Story
Previous Chapter
Next Chapter

Implementation of the Sustainable Development Goals

More about BLG’s fields of action, SDGs and sustainability strategy.


To SDG Stories