EUROGATE
Reporting on non-financial performance indicators for EUROGATE
For EUROGATE, sustainability means, above all, ensuring the future viability of the corporate Group.
Within the scope of its business activities and on the basis of internal processes, EUROGATE gives
equal consideration to economic efficiency, environmental protection and social responsibility.
Compliance with laws and internal policies and guidelines forms the natural basic prerequisite for
day-to-day business operations.
Container terminals are hubs of international trade; therefore efficient seaport operations are key
to enabling EUROGATE to ensure that its customers benefit from reliable goods transport. At the same
time, EUROGATE strengthens the local economy and provides jobs. Its business activities impact on
both people and the environment, for instance through the Group’s consumption of resources.
The material non-financial key performance indicators for EUROGATE are environmental matters (energy
and greenhouse gas emissions/CO2), employee matters (occupational health and safety),
anti-corruption and anti-bribery, as well as IT security.
Environmental topics – energy consumption and
greenhouse gas emissions (CO2)
Energy consumption is a key performance indicator for the management of resources and has a direct
impact on incurred costs, and hence on financial performance.
Relevant non-financial key performance indicator (KPI):
— Energy consumption in megawatt hours*
Energy consumption is regularly monitored. The following table shows the current status of target
attainment:
Table 1: Current status of target attainment:
| Target: |
Lower energy consumption |
| Status 2021 |
435,999 MWh (of which 12,376 MWh renewables) |
| Status 2022 |
412,587 MWh (of which 13,358 MWh renewables) |
| Comment |
In view of the increasing importance of the carbon footprint, the goal is to further
expand renewables and further reduce energy consumption. Energy consumption was down in
the 2022 financial year. At the same time, favorable wind conditions led to increased
utilization of wind energy. Container throughput decreased slightly on the back of
global economic events, leading to a corresponding reduction in energy consumption.
|
|
*
When calculating the key performance indicator MWh, the consumption figures for the
principal companies (the German EUROGATE terminal operations in Bremerhaven, Hamburg
and Wilhelmshaven and the respective service companies at each location, as well as
the EUROGATE holding company) were taken into consideration.
|
Greenhouse gas emissions (CO2) at EUROGATE are controlled via energy input. A management approach
does not exist.
Most important relevant non-financial key performance indicator (KPI):
— Development of CO2 emissions in metric tons**
CO2 emissions are regularly reviewed. Table 2 shows the current status of target attainment.
Table 2: Current status of target attainment:
| Target: |
Lower CO2 emissions |
| Status 2021 |
104,415 t CO2 |
| Status 2022 |
101,752 t CO2 |
| Comment |
In view of the increasing importance of the carbon footprint, the goal is to reduce it
further. Container throughput decreased slightly in the 2022 financial year on the back
of global economic events, leading to a corresponding slight reduction in energy
consumption. At the same time, increased wind energy generation led to a higher
proportion of renewables in the mix.
|
|
** When calculating the key performance indicator t CO2, the
consumption figures for the principal companies (the German EUROGATE terminal
operations in Hamburg, Bremerhaven and Wilhelmshaven and the respective service
companies at each location, as well as the EUROGATE holding company) were taken into
consideration.
|
Employee welfare topics – occupational health and safety management
Protecting the Group’s own employees and employees of external companies against work-related
injuries or sickness and safeguarding their health and wellbeing is a top priority. Most work is
performed using heavy equipment at the terminals (mainly straddle carriers and container gantries),
and is susceptible to prevailing weather conditions. Considering the manual nature of this work and
the deployment of much of the workforce in a three-shift system, promoting and protecting their
health is especially important.
Management of occupational health and safety is the responsibility of the individual companies and
their respective managing directors.
Most important relevant non-financial key performance indicators (KPIs):
— Number of reportable work-related accidents at the workplace and on the way to/from work***
— Number of fatal accidents at work and on the way to and from work
As an indicator of occupational safety, the number of work-related accidents is regularly monitored.
Table 3 shows the current status of target attainment.
Table 3: Current status of target attainment:
| Target: |
Minimize the number of work-related accidents and prevent
accident-related fatalities
|
| Status 2021 |
Work-related accidents: 344
Accident-related fatalities: none
|
| Status 2022 |
Work-related accidents: 268
Accident-related fatalities: none
|
| Comment |
The target to lower the number of work-related accidents and prevent accident-related
fatalities was met. The drop in the number of work-related accidents is attributable on
the one hand to the lower number of containers handled. On the other hand, the lower
number of work-related accidents for this financial year is within the range of natural
statistical fluctuations.
|
|
*** In Germany all accidents must be reported that result in death or
injury that prevents a person from working for more than three days. The EUROGATE
figure includes accidents involving not only the company’s own employees, but also
temporary contract workers. It does not record accidents involving employees of
external contractors.
|
Anti-corruption and anti-briber
To achieve long-term success, a company must conduct its activities in a legally compliant, fair and
reliable way. Within the EUROGATE Group, the umbrella term “compliance” relates to the adherence to
the statutory standards as well as internal corporate guidelines and policies and working to ensure
their observance in the EUROGATE Group companies. These include the relevant policies and principles
on preventing bribery and corruption.
Technical competence for the compliance management system lies with the Legal department of the
EUROGATE holding company and the compliance officer. Responsibility for adherence to the compliance
policy lies with the Group Management Board and the management boards of the respective EUROGATE
Group companies.
Relevant non-financial key performance indicator (KPI):
— Number of confirmed cases of corruption
The number of corruption cases serves as a key anti-corruption and anti-bribery metric and is
reviewed regularly.
Table 4 shows the current status of target attainment.
Table 4: Current status of target attainment:
| Target: |
No cases of corruption |
| Status 2021 |
none
|
| Status 2022 |
none
|
| Comment |
The target was met. There were no confirmed cases of corruption in the reporting year.
|
IT security
Secure and reliable IT-assisted processes are the prerequisite to enable a container terminal to
operate efficiently. This applies not only from an entrepreneurial point of view, but is also
important economically. As hubs where national and international supply chains converge, container
ports help to ensure the smooth functioning of the economy and trade. Efficient IT security protects
the processes at the container terminal and consequently the entire port system.
The ever-growing number of IT-based business processes that have emerged in recent years, as well as
the dovetailing of EUROGATE’s systems with those of other providers along the logistics chain,
increase the demand for a secure IT infrastructure. Cyberthreats are on the increase all the time
and are constantly changing. At the same time, the EUROGATE Group’s reliance on IT systems is
growing, especially in light of the planned automation projects. IT security is therefore crucial to
enabling and ensuring efficient business processes across the companies in the EUROGATE Group.
Furthermore, as an operator of critical infrastructure, EUROGATE is obliged by law to implement a
state-of-the-art information security management system.
Overall responsibility lies with the Group Management Board and the management boards of the
respective companies in the EUROGATE Group. An IT security officer and an operational technology
(OT) security architect have been appointed. An IT and an OT security board have also been set up
and equipped with resources from the IT department of the EUROGATE holding company (EGH IT) and
Technical Services. Measures and budgets are identified and decided as part of the annual IT
planning process. The ISMS covers all German EUROGATE terminals with the exception of North Sea
Terminal Bremerhaven GmbH & Co. (NTB), operated as a joint venture between EUROGATE and APMT, which
is managed separately. An ISMS security guideline and policy generally regulates the organizational
and technical requirements of the EUROGATE ISMS.
The main focus of the existing concept is on the availability and integrity of the IT systems and
data, with the aim of creating a resilient infrastructure based on risk assessment and of minimizing
potential damage and times to restore service. A key element of the ISMA is a risk management system
geared towards minimizing risk or creating an acceptable level of residual risk for EUROGATE. The
ISMS follows ISO 27001 and in its practical implementation is based on the IEC 62443 standard.
In addition, the Group coordinates and exchanges information with local and European logistics
partners (for example via EU-ISAC), as well as with relevant authorities and EUROGATE service
providers. These help to ensure that new risks can be promptly identified and addressed. The
EUROGATE ISMS includes information technology and operational technology, as well as the cloud
services and platforms used.
The EUROGATE ISMS defines and regulates the necessary organizational structures, procedures, roles
and accountabilities. It encompasses organizational, technical, regulatory and staff training
measures. All measures are conceived and approved by the Group Management Board as part of an annual
planning process. As a rule, they are systemically structured. Ad-hoc measures may be introduced
during the year based on weak point analyses and alerts. The results are reported to EUROGATE’s risk
management and to the Group Management Board in the IT security officer’s annual review. This report
contains the current implementation status, a review of the past year and recommendations for the
coming year. The EUROGATE Supervisory Board discusses the current security status in detail annually
on the basis of this report. The current OT security status and the measures derived from it are
reported every six months. A tool-assisted evaluation to assess the ISMS maturity level will be
implemented from 2023.
The goals and targets are set on the basis of a general risk assessment for EUROGATE and concrete
risk analyses for the respective projects. The EUROGATE ISMS was audited in the 2022 financial year
in accordance with the guidelines of the Federal Office for Information Security (BSI), since
EUROGATE is classified as an operator of critical infrastructure (KRITIS) pursuant to the IT
Security Act (ITSG). The focus of the audit was to assess the status quo with respect to
implementing the remedies identified in the 2020 audit as well as the current level of maturity of
the ISMS. The deviations and recommendations resulting from the audit will be dealt with in 2023
within the scope of targeted measures. Implementation will be reviewed in 2024 within the scope of
the next KRITIS audit. In addition, external audits of the ISMS by external auditors (TIL Intargia)
and penetration tests of selected IT systems were carried out in 2022. A security scoring system for
evaluating the security status of publicly visible EUROGATE systems has been in use since 2022.
Self-assessments based on IEC62443 are used for modeling the internal measurability of the level of
OT protection achieved through non-financial key performance indicators. From 2023, an ISMS tool
will be used to assess the ISMS maturity level.
Most important non-financial key performance indicators (KPIs):
— System failures/downtimes due to security incidents
— Data loss/manipulation
There were no cases of data loss or significant system failures in the 2022 financial year.
