For EUROGATE, sustainability means, above all, ensuring the future viability of the corporate Group. Within the scope of its business activities and on the basis of internal processes, EUROGATE gives equal consideration to economic efficiency, environmental protection and social responsibility. Compliance with laws and internal policies and guidelines forms the natural basic prerequisite for day-to-day business operations.
Container terminals are hubs of international trade; therefore efficient seaport operations are key to enabling EUROGATE to ensure that its customers benefit from reliable goods transport. At the same time, EUROGATE strengthens the local economy and provides jobs. Its business activities impact on both people and the environment, for instance through the Group’s consumption of resources.
The material non-financial key performance indicators for EUROGATE are environmental matters (energy and greenhouse gas emissions/CO2), the employee dimension (occupational health and safety), anti-corruption and anti-bribery, as well as IT security.
Environmental matters – energy consumption and greenhouse gas emissions (CO2)
Energy consumption is a key performance indicator in resource management and has a direct impact on incurred costs, and hence on financial performance.
Relevant non-financial key performance indicator (KPI):
- Energy consumption in megawatt hours*
Energy consumption is regularly monitored. The following table shows the current status of target attainment:
Target |
|
Lower energy consumption |
||||
|---|---|---|---|---|---|---|
Status 2022 |
|
407,075 MWh (of which 13,358 MWh renewables) |
||||
Status 2023 |
|
332,760 MWh (of which 11,780 MWh renewables) |
||||
Comment |
|
In view of the increasing importance of the carbon footprint, the goal is to further expand renewables and further reduce energy consumption. Energy consumption was down in the 2023 financial year. The decline in container handling is the main reason for this. Some energy-reducing measures, such as the investment in hybrid straddle carriers, are already having an effect. |
||||
|
||||||
Greenhouse gas emissions (CO2) at EUROGATE are controlled via energy input. A management approach does not exist. The tax legislation for CO2 introduced in 2020 has a negative impact of approximately EUR 1.5 million on the business performance based on the diesel consumption in 2021.
Relevant non-financial key performance indicator (KPI):
- Development of CO2 emissions in metric tons**
CO2 emissions are regularly reviewed. Table 2 shows the current status of target attainment.
Target |
|
1. CO2 neutrality by 2040 (relating to Scope 1 and Scope 2 emissions) |
||||||
|---|---|---|---|---|---|---|---|---|
Status 2022 |
|
130,832 t CO2*** |
||||||
Status 2023 |
|
106,111 t CO2 |
||||||
Comment |
|
EUROGATE has set the target to be CO2 neutral by 2040 (relating to Scope 1 and Scope 2 emissions). |
||||||
|
||||||||
Employee dimension – occupational health and safety management
Protecting the Group’s own employees and employees of external companies against work-related injuries or sickness and safeguarding their health and wellbeing is a top priority. Most work is performed using heavy equipment at the terminals (mainly straddle carriers and container gantries), and is susceptible to prevailing weather conditions. Considering the manual nature of this work and the deployment of much of the workforce in a three-shift system, promoting and protecting their health is especially important.
Management of occupational health and safety is the responsibility of the individual companies and their respective managing directors.
Relevant non-financial key performance indicators (KPIs):
- Number of reportable work-related accidents at the workplace and on the way to/from work****
- Number of accidental deaths at the workplace and on the way to/from work
As an indicator of occupational safety, the number of work-related accidents is regularly monitored. Table 3 shows the current status of target attainment.
Target |
|
Minimize the number of work-related accidents and prevent accidental deaths |
||||
|---|---|---|---|---|---|---|
Status 2022 |
|
Work-related accidents: 268 |
||||
|
|
Accidental deaths: none |
||||
Status 2023 |
|
Work-related accidents: 250 |
||||
|
|
Accidental deaths: 1 |
||||
Comment |
|
The target to lower the number of work-related accidents was met; however, in January 2023 there was one accidental death. The drop in the number of work-related accidents is attributable on the one hand to the lower number of containers handled. On the other hand, the lower number of work-related accidents for this financial year is within the range of natural statistical fluctuations. |
||||
|
||||||
Anti-corruption and anti-bribery
To achieve long-term success, a company must conduct its activities in a legally compliant, fair and reliable way. Within the EUROGATE Group, the umbrella term “compliance” relates to the adherence to statutory standards as well as internal corporate guidelines and policies and working to ensure their observance in the EUROGATE Group companies. These include the relevant policies and principles for preventing bribery and corruption.
Technical competence for the compliance management system lies with the Legal department of the EUROGATE holding company and the compliance officer. Responsibility for adherence to the compliance policy lies with the Group Management Board and the management boards of the respective EUROGATE Group companies.
Relevant non-financial key performance indicator (KPI):
- Number of confirmed cases of corruption
The number of corruption cases serves as a key anti-corruption and anti-bribery metric and is reviewed regularly. Table 4 shows the current status of target attainment.
Target |
|
No cases of corruption |
|---|---|---|
Status 2022 |
|
None |
Status 2023 |
|
None |
Comment |
|
The target was met. There were no confirmed cases of corruption in the reporting year. |
IT security
Secure and reliable IT-assisted processes are the prerequisite to enable a container terminal to operate efficiently. This applies not only from an entrepreneurial point of view, but is also important economically. As hubs where national and international supply chains converge, container ports help to ensure the smooth functioning of the economy and trade. Efficient IT security protects the processes at the container terminal and consequently the entire port system.
The ever-growing number of IT-based business processes that have emerged in recent years, as well as the dovetailing of EUROGATE’s systems with those of other providers along the logistics chain, demand a secure IT infrastructure. Cyberthreats are on the increase all the time and are constantly changing. At the same time, the EUROGATE Group’s reliance on IT systems is growing, especially in light of the planned automation projects. IT security is therefore crucial to enabling and ensuring efficient business processes across the companies in the EUROGATE Group. Furthermore, as an operator of critical infrastructure, EUROGATE is obliged by law to implement a state-of-the-art information security management system.
Technical competence for the EUROGATE information security management system (ISMS) lies with the IT department of the EUROGATE holding company (EGH IT). Overall responsibility lies with the Group Management Board and the management boards of the respective companies in the EUROGATE Group. An IT security officer (responsible for defining the ISMS and reporting to the Group Management Board) and an operational technology security architect (OT security architect) have been appointed. An IT and an OT security board have also been set up and equipped with resources from the EGH IT department and EUROGATE Technical Services. A dedicated unit responsible for implementing the ISMS has also been set up within EGH IT. Measures and budgets are identified and decided as part of the annual IT planning process. The ISMS covers all German EUROGATE terminals with the exception of North Sea Terminal Bremerhaven GmbH & Co. (NTB) operated as a joint venture between EUROGATE and APM Terminals, which is managed separately. An ISMS guideline and policy generally regulate the organizational and technical requirements of the EUROGATE ISMS. The ISMS is reviewed and approved annually by the Group Management Board.
The main focus of the existing concept is on the availability and integrity of the IT systems and data, with the aim of creating a resilient infrastructure based on risk assessment and of minimizing potential damage recovery times. A key element of the ISMS is a risk management system geared toward minimizing risk or creating an acceptable level of residual risk for EUROGATE. The ISMS is implemented on the basis of the PDCA (Plan – Do – Check – Act) cycle. The ISMS follows ISO 27001 and in the area of plant and machinery is additionally based on the IEC 62443 standard.
In addition, the Group coordinates and exchanges information with local and European logistics partners (for example via EU-ISAC), as well as with relevant authorities and EUROGATE service providers. These help to ensure that new risks can be promptly identified and addressed. The EUROGATE ISMS includes information technology and operating technology, as well as the cloud services and platforms used.
The EUROGATE ISMS defines and regulates the necessary organizational structures, procedures, roles and accountabilities. It encompasses organizational, technical, regulatory and staff training measures. All measures are conceived and approved by the Group Management Board as part of an annual planning process. They are generally structured systemically and include the development of rules and guidelines, measures to implement the requirements and internal audits to check their effectiveness. Ad-hoc measures may be introduced during the year based on weak point analyses and alerts. The results are reported to EUROGATE’s risk management and to the Group Management Board in the IT security officer’s annual review. This report contains the current implementation status, a review of the past year and recommendations for the coming year. The EUROGATE Supervisory Board discusses the current security status in detail annually on the basis of this report. The current OT security status and the measures derived from it are reported every six months. Manual and automated compliance checks are performed as internal audits and extended where necessary. The results of these checks are included in the above reports.
The goals and targets are set on the basis of a general risk assessment for EUROGATE and concrete risk analyses for the respective projects. The EUROGATE ISMS was audited in the 2022 financial year in accordance with the guidelines of the Federal Office for Information Security (BSI), since EUROGATE is classified as an operator of critical infrastructure (KRITIS) pursuant to the IT Security Act (ITSG). The focus of the audit was to assess the status quo with respect to implementing the remedies identified in the 2020 audit as well as the current level of maturity of the ISMS. The deviations and recommendations resulting from the audit were dealt with in 2023 within the scope of targeted adaptation measures. Implementation will be reviewed in the 2024 financial year within the scope of the next KRITIS audit. A malware protection solution supports the continuous weak point monitoring of IT systems and their patch status in the site networks and the company’s own cloud environments. A penetration testing tool is used for internal penetration tests. The allocation, setup and documentation as well as the number of active user accounts are monitored automatically. In addition, in various areas of the IT landscape internal audits to check compliance with the guidelines are carried out and recorded in an annual audit plan. A tool-supported assessment of the achieved ISMS maturity level has been in use since 2023.
The key performance indicators at CONTSHIP Italia and EUROGATE are system failures/downtimes due to security incidents and cases of data loss and/or manipulation. These KPIs serve as central IT security metrics and are regularly reviewed.
Relevant non-financial key performance indicators (KPIs):
- System failures/downtimes due to security incidents
- Data loss/manipulation
Target |
|
No system downtimes due to security incidents and no cases of data loss and/or manipulation |
|---|---|---|
Status 2022 |
|
System downtimes due to security incidents: 0 |
Status 2023 |
|
System downtimes due to security incidents: 0 |
Comment |
|
The target was met. There were no cases of data loss or significant system failures in the 2023 financial year. |