Wüstenrot & Württembergische AG is firmly integrated into W&W Group's compliance organization. The W&W Group and its affiliated companies are subject to both, national and European, insurance and banking supervision requirements.
For the insurance companies affiliated to W&W Group, the requirements of the German Insurance Supervision Act (VAG) and its specifications (e.g. BaFin publications including the minimum requirements for the business organization of insurance companies [MaGo]) are particularly relevant. Whereas for the banking industry and institutions within the application of § 1 (1) of the German Banking Act (KWG), the KWG and the BaFin regulations specifying the minimum requirements for risk management (MaRisk) are particularly relevant. Both insurance companies and banking institutions must maintain a compliance functionthat ensures compliance with legal and regulatory provisions as well as internal company guidelines. The W&W Group's compliance management system (CMS) is characterized by all measures and processes established within the W&W Group to ensure regulatory compliance.
The design of the W&W Group's CMS is based on the IDW Auditing Standard 980. The IDW Auditing Standard 980 defines the compliance culture, compliance objectives and risks, the compliance organization, the compliance program, compliance communication, and compliance monitoring and improvement as basic elements of a robust CMS.
The W&W Group's CMS is designed to ensure the timely identification, prevention and mitigation of risks of significant regulatory violations and the potential financial losses associated therewith. This is achieved through the application of comprehensive measures and preventive activities aiming to avoid risks. The W&W Group's CMS is subject to a process of continuous development and improvement.
Compliance in the W&W Group W&W Group's Compliance Management System
Because compliance means more to us than just following rules.
Learn about the W&W Group's compliance management system.
The compliance function is an essential component of W&W Group's CMS. It is embedded in the corporate governance system and forms an integral part of the W&W Group's internal control system. The W&W Group applies the “three lines of defense” concept enabling the W&W Group to identify, assess and monitor compliance. The first line of defense is responsible for identifying, analyzing, managing, and controlling risks in day-to-day operations. The compliance function operates (together with other control functions, including risk controlling, data protection officers, and information security officers) within the second line of defense. It monitors that process-integrated, compliance-relevant controls are established and implemented in the W&W Group's business activities. Through monitoring and control activities, the compliance function contributes to the mitigation of compliance risks. The internal audit function acting independently and objectively has the objective of ensuring that the tasks of the first and second lines of defense are effectively achieved on the basis of specific audit procedures. Finally, all internal lines of defense are monitored by additional external lines of defense, such as auditors or other external supervisory bodies, with regard to their functional capacity. All regulations applied by the audit function are part of the W&W Group's written rules and regulations.
In addition to the compliance function and the compliance officer at group level, affiliated companies may in some cases appoint their own compliance officers and contact persons. These compliance officers and contact persons are required to maintain close contact with the W&W Group's compliance officer. To continuously optimize integrity in the W&W Group's exclusive sales organizations, the compliance function is supported by the sales compliance officers of the two business areas, banking and insurance. The sales compliance officers take into account the specific sales-related characteristics of each business area and are the respective contact persons and coordinators s for sales-related compliance issues.
To ensure compliance with relevant regulatory requirements and the prevention of unlawful conduct the W&W Group has implemented a designated compliance control cycle. The compliance function is responsible for monitoring adherence to relevant and essential legal obligations and to ensure the establishment of compliance therein. The compliance function coordinates the operational implementation of the compliance control cycle and the process for handling violations of the rules and regulatory requirements. In addition thereto, new or changing external legal obligations (in the course of legal monitoring) or internal change projects are identified according to defined criteria and continuously monitored. A further task of the compliance function is to identify the departments responsible for legal regulations and which must comply with the legal regulations and implement them operationally. As part of the compliance control cycle, the compliance function also monitors and assesses the appropriateness and effectiveness of the measures to be implemented in order to establish compliance with legal or regulatory requirements or internal change projects. The entire process is managed by a standardized and software supported workflow procedure involving various internal and external sources of information.
A Group Compliance Committee has been established to enable a regular exchange of information and to increase efficiency within the whole group. The Group Compliance Committee meets regularly at the invitation of the compliance function and is composed of representatives from all compliance-relevant areas (including Group Legal, Risk Management/Controlling, Internal Audit, Group Accounting, Tax, Sales Compliance, fraud and money laundering prevention, securities compliance, data protection/information security, outsourcing management). Additionally, important compliance-relevant findings and issues are regularly reported to the Management Board and Supervisory Board. Furthermore, compliance training sessions are held regularly and on an ad hoc basis for all employees at all hierarchical levels of the W&W Group.
The W&W Group's Code of Conduct was established to provide binding guidance to the employees of the W&W Group with respect to the implementation of external and internal legal requirements and ethical conduct in their day-to-day work. The W&W Group's Code of Conduct is updated regularly. This code sets out the minimum standards governing the conduct of all W&W Group employees in their dealings with each other and their interactions with customers, competitors, business partners, authorities and our shareholders. It is made available to all new employees joining the W&W Group and is a central element of our compliance culture. A supplementary handbook explains the provisions of the W&W Group's Code of Conduct using specific examples and describing potential conflict situations and how to deal with them appropriately. With respect to the sales organizations of the two business areas insurance and banking, additional codes of conduct have been enacted to address business-area-specific issues. In order to create a uniform understanding of the Code of Conduct throughout the W&W Group, comparable regulations have been implemented at the Irish subsidiary.
More about the W&W Group's Code of Conduct
In order to identify and combat malpractices resulting from violations or internal company regulations the W&W Group has, amongst other things, a central whistleblower system. Employees of the W&W Group or third parties can submit relevant reports to the compliance function in its capacity as an internal reporting point. The compliance function ensures confidentiality and protection against retaliations against whistleblowers. Anonymous reports are also possible, in particular through an additional reporting channel to the compliance function in the form of an online reporting system.
More about the W&W Group's whistleblower system