NLB Group wants clients to recognise it as a trustworthy, sincere, correct, discrete, and transparent financial institution, one that helps them ensure financial security and risk management. The clients and other stakeholders must also know the importance of ethical business and responsible conduct by the Bank.
In the framework of taking care of the employees, it pays great attention to the assurance of positive climate among the employees, ethical operations, equality of employees, prevention of any hostilities and violence against employees, and promotion of the freedom of speech. By ensuring employee satisfaction with work, it guarantees their personal satisfaction and thus better efficiency.
NLB Group wishes that the clients would recognise it as a trustworthy, sincere, correct, discrete, and transparent financial institution, helping them ensure financial security and risk management.
Compliance, responsibility, and integrity of NLB Group’s operations
Prohibition of any form of mobbing, as well as practical examples and guidelines for the employees in the Bank, have been included in the Code of Conduct of NLB Group, which is the basic document defining the desired and prohibited conduct in NLB d.d. and NLB Group. It has also established the Joint Committee for the Prevention of Harassment and Mobbing, consisting of the representative of the Bank, the Workers’ Council and the representative trade unions. In 2019, it appointed four new authorised persons for the prevention of harassment and mobbing of employees whom the employees can contact in the case of suspected harassment and/or mobbing at workplace.
With the purpose to ensure the dignity of employees and to provide a working environment in which no worker is exposed to maltreatment and sexual or other harassment by anybody, NLB has established a system for preventing all forms of mobbing. In 2019, a special commission for the renewal of anti-mobbing mechanisms in NLB d.d., composed of the representatives of the Bank, the NLB Workers’ Council, and the NLB Trade Union, revised the Policy for Prevention of Harassment and Mobbing of Employees in Nova Ljubljanska banka d.d., the Rules on the Prevention of Harassment and Mobbing at Work in NLB d.d., and the Instructions for the Business Process Prevention of Harassment and Mobbing at Work. By using these documents and the established procedures, the Bank also determines prohibited actions on a case-by-case basis and defines the procedure for their treatment and sanctioning of prohibited conduct.
Also, at the level of NLB Group, equal opportunities, justice, and promoting culture focused on performance are respected. The HR policies and practices are based on culture promoting equal opportunities and performance of employees. Discrimination is prohibited in the HR management practice. The relationship between employees and the management is founded on trust, support, and constant feedback. For cases of disagreement, the conflict resolution procedure is defined.
Employees participate in the Workers’ Council and the Trade Union with which the Bank regularly cooperates at formal meetings and through consultations. The organisational climate, employment engagement, and organisational culture are of key importance, and therefore regularly measured; an action plan for improvements is also prepared. In most cases the Bank’s HR practices are above the statutory minimum because the goal of the Group is to ensure that employees are highly motivated and included in the Bank’s operations.
In the Code of Conduct of NLB Group, NLB Group prescribes its core values and principles of conduct, thus establishing uniform rules of conduct in the daily operations throughout NLB Group. In this way NLB Group expresses its expectations that all employees and external business partners of NLB d.d. and NLB Group members respect human rights, employee rights, and general standards of conduct defined in the said document.
The Code of Conduct of NLB Group was already comprehensively revised in 2017. Through regular activities (risk identification, investigation of suspected misconduct, etc.), a regular review of appropriateness of its implementation is also carried out, which, considering the size of NLB Group, is at a high level. NLB Group verifies the implementation of the Code of Conduct (formerly the Code of Ethics and the Code of Corporate Compliance) by preventive checking of the compliance of the areas and processes, which also include risks of conduct (unethical behaviour, risks of internal and external fraud, conflict of interest risks, corruption risks, risks of violations in the field of information protection, and personal data protection, etc.) as typical risks of compliance and integrity.
NLB Group implements its standards of conduct by having established internal policies and procedures in order to prevent any breach of these standards, by carrying out regular training of employees and training of the target groups in the area of ethical conduct standards, and by performing regular assessments of risks in relation to outsourced providers and suppliers. Special procedures and channels for (anonymous) reporting suspected misconduct are established (including the internally accessible (NLB Net) and publicly accessibly application Whistler at: whistler.nlb.si), as well as procedures and mechanisms for treating suspected misconduct and adopting corrective measures. Measures for the protection of informants (internal and external) have been implemented in the whole NLB Group.
Additionally, an internal survey in the area of ethics and compliance is carried out annually in NLB d.d. and in the core members of NLB Group. This survey is carried out to check the perception of the employees in relation to ethical conduct and compliance of operations, also in relation to the situation as regards the perception of misconduct prevention. Based on the analysis of which the Bank’s Management Board is informed, measures are drafted for the improvement of the situation, such as the implementation of target inspections of the areas of operation, special training, etc. In 2018, based on a survey on ethics and compliance, it was found that the culture of ethics and compliance was strengthening, therefore, NLB Group would continue to perform the activities aimed at increasing the awareness in this area.
The implementation of the Code of Conduct in NLB Group is also a part of regular self-assessment in NLB d.d. in the area of corporate integrity. One element of that is the assessment of ethical culture, the efficiency of the system of prevention of misconduct or report of suspected violations, management communication, the commitment of the Bank’s management, corporate identity, etc. The Code of Conduct of NLB Group sets the standards and rules of conduct that apply to all employees, regardless of the job or location, as well as to the contractors acting on behalf of NLB Group. The Code defines the values and basic rules of ethical business conduct that are respected, encouraged, and expected in NLB Group. Its values and beliefs support its long-term goal to constantly improve the culture of daily operations in the countries in which NLB Group is present.
NLB Group demands that every employee, regardless of their job or location of work, as well as every other stakeholder of NLB Group, live in accordance with the highest standards of integrity. The key to achieving these standards is strong culture of compliance practiced by NLB Group, with due diligence of all employees in accordance with its policies, rules, and other internal documents, and in line with the relevant legislation and regulations in the legal environments in which NLB Group operates.
Protection of the privacy of bank clients is one of the key rules of conduct laid down in the Code of Conduct of NLB Group. The Corporate Security Policy of NLB d.d. additionally defines the basic goals and principles of protecting people, facilities (business premises), information and assets of both the Bank and its clients. One of the fundamental goals of corporate security is to protect the data and information of NLB Group’s clients, and thereby ensure privacy. With the implemented measures, the Bank ensures data confidentiality both as regard its own data processing, and when the data are processed by the contractors. One of the goals is also to ensure the legality of operations and the reputation of NLB d.d. This approach is also used by individual NLB Group members.
The risks arising from possible unauthorised access to data on clients, disclosure of data on clients, and lack of professionalism or inappropriate behaviour of bank employees are managed by controlling accesses to applications with data and using audit trails, and precise methodologies, procedures, and instructions for work.
Pursuant to the new EU rules in the area of personal data protection (i.e., the GDPR) which entered into force in 2018, the privacy of NLB d.d. clients and clients of individual NLB Group members is ensured by implementing the relevant measures, such as:
- the need to know principle, which means an employee has the authorisation or the right of access only to those data and information that they need to perform their regular work tasks;
- regular verification/checking of the adequacy of the rights granted to access data;
- regular training and raising the awareness of employees about the importance of data and information protection and ethical conduct;
- established privacy zones in the Bank’s branches;
- identifying potential data protection violations by employees;
- carrying out security checks on application support and the computer network in order to identify potential vulnerabilities that would undermine the confidentiality of data and information.
NLB Group has already emphasised the significance of the fight against corruption and bribery in the Code of Conduct of NLB Group by prescribing zero tolerance to such misconduct within the company. All forms of bribery and corruption must be rejected in NLB d.d. and NLB Group. Such forms of action are unfair, illegal and damage the countries in which the corruptive practices take place, and the society in general. This is prescribed by the Code of Conduct of NLB Group published on NLB d.d. website. NLB d.d. and NLB Group expect the same conduct from its clients, business partners and third parties. Therefore, all employees of NLB Group are subject to limitations in giving and accepting gifts, offering hospitality, and otherwise influencing the conduct of the employees. Specific measures for managing the risks associated therewith are also prescribed. They are laid down in the Policy on Conflict of Interest Management and Corruption Prevention of NLB d.d. and NLB Group.
In accordance with the Corporate Governance Policy of NLB Group, the Standards for Compliance and Integrity also define obligations of NLB Group members to adopt all internal acts of NLB d.d. on the prevention of corruption and conflicts of interest, and to comply with their obligations.
The members of the NLB implemented the new Policy on Conflict of Interest Management and Corruption Prevention of NLB d.d. and NLB Group in 2018. Due to clearer rules, additional awareness raising, established control mechanisms, and training in this field, represents a significant improvement in the implementation of respective activities.
Due to its regional presence, NLB Group is exposed to the risks of corruption in South-Eastern Europe. In the scope of the SOTIS/ECRA process (General Assessment of Integrity and Compliance Risks/Enterprise Compliance and Integrity Risk Assessment), which NLB Group carries out annually, the assessment of the corruption risk at the level of NLB d.d., at the level of the core NLB Group members and at the level of the whole NLB Group is also carried out. A special questionnaire is used for that purpose (model World Economic Forum: Good Practice Guidelines on Conducting Third-Party Due Diligence, Partnering Against Corruption Initiative - PACI).
In 2019, based on the SOTIS/ECRA assessments made, NLB Group did not detect any significant new risk in the area of fight against corruption and bribery. Nevertheless, in the scope of their regular tasks, the compliance functions also performed activities aimed at raising awareness and improving the risk culture in relation to this area. Moreover, the approach to the management of such risks in daily operations was also enhanced, for instance by implementing the assessment of such risks in relations with suppliers.
In the scope of fight against corruption and bribery, NLB Group performs several activities to manage the related risks. In 2019, regular annual training was organised for all employees and management in NLB d.d. and NLB Group members in the field of corruption and conflicts of interest. Specific targeted training was also organised for target employee groups (sales network, managers, new employees) in the field of harmful practices, channels available for reporting suspected misconduct, corruption, conflicts of interests, and breaches of the Code of Conduct of NLB Group. The risk arising from conflicts of interest and corruption was assessed for outsourced providers and suppliers and other contractual partners of NLB d.d. and NLB Group. The necessary procedures and mechanisms for treating suspected misconduct and adopting corrective measures in the case of suspected misconduct have been established. For appropriate identification of such events, various channels are used for reporting suspected misconduct, published on the Intranet (NLB Net), in internal documents (including the Code of Conduct of NLB Group), and the internally and publicly accessible Whistler application for reporting suspected misconduct, which also enables anonymous reporting. NLB d.d. and NLB Group have implemented the planned measures to protect the informants (internal and external), and defined who adopts them and in what way, and how the protection of informants is ensured.