Sustainability Pages

Governance

Implementation and governance of Code of Ethics 

The Code of Ethics reflects the broader vision of the Bank social and environmental responsibilities. It explains the values the Bank espouse and that CIB has made a commitment to uphold. 
As a company that operates in compliance with strict ethical norms, the Bank has put in place a number of mechanisms that reveal risks that have previously, due to their nature, remained hidden; these include ethical risks. The purpose of the procedural rules is for victims in ethics cases, who until now have been unable to ask for help, to be able to consult and request advice, before taking action, if needs be, and to do so in an anonymous manner. In every member country the Intesa Sanpaolo Group has established a local ethics ombudsman system which, with a few exceptions, investigates ethics-related reports in the member country concerned, and the decisions are also made locally. To enable us to take local conventions into account, in addition to the ethics ombudsman the CIB Group has also established an Ethics Committee, the chairperson of which, as ethics ombudsman, is the Bank's head of CSR. The Bank sends a notification of every report to its head office in Italy without delay. The Ethics Committee does not impose sanctions, its task is to judge whether the claims made in the report are well grounded, and to take steps to share the lessons learned. If the report is well grounded, the Committee passes the case on to the appropriate professional department for investigation and a decision, and also to the HR department for a possible labour-law investigation.

The Bank aims to achieve its goals while observing, and putting into practice, the principles of sustainable development and responsible operation. It operates on the basis of the seven core values introduced previously. The fulfilment of these requirements is assured by the advanced corporate governance system and decision-making processes (see above in Governance structure). 

Ethical company, responsible operation

In 2023, the number of specific reports decreased, and more general ethical questions were also received from colleagues. Actual reports were received in connection with management and employee behaviour (three in total), and the necessary ethical procedure was initiated in all.

In order to help employees better understand the rules and ethical principles set out in the Code of Conduct, the Group launched a mandatory all-staff e-learning course in 2021, using interactive learning tools, and this continued in 2022 with new hires. The interactive educational material, prepared first in 2012 and re-drafted in 2019/2020, serves as the basis for an online training course that all employees are required to complete. The educational material consists of a story told in the form of a graphic novel, providing guidance through the rules of the Code of Conduct, rules of behaviour and ethical procedures by providing the most important information, interactive exercises and case studies. The purpose of the educational programme is to explain the most important information concerning ethical values and ethical processes in an interesting, easy to understand and interactive way and to facilitate the understanding of these through various activities, including by providing examples for the rules of conduct. The ethics related subject matter must be mastered by all new hires, while all employees are required to sit a new exam on the subject every four years.  

After 2021, it was planned to repeat the e-learning in 2023, but due to changes in Intesa Sanpaolo's Group Code of Ethics, the course content needs to be modified, which technically can only be done in 2024, so the updated training will take place in 2024.

The Rules of Conduct set out the rules based on the values manifested in the Code of Conduct. They set out in detail the personal rules of conduct, the details of the operation of the Bank, and the rules of expected model behaviour, specifically discussing anti-corruption measures and gifts. Breaching the Rules of Conduct may result in disciplinary measures.
The rules ensuring ethical behaviour, with a special focus on corruption-free and non-discriminatory operations, are included in the rules of procedure of the CIB Group as regulations adopted by the Board of Directors, violation of which may have consequences under labour law. Other key areas of corporate governance are the fight against money laundering, the avoidance of conflicts of interest, risk management and internal audit, which are dealt with by specified individuals responsible for these matters.

Integrity in corporate conduct

The CIB Group recognises that compliance with internal and external regulations and Code of Conduct is of significant importance, also from a strategic viewpoint, and therefore it acts in the belief that respecting standards and fairness in business are essential elements in carrying out banking operations, which by nature are based on trust and transparency. Indeed, CIB believes that compliance with standards encourages the creation and maintenance of a competitive economic environment and protection of customer rights, which contributes to the development of local areas and communities. CIB also seeks to be a reliable and professional partner for the regulators. 

In this context, the CIB Group actively adheres to the principles of the United Nations’ Global Compact that envisage the development of policies for combating corruption, protecting human rights and workers’ rights and safeguarding the environment by implementing the internal rules and guidance issued by the Parent Company, Intesa Sanpaolo. Intesa Sanpaolo has defined and implemented a well-structured system of risk assessment throughout the company structures, which is applied according to risk assessment criteria and used by CIB as well. 

Adherence to the rules and integrity of corporate conduct are also ensured through compliance activities focused on the monitoring of risk in relation to fighting corruption and money laundering, counter-terrorist financing, embargo management, protecting consumers and protecting competition. CIB adheres to the principle of active cooperation in preventing these phenomena, which represent a serious threat to the legal economy. 

Fighting against corruption and combating money laundering

The Bank regularly revises and updates its Code of Ethics as well as its regulations on the behaviour expected of its employees, which expressly prohibit corruption. Key regulations of Intesa Sanpaolo such as Intesa Sanpaolo Group Compliance Guidelines, Group Anti-corruption Guidelines and Conflicts of interest Management Group Rules have been adopted by the Bank. The conflicts-of-interest rules adopted by CIB Group are more stringent than the relevant national regulations, i.e. the provisions of Act CXXXVII of 2013 (Credit Institutions Act), Act CXXXVIII of 2007 (Investment Firms Act) and Act I of 2012 (Labour Code). All employees of CIB Group regularly attend e-learning courses on anti-corruption topics such as money laundering and the financing of terrorism, as well as conflicts of interest, via the Bank’s e-learning platform (MultiLearn) accessed through our internal network.

In terms of responsible banking operation, clearly defining responsibilities, and in certain cases – depending on the relative importance of the given function – creating a separate organisational unit, is of key importance. The bank regards legal compliance – especially with respect to the prevention of market abuse and money laundering – and the appropriate management of the risks arising from its operation as being of particular importance. 

The functions supporting compliance with EU guidelines and legislative requirements ensure responsible operation, and a key part of this is the efforts CIB makes to ensure corruption-free operation. 

Second-level controls performed by the Compliance and AML functions ensure the monitoring of compliance with the legal and internal requirements.

A separate team of specialists coordinates activities to prevent money laundering and the financing of terrorism. They have the task of checking transactions that are relevant or risky in terms of money laundering and sanctions, authorising the opening of accounts for new customers of high AML risk and reviewing existing high-risk customer relationships, as well as providing training for employees in the prevention of money laundering, forwarding reports to the competent authorities and ensuring the necessary flow of information.

The obligatory Code of Conduct, which was adopted in 2008 with an update in 2020, and the Anti-corruption Regulations issued by the Bank’s Parent Company Intesa Sanpaolo in 2017 and its subsequent update in 2020 , 2022 and 2023, which was adopted accordingly in CIB Group, include a set of rules on the prohibition of corruption. The anti-corruption guidelines of CIB Group are published also on the website of the Bank (https://www.cib.hu/en/Maganszemelyek/rolunk/fenntarthatosag/ertekeink.html). As a part of its efforts to combat corruption – in keeping with the relevant guiding principles of Intesa Sanpaolo – the CIB Group does not in any way support politicians or political parties, or organisations with which they are associated. As a matter of course, the zero-tolerance policy towards corruption applies to the Bank’s employees and suppliers as well as to other third parties we deal with. 

Internal audit is an independent, objective assurance and consulting activity, the aim of which is to improve the operation and increase the effectiveness of the given organisation. In order to assist in achieving the organisation’s stated objectives, the Internal Audit function methodically and systematically assesses and improves the effectiveness of the audited organisation’s governance and control procedures.

The purpose of the risk management function is to identify the risks of the given organisational unit, to measure the identified risks and manage them to ensure that they do not jeopardise prudent operation or the fulfilment of business objectives. At CIB Group, it is the Risk Management -Department that is responsible for these activities.

It is important for us to advance ethical behaviour within our industry by exhibiting fair market and competitive conduct, leading by example, and through participation. The Bank adhere to the self-regulating approach adopted by the industry and apply this to its own operations, while acting ethically towards it’s competitors. Fair competitive market conduct serves as the basis for our pricing policy. 

How relevant issues are monitored

Corporate governance regulations, process requirements, second-level controls and internal training courses ensure that employees do not fall victim to or become involved in corruption. Employees receive training and information on the relevant topics through ethics training and regular anti-corruption e-learning sessions. The compliance systems ensure that anti-corruption rules are enforced through audits.

Employees take part in distance learning courses and examinations on the prevention of money laundering, anti-corruption, conflicts of interest, security awareness and compliance via the e-learning platform accessible via the intranet, as well as through in-person training courses. 

The controlling of conflicts of interest is performed by the independent Compliance unit.

The Compliance and Anti-Money Laundering Department also performs the controlling of the gifts accepted by employees and monitors the proper maintenance of related records. The key principles governing gifts are zero-tolerance and exceptionality. The acceptance of gifts can, in certain cases, be classified as corruption. The internal regulation on the Rules on Gifts and Entertainment Expenses of CIB Group has been adopted in 2018 and updated in 2021 and 2023.

The Code of Ethics mailbox (etikaibejelentes@cib.hu) and postal address, under the jurisdiction of the Ethics Committee, allowing the reporting of any reports, questions or comments, represents another guarantee for all stakeholders, which can be used by all to report any rights violations with the guarantee that any reports made will be treated confidentially and will not result in retaliation. An additional guarantee is provided by the involvement of the Compliance and Internal Audit functions through the email addresses compliance@cib.hu and nevtelenbejelentes@cib.hu, which are available for this purpose as well. 

Consumer protection

In the current market environment, the protection of customers is of prime importance and is treated as a key objective by CIB. The rapid growth of, and proliferation of new technology in, financial markets and the entry to the market of new service providers and third-party intermediaries, have only increased the risk of fraud, abuse of, and misconduct towards, consumers, especially those with low incomes and limited knowledge of financial matters, and who are therefore in need of greater protection. Consequently, it is of the utmost importance for CIB to manage its relationships with its customers in a transparent and fair manner.

Consumer protection encompasses every aspect of the entire life cycle of banking products and services provided by CIB. Internal policies are in place focusing on the sale processes and on management of long-term relationships between the Bank and its customers, ensuring that:

• the informative and the contractual documents to be provided to the customers are formalised in a clear, understandable and transparent way, 
• the sales staff is aware of the behavioural rules during the pre-contractual stages and the sale process,
• adequate internal governance has been implemented in terms of regulation, controls and training
• special attention is given to the proper management of disabled customers.

The Bank hold annual training on the subject of consumer protection, in the framework of which colleagues with customer relations responsibilities acquire a deeper understanding of the requirements related to serving customers. In 2023, 99% of employees completed the training. 

Protection of free competition

The objectives of the Intesa Sanpaolo Group and the CIB Group include ensuring the group’s ability to operate in the market in full compliance with the latest regulations on competition. In the interest of complying with these regulations, the Intesa Sanpaolo Group runs an international competition-law compliance programme, part of which is the “EU Competition Compliance Policy”, which also applies to CIB and has been published and adopted by CIB. Based partly on the local regulatory requirements, the local Compliance Competition Policy has been adopted by CIB to ensure that employees of the CIB Group have sufficient understanding of the competition regulations to enable them to recognise potential infractions of competition law in the course of their work, to observe the competition regulations and to seek legal advice where necessary.

Data protection

To ensure that the personal data of the customers of the CIB Group are processed lawfully, in compliance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council (hereinafter: GDPR) and (Hungarian) Act CXII of 2011 on Informational Self-Determination and Freedom of Information, the CIB Group has drafted and issued its own Data Protection and Data Security Policy. The policy describes the principles and the legal basis of data processing, lists the individual cases of data processing, defines the rules regarding the Data Protection Impact Assessment (DPIA) and prior consultation, and sets out the rules on data transfer as well as means of exercising the rights of data subjects.

In addition to the above requirements, CIB Bank also implemented its Parent Company’s GDPR guidelines – (GDPR project – guidelines on the protection of personal data of natural persons (applicable in the EU)), which is currently part of the V-114 regulations. 

An independent Data Protection Officer (DPO) has been appointed by the CIB Group whose job it is to monitor compliance with the relevant legal regulations, consult on privacy issues, provide advice, where requested, regarding the DPIA and monitor its performance and to act as a primary point of contact for the supervisory authority.

Whistleblowing

The special rules of the whistleblowing process are detailed in a separate annex (Special rules on internal systems for reporting violations (whistleblowing) of the Internal Audit Manual.

There were no whistleblowing reports received during 2023 and there were no ongoing or pending items from the previous period either.  The procedure is primarily set out in the Internal Control Manual K-024, Annex M-50, Special Rules for Anonymous Filings, and in the CIB Group Code of Ethics.

Inclusion and diversity management

The Bank’s Organisational and Operational Regulations (OOR) clearly specify the key principles underlying responsible operation. The Bank rejects all forms of discrimination and corruption in its internal and external communications, prohibits any form of discrimination and guarantees the general requirements of equal treatment in accordance with the applicable EU guidelines. The internal regulations governing compliance and risk management activity endorse similar principles aimed at supporting responsible operation. The CIB Group ensures equal treatment and opportunity for its employees in accordance with the Fundamental Law of Hungary and other statutory provisions on the matter, and with the Bank Group’s “Code of Ethics” and the Parent Company’s “Diversity and Inclusion Principles”. This is achieved through the transparency of decision-making processes within the company and the ethics-related training provided to managers and other employees. The investigation of ethics issues associated with this topic and the preventive actions that are taken in response ensure legal and ethical compliance in all areas of the bank’s operation.