Compliance Policy of Deutsche Börse Group

Compliance is an integral part of corporate culture at Deutsche Börse Group. The Group introduced compliance rules for all employees back in 1996 and has developed them continuously ever since. In 2005, the Group adopted a Compliance Policy that is binding for all employees throughout the Group including the Executive Board and certain service providers.

The Compliance Policy serves as a framework for introducing a compliance function as well as the measures taken by it. Deutsche Börse Group has set up a Staff Department, Group Compliance that is responsible for drawing up and developing the compliance rules. It informs and trains Group employees and ensures that they adhere to the rules. To the extent there is a Compliance function within a specific regulated group entity these Compliance Officers facilitate the implementation in close cooperation with Group Compliance. The Compliance Function reports directly to the Executive Board of Deutsche Börse AG and / or the Management Board of the respective group entity.

The Compliance Policy deals with the following topics:

Prevention of Market Abuse

In the course of their professional activities, employees of Deutsche Börse Group and its service providers may obtain access to confidential information about Deutsche Börse AG and other issuers of financial instruments. The Market Abuse Policy serves as a group-wide guideline for the Prevention of Insider Dealing and Market Manipulation. An important instrument to ensure insider surveillance and in particular compliance with the prohibition of insider dealing, including the attempt thereof, includes the classification of employees in Compliance Levels depending on their exposure to compliance-relevant information, entailing various obligations, e.g. for personal account dealing.


Price and market manipulation are willful illegal acts to influence demand, supply or the market price of financial instruments. The intention to manipulate is decisive, whether this actually has an impact on demand, supply, or the market price of financial instruments or not – already the attempt of these offences is punishable by law. Deutsche Börse Group has established internal rules to prevent market manipulation. These include the obligation to satisfy notification and disclosure requirements as well as adequate financial market communication.


Management of Conflicts of Interest

Being a market infrastructure provider with broad interaction with major market participants along the value chain, the potential for conflicts of interest is inherent in Deutsche Börse Group’s business. Moreover, individuals may be subject to circumstances in their professional as well as their personal life that create the potential for conflicts of interest. Thus, it is of utmost importance that Deutsche Börse Group can identify and effectively manage potential or actual conflicts of interest between itself (including its management body members, employees, or any persons closely associated to them) and third parties. 


Conflicts of interest may arise in situations in which the interests of one party interfere with (or appear to interfere with) the interests of another party. This can impair the ability of one or both conflict parties to act fairly and ethically, particularly either party’s objectivity to take a decision or to participate in a decision-taking process in the course of its professional obligations. 


See also the “Principles on the Management of Conflicts of Interest at Deutsche Börse Group” here


Prevention of Corruption

Bribery, and corruption in general, active or passive, are prohibited by all means. Deutsche Börse Group follows a stringent zero tolerance policy in this regard.


Transparency is one of the keys to prevent (the appearance of) corruption. Deutsche Börse Group has established a comprehensive framework aiming at the prevention of corruption, including a Group-wide policy outlining relevant notification, documentation and approval requirements.


Employees of Deutsche Börse Group shall act with honesty, objectivity, personal responsibility and in accordance with the highest standards of integrity through their professional and personal behaviour. They shall respect applicable laws and regulations in relevant jurisdictions. If an action merely appears to or actually does result in corruption, they must refrain from proceeding in any way.


Granting or accepting benefits should be aimed at promoting, maintaining and strengthening the overall business relationship. Such business purpose should clearly outweigh any personal aspects. Granting and accepting benefits requires a responsible attitude of all persons involved. Frequency, type and value of a benefit must be appropriate.


It is prohibited to exchange money or cash equivalents (e.g. vouchers, gifts cards, gift certificates) in any form. Also, it is prohibited to offer, promise, give, demand, solicit or accept benefits in exchange for privileges, particularly facilitation payments.


Furthermore, approval is needed for granting or accepting benefits, such as gifts or business entertainment – for example, if their value exceeds certain thresholds or if they involve public officials or politically exposed persons.


Awareness raising measures are provided to staff (regularly and event-driven) to support the adherence to the respective provisions of Deutsche Börse Group. Furthermore, Deutsche Börse Group has established a whistleblower system providing the opportunity to anonymously report known or suspected unethical conduct.


Prevention of Money Laundering and Terrorist Financing

The integrity of the banking and financial services marketplace depends heavily on the perception that it functions within a framework of high legal, professional and ethical standards. A reputation for integrity is one of the most valuable assets of a financial institution.


The purpose of Deutsche Börse Group’s anti financial crime (AFC) programme is to establish a framework to adhere to regulatory obligations impacting processes and procedures reasonably designed to mitigate the risk of money laundering (ML), terrorist financing (TF) or other criminal offences (OCO) that Deutsche Börse Group is exposed to. This also ensures that specific regulated entities of the Group meet their regulatory obligations imposed by their supervisory authorities.
 
The objective is to ensure that, in particular, ML and TF risks identified by Deutsche Börse AG and, where applicable, respective obliged subsidiaries, are appropriately mitigated. This is achieved by establishing minimum governing policies, principles and standards, and implementing a control framework which are approved by Deutsche Börse AG’s Executive Board. All measurements aim at to protecting Deutsche Börse AG and its subordinated legal entities including its employees, shareholders and customers, in particular from ML and TF.
 
The AFC programme provides guidance to all Deutsche Börse Group employees, requiring them to conduct their business in accordance with applicable anti money laundering (AML) laws, rules and regulations, and includes but is not limited to:


  • The appointment of a Group Money Laundering Reporting Officer (MLRO) and its deputy, and of equivalent MLROs and deputies in the regulated local legal entities of Deutsche Börse Group
  • A sound risk management to prevent the Group from being misused for ML, TF or OCO by a documented Group-wide risk analysis, which serves as the starting point to design and effectively implement internal safeguards and to direct resources on a risk-based manner into appropriate risk mitigating measures
  • The establishment of a Customer Due Diligence (CDD) programme which incorporates customer identification and verification, Know Your Customer (KYC) processes, accompanying the entire customer lifecycle and the continuous monitoring and screening of the customer relationship
  • Conducting Enhanced Due Diligence (EDD) on customers assessed as higher risk, such as politically exposed persons (PEPs) in senior positions, their relatives and close associates
  • The establishment of processes and systems designed to monitor customer transactions to identify suspicious activity
  • The investigation and subsequent reporting of suspicious activity to the competent authorities
  • Mandated regular independent testing and regular AML training of Deutsche Börse Group’s employees

Prevention of Other Criminal Offences

Deutsche Börse Group is committed to creating an environment in which Other Criminal Offences are constrained to protect its own interests as well as those of market participants. Deutsche Börse Group has installed a system of internal controls and established mechanisms to report and pursue suspicious cases. Furthermore, appropriate procedures have been introduced to prevent any cases of Other Criminal Offences and expose them as fast as possible. The Compliance Function primary concentrates on the regulated entities and their core financial services practice.


Data Protection

Data protection serves to protect the personal data of natural persons. This is intended to protect the privacy of employees and customers, as well as third parties such as service providers. To ensure data protection, the processing of personal data is only permitted on the basis of appropriate legitimacy and in compliance with data protection principles.


Measures are taken to comply with data protection regulations, in particular regarding the appropriate and transparent processing of personal data and are continuously improved. The Executive Board has appointed a Data Protection Officer and established a Group Data Protection function to support in complying with the Data Protection Framework based on the principles of the EU General Data Protection Regulation. In addition, it works towards the sustainable development of the data protection culture in the Group, considering current business requirements and legal changes in training and awareness-raising measures.


Deutsche Börse Group has implemented a group-wide Data Protection Policy, having the General Data Protection Regulation (GDPR) as a baseline, supplemented by additional national requirements as applicable. According to Deutsche Börse Group's Supplier Policies, all suppliers have to acknowledge their data protection role according to GDPR standards. Deutsche Börse Group concludes contracts with all suppliers incorporating all applicable data protection requirements e.g., Data Processing Agreement. Before a supplier is being onboarded, the supplier has to confirm to adhere to data protection requirements. The Disciplinary Actions Policy outlines measures may be taken in case of a breach of the Data Protection Policy.


The Group Data Protection function performs the role of Data Protection Officer for Group companies insofar as this is required by law and a mandate has been given to the central function. As part of this, the Data Protection function provides information and advice on data protection requirements. Furthermore, the Data Protection function is the contact person for the Data Protection supervisory authorities and supports the business units in their data protection risk assessments.


The control framework of the data protection organization is integrated into the structure of compliance assurance measures as a second line of defense. The Data Protection Officers inform the respective board members annually and on an ad hoc basis about the status of data protection in the company and the measures taken to expand the data protection framework.


Group Data Protection has an annual control plan and performs ad hoc controls on a risk-based priority. Deutsche Börse Group has also established an internal audit function acting as third line of defense. External audits are done within the annual non-financial declaration of the company by the appointed public accountant. Furthermore, Deutsche Börse Group entities are subject to supervision of the competent data protection authorities at the different locations.