“Good governance and compliance are key parameters for sustainability at RONAL GROUP.”
Group Compliance & Data Protection Officer
Image
Mobile image
Regulation compliance at RONAL GROUP
As an organization, RONAL GROUP must also adhere to regulations - in other words, it needs to ensure compliance. How do the organization and its employees fulfill this responsibility? What are the challenges? A review of the 2022/23 financial year and a look ahead.
Focus on product compliance
With its PLANBLUE strategy, RONAL GROUP is fully committed to sustainability. Compliance, i.e. adherence to normative requirements and framework conditions, is a central element of sustainability, which itself is understood as a “longer-term, positive persistent effect”. This is safeguarded through appropriate structures, i.e. suitable organizational structure and process organization (Governance). In this sense, our compliance activities contribute directly towards Environment, Social and Governance (ESG). In the digital world, this also usually includes any form of data and information – so in addition to information security, it also (and especially) includes data protection.
Image
The automotive industry has a high level of standardization for technical specifications. This product compliance is a key focus for RONAL GROUP in its core business as an automotive supplier. SanSwiss’s business areas and products are less heavily regulated. Compliance requirements arise across the board in business, for example in procurement, logistics, IT, HR, finance and sales. At RONAL GROUP these are still at different stages of development and maturity.
At RONAL GROUP, compliance includes not only legal requirements but also internal regulations, technical or social norms, and standards and guidelines regarding appropriate personal conduct. Separate industry-specific requirements also exist for product compliance for core activities. Central components now generally include all forms of data processing and the corresponding implementation of compliance procedures in the “digital world”.
Compliance and data protection officers
Compliance with laws and standards governs our correct and proper dealings with all stakeholders, helping us to avoid any damage and any internal/external costs being incurred due to non-compliance. The key areas of compliance management at RONAL GROUP are therefore risk prevention and management, “internal consultation”, “checks” and “internal investigations”. This means that the central specifications for compliance and data protection are defined by the Group and supplemented and operationalized by local experts. To this end, the Group-wide network of local compliance officers was further expanded and institutionalized in the 2022/23 financial year. This is also gradually being carried out in the area of data protection.
“Responsibility for compliance always remains with the executive bodies.”
Group Compliance & Data Protection Officer
Employees’ personal responsibility
In general, responsibility for acting in accordance with the rules lies first and foremost with each individual employee. Employees are supported in this through regular internal and external measures such as training and awareness campaigns. Internal and external persons are also actively called upon to report any identified deficits. In addition to the usual options, such as contacting the manager, there is also a compliance hotline that allows potential violations to be reported and this can be done anonymously if so desired.
Challenges
The international orientation of RONAL GROUP, combined with high intensity activity and social change and innovations, presents multiple challenges. It is precisely the growing volume and intensification of data processing, combined with technological change and the associated societal expectations and impacts, that are placing further huge demands on the whole of RONAL GROUP.
“With regard to sustainability and compliance, the culture practiced by each individual determines the behavior of RONAL GROUP towards the outside world.”
Group Compliance & Data Protection Officer
The 2022/23 financial year was characterized by Group-wide standardization, the establishment of structures, committees and processes, and the initiation of an emerging need for legal and regulatory adjustments, primarily in the areas of supply chain legislation, whistleblower legislation, and changes in data protection law. Further focus was placed on the area of education and training.
Looking ahead
The focus in the coming years is on unification, standardization and operationalization. Delving deeper into central and significant topics, both current and new, is the key here. However, in an interactive and joined-up world, it is also important to strengthen the end-to-end view as well as dovetailing within the individual areas and topics. Very close cooperation on ESG efforts is a key factor in achieving these aims.
