In addition to the AML framework, the Bank has also established guidelines and procedures which describe measures and business processes to secure proper onboarding KYC-processes. The Bank’s KYC processes includes pre-fraud, AML and credit evaluations intended to prevent acts such as various categories of fraud, identity theft and corruption. All routines are maintained on a continuous basis and subject bi-annual review. The Bank has developed and implemented a pre-fraud tool which helps identifying potential fraudsters and identity thefts. During 2021, the Bank managed to detect and prevent fraud on 663 credit applications, preventing potential losses exceeding NOK 110 million. The Bank places great emphasis on organising the practice of the Boards of Directors, senior management and employees to enhance awareness and build expertise on how to prevent financial crimes. Regular training of all employees in AML related guidelines and procedures is a core element in the Bank’s risk management system. All employees at all levels, including Board of Directors an full-time external consultants working for the Bank for extende periods shall complete annual training related to anti-corruptio and money-laundering (AML). In 2021, 100 % completedsuch training, compared to 100 % in 2020. Komplett Bank will continue to prioritise developing and improving its framework to prevent money laundering and financial crime by maintaining policies and guidelines in accordance with regulations and best practice, by leveraging innovation and technology to monitoring and reporting suspicious transaction as through regular AML training of its employees. Data security and customer privacy In a digital world, personal data is increasingly at risk of being misplaced, stolen or shared without consent. At the same time, with intelligent use of personal data, Komplett Bank can better understand its customers and develop more relevant and more customer-centric banking products and services. Therefore, Komplett Bank recognises its responsibility of managing the data collected and processed about its customers in a responsible manner and keeping consumer data safe. Komplett Bank is subject to laws and regulations that stipulate how consumer data can be collected and processed, such as GDPR. Back in 2018, when GDPR came into force, the Bank appointed a Data Protection Officer (DPO). The Bank has implemented guidelines and procedures to ensure compliance with the GDPR regulations. This involves regularly reviews and develop- ment of the Bank’s internal control systems and risk management processes to continuously improve and address existing and emerging data security and privacy threats. Employees and consultants who collect, process or have access to customer data on behalf of the Bank receive mandatory training in data privacy facilitated by the DPO on regular basis. All manag- ers are responsible for ensuring that employees with access to personal data have the necessary competence and are suitably qualified to secure our customers’ personal data rights, through following our procedures for information security. Any breaches to data security and consumer privacy are reported and followed up immediately. Komplett Bank has not registered any data and GDPR breaches or wrongful sharing of personal customer data incidents in 2021. Whistleblower routines Komplett Bank has established procedures for whistleblowing, adopted by the Board of Directors. It is implemented both internal and external channels for whistleblowing to facilitate reporting of any irregularities. The procedure shall safeguard both the whistleblower and the person(s) reported on and is available for all the Bank’s employees in both Norwegian and English. The external whistleblowing channel is operated by KPMG, and information on any reported cases are according to process forwarded to the compliance area, Legal advisor and Head of the Audit and risk committee to the Board of Directors. In 2021, no reports were received. Ethical business behaviour Komplett Bank has adopted ethical guidelines, which set out a framework for helping the Bank’s representatives perform their duties in an ethically responsible manner and in line with the standards established by the Bank . Komplett Bank’s ethical guidelines supplement laws, rules, instructions and provisions which apply to the Bank’s activities and establish principles for conduct and actions in areas which other regulations otherwise do not cover. The guidelines provide a framework for what the Bank considers to be responsible conduct, but they are not exhaustive. The current version of the guidelines was last updated 10th September 2021. Anyone who represents Komplett Bank must always strive to exercise good judgement, caution and consideration. The Bank’s risk management recognises that unethical actions or omissions in breach of human rights represent a potential operational risk factor. The Banks guidelines and other procedures have been put in place to help ensure that Komplett Bank does not become involved in business transactions and other projects which constitute unethical actions or omissions. 26 ESG/Sustainability/CSR report
RkJQdWJsaXNoZXIy NTYyMDE=