Compliance Management System (CMS)
The ALTEO Group launched its compliance program and created the function of Compliance Manager in 2015. In January 2016, the ALTEO Group also issued its Code of Ethics and adopted its Compliance Policy. Both documents are reviewed on an annual basis. The Compliance Committee was also established in 2016. As a result of its dynamic development, the Company Group set up its Ethics, Compliance and Control Organization in January, 2022.
The regulatory framework of the Company was developed with a view to ensuring the transparency of its operations. We have defined the framework of our business activities, documented our processes, and set the conditions for cooperation between business areas, clearly defining tasks and the responsibilities associated with them accordingly.
The Compliance Management System is meant to ensure the compliance of the operation of the Company Group as a whole with the legislation, internal rules and the Group's Code of Ethics.
Basically, the Compliance Management System provides for the prevention of abuse and damage and the minimization of risks in the entire area of corporate operations as part of the functions of operational support, prevention and control.
It is our common responsibility and interest to preserve our values and the foundations of our ethical operations."
Attila Chikán Jr. Chief Executive Officer
In the ALTEO Group, we always strive to do better. As a thoughtful and forward-looking organization, we believe that we can be successful in the long term by working in line with our values and by building on our credibility and the trust of our partners. We are committed to operating with integrity and responsibility and to maintaining high ethical standards. Our Code of Ethics is intended to reinforce our commitment to our employees and business partners.
The Company has specified its information and cyber security requirements to protect data and information, taking business requirements, the relevant legislation and professional recommendations into account. We expect our business partners to adopt and comply with our internal standards for information security.
In our business relationships, we strive to take every measure to protect our data and business information in accordance with industry standards.
The Company continuously protects and improves its systems to ensure the security of data, information, IT systems and sites.
Each year, the Company certifies the integrity of its billing systems in accordance with industry legislation.
The IT and information security requirements for the integrity of the billing system encompass the administrative, physical and logical protection requirements included in the security class of the electronic information system.
The Company has developed its internal data protection procedure pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Regulation (EC) 95/46/EC (General Data Protection Regulation - GDPR).
The Company only processes personal data in accordance with the data protection rules, for the purposes for which they are collected and with an appropriate legal basis. It continuously raises the awareness of its employees of data protection through training and provides regular information on both existing and new data processing.
The Company's data protection department provides ongoing support and advice to ensure the Company's data management is GDPR-compliant.
The ALTEO Group operates a physical security system to protect the infrastructure of its facilities. Security categories have been established; a security category is assigned to all existing and new sites according to the site characteristics, and the necessary physical security system is developed.
Compliance risk management
The Company carries out compliance risk management in order to detect, assess, manage and prevent compliance risks.
The ALTEO Group aims to take the right decisions in its business activities and to be aware of the risks that may arise, to develop a plan for their management and prevention and to ensure that it operates in compliance with the law.
In compliance risk management, the organization takes a systemic approach to assess and improve the organization under its control in terms of:
- the effectiveness of its risk management, control and governance procedures,
- its compliance with legislation and internal regulations.
All managers and employees of the Company Group are required to comply with the Compliance Policy, which is regularly audited. During the audit, all managers must disclose all data, information and documents, as may be permitted by privacy and data protection laws.
The risks identified during the investigations are recorded, together with the measures proposed to eliminate or mitigate them, and the management of the problems identified is regularly measured and analysed on an annual basis. The latter is summarised in a report prepared for the Compliance Committee and the Supervisory Board. Since 2017, the annual compliance report has been published in the Sustainability and then in the Integrated Reports, which are available here. We regularly hold targeted training sessions to prevent potential abuses and to raise awareness.
We firmly reject all forms of corruption and bribery, which constitute particularly serious ethical offences in relation to government relations, our suppliers and our business partners. We apply zero tolerance to all cases of bribery and corruption.
We will not do business with any supplier who does not meet the Company's prequalification requirements. We expect our business partners to understand, accept and comply with our Code of Ethics.
We operate a „whistleblowing hotline” for reporting corruption and fraud, but whistleblowing can also be done by email and telephone. We also provide whistleblowers with the option of anonymity.
All suspected cases of corruption or fraud will be investigated in accordance with our internal procedures. The ALTEO Group strongly believes that whistleblowers who report suspected corruption or fraud should not suffer any retaliation or disadvantage, even if no violation of law or wrongdoing is discovered following a report in good faith.
Submit your report
as an ALTEO employee
- directly to your manager,
- to the Director of Ethics, Compliance and Control
- by post to H-1033 Budapest, Kórház utca 6-12. ,
- by phone by calling the ALTEO Group’s ethics hotline on +36 1 236-8055 (Mondays and Wednesdays during working hours between 2.00pm and 5.00pm) or by fax on +36 (1) 236 8051,
- by email at email@example.com,
- by email at firstname.lastname@example.org (Ethics, Compliance and Control Organisation)
Reports can even be submitted anonymously by email through the online reporting system which is available 24 hours a day, 7 days a week and 365 days a year. If an investigation was launched, but has not been concluded within two months, both the person submitting the report and the person implicated in the report will get a notification by email about the expected date of conclusion of the investigation. The person submitting the report, the person implicated in the report and the staff involved in the investigation may raise a complaint about the investigation in a written notification submitted to the ALTEO Group’s Compliance Committee will be required to take a position on the issue and inform the person submitting the complaint to that effect.
The ALTEO Group firmly stands up for the principle that all forms of retaliation or disadvantage are unacceptable against ethical whistleblowers, even if a bona fide report does not result in the identification of illegal or inappropriate acts.