Responsible Corporate Management

  • Material topic: Responsible corporate management

Corporate Governance

  • GRI 2-9
  • GRI 2-23

United Internet’s corporate governance activities are based on the German Stock Corporation Act (Aktiengesetz – AktG) and on the requirements of the German Corporate Governance Code (the “Code”). The Supervisory Board and the Management Board provide information about the Company's corporate governance annually in their Corporate Governance Statement. The Company can depart from the Code's recommendations but is then required to disclose this every year in a declaration of compliance pursuant to section 161 of the AktG, and to provide a justification for this (“comply or explain”).

United Internet AG’s Management Board and Supervisory Board consider it their duty to ensure the Group’s continued existence, and to create sustainable value, by managing it responsibly and for the long term. For United Internet, running a business involves more than pursuing economic goals – the Company also sees itself as having an obligation to society, the environment, employees, and other stakeholders.

As early as May 2021, the Annual General Meeting expanded the Management Board remuneration system to include ESG criteria in the short-term variable remuneration that forms part of the performance-related remuneration components. This applies to new contracts of service with Management Board members and has been implemented in the target agreement process since fiscal year 2022. The target component is designed to focus Management Board members’ attention on sustainability issues, and to create an incentive for addressing them. The compensation paid to the Management Board and the Supervisory Board is set out in the Remuneration Report, which is available on the website. Basic information can be found in United Internet AG’s Articles of Association.

Diversity of the Management Board and Supervisory Board

  • GRI 405-1

United Internet’s diversity objective for the Management Board and Supervisory Board is for these bodies to include a wide variety of different people and, as a whole, to have a sufficient breadth of opinion and knowledge. Among other things, this requires the members of the individual bodies to complement each other with respect to their experience and their educational and professional backgrounds, so as to have a good understanding both of the Group’s current business activities and of its longer-term opportunities and risks.

For information about United Internet AG’s Management Board and the Supervisory Board, please see the chapter section of the United Internet Group’s Management Report entitled “Corporate Governance Statement.”

See Corporate Governance on the United Internet website.

See Reports on the United Internet website.

Values and Principles

  • GRI 2-23

United Internet’s defined Corporate Values, Leadership Principles, and Code of Conduct are at the heart of its everyday work. These are broken down in more detail and fleshed out in the Company’s individual segments. For example, the Business Applications Segment supplements them with its Business Principles.

The Corporate Values, Leadership Principles, and Code of Conduct are permanently available on the intranet and in some cases on the internet as well.

See the United Internet website.

Ein Bild, das Text, Screenshot, Schrift, Karte Menü enthält. Automatisch generierte Beschreibung

Risk Management

  • GRI 2-12
  • GRI 2-13
  • GRI 201-2

The United Internet Group’s risk and opportunities management policy aims to preserve and enhance the organization’s assets by exploiting opportunities and identifying and managing risks at an early stage. Walking the talk in this way ensures that United Internet can do business in a controlled organizational environment. The policy sets out a responsible approach to dealing with the uncertainties that are an inevitable part of doing business. This also covers recruitment, staff development, and staff retention aspects, along with how to deal with environmental risks. For further information, please see the “Risk, Opportunity, and Forecast Report” in United Internet’s Management Report.

The risk management processes and documentation were adapted in the 2023 reporting period to reflect the insights from the materiality analysis performed. One of the goals here is to enhance the visibility of those risks in the risk portfolio that are associated with sustainability topics and to harmonize the sustainability and risk management processes to a greater extent.

See the “Risk, Opportunity, and Forecast Report” in the Annual Report.

Compliance

  • GRI 2-23
  • GRI 2-25
  • GRI 2-26
  • GRI 2-27

For United Internet, compliance means observing all statutory requirements and internal organizational guidelines, and acting in accordance with the Corporate Values.

United   Internet is aware that breaches of statutory provisions and requirements do not just have legal consequences and run the risk of fines; they also entail a loss of trust placed in the Company by its shareholders, customers, business partners, and employees. United Internet AG’s Management Board has established a Group-wide risk-based compliance management system (UI CMS) to preserve this trust and ensure compliance with statutory requirements and internal guidelines.

The UI CMS is described in the compliance guidelines. These binding Guidelines for the United   Internet Group’s Compliance Functions define the roles and responsibilities in the Group-wide, cross-segment Compliance organization. They are supplemented by a cooperation model, which is regularly updated and expanded to include new issues. The compliance guidelines underpin compliance policies that supplement and specify the requirements in more detail. Taken together, the compliance guidelines, the cooperation model, and the compliance policies that build on them to form the United   Internet Group’s compliance framework.

The overarching objective of all compliance activities is to prevent compliance violations. The aim is to achieve this by taking appropriate measures that are aligned with the Company’s risk position. The three levels of activity – “Prevent, Detect, and Respond” – are observed in all cases.

Corporate Compliance helps Group companies and segments to conduct their business activities in line with the rules. The focus is on anti-corruption, policy management, establishing confidential reporting channels, and protecting whistleblowers.

Compliance Organization

  • GRI 205-2
  • GRI 205-3

The Group-wide compliance organization comprises the Corporate Compliance department at the level of the holding company plus local compliance units at segment level. One of Corporate Compliance’s key tasks is to manage and monitor the Group-wide UI CMS; the detailed design of the segment-specific CMSs takes place at Segment Compliance level.

At some subsidiaries, local compliance managers perform their role in addition to their other duties, while certain functions such as Human Resources (HR) have dedicated compliance managers to provide support.

  • GRI 3-3

Corporate Compliance established a Group Compliance Committee during the reporting period. This serves as a platform for structural information sharing between Corporate Compliance and Segment Compliance with the goal of helping to give Compliance a “uniform look” throughout the Group and harmonizing ongoing development of the UI CMS.

In addition, Corporate Compliance established a consultative Whistleblowing Committee in the reporting period, which meets on an ad hoc basis. The Whistleblowing Committee is responsible for assessing significant tip-offs regarding potential compliance violations, and makes recommendations on how to deal with such tip-offs. The Whistleblowing Committee is convened by the Segment Compliance Manager responsible and comprises representatives of Corporate Compliance and the Segment Compliance unit concerned, plus other relevant functions such as Corporate Audit or HR as required.

The Head of Corporate Compliance, representing the entire Group-wide Compliance organization, reports directly to the Group General Counsel, the Chief Financial Officer (CFO), and the Audit and Risk Committee of United   Internet AG’s Supervisory Board.

Anti-corruption

The Code of Conduct for employees is the foundation for behaving in line with the rules. It summarizes the main rules, explains them using examples, and gives concrete recommendations on how to act. At the same time, the Code refers to the key internal policies, offering employees a rapid overview. Among other things, the Code of Conduct for employees contains rules on anti-corruption. Building on the Corporate Value of “fairness”, the Code of Conduct clearly sets out the measures taken to prevent corruption and uses concrete examples to explain what the Group means by anti-corruption.

Corruption is not tolerated, regardless of where it happens, whom it targets, or what the reason for it is. In line with this, directly or indirectly offering or granting any form of undue benefits (bribery), and requesting or accepting such benefits (corruption), are prohibited. An e-learning course is used to familiarize employees with the content of the Code of Conduct in an interactive, easily understandable way. It is an integral part of the onboarding process for new staff. In addition, new employees in Germany are made aware of the importance of compliance issues “face to face” during the virtual “welcome days” for compliance.

These basic rules are set out in more detail in the internal Anti-corruption Policy. The policy is supplemented by confidential personal reporting channels and IntegrityLine, an electronic whistleblower system. These reporting channels provide employees with confidential contact points outside their immediate working environment.

Both event-driven and activity-based measures are used to benchmark whether the compliance goals have been met. The event-driven KPIs include both the number of tip-offs regarding potential compliance violations and the number of confirmed cases. A thorough review of all reports received did not reveal any incidents of bribery or corruption in the 2023 reporting period, as had also been the case in 2022.

The activity-based KPIs include the participation rate for the e-learning course on the Code of Conduct (referred to as the “e-learning course” for short).

A total of 1,405 new staff were invited to take the e-learning course in the 2023 reporting period, while 1,142 (2022: 1,546) employees (1) have successfully completed it. This corresponds to a ratio of 81.3% (2022: 77.6%) of new recruits in the Corporate, Consumer Access, Consumer Applications, and Business Applications segments in the reporting period who were still active as of December 31, 2023. As a result, the target ratio of 80% was achieved.

(1) Not including Business Access Segment employees