Maturity-oriented compliance: tailor-made Compliance Management

The maturity-oriented approach of Deutsche Telekom creates tailored solutions considering the specific characteristics of Deutsche Telekom and its subsidiaries.

Deutsche Telekom established a comprehensive compliance management system back in 2009. In 2013, we introduced the maturity-oriented compliance approach. The aim was to continue to prevent violations and to minimize risks in the future – but at the same time to adjust the scope of the compliance measures and requirements depending on the relevant business model and area of the subsidiary. In this way, we create spaces for operational businesses and ensure adequate compliance in our subsidiaries.

Our maturity-oriented Compliance Management follows the assumption that a company like Deutsche Telekom with its numerous and diverse subsidiaries needs customized compliant solutions for each type of entity. Subsidiaries on new markets with new products or cooperation with start-ups need other support than for example international corporate businesses. On the one hand, big multinational subsidiaries require a more complex and formal Compliance Management including intensive training, specific processes to detect and track misconduct as well as regular reports to the Board of Management and the Supervisory Board. For very small subsidiaries on the other hand, which are less exposed to risks, controls by the management or just a strong commitment to the company principles might be sufficient.

We therefore defined gradually increasing minimum requirements for Compliance Management according to the business area, the economic development and risk exposure of the subsidiary. We also defined how the relevant Compliance Management is to be set up, structured and monitored precisely. Although this represents a departure from the "one-size-fits-all" approach, we continue to ensure the necessary protection level of our subsidiaries and to meet formal requirements (e.g., German Assurance Standard 980). At the same time, we increase the acceptance of compliance within the subsidiaries.

This innovative management approach has already proved itself in our business practice successfully. For instance, there is a greater consistency in incorporating acquired entities, we have increased the transparency of compliance requirements to be fulfilled and made them more efficient. Since 2018, we have been steering this model with the help of an IT system on which adherence to the respective requirements is checked annually.