Ethics

• Defining and promoting standards concerning business decisions and employee attitudes,
• Increasing awareness of the significance of business ethics among employees by organizing training, workshops and dedicated information campaigns,
• Ensuring that the whole of the Bank’s Group follows uniform standards of ethics,
• Promoting firms which follow the principles of ethics in their relations with customers, business partners and employees,
• Social involvement in the initiatives addressed to local communities and global projects,
• Taking steps to ensure a high standard of solutions in the area of ethics (confirmed by certificates),
• Ensuring that employees have the right to associate and freedom of speech.

The Bank has analysed the ethical risks for each group of stakeholders and takes measures to mitigate such risks:

The Bank has in place the Principles of managing conflicts of interest adopted by the Bank’s Management Board and approved by the Supervisory Board. The Principles set out a policy for preventing, identifying and disclosing conflicts of interest or potential conflicts of interest and taking actions to control such conflicts, minimize the risk of their occurrence and mitigate their adverse effect on the Bank’s operations and its relations with the customers and other entities.

The Bank identifies a conflict of interest when there may be a conflict of interest between:

• the Bank and the Bank’s customer or an affiliate of the Bank and the Bank’s customer,
• two or more customers of the Bank,
• a related party of the Bank and the Bank,
• Bank or a related party of the Bank and a supplier or bidder or their related party,
• shareholders of the Bank and the Bank.

Conflicts of interest may also arise from the Bank’s participation in the determination of benchmark rates. In pursuing the above objectives, the Bank avoids activities that may cause conflicts of interest by establishing appropriate controls, takes appropriate measures to identify conflicts and seeks to eliminate or limit the negative impact of conflicts of interest on the Bank’s operations.

Anyone who has identified a possible conflict of interest or a potential conflict of interest is obliged to immediately notify the relevant person indicated in the internal regulations – his or her supervisor, the person in charge of the Bank’s unit, the Branch Manager – and forward the information to the Compliance Department.

The employee informed considers the circumstances of the conflict reported, determines the actions that will eliminate the conflict or counteract its negative effects and identifies the persons responsible for their implementation. In addition, he or she is obliged to report the conflict to the Register maintained by the Compliance Department and to monitor the effects of the measures agreed and update them if necessary.

Members of the Bank’s Supervisory Board and Management Board should refrain from engaging in professional or non-professional activities which might give rise to a conflict of interest or otherwise have an adverse effect on his or her reputation as a member of the supervisory or management body.

A member of the Supervisory Board shall, at the latest on the date of his or her election, submit a written declaration of his or her membership of the management or supervisory bodies of other entities and of his or her shareholding if, as a result of such shareholding, he or she is entitled to exercise at least 5% of the votes at the general meeting (shareholders’ meeting). A member of the Supervisory Board should immediately inform the Supervisory Board of any other circumstances that may cause a potential conflict of interest affecting his or her relations with the Bank’s Group, including his or her activities in the Supervisory Board.

A member of the Supervisory Board, having regard to the provisions of the Regulations of the Supervisory Board and the Bank’s internal regulations on the principles of corporate governance, is obliged to inform permanent participants of the meeting of the Supervisory Board about the conflict of interest which occurred and/or which may arise, refrain from participating in the discussion, and refrain from voting on the adoption of a resolution on the matter to which such conflict pertains.

A member of the Management Board shall submit, at the latest on the date of election, a written declaration membership in the management or supervisory bodies, and stock or shareholdings, if as a result of their possession, a member of the Management Board is entitled to exercise at least 5% of votes at the general meeting (the shareholders’ meeting).

A member of the Management Board may not, without the consent of the Supervisory Board, engage in competitive interests, participate in companies engaged in competitive activities in relation to the Bank or Group Companies, or provide work or services in any other form to entities engaged in competitive activities. A member of the Management Board who has determined that a conflict of interest or a situation giving rise to an imminent risk of a conflict of interest will arise as a result of his or her tasks under his or her contract with the Bank should promptly notify: President of the Management Board, Chair of the Supervisory Board, Director of the Compliance Department.

The Compliance Department informs the President of the Bank’s Management Board on a monthly basis of reported conflicts of interest involving all Bank employees. In addition, the Bank’s Management Board and Supervisory Board are notified of the number and topics of reported conflicts of interest in quarterly reports.

The Bank makes available, on the public website, the relevant information concerning the policy of managing conflicts of interest and information adopted at the Bank regarding the Bank’s management of significant conflicts of interest and conflicts that could arise due to transactions concluded by the Bank with entities operating in the Bank’s Group (Principles for the management of conflicts of interest (pkobp.pl)). The disclosure shall include identification of possible types of conflicts of interest, including identification of key controls, such as segregation of duties, information barriers, exclusion from decisions taken.

The Bank is obliged to provide the Polish Financial Supervision Authority with information on material conflicts of interest or conflicts of interest that could arise due to transactions entered into by the Bank with the Bank’s related parties and their extent. The following information shall not be disclosed publicly: personal data, bank secret, and/or company secret.

In cases where it is not possible to eliminate the impact of the identified conflict on the customer’s interest, the Bank shall inform the customer about the conflict of interest identified in relations with the customer and about actions taken to protect the customer’s interests. If a conflict of interest is disclosed, the Bank shall request the customer to confirm their will to conclude and/or continue the agreement or the provision of the service.

In 2023, the Bank took measures to comply with the provisions of the Act of 1 March 2018 on the prevention of money laundering and terrorist financing (hereinafter: the „AML Act”) and the guidelines of the European Banking Authority. To this end, in the second quarter, the Bank’s Management Board appointed Mr Dariusz Szwed, President of the Bank’s Management Board, as the person responsible for implementing the obligations set out in the AML Act. An officer in a managerial position (AMLCO) has also been appointed, responsible for ensuring that the activities of the Bank, its employees and other persons cooperating with the Bank comply with the provisions of the Act, as well as a senior officer (AMLRO) entrusted with, among other things, identifying risks related to money laundering and terrorist financing in the Bank’s activities and taking measures to mitigate them.

Internal AML/CFT procedures were also revised. In the second quarter of 2023, the Bank’s Management Board updated the Principles for Counteracting Money Laundering and Terrorist Financing at PKO Bank Polski S.A., defining the procedure and division of responsibilities with regard to AML/CFT. In November 2023, the Policy on Counteracting Money Laundering and Terrorist Financing (hereinafter the „Group Policy”) was also updated for all entities of the Bank’s Group and foreign branches, with the aim of strengthening the supervision of the duties performed in terms of AML/CFT in these entities.

The document adopted set out the standards to be observed by the Bank and the Group entities which are the obliged institutions, and by all persons working in them, including permanent and temporary associates, consultants, contractors, agents, intermediaries and their employees (see https://www.pkobp.pl/relacje-inwestorskie/esg-wgrupie-pko-banku-polskiego/polityki-i-zasady/, questionnaire: bcb01b2f-4247-4e74-8d85-2f8262788264.pdf (pkobp.pl)).

The Group Policy, which is one of the internal procedures, sets out the scope of the provisions implemented and applied by the Bank and Group companies, which include in particular:

• Know Your Customer (KYC) process,
• monitoring of transactions in order to assess whether customers’ transactions are consistent with the known customer profile and the intended nature of economic relations,
• monitoring of sanctions to prevent establishing prohibited relationships by checking whether the customer is present on sanction lists,
• method of documenting the analyses carried out and the identified ML/FT risks associated with the economic relations with the customer or the occasional transaction,
• archiving,
• training,
• method of exchanging and protecting information provided for the purpose of fulfilling obligations in the areas of counteracting money laundering and terrorist financing,
• self-assessment of risk.

The Bank reviews the Group Policy periodically, at least once a year. The Bank also prepares quarterly AML/CFT information to be submitted to the Bank’s Management Board by the AML/CFT Department Director (DPP). Each foreign branch also has a separate procedure in place for the handling and division of AML/CFT responsibilities and a designated AML/CFT coordinator. The Bank’s Management Board also receives quarterly updates on money laundering and terrorist financing incidents at each branch.

In fulfilling its obligations under the AML Act, the Group applies financial security measures before establishing a business relationship with a customer and then reapplies them during the relationship at the intervals adequate to a given customer’s risk.

If the Group cannot apply one of the basic financial security measures, it takes appropriate steps in accordance with Article 41 of the Act on preventing money laundering and financing of terrorism, i.e. it does not establish economic relations, does not carry out an occasional transaction, does not conduct transactions via a bank account, terminates business relationships.

As part of the Know Your Customer process, the Group identifies and verifies customers and beneficial owners, determines the risk of money laundering and financing of terrorism, monitors customers’ transactions and, in the event of identifying circumstances which may indicate money laundering and/or financing of terrorism and/or a wellfounded suspicion of money laundering, it takes appropriate measures, including putting transactions on hold, blocking the account and/or freezing the funds. The Bank applies special mitigating measures in the form of freezing funds and withholding assets or withholding transactions from persons and entities listed on:

• the lists published by the General Inspector based on the resolution of the United Nations Security Council passed under Chapter VII of the United Nations Charter, concerning threats to international peace and security caused by terrorist attacks, in particular the lists referred to in section 3 of resolution 2253 (2015) of the United Nations Security Council and/or in section 1 of resolution 1988 (2011) of the United Nations Security Council,
• the list of persons and entities subject to special mitigating measures, published by the General Inspector of Financial Information (GIIF),
• the sanction lists issued by the European Union,
• the sanction lists issued by the Republic of Poland,
• the list of persons and entities to whom the measures referred to in the Act on special solutions in the field of counteracting aggression in Ukraine and used to protect national security published by the Ministry of Interior and Administration are applied,
• the lists announced by the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC).

In 2023, PKO Bank Polski S.A. implemented, on an ongoing basis, the restrictions and changes resulting from the sanctions imposed on Russia and Belarus and introduced, on an ongoing basis, guidelines for the financing of and providing banking services to persons and entities having business dealings with Russia and Belarus, including those customers on whom sanctions have been or can be imposed.

The Group operates in accordance with the laws of each country in which it conducts its activities and cooperates with institutions which are tasked with preventing money laundering and financing of terrorism (the General Inspector of Financial Information in Poland and the relevant financial analytics institutions for the foreign branches).

Legal changes in the area of AML/CFT have contributed to a significant increase in the number of responsibilities imposed on financial institutions, which is why the number of FTEs for AML/CTF functions has increased by 79% in 2023. Mandatory training programmes were extended to all persons performing AML responsibilities.

Changes were also made to the organisational structure to strengthen the continuity of the Bank’s handling of the critical AML/CFT process by conducting ongoing and post-analysis of suspicious transactions after they have taken place and findings for authorised parties.

In order to promote awareness of AML/CFT among the Group’s employees, a dedicated portal was launched containing, among other things, a knowledge base with materials to facilitate AML tasks, a list of applicable internal and external regulations and useful links.

Some of the entities of the Bank’s Group have included provisions relating to respect for human rights and the prohibition of discrimination in such documents as their working regulations or the Code of Ethics. The Bank’s policy concerning respect for human rights is contained in the following documents:

• the PKO Bank Polski SA’s Code of Ethics,
• Anti-harassment and anti-discrimination policies and the procedure for handling complaints concerning the violation of employee rights,
• Principles of recruitment and the Recruitment Standards
• agreements concluded with service providers (applicable to personal data protection agreements).

Issues relating to forced labour and child labour are not directly reflected in the Bank’s regulations, because:

• the prohibition of forced labour arises from Article 4 of the Convention for the Protection of Human Rights and Fundamental Freedoms,
• the prohibition to employ people under the age of 15 arises from Article 190, para. 2 of the Labour Code.

In its practice, the Bank follows the rules contained in the Children’s Rights and Business Principles.

The other entities of the Bank’s Group incorporate the issues of respect for human rights in their processes, everyday practice and in the unwritten rules.

[GRI 2-24] One of the most crucial elements/stages of the analysis is the identification of human rights in the context of the operations conducted. No cases of employment of minors or forced labour were identified in the Group entities operating in various countries.

A separate task is the issue of observing the human rights in the supply chain which, in the context of the Group entities, boils down to relationships with suppliers and the outsourcing of services (mainly banking services). The issues of observance of human rights are reflected in the procedures and agreements signed with these entities.

Examples of activities conducted within the Group entities, in which respect for human rights is manifested, are presented below:

• counteracting bullying and discrimination,
• basing the periodic performance appraisal rules/summary of performance on a dialogue with the employee, the employee’s participation in the process, collecting feedback from a variety of sources,
• use of recruitment principles that ensure equal treatment of candidates during the selection process for filling vacancies, without any discrimination, prejudice and without obtaining information that could violate the candidate’s rights and personal dignity,
• basing promotion decisions on an objective appraisal of qualifications, skills and performance,
• supporting diversity in management, in particular with respect to age, experience, style of work, thinking; promotion of diversity among managers as an asset and not a limitation;
• enabling employees to express their opinions and influence important issues regarding the organization and working conditions, management, the organizational culture, as well as enabling the provision of information about perceived crimes and fraud – ensuring anonymity and confidentiality for the reporting persons (the whistleblower mechanism),
• protecting personal rights (personal data, sensitive data) of the employees and customers through carefully prepared procedures and systems and the inclusion of restrictive provisions in contracts concluded with service providers who have access to such data,
• creating conditions for satisfying needs related to leisure and culture, as well as respect for the principle of worklife balance,
• ensuring freedom of association,
• Under the continuing well-being programme #FokusNaCiebie (#FocusOnYou) a number of measures were organized to improve the “well-being” of employees. Numerous online events, video materials and articles concerned, among other things: preventive healthcare, physical activity, health diet, sleep or the emotional condition.
• information materials on hybrid work not only contain guidelines on the ways and organisation of work, but also on how to take care of occupational health, including breaks, reducing unnecessary meetings in favour of specific tasks, or reconciling office work with remote work.
• The Bank’s Group applies the same human rights standards across the entire supply chain in its business activities.

[GRI 2-25] The Bank takes action to prevent violations of human rights, including employee rights, but it is not able to eliminate all conflicts. In 2023, 17 cases concerning employment relationships ended in the final termination of proceedings (11 were won, 6 were lost).

The entities in the Bank’s Group monitor the risks accompanying the individual human rights and manage them at the company level.

The basic internal communication tool is the Intra portal which contains information on benefits, privileges, rights and obligations of the Bank’s employees. On the Intranet portal of the Bank, the employees can find the following documents:

• PKO Bank Polski S.A.’s Code of Ethics,
• Principles of Recruitment,
• Recruitment Standards,
• Anti-harassment and anti-discrimination policies and the procedure for handling complaints concerning breaches of employee rights (regulations updated and communicated within the organization in 2018; a clear presentation of the principles for counteracting bullying and discrimination and the procedure for handling complaints was attached to the text of the regulations to make it easier for the employees to use the procedure);
• Best practices in serving persons with disabilities, as well as a presentation of the Bank’s Values.

Human rights are communicated externally through the Bank’s publicly accessible website which contains information about the PKO Bank Polski Foundation, about the idea of charity it pursues as a measure of respect for the environment, in particular for other people.