Impact, risk and opportunity management

ESRS 2 IRO-1 – Description of the processes to identify and assess material impacts, risks and opportunities

The general methodology for identifying impacts, risks and opportunities is described under ↗ ESRS 2 – General disclosures.

G1-1 - Business conduct policies and corporate culture

Responsible and lawful behaviour is a key element of the Lufthansa Group’s corporate culture and is anchored in the Group strategy. This is reflected in the vision statement of the Lufthansa Group: “Connecting people, cultures and economies in a sustainable way”. For the Lufthansa Group, sustainable economic success can only be achieved through business practices that are value-oriented and based on integrity. This requires that all board members, managers and employees comply with applicable laws, internal regulations and voluntary commitments at all times.

As a signatory of the UN Global Compact (UNGC), it is important for the Lufthansa Group to align its business activities with the internationally recognized principles laid down in the Compact. That is part of the Company’s annual progress report to the UNGC. The Lufthansa Group’s anti-corruption and anti-bribery guidelines are also aligned with the UNGC, whose anti-corruption principle is derived from the United Nations Convention against Corruption.

Lufthansa Group Code of Conduct defines the framework for ethical and responsible behaviour

The Code of Conduct of the Lufthansa Group provides the framework for acting with integrity and responsibility, within which all business decisions must be made. The principles contained therein include, in particular, corporate responsibility for society and the environment, business integrity and responsibility for the Company and its resources. As such, the Code of Conduct forms the foundation of the Lufthansa Group’s value system. It also establishes guidelines that are intended to guide the actions of its decision-making bodies, managers and employees. The Code of Conduct is available on the Lufthansa Group website.

The Code of Conduct addresses, among other things, anti-corruption, handling of conflicts of interest, fair competition, foreign trade regulations, anti-money laundering, insider information and prohibition of insider trading. Through these topics, the following material impacts, risks and opportunities of the Lufthansa Group are particularly covered: ethical business conduct, protection of whistleblowers when reporting insider information, active management of suppliers for foreign trade regulations, securing supply chains, safeguarding business operations and combating corruption and bribery.

The Code of Conduct is binding for all employees of the Lufthansa Group worldwide, regardless of their role or hierarchy. As such, it forms the basis for the corporate culture of the Lufthansa Group. In addition, it also defines the expectations of the Company’s business partners, including suppliers. Based on this Code of Conduct, the Lufthansa Group’s Supplier Code of Conduct additionally applies to suppliers. The Corporate Compliance Office is responsible for the editorial coordination of the Code of Conduct, while the Executive Board of Deutsche Lufthansa AG is responsible for its implementation. Other governance functions, such as Group Data Protection, are responsible not only for monitoring but also for developing topic-specific governance structures – including guidelines, specifications and reporting. The Code of Conduct is communicated to all employees of the Lufthansa Group. Additionally, regular training on its contents takes place. The contents of the Code of Conduct are based, among other things, on internationally recognised frameworks such as the UNGC and the International Air Transport Association (IATA) resolution against human trafficking.

Internal and external whistleblowers can report potential violations of the Code of Conduct to the Corporate Compliance Office through various channels. Reports concerning human rights issues and discrimination are received directly by the Human Rights Officer and their team. If a report is compliance-relevant, it is further investigated by the Corporate Compliance Office with the support of Corporate Security.

Lufthansa Group implements German Supply Chain Due Diligence Act (LkSG) across the Company

To ensure and maintain various supplier requirements in the Lufthansa Group, two teams primarily carry out the implementation of the LkSG. The Human Rights & Non-Discrimination Team coordinates the Lufthansa Group’s activities regarding its human rights responsibility. The Group Procurement Team manages risk with regard to the supply chain. Both teams are supported by contact persons from specialist departments such as Occupational Health and Safety, Human Resources, Compliance and Procurement, as well as by Key Accounts from priority Lufthansa Group companies. To oversee risk management, the role of Human Rights Officer was established within Human Rights and Infrastructure Executive Board area, reporting directly to the Executive Board. The Human Rights Officer reports to the Group Executive Board on the work of the responsible persons on a regular and ad-hoc basis. Corporate Internal Audit is deployed to support the Human Rights Officer and to conduct implementation-level audits. The Corporate Internal Audit function regularly verifies that implementation is appropriate and effective. In addition, the Group Human Rights Steering Board was established as a governance body to provide recommendations on risk management. It is chaired by the Human Rights Officer and consists of the heads of Corporate Responsibility, Corporate Compliance, Group Procurement and Occupational Safety departments.

Binding compliance guidelines apply to all Lufthansa Group employees

The structure of the Lufthansa Group’s Compliance Management System and specific regulations and guidelines for the prevention of corruption and bribery are set out in several compliance guidelines for Lufthansa Group employees, including:

• The Group Compliance Guideline regulates, among other things, the structure of the Lufthansa Group’s Compliance Management System based on the generally recognised IDW PS980 standard. Components also include the anchoring of individual compliance modules such as anti-corruption as well as the description of organisational structure, roles and responsibilities, competencies and minimum requirements for the relevant compliance bodies and functions.
  
• The Integrity Compliance Guideline contains requirements for the prevention of corruption and bribery, including conflicts of interest. Three guidelines here provide clear rules for invitations and gifts, particularly in relation to public officials, as well as requirements regarding potential conflicts of interest. The guidelines aim to mitigate corruption and bribery risks, ensure compliance with regulatory standards and maintain and improve the Group’s reputation.

The guidelines are binding for all decision-making bodies, managers and employees of the Lufthansa Group. Group Internal Audit, the Group Compliance Committee, the Executive Board and the Audit Committee of the Supervisory Board monitor the Compliance Management System, including the guidelines.

The Lufthansa Group Code of Conduct and the Group Compliance Guideline each contain provisions on preventing retaliation. The aim is to protect employees from disadvantages and retaliation when they report justified concerns. The Lufthansa Group is committed to comprehensive protection of whistleblowers within the framework of the established whistleblower system. The identity of whistleblowers is treated as strictly confidential and is only disclosed if required by law. The Company has a zero-tolerance policy towards any form of reprisal. Employees who report violations are explicitly protected from disadvantages, disciplinary measures and discrimination. Violations of this non-retaliation policy are classified as compliance violations and consistently sanctioned. Furthermore, reports can be submitted anonymously, with the Lufthansa Group taking no steps to determine the identity of whistleblowers.

Group Guideline on Competition Compliance strengthens competition-related topics

The Lufthansa Group’s Competition Compliance Guideline was developed to efficiently implement competition law requirements throughout the Group and ensure lawful conduct in competition. The Guideline includes clear rules of conduct on competition-related topics. Its objectives are to promote compliance with legal standards, protect and strengthen the Lufthansa Group’s reputation and support the long-term success of the Lufthansa Group.

The rules of conduct include requirements for:

• behaviour towards competitors and non-competitors,
• participation in purchasing groups and
• behaviour in cases of market-dominant positions.

The Guideline is valid for all regions and countries in which Deutsche Lufthansa AG and its direct and indirect majority shareholdings operate. It is aimed at key decision-making bodies and stakeholders such as employees, customers, business partners, investors and the general public. The Guideline is available to all employees via the intranet.

A monitoring process is intended to ensure compliance with the Guideline. The Lufthansa Group Internal Audit and an external auditor review the entire Compliance Management System, including the guidelines. The Guideline was approved by the Executive Board of Deutsche Lufthansa AG and is an integral part of the Lufthansa Group’s commitment to compliance and integrity in daily business operations.

The Lufthansa Group’s Anti-Money Laundering Compliance Guideline serves to implement applicable anti-money laundering obligations

The Lufthansa Group’s Anti-Money Laundering Compliance Guideline establishes binding requirements for identifying and preventing money laundering risks. It serves to implement applicable anti-money laundering obligations and aims to ensure that all relevant laws and regulations are complied with throughout the Group.

The Guideline further aims to mitigate potential money laundering risks, ensure compliance with regulatory standards and protect the Lufthansa Group’s reputation. By promoting transparent and ethical business conduct, the Guideline is intended to contribute to the sustainable, long-term success of the Lufthansa Group. Core activities include:

• Principles for identifying circumstances that indicate money laundering risks,
• Requirements for reporting suspicious cases for companies subject to specific anti-money laundering laws, and
• Guidelines for executing payments.

The Guideline is valid for all countries and regions in which Deutsche Lufthansa AG and its direct and indirect majority shareholdings operate. Exceptions may exist for regulated companies subject to specific anti-money laundering provisions.

Essential decision-making bodies and stakeholders include employees, customers, business partners, investors and the general public. The Guideline is available to employees via the intranet. Compliance with the Guideline is regularly reviewed by the Lufthansa Group’s Internal Audit and an external auditor to ensure the effectiveness of the Compliance Management System. The Guideline is approved by the Executive Board of Deutsche Lufthansa AG and underlines the importance of responsible and lawful conduct throughout the Group.

Group Guideline Security defines security functions in the Company

The Group Guideline Security of the Lufthansa Group serves to comprehensively protect employees, customers, operational processes, assets and the brand. The Guideline is based on the use of proven practices and synergies within the companies of the Group, with risk-based and results-oriented security measures always aligned with legal requirements and security regulations. A key component of the Guideline is supporting business processes through a balanced relationship between proactive protective measures and an efficient response to security incidents.

The Guideline is integrated into the Code of Conduct and defines the roles and responsibilities of security functions within the Lufthansa Group. It also includes the mandate to establish and further develop a comprehensive Security Management System (SeMS) that sets Group-wide security standards and recommended practices. This is intended to create a uniform structure that ensures a high and consistent level of security throughout the Lufthansa Group’s business operations. The Guideline provides strategic direction and promotes the harmonisation of security practices within the Company.

The Guideline applies worldwide to all consolidated Group companies of the Lufthansa Group and particularly affects employees. The complete text is available to Lufthansa Group employees on the intranet. The highest authority taking responsibility for this Guideline is the Group Security Officer, who reports directly to the Executive Board.

The Security Management System aims to ensure high security standards in all areas of the Lufthansa Group

The Security Management System (SeMS) of the Lufthansa Group is an integral part of the Code of Conduct and serves to ensure compliance with legal regulations, the adoption of best practices and the continuous development of the management system and security culture. Its goal is to ensure high security standards in all areas of the Company.

The SeMS aims to protect customers, passengers, employees, and the premises and assets of the Lufthansa Group from unlawful interference. It serves to secure flight and facility operations, enable optimal handling of security-relevant situations, and limit the negative consequences of such incidents. Furthermore, the system contains clear instructions on the required security measures to ensure smooth implementation.

This management system applies worldwide to all operational areas of the Lufthansa Group and particularly affects all employees of the Group. The SeMS is accessible to them via the intranet. External standards, such as the IATA Operational Safety Audit for air transport operators, are integrated into the SeMS.

The monitoring system includes quality management and maturity assessments intended to ensure ongoing progress and compliance with security standards. The highest level of approval and supervision is the Group Security Officer, who has a direct reporting line to the Lufthansa Group Executive Board.

The Group Resilience Guideline aims to increase resilience to external influences and their potential impacts

The Group Resilience Guideline of the Lufthansa Group was developed to strengthen the Company’s resilience against increasingly complex operational disruptions and sudden changes. Through coordinated and harmonised action, the aim is to increase efficiency throughout the Group while taking advantage of synergies and improving the quality of work results. The Guideline is an essential component of the Code of Conduct and serves as a protective shield to withstand external influences and minimise their potential impacts.

The Guideline provides a foundation for the uniform implementation of international legislation (for example, Network and Information Security - NIS), the Partner Information System (PartIS) in the form of ensuring IT security and the protection of sensitive data within partner collaborations, industry standards (for example, IATA) and national requirements, such as the German Act on the Federal Office for Information Security, and the Family Assistance Act of the National Transportation Safety Board, USA. This aims to ensure coordinated action in potential crises and guarantee the introduction of uniform structures, processes and methods that are essential for managing and mitigating crisis impacts.

The Guideline applies worldwide to the Lufthansa Group and is viewable and accessible to all Lufthansa Group employees on the intranet. The affected stakeholders are primarily Lufthansa Group employees. Third-party standards and initiatives for passenger airlines, such as IOSA, are taken into account in the Guideline, and the monitoring process is carried out through quality management. The highest authority for implementing the guideline in operational crisis management is the Group Emergency Director, who reports directly to the Lufthansa Group Executive Board.

The Safety Guideline serves to ensure regulatory compliance and improve the safety culture at the Lufthansa Group

The Safety Guideline of the Lufthansa Group underscores the Group’s commitment to the highest safety standards and always places safety above operational or financial objectives. Clear targets, the assignment of responsibilities at all levels, and the integration of effective risk management into daily operations are central elements of this Guideline.

The Safety Guideline serves to ensure regulatory compliance and improve the safety culture through hazard identification and incident analysis. The aim is to strengthen operational reliability and stakeholder trust, and in so doing, create a safe environment for passengers, crew members and all operational staff.

To enable each responsible Safety Manager to fulfil their responsibilities, the Lufthansa Group commits to the following:

• Development, implementation and continuous improvement of safety standards, strategies and processes
• Provision of tailored safety training for all employees according to their role
• Ensuring appropriate and timely provision of information within the Group
• Development and promotion of a safety culture characterised by safe practices and effective communication
• Use of risk management and hazard identification tools for sound management decisions
• Meeting and – where necessary – exceeding legal and regulatory requirements
• Ensuring the availability of trained and qualified specialists for implementing safety strategies
• Measuring and continuously improving safety performance through the adaptation of safety objectives and standards
• Ensuring that external systems and services meet the Lufthansa Group’s safety standards

The Safety Guideline is intended to cover all safety-relevant activities covered by the operating permits under aviation law for the Lufthansa Group’s passenger airlines. It applies worldwide. The perspectives of stakeholders were integrated in close coordination with the Group Safety Committee, Safety Manager Committee and Compliance Monitoring Management Committee.

The Guideline and associated processes are available to Lufthansa Group employees through internal communication platforms and through virtual or in-person participation in committees. Monitoring is carried out through the Lufthansa Group’s safety monitoring and is anchored with the Lufthansa Group Executive Board, including the Group Safety Committee and the Group Safety Pilot.

The Safety Guideline forms the basis for the continuous development of safety standards at the Lufthansa Group.

The Lufthansa Group Safety Management System aims for uniform standards across Lufthansa Group Airlines

As part of its Safety Guideline, the Lufthansa Group commits to transparent and efficient management of its safety processes. A central element is the Lufthansa Group Safety Management System (SMS), which aims for uniform standards and close cooperation within the Lufthansa Group airlines as well as with central functions of the Lufthansa Group.

The Lufthansa Group Safety Management System is based on binding corporate guidelines, established cost allocation processes and the responsibility of individual airlines for risk management and conducting safety management processes. Safety and compliance-relevant information is shared proactively and transparently. Support in the form of resources or expertise is provided upon request.

Annually, the Lufthansa Group Safety Manager and the Group Safety Pilot jointly set safety objectives, which are presented and approved in the Flight Safety Committee. These objectives are broken down into:

• Priority 1: High-urgency objectives to be achieved in the current year
• Priority 2: Additional optional objectives for the current year
• Priority 3: Long-term objectives without time limitation, extending beyond the current year

The Group’s safety targets are monitored through the Lufthansa Group’s safety monitoring.

The Lufthansa Group Safety Management System covers numerous safety-relevant topics, including:

• Safety Guideline and mission statement
• Identification and management of significant risks
• Linking of Group safety processes and individual passenger airline processes
• Audits and compliance-monitoring
• Safety research and development
• Risk management, including fatigue risk management and operational risk evaluation
• Safety promotion through training, communication and stakeholder management

Responsibility for safety management processes lies with the Group Safety Committee, supported by the Group Safety Pilot, the Group Officer for Safety and Compliance Monitoring Management / Security and Crisis Management, and the Flight Safety Committees of the passenger airlines. Compliance with safety standards is continuously monitored through Lufthansa Group safety monitoring. The development and implementation of safety guidelines take place with the involvement of relevant stakeholders and committees, such as the Group Safety Committee, the Safety Manager Committee and the Compliance Monitoring Management Committee. Information and documentation are accessible to Lufthansa Group employees via internal communication platforms and physical or virtual participation in the respective committees.

The Lufthansa Group Safety Management System is guided by the Minimum Group Safety Standards and the Group Safety References, which represent binding requirements for safety management, compliance monitoring and risk management within the Lufthansa Group airlines.

The Guideline is implemented Group-wide and is continuously developed to meet the Lufthansa Group’s high standards regarding safety and compliance.

The Lufthansa Group’s Group Safety Pilot strives to strengthen safety beyond legal requirements

The Group Safety Pilot is a central component of the Lufthansa Group’s internal monitoring and risk management system. The concept is based on the Group Flight Safety Guideline and is fully implemented in the relevant corporate processes. The aim is to sustainably ensure and improve flight safety beyond the legal and regulatory requirements.

The concept governs the Group-wide task definition, authorities and responsibility of the role of the Group Safety Pilot. They are authorised to conduct flight safety audits and commissioned audits at all direct or indirect majority-held companies of the Lufthansa Group. For minority shareholdings and partner companies, access is coordinated with the respective supervisory and corporate bodies.

To maintain maximum independence, the Group Safety Pilot reports directly to the Chief Executive Officer of the Lufthansa Group. Their activity exclusively covers flight safety-relevant aspects, with responsibility and governance regulated through the Lufthansa Group Safety Guideline.

The concept of the Group Safety Pilot was developed with the involvement of all relevant stakeholders, including the Group Safety Committee, the Safety Manager Committee and the Compliance Monitoring Management Committee. The concept is valid Group-wide in all Lufthansa Group passenger airlines and is accessible via internal communication platforms.

Ultimate responsibility for compliance with and further development of the concept lies with the Group Safety Committee and the Group Safety Pilot, which acts as a central monitoring instrument of the Lufthansa Group Executive Board. The activities of the Group Safety Pilot are subject to regular quality audits by Group Internal Audit.

Data protection is regulated Group-wide at the Lufthansa Group

The Lufthansa Group pursues clear objectives in the area of data protection to protect the personal rights of customers, employees, shareholders and business partners. A key concern is to avoid personal references in data processing as far as possible while always complying with legal requirements. The establishment of global data protection standards, such as guidelines, contract templates and forms, provides the foundation for Group-wide data protection. These measures support the Lufthansa Group in establishing a stable data protection organisation and necessary data protection processes.

Another objective is to comprehensively train employees in data protection principles and enable them to apply these in their daily work. By establishing a data protection management culture characterised by data protection-compliant solutions, the aim is to foster economic, innovative and sustainable actions by the Lufthansa Group.

The data protection organisation is comprehensive and extends from the Executive Board to individual employees, with Group Data Protection Officers playing a central role. Within this structure, clear processing principles have been established: processing of personal data is lawful, transparent and purpose-bound, and complies with the tenets of data minimisation, accuracy and confidentiality. Clearly defined roles and responsibilities, such as those of local data protection officers and data protection coordinators, aim to ensure the implementation of data protection measures.

The formal implementation of data protection requirements is governed by a Group guideline that applies to all Lufthansa Group companies in the European Union and to companies in which the Lufthansa Group holds at least a 50% stake. This guideline and the associated processes are accessible to all employees and serve the continuous improvement of data protection practices in the Group. Regular internal audits and risk assessments ensure that potential vulnerabilities are identified early and corrective measures are initiated promptly. A monitoring process ensures that feedback is integrated and data protection measures are continuously developed.

Animal welfare requirements for Lufthansa Cargo for animals transported by air

Lufthansa Cargo has to ensure the implementation of all the animal transport regulations specified by national governments and the industry association IATA. The aim is to ensure the protection and welfare of animals during air transport throughout the entire transport chain.

The IATA guidelines and national legislation include requirements in particular regarding:

• Size and equipment of transport boxes
• Temperature and oxygen during transport
• Employee training on animal care and stress reduction
• Disease prevention and
• Compliance with species protection agreements such as CITES (Convention on International Trade in Endangered Species of Wild Fauna and Flora)

Furthermore, Lufthansa Cargo has defined its own restrictions for the transport of certain animal species for ethical and nature conservation reasons.

Lufthansa Cargo has appointed an Animal Welfare Officer who is primarily responsible for animal protection while considering the interests of all affected stakeholders. They ensure that regulatory requirements and internationally relevant standards are known to and complied with by employees and service providers involved in animal transport. Lufthansa Cargo also maintains a continuous dialogue with IATA working groups and various stakeholders such as animal and zoo associations. International and national customs and border protection authorities and governments are another important stakeholder group involved in animal transport. The CITES regulations also apply to products of animal origin. The more protected an animal is, the more extensive the prohibition on trade in products of animal origin and the stricter the transport regulations become.

The Lufthansa Group passenger airlines are addressing the issue of animal welfare and are therefore currently working on a comprehensive strategy in this area. In addition, the aim is to develop a Group-wide position on this topic. The airlines are already committed to this matter through various initiatives. For example, Discover Airlines offers a vegan menu selection in Business Class, and all passenger airlines offer a vegetarian menu selection in all travel classes.

G1-2 - Management of relationships with suppliers

The Lufthansa Group places great importance on ensuring that its suppliers comply in full with the relevant laws, guidelines and requirements on fair competition, integrity and responsible business practices. This includes the protection of fundamental human rights and environmental concerns. In this way, the Lufthansa Group seeks to fulfil its due diligence requirements and to avoid entering into business relationships with persons or companies that do not meet these standards. The aim of the Lufthansa Group’s risk management system for procurement processes is to identify human rights, environmental and compliance risks or violations of Group standards in the supply chain and to prevent, minimise or, if necessary, terminate them through effective action. If the risk management system identifies such a risk in relation to a supplier, appropriate measures are initiated. This will be implemented by a central team of experts in the procurement function. The actions are then agreed with the supplier. ↗ S2 – ESRS 2 SBM-3 – Material impacts, risks and opportunities and their interaction with strategy and business model.

Furthermore, through the continuous inclusion of obligations in contracts with suppliers, the Lufthansa Group strives to ensure responsible conduct by its direct suppliers, thereby meeting its own standards of corporate responsibility and avoiding risks.

Third parties can confidentially lodge complaints and reports on human rights- and environment-related risks or violations and compliance breaches by suppliers via an electronic whistleblower system or the external ombudsperson for the Lufthansa Group. ↗ S2-3 – Processes to remediate negative impacts and channels for value chain workers to raise concerns. Additionally, Lufthansa Group suppliers are required in their contracts to inform their own suppliers and their suppliers’ employees about the Lufthansa Group’s reporting channels. The Lufthansa Group’s rules of procedure for handling reports are available on the Lufthansa Group website. For other matters within the scope of application of Section 2 of the German Whistleblower Protection Act (HinSchG) ↗ S1-3 – Processes to remediate negative impacts and channels for own workforce to raise concerns.

Human rights and environmental requirements are included in the specification of the tender procedure. Furthermore, these requirements must be included in the evaluation matrix that forms the basis for supplier selection. In addition, suppliers are informed about the Supplier Code of Conduct with the tender documents, which formulates the Lufthansa Group’s expectations regarding social, environmental and ethical responsibility to its suppliers.

G1-3 - Prevention and detection of corruption and bribery

The Lufthansa Group has established a comprehensive Compliance Management System to ensure lawful and transparent conduct in all business activities. The Compliance Management System follows the audit standard IDW PS 980 and consists of seven pillars: compliance culture, compliance objectives, identification of compliance risks, compliance programme, compliance organisation, compliance communication and compliance monitoring. It comprises the following modules: Integrity (Anti-Corruption), Capital Market Compliance, Competition Compliance, Embargo and Export Compliance, External Workforce Compliance and Anti-Money Laundering Compliance.

A central measure to prevent allegations or incidents of non-compliance, including corruption and bribery, is the development of a strong compliance culture. The Code of Conduct forms the foundation of the Lufthansa Group’s value system and compliance culture. The compliance culture is fostered by the Executive Board members and managers of the Lufthansa Group, living up to their role model function as decision-makers of integrity, by expressing to their teams their expectation that all business decisions and activities must be based on lawfulness, integrity and the values set out in the Lufthansa Group Code of Conduct. Furthermore, the Lufthansa Group has established specific rules and processes to prevent corruption and bribery. The Lufthansa Group’s compliance guidelines define, among other things, requirements for handling gifts, invitations and other benefits as well as donations, memberships and sponsorship. The compliance guidelines are binding for all decision-making bodies, managers and employees of the Lufthansa Group.

The Corporate Compliance Office and compliance managers in Lufthansa Group companies have the task of supporting decision-making in accordance with the compliance guidelines by providing consultation. Management and employees are encouraged to seek advice on compliance matters at any time. Additionally, the Lufthansa Group maintains an app that enables compliance checks based on its compliance rules around the clock.

Once a year, the compliance managers of all Lufthansa Group companies with operational activities must assess their exposure to relevant compliance risks and the status of their risk mitigation measures. The Corporate Compliance Office validates and consolidates the results. From this, recommendations are derived to mitigate identified risks through specific measures. The results of the risk assessments and the implementation status of the recommended instruments and measures are reported to the Executive Board, the Audit Committee and the Supervisory Board of the Lufthansa Group as part of the Group compliance report.

To investigate allegations or incidents of corruption and bribery, the Lufthansa Group maintains various whistleblower channels. All employees can also contact their direct supervisors, the compliance managers in their Group company or the Corporate Compliance Office. If whistleblowers wish to remain anonymous, concerns and potential violations can be addressed via the electronic whistleblower system or the ombudsperson, which are also publicly accessible to external whistleblowers. The reporting of grievances or violations is also part of the Lufthansa Group’s web-based integrity compliance training.

Investigations of potential compliance violations, including corruption and bribery allegations, are conducted by the Corporate Compliance Office and the Intelligence & Investigations Team of Corporate Security. Depending on the severity of the allegations, the investigations are reported either to the Group Compliance Committee or the responsible Central Compliance Committee. These committees are independent of the management chain involved in the matter. They exercise their steering function and make the key decisions to pursue a neutral and thorough investigation. The investigation procedure for potential compliance violations is outlined in a process description.

At least quarterly, the Corporate Compliance Office reports to the Group Compliance Committee summarizing all compliance-relevant allegations and incidents, including those of corruption and bribery, as well as the Lufthansa Group’s relevant compliance investigations. Twice a year, the Corporate Compliance Office reports relevant incidents, allegations and investigations to the Executive Board and the Audit Committee of the Supervisory Board, and once a year to the Supervisory Board of the Lufthansa Group. Compliance investigations that are only relevant for one Lufthansa Group company are reported by the Corporate Compliance Office to the responsible Central Compliance Committee of the Group company concerned.

The Corporate Compliance Office, the Chief Compliance Officer and management regularly communicate the Lufthansa Group’s expectations regarding business conduct with integrity, free from corruption, bribery and conflicts of interest. The Corporate Compliance Office and the Lufthansa Group companies publish the relevant compliance guidelines, including those on anti-corruption and anti-bribery, on their respective intranets. When guidelines are updated, the Corporate Compliance Office and compliance managers in the Group companies ensure that they are communicated throughout the Group. Additional communication measures include information stands at welcome events and the distribution of compliance guidelines as part of onboarding for new employees.

Compliance trainings aim to raise employee risk awareness

Compliance trainings are intended to support Lufthansa Group employees in understanding all the relevant legal requirements and internal guidelines of the Lufthansa Group. It should serve to raise awareness of risks, provide guidance on handling risk situations and show where employees can obtain support. Web-based trainings should raise awareness of these topics; in-person training should convey department or function-specific knowledge. The mentioned web-based or in-person trainings are accessible to all employees.

Generally, all management levels are required to participate in anti-corruption web-based compliance training. In addition, the Corporate Compliance Office offers introductory training for newly appointed Board members of all Lufthansa Group companies. Depending on the risk exposure of the respective role within the Lufthansa Group to specific compliance risks, employees are required to participate in compliance training. This applies in particular to managers and employees who could be exposed to conflicts of interest. Reasons for this could include, for example, invitations, gifts or other benefits obtained from persons outside the Lufthansa Group. Potentially controlling functions working in areas such as human resources, controlling or accounting are particularly affected. Other sensitive areas include procurement, sales, account management, marketing, event management, business development, communication, international relations/governmental affairs, ground operations, finance, accounting and legal. Based on available personnel master data, 100% of the functions exposed to risk are covered by at least one training format. These target groups are regularly reviewed and adjusted by Group companies with support from the Corporate Compliance Office, for example during organisational restructuring or developments.