Essentially, a compliance management system (CMS) comprises the regulations, processes, and measures that a company defines to ensure conformity with laws, standards, and company-specific rules. We are guided by the CMS reference definitions in ISO 19600:2014 and IDW PS 980.
Haufe Group’s compliance management system has three core principles: prevent, detect, and react. Our measures include guidelines and procedures, assessment and reduction of compliance risks, training and communication, advice and support, integration of compliance into operational processes, documentation and monitoring, and compliance auditing and investigation.
Our compliance management system encompasses covers six areas: ethics, labor law, anti-corruption, antitrust legislation, contracts, data protection and IT security.
The Legal + Compliance department at Haufe Group is an executive department and thus reports directly to the board. For dataprotection and IT security, the company relies on cross-departmental cooperation.
The compliance system supports the company, its employees, and business partners with processes and methods that aim to safeguard legal compliance and integrity when conducting business. Haufe Group introduced its own voluntary compliance standards, being a pioneer among standards mid-tier companies.