Customer-centric orientation is our compass – a strength which stems from making decisions and designing processes, services and offers with the customer’s perspective in mind.

One of the strategic directions within our 2021-2023 Strategy is ”Customer Obsession”, which means that every initiative and decision taken to achieve the bank’s objectives takes into account the quality and strength of the relationship with the customer.

Simplicity, effortless banking and self-service are key features of our services. For business customer segments, the key differentiator is a good relationship with a dedicated advisor.

Quality of service

  • GRI:
  • Main actions to increase customer satisfactionCustom indicator
    Main actions to increase customer satisfaction

Service standards

In 2021, we refined the new customer service standards developed in 2020. In view of the continuing COVID-19 pandemic, we implemented remote customer service standards in each group, prepared rules for cooperation between our customer service segments and launched the Santa Fan digitisation programme.

The commitments made under our excellent customer service credo have become particularly important:

  • We help customers handle their affairs "here and now" (in all service segments).
  • We encourage them to expand their cooperation with the bank, also in other segments.
  • We support them with remote and omnichannel services.
  • We appreciate each other and work together for the benefit of our customers.

In total, we trained 10,000 people in service standards (40,000 training hours), including the entire frontline staff. The new, empathetic service standard is in effect in as many as 7 out of 8 customer contact points.

Our priorities in developing the highest quality of service:

  • Systematic and continuous implementation of a customer-centric strategy.
  • Continuous monitoring of customer satisfaction with our services.

We conduct service quality surveys at various stages in our relationships with customers and for a number of customer touch points with the bank, including the branch, online and mobile banking and the call centre.

  • Responding to customer suggestions and expectations when preparing the offering – scaling service design with the voice of the customer in mind.

As part of our efforts to improve customer satisfaction with our products and services, we pursued the following strategic priorities:

Retail customers

  • delivering the best customer experience through a customer-centric orientation in the solution generation process. Measuring effects through NPS surveys
  • simplification and digitalisation of products and processes
  • activation and growth of business, especially in digital channels.
  • cooperation with One Europe on Santander Group projects

Small and Medium-sized Enterprises (SMEs)

  • increased satisfaction of business customers with the quality of products and services offered
  • development of remote processes and electronic banking for businesses
  • omnichannel and simplification of the corporate lending process

Private Banking

  • strengthening the position of Santander Private Banking as first choice banking in Poland
  • providing a reliable diversified investment offer
  • providing professional services, ensuring the highest quality and exploiting the synergies of Santander Group and the bank’s internal potential

Key achievements and results in 2021:

  • We implemented a number of initiatives to improve the delivery of products and services that meet customer expectations. These included scaling Service Design competencies across key teams in the bank and formalising of the activity planning process based on the customer voice.
  • We achieved a higher NPS indicator for retail customer loyalty and made it to the top three banks in this category. We also improved NPS for SME customers and ranked second in this category.
  • We implemented new functionalities to accelerate customer digitisation and simplify products and processes.
  • We developed remote and electronic banking processes for businesses.
  • We simplified the credit process for advisers and corporate clients.
  • We continued our work on simplifying the language used by the bank, revising internal documents and our communication to customers.
  • We implemented the tool and processed applications for subsidies from PFR’s Financial Shield 2.0 aid scheme.

We have simplified: 23 regulations, 74 templates for email messages, 200 versions of responses to complaints, the agreement for the Account As I Want It and documents concerning loan repayment. We introduced simplified versions of 52 procedures and withdrew 44 other procedures. We continuously review the effectiveness of the changes made.

Key activities planned for 2022:

  • The focus will continue to be on simplifying and developing digital solutions and processes that enable customers to bank efficiently remotely with a high level of positive experience for both customers and employees.
  • We intend to continue to expand our daily transaction banking solutions and our credit and insurance offerings so that they are available anywhere, anytime.
  • We will simplify processes, products and system infrastructure, reduce paper documents in favour of electronic communication and optimise the organisational structure.
  • We are prioritising issues related to climate change and social activities. The initiatives implemented to date in this area will be continued, with a particular focus on the ”Green Offer” and the expansion of green finance.

Complaints

In managing the complaints process our priorities are:

  • accessibility – complaints can be lodged at branches, by telephone, through e-banking services and by post. Replies to complaints are provided in a form convenient for the customer: by letter, SMS or in online and mobile banking;
  • speed of service – in the complaints process we use robotisation, which allows for a significant acceleration of repetitive tasks and shorter complaint handling time;
  • accessibility and clarity of language – we write our replies in a clear way, avoiding banking jargon and complicated language, and present the case comprehensively;
  • standards – the handling of complaints in our bank meets regulatory requirements; moreover, we systematically check the quality and speed of handling these processes and the level of customer satisfaction (confirmed by surveys). All conclusions and results of analyses and surveys are implemented in the organisation and serve to improve the entire complaint process. Customers may also use the assistance of a Customer Care Officer who evaluates appeals against decisions issued in response to complaints.
81
 
%
of responses delivered electronically

  • 98
     
    %
    of cases were resolved in the simplified process within one working day.
  • 60
     
    %
    of cases were dealt with within three working days
  • 24
     
    %
    of cases were handled "on the spot" by bank employees who accepted the complaint, within their discretions. The customer received a decision immediately after submitting the complaint.

Cyber security

  • GRI:
  • Management of material topics (identified as material in the materiality matrix) for topic: Security of services, transactions and customer data. 3-3
    Management of material topics (identified as material in the materiality matrix) for topic: Security of services, transactions and customer data.
  • Actions implemented to ensure cybersecurityCustom indicator
    Actions implemented to ensure cybersecurity
  • PRB:
  • We will work responsibly with our clients and our customers to encourage sustainable practices and enable economic activities that create shared prosperity for current and future generations. 3 Clients and Customers
    We will work responsibly with our clients and our customers to encourage sustainable practices and enable economic activities that create shared prosperity for current and future generations.
  • GPW:
  • Data protection policyG-S1
    Data protection policy

Our approach

The key to effective cyber and technology risk management is collaboration within the organisation across multiple areas, based on best standards and good practice, and ongoing monitoring. At our bank, we continually review and update cyber security regulations and processes to adapt to changing realities and challenges.

This approach makes it possible to continuously strengthen the security of our transaction systems, the tools used by customers in their daily banking, customer data as well as the infrastructure and technology used in the organisation.

Actions taken in 2021:

  • We continued to promote the free CyberRescue service for customers, which offers, among other things, alerts on cyber threats and expert support. The aim of these activities is to reach as many people actively using online and mobile banking, as possible.
  • As in previous years, we published warnings about ongoing cyber threats, including messages in online banking and on the bank’s main website.
  • We took measures to improve the competencies of staff in the area of cyber security.
  • Within the Polish Bank Association, we cooperated with CERT with a direct impact on strengthening the security of the entire financial sector.

We promote security and cyber-security

In 2021, as in previous years, we ran initiatives to build #CyberAwareness among customers and employees. We will continue our educational activities in 2022.

  • A social media campaign for customers based on ”Cyber Proverbs” was awarded in the ”Golden Clips” competition.
    Reach: 1.5 million social media users.
  • We extended the next edition of the cyber-education campaign ”Don’t believe in fairy tales for adults” to channels through which we can reach customers who use the Internet less often.
    Reach:

    • 6 million social media users,
    • 800,000 YouTube users,
    • 5.7 million radio users.
    • The campaign was presented on screen displays in branches and on the bank’s head office building in Warsaw.
  • The TV campaign for the ”Account As I Want It” combined with the promotion of the CyberRescue security package, which offers support also for customers using Internet less often.
    Reach: nearly 9 million people.
  • SMS campaigns targeted at SME customers promoting safe online behaviour and warning of current threats.
    Reach: the campaign was addressed to 260,000 customers.
  • Communication campaigns targeting electronic banking customers to promote safe online behaviour, CyberRescue security package.
  • We continued our cooperation with the ”Bakcyl” programme which aims to increase financial literacy and safety among young people.
  • We have launched a ”Safe Banking” section on our websites, where cyber-education materials and current threat warnings appear. A banner is shown on the bank’s main website to quickly and visibly inform customers about recent cyber crime threats.

Plans for 2022

Cyber security and technology risk management is an area that constantly faces challenges and changes resulting from the organisation’s objectives, but also triggered by external events. That is why in 2022 we plan to:

  • continue to increase the maturity of tools, systems and regulations directly affecting cyber security and technology;
  • focus on solutions that foster process automation and innovation;
  • further develop the competences of staff in the area of cyber security and technology;
  • continue initiatives to build #CyberAwareness among bank customers and employees;
  • work with the financial sector and other cyber security stakeholders to share information, best practices and solutions.

Information security

  • GRI:
  • Management of material topics (identified as material in the materiality matrix) for topic: Security of services, transactions and customer data.3-3
    Management of material topics (identified as material in the materiality matrix) for topic: Security of services, transactions and customer data.
  • PRB:
  • We will work responsibly with our clients and our customers to encourage sustainable practices and enable economic activities that create shared prosperity for current and future generations.3 Clients and Customers
    We will work responsibly with our clients and our customers to encourage sustainable practices and enable economic activities that create shared prosperity for current and future generations.
  • GRI:
  • Total number of justified complaints regarding breaches of customer privacy and data loss418-1
    Total number of justified complaints regarding breaches of customer privacy and data loss

Santander Bank Polska S.A. has an Information Security Management System that is certified in accordance with the ISO/IEC 27001:2013 standard. The system includes supervision of information security in the business environment of the Santander Bank Polska Group and assessment of specific requirements for information security and IT systems.

* We do not have statistics separating the number of privacy breaches and customer data loss incidents.

30
*
Total number of justified complaints regarding breaches of privacy and loss of customer data

Combating financial crime

  • GRI:
  • Management of material topics (identified as material in the materiality matrix)3-3
    Management of material topics (identified as material in the materiality matrix)

Threats

We have defined key risks, which include loss or theft of confidential data, interruption of key services, attacks on customer assets, fraudulent transactions, which is a consequence of the rapid development of modern information technology and the digital economy, as well as globalisation.

One of the key risks in both the banking and financial sector is the risk of cyber crime. This concerns both human behaviour and technological aspects.

There is a growing trend towards the professionalisation of cyber attacks and the specialisation of cyber criminals in specific fields. In particular, attacks using new technologies offered by criminals under a business service model are gaining popularity.

During the pandemic period, the importance of cyber security also increased significantly due to the massive shift of employees to remote working (handling almost all processes) and the rapidly growing use of remote channels by customers in sales and after-sales processes. On an ongoing basis, we monitored and took steps to mitigate risks in aspects affecting both customers and employees.  Among other things, we proactively warned of emerging risks resulting from attempts by criminals to exploit the pandemic. We increased our surveillance of areas exposed to the risk of fraud.

Our activities - combating financial crime

Regulations

We have documented our approach to combating financial crime and key actions in the ”Santander Bank Polska Group Cyber Security and Financial Crime Prevention Strategy 2019-2021″ and we have outlined mitigating actions in the Cyber Security Transformation Plan.

In our bank, we have adopted the definition of operational risk as set out by the Basel Committee on Banking Supervision, according to which operational risk is the possibility of loss resulting from the inadequacy or unreliability of internal processes, people and systems, as well as from external events, i.e. also as a result of criminal activities. The Santander Bank Polska Group has an integrated risk management structure whereby all risks that have a material impact on its business are identified, measured, monitored and controlled. Operational risk management in our bank and Group involves employees at all levels throughout the organisation and comprises a number of interrelated elements.

Together with the Group entities, we have developed and are implementing an 'Operational Risk Management Strategy’. The objective of operational risk management is to minimise the likelihood of and/or reduce the impact of unexpected adverse events, including those related to criminal activities.

Tools and activities

Our bank invests in the development of technologies that serve the processes of protecting against cyber attacks and countering other types of financial crime. Developed in the area of Business Intelligence, machine learning models and algorithms help us understand how to improve processes and services to satisfy our customers, but also support us in safeguarding customers and the bank from cybercrime.

In 2021, we have been launching preventive activities, including awareness campaigns targeting customers and employees, such as social media education campaigns, increasing both groups’ vigilance about digital threats and building a culture of cyber security.

Due to the sensitive nature of the subject, most of the information regarding the details of our prevention, monitoring and anti-financial crime activities is classified.

Our forecasts

The risk of ransomware (a specific kind of malware), distributed denial of service (DDoS) attacks or the use of social engineering will not decrease in 2022. We predict that attacks on supply chains, cyber espionage and attacks involving artificial intelligence and machine learning will continue to be a growing threat.

The geopolitical situation makes us pay particular attention to the risk of targeted attacks carried out by highly organised, disciplined and sophisticated groups, sponsored and coordinated by regime governments.