- GRI:
-
Compliance with laws and regulations2-27Compliance with laws and regulations
-
Total number of incidents of non-compliance with regulations and/or voluntary codes concerning product and service information and labelling417-2Total number of incidents of non-compliance with regulations and/or voluntary codes concerning product and service information and labelling
-
Total number of incidents of non-compliance with regulations and/or voluntary codes concerning marketing communications417-3Total number of incidents of non-compliance with regulations and/or voluntary codes concerning marketing communications
-
Total number of discrimination cases406-1Total number of discrimination cases
-
Total financial and in-kind donations to political parties, politicians and similar organizations415-1Total financial and in-kind donations to political parties, politicians and similar organizations
We monitor the compliance of our activities with legal regulations and the Compliance function oversees the process.
How we ensure compliance with the law:
- informing about significant changes in laws and regulatory guidelines,
- monitoring the implementation of regulatory projects,
- approval of new products and major product changes,
- reviewing model agreements, communication and advertising, procedures and training,
- regular monitoring of processes and products.
*In 2022, the bank received one fine of PLN 545,000 for acting in violation of Regulation 2016/679 (GDPR). In the case in question, we reported the violation to the Office for Personal Data Protection (UODO) when we found that a former employee of the bank had unauthorized access to the payer profile on the Social Security Electronic Service Platform. As a result, he was able to view the bank’s employee data. In response to the incident, we posted a notice on the internal communication platform reminding people of the rules for processing personal data. In the UODO’s opinion, the announcement was too general and the data subjects were not notified instantly, without undue delay of their personal data breach. The decision was issued by the President of the Office for Personal Data Protection. The decision is not final. The bank has filed an appeal.
Just like last year, Santander Bank Polska does not provide financial or in-kind support, whether direct or indirect, to political parties.