Policies related to consumers and end-users (S4‑1)

Download
PDF
  • ESRS:
  • Policies related to consumers and end-usersS4-1
    Policies related to consumers and end-users

Impacts and risks for consumers and end-users

The ESRS S4 standard refers to the consumers and end-users, which in the light of the Group’s activities means the customers who use our financial products and services. Customers, alongside employees, are at the heart of our activities and are the foundation of our 2024-2026 strategy.

Consumers and end-users are individuals who make use of bank accounts, loans, investment products or advisory services provided by us, but also our branches or online banking. We are committed to ensuring that our products and services meet their needs and comply with the standards of quality, security and transparency.

Customer relations are a priority for us, which is reflected in the results of the double materiality assessment. In terms of consumers and end users, impacts and risks were identified in the following areas:

Information impact

as a Group we have an impact on retail customer awareness, information quality and data protection, the complaints and enquiries process and price transparency. We also identify in those areas risks related to cyber-attacks and other security breaches due to human error, insufficient price transparency or the claims process.

Social inclusion

in this area, ensuring access to our products and services for all customers, including those belonging to the most vulnerable groups, is essential. We also make an impact by providing financial education and fraud protection.

We are aware that as a Group we depend on our clients – they are the basis of our business model, their trust is our top priority. In order to manage this dependency, the Group has risk management systems in place (described in more detail in the chapter XI ”Risk Management” in Consolidated Financial Statements of Santander Bank Polska S.A. Group for 2024), and we undertake a number of measures regarding the monitoring of clients’ experiences, the protection of their data, and the transparency of products and services – these measures are described in more detail in dedicated subsections.

In the double materiality analysis process, we did not identify any material impacts that would be common and systemic. The identified impacts are related to the nature of the business. As Group, we do not offer products or services that: are inherently harmful to people or increase the risk of chronic diseases, products that negatively affect human rights in terms of freedom of expression.

In order to manage these impacts and risks, the Group has a number of policies in place to help us achieve our strategic objectives. We also carry out many activities, the effectiveness of which we measure on an ongoing basis.

Policies for managing impacts, risks and opportunities in customer relationships

The policies for impact and opportunities management in terms of customer relations apply to the entire Group, with the exception of Santander Factoring, which does not provide services to individual customers. The management of this area is addressed by policies that are broad in scope (covering all stakeholders concerning all stakeholders), and those that address specific elements of activity directly related to the management of impacts, risks, and opportunities in relation to customers.

All of the Group companies serving individual customers have the ”Customer Experience (CX) Management Policy in place, which is a key document governing the management of material risks and opportunities related to customers. The policy does not currently make specific provisions for particular groups of consumers, such as low-income, elderly or digitally excluded individuals, but its application takes into account the needs of such groups as part of overall operational activities TheCustomer Experience Management Policy is an internal document, however, the Bank’s general approach to customer service and consumer relationship management is communicated on an ongoing basis through:

  • the Bank’s website,
  • information sheets and handouts made available to customers,
  • communication activities carried out through various channels, such as social media or e-mailing campaigns.

Other policies are also in place in the Group, to support the management of impacts, risks and opportunities in customer relations, including those addressing the issues of data protection, price transparency, counteracting digital exclusion and ethical sales. The highest-level body responsible for the implementation of policies is the Management Board, unless otherwise stated in the document. The Bank as well as certain Group companies (Santander TFI, Santander Leasing) implement the 'Consumer Protection Policy’. It describes the principles we follow with regard to:

  • fair treatment of consumers,
  • a customer-centric model for products and services,
  • transparent communication with consumers,
  • responsible sales practices,
  • responsible pricing policy.

This policy defines vulnerable customers and how we identify and manage their needs. It also describes how we protect consumers from excessive levels of debt through responsible lending and how we conduct responsible debt collection and recovery. The document also sets out the principles for protecting customer data and preventing fraud and abuse. It defines the rules according to which we handle complaints. Finally, it touches on the issue of consumer financial education, including that in general and on banking products. We apply the principles of this policy at the stage of product and service design, communication and customer service. The Compliance department is responsible for ensuring that the Bank’s decision-making bodies, including the Management Board and relevant committees, receive the information necessary for effective supervision of consumer protection issues.

According to the ”Consumer Protection Policy, a vulnerable customer is a consumer who, due to his personal situation, is more exposed to negative effects or financial or personal losses than others. Indicators that a consumer may be vulnerable include, but are not limited to: disability, age-related limitations, incapacity to work, serious illness, low level of education, difficult economic or personal circumstances. We take sensitivity criteria into account in the design of products and services and in key processes that have a significant impact on consumers, such as fraud management, complaints handling, lending and debt recovery. Employees who interact with consumers are trained to be able to identify and serve vulnerable customers. It is monitored by the compliance function and the Management Board.

Additionally, we apply the ”Product and Service Commercialisation Policy at Santander Bank Polska S.A.. It describes the acceptance process of new or modified products and services of the Group, as well as the process of monitoring throughout their life cycle. We are protecting consumers and mitigating the risks associated with our products and services with the help of this policy, including compliance, conduct and reputational risks. In line with this policy, we strive to offer products and services tailored to our clients’ needs and we promote good sales practices. This document sets out the decision-making process that precedes the release of products and services for sale. This includes both feedback from the relevant specialist units and decision-making, in which the Local Product Marketing and Monitoring Committee (LMMC) plays a key role. Our policy for the commercialisation of products and services describes the principles that relate to:

  • fair treatment of customers,
  • employees training ensuring they possess adequate knowledge of the products and services they sell and the risks associated with them,
  • educating customers to help them choose the right products and services and to understand how they work,
  • protection of customers’ personal data,
  • prevention of financial crime,
  • responsible implementation of innovation (without loss to customers),
  • policies on employee remuneration designed to protect customers, including linking employee performance appraisal to the quality and effectiveness of service in relation to risk management and control.

List of policies for managing impacts, risks and opportunities in terms of customer relations

  • ESRS:
  • Policies adopted to manage material sustainability mattersMDR-P
    Policies adopted to manage material sustainability matters

Polityka Zarządzania Doświadczeniami Klientów (CX)
Description of content Scope of application of the policy and exclusions
The aim of the policy is to increase the customer-centric maturity of the bank and its employees and to effectively manage the process of building positive customer experience. It describes the process of managing the customer experience.

Addressed IRO: Failure to guarantee the financial well-being, utility and accessibility of financial services to clients by not establishing g introducing product modifications and/or not monitoring their effective implementation, lack of adequate coverage and usefulness of products for the whole society and/or contributing to the creation of obstacles in accessing financial products resulting from the process of designing products and services.

Group
(excluding Stellantis companies)

 

Polityka odpowiedzialnej bankowości i zrównoważonego rozwoju
Description of content Scope of application of the policy and exclusions
The policy emphasises our commitment to creating value for customers by promoting responsible banking practices that take into account environmental, social and governance aspects.

Addressed IRO: Lack of access to products and services for vulnerable clients due to a lack of identification of products and/or services in the catalogue that violate the principles of inclusivity and/or accessibility, lack of adequate coverage and usability of products for the whole of society and/or the creation of obstacles to access to financial products resulting from the design process of products and services.

Group
(excluding Stellantis companies)

 

Polityka Marki i Marketingu
Description of content Scope of application of the policy and exclusions
The Policy sets out the criteria for defining and regulating strategy and for executing and controlling the brand and marketing management function.

The purpose of the Policy is to establish the rules for the operation of the marketing function, to ensure the consistency of the Santander brand and to establish the rules of cooperation within the global Santander Group in the field of marketing and branding. The document sets out uniform principles, responsibilities and key processes in the area of brand management, marketing and communication.

Addressed IRO: Failure to guarantee price transparency for clients resulting from the Bank committing price abuses without prior notification or justification, The risk arising from the Bank’s committing price abuses without prior notification or justification, resulting in the lack of guaranteed price transparency for clients.

Group
(excluding Santander Consumer Bank and Stellantis companies)

 

Polityka 5 zasad cyberbezpieczeństwa
Description of content Scope of application of the policy and exclusions
The Policy promotes responsible use of IT resources by the Bank’s employees, based on five key principles of cybersecurity. Its purpose is to minimize the risk of information loss or leakage and to protect IT resources against cyber threats.

Addressed IRO: Education of retail clients about online risks and how to mitigate them, Quality of information and data protection are not guaranteed to sensitive clients in terms of how their data is used, stored and shared, or does not provide sufficient understanding by the client of how the data is used, Lack of client privacy protection resulting from the database infrastructure and the data management software used by the Bank to host an manage all operations, Risk of cyber-attacks threatening the privacy of client data, Risk of serious security breaches causes by malicious practices or human error committed by employees, such as the use of unauthorised software, technical user violations, information exfiltration or leakage, Risk arising from violation of data protection regulations for vulnerable clients.

Group
(Stellantis has implemented its own regulations in this regard)

 

Polityka obsługi reklamacji, zapytań oraz analizy przyczyn
Description of content Scope of application of the policy and exclusions
The document defines the principles related to the handling of problems reported by current and potential customers (enquiries, complaints reported through various channels) and to the analysis of the causes of complaints.

Addressed IRO: Inquiries, complaints and client claims are not processed and do not result in necessary changes and modifications due to a lack of systems and processes, Risk resulting from not processing and addressing inquiries, complaints and client claims due to a lack of effective systems.

Bank

 

Generalny Kodeks Postępowania
Description of content Scope of application of the policy and exclusions
The document defines ethical standards and rules of conduct to be followed by all Group employees, including in relations with customers (e.g. in the context of the sale of banking products and services, gifts and invitations, conflicts of interest).

Addressed IRO: Failure to guarantee price transparency for clients resulting from the Bank committing price abuses without prior notification or justification.

Group
(Stellantis has implemented its own regulations in this regard)

 

Polityka ochrony konsumentów
Description of content Scope of application of the policy and exclusions
Defines a vulnerable customer and sets out principles for working with a vulnerable customer

Addressed IRO: Lack of access to products and services for vulnerable clients due to failure to identify products and/or services in the catalogue that violate the principles of inclusivity and/or accessibility, Failure to provide additional conditions for vulnerable clients in debt collection or recovery processes due to incorrect identification, Fraud against vulnerable clients resulting from lack of preventive transaction monitoring among people with legal guardians, Risk to vulnerable clients resulting from breach of data protection regulations.

Bank, Santander Leasing, Santander TFI

 

Polityka komercjalizacji produktów i usług
Description of content Scope of application of the policy and exclusions
The process of acceptance of new or modified products and services of the Group, as well as the process of their monitoring in their life cycle. The Management Board and the Supervisory Board are responsible for the policy.

Addressed IRO: Lack of adequate product coverage and utility for general public and/or the creation of obstacles to accessing financial products as a result of the product and service design process.

Bank, Santander Leasing, Santander Factoring, Santander TFI