Binding rules of conduct for the Group

Reports may cover potential compliance violations (which occurred or are very likely to occur) relating to, among others:

• Corruption/ Bribery
• Other white collar crime (fraud, embezzlement, etc.)
• Data Protection
• Antitrust/ Competition
• Insider Trading/ Market Manipulation
• Regulatory
• Anti-money laundering (AML)
• Sanctions
• Information Security
• Human Rights or other ESG aspects
  
  as well as other topics that do not necessarily fit into any of the abovementioned categories or that defeat the object or the purpose of any underlying rules or regulations (statutory or internal).
  

For information on the complaint procedure under the Supply Chain Due Diligence Act (LkSG), please refer to the Rules of Procedure.

Our experience, financial strength, efficiency and first-class service are what make Munich Re the first choice for all matters relating to risk. In addition to competence and performance, we place great emphasis on dealing fairly with our employees and business partners. This includes compliance with statutory regulations, with the company's internal Code of Conduct and the regulations resulting from it.

You may have knowledge of behaviour or circumstances that could damage Munich Re, or in extreme cases, even threaten the company's continued existence. By providing the information, you can make an important contribution to identifying financial or reputational risks at an early stage, thereby preventing losses.

You can choose to report to Group Compliance and Legal (GCL), the group wide Munich Re Ombudsperson and/or – where required by law – the respective compliance function(s) at specific local entities. Your report will only be visible for those compliance functions with whom you want to share the information.

In addition to the whistleblowing portal, individuals may of course also reach out by post, by internal mail or by email to Munich Re’s Central Compliance Department (Group Compliance and Legal (GCL)) at:

Münchener Rückversicherungs-Gesellschaft Aktiengesellschaft
München Group Compliance and Legal
Königinstraße 107
80802 München

Email: group.whistleblowing@munichre.com

In case of personal notification, please make an appointment in advance via email.

• Munich Re’s group wide Ombudsperson Markus Brinkmann. He can be contacted by telephone, post or e-mail (via your office or private PC):
  
  Markus Brinkmann
  Partner, Leiter Forensic, Risk & Compliance, CFE
  BDO AG Wirtschaftsprüfungsgesellschaft
  Fuhlentwiete 12
  20355 Hamburg, Germany
  
  In addition, he can be reached from the countries below toll-free on the numbers indicated, which are reserved for his activity as ombudsman:
  • Germany: 0800-66 45 89 5
    
  • USA: 866-77 85 03 0
  • Canada: 866-65 65 14 5 (direct dial)
  • UK: 0808-23 89 57 7
  • China (Beijing and Shanghai): Beijing: 10-800-712-2617
  • Shanghai: 10-800-120-2617 
  • Singapore: 800-12 05 333 
  • Poland: 00-800-12 13 62 9
  • Mexico: 001866-38 38 05 2

From all other countries the ombudsman can be reached on the following number (calls charged at normal rates): 0049-40 33 47 53 74 35

The ombudsman can be contacted from 9.00 a.m. to 7.00 p.m. CET. Should he be temporarily unavailable between the above times, you may leave a message on his voicemail.

Email: ombudsmann.mr@bdo.de

Finally, Munich Re employees who become aware or are suspicious of circumstances relating to compliance may first refer these within their immediate work environment, in particular to their line managers, their HR department, or the local/regional compliance officers. The data protection officer in Munich, who is bound to maintain confidentiality, is also available insofar as the protection of personal data is concerned.  

Any report is appreciated and retaliation is not to be feared (also refer to FAQ 9). We encourage you to use the above contacts. In addition, anyone may report potential compliance violations to the respective competent authorities in their local jurisdiction.

The input mask is available in German and English. The text input can of course be done in another language. It is free of charge and can be accessed from anywhere in the world and at any time.

You will be guided through the reporting process in five steps, including a categorisation of the reported topic and selection of the compliance function you would like to report to. The incident can be reported in a free text field (up to 5,000 characters) or via upload of a file (up to 5MB). The whistleblowing portal also allows a set-up of a protected mailbox function (“postbox”, see FAQ 6) which allows the responsible compliance function to contact you in case there are any questions. 

The responsible compliance function will follow up on your report, i.e. review the information and where required commence an investigation.

Provided you have chosen to include a communication channel via which the responsible compliance function can contact you (e.g. via a protected mailbox function within the whistleblowing portal), you will also receive an acknowledgment of receipt of your report within seven days and further feedback no later than three months following your report.

We therefore encourage you to set up the protected mailbox function within the whistleblowing portal as this will also allow the responsible compliance function to contact you in case there are any questions. 

Yes, your report is confidential!

You can choose to report anonymously or by name.

Should you decide to give your name, we guarantee that your identity will only be disclosed to those persons directly concerned with processing the case. Once processing of the case has been concluded, your personal data will be deleted again.

Either way, confidentiality and the protection of you as a Whistleblower is the top priority and guiding principle of our whistleblowing portal and all reports will be handled on a strict “need to know” basis. Your report will only be visible for those compliance functions with whom you want to share the information.

Irrespective of the channel(s) used, confidentiality and the protection of those reporting potential compliance violations is the top priority and guiding principle of our whistleblowing portal, and all reports will be handled on a strict “need-to-know” basis.

The principle of BKMS® is to protect the whistleblower's identity. The system's anonymity protection function is certified and can be verified by you at any time.

Encryption and other special security methods ensure that your report remains anonymous at all times. At no time during the process will you be asked for personal information.

The person in charge of your report will contact you via a secured postbox (also refer to FAQ 6) to provide information about the status of your report or to ask further questions if certain details need to be clarified - your anonymity will be always protected during this process.

No!

As long as you had reasonable grounds to believe that the information reported was true at the time of your report, you may not suffer any retaliation as a consequence for your report and any attempted retaliation would in itself be considered a severe compliance violation. If you feel that you are being intimidated or retaliated against as a result of your report, please contact the whistleblowing portal. Such intimidation or retaliation will also be reviewed and, if appropriate, further investigated in accordance with the procedures described above.

Vice versa, suspecting another person of a compliance violation may have serious consequences for those implicated. For that reason, the whistleblowing portal is to be used responsibly. Whistleblowers are encouraged to only provide information whose correctness they are convinced about to the best of their knowledge and belief. If you deliberately make a false report, this would also qualify as a severe compliance violation and may have serious consequences under criminal and labour law.