In 2017, we updated the Casinos Austria and Austrian Lotteries Group Code of Conduct, which serves as the basis for our conduct in all our activities. Our employees are supported in this regard by our Compliance Department, which regularly carries out compliance audits of invitations, gifts and giveaways, sponsoring activities, donations and/or advertisements. This Code of Conduct is supplemented by a Code of Conduct for Suppliers. The internal Code of Conduct is currently only available in German.
Compliance in our group describes the totality of measures taken to ensure compliance with internal and external regulations, guidelines and provisions – measures that are adhered to by all members of staff in our group.
The long-established and periodically reviewed pillars of compliance in the Casinos Austria and Austrian Lotteries Group are as follows:
- Anti-corruption (ISO 37001)
- Data protection (GoodPriv@cy Standard)
- Anti-money laundering (ISAE 3000 standard adapted to the provision of the 5th EU Anti-Money-Laundering Directive)
- Information security (ISO/IEC 27001:2013; “Security Control Standard” (WLA-SCS))
We have a systematically structured and sustainably managed compliance management system based on the ISO 19600 standard in place. This includes not only precautionary measures like clarification, information and staff training but also the safeguarding of monitoring of our internal processes and procedures.
In 2017, the Casinos Austria and Austrian Lotteries Group was audited and successfully certified to the ISO 19600 and ISO 37001 standards, making us the first gaming group worldwide to obtain such certification. Our suppliers were also checked for any compliance-related infringements using the Dow Jones database.
Compliance Applies to Everyone
When our employees know, understand and act in compliance with the applicable laws and corporate guidelines, they become role models. Each and every new hire in our group is required to complete training on the key local laws and regulations as well as our own corporate rules and guidelines.
In 2017, we produced new e-learning courses and material on anti-corruption and data protection. Face-to-face training was also provided in all our casinos and WINWIN outlets across Austria.
Highest-Quality Data Protection
In 2017, we worked intensively on the requirements that would be placed on companies when the EU General Data Protection Regulation (GDPR) came into force in May 2018. A project was set up to analyze the required changes and produce a roadmap for their timely completion prior to this date.