Compliance and Whistleblowing

Principal Elements of the Compliance Management System

The operation of the company is based on compliance with rules, legislation and internal rules. The business compliance system is an instrument for preventing violations and damage to the society.

For us, compliance does not end with the adherence to legal provisions, we strive to always act in accordance with ethical principles, while at the same time minimizing the liability risk for the company, its employees and supervisory bodies through organizational and preventive measures.

In everyday practice, our company culture is manifested through working with integrity in the workplace and honest cooperation with employees, customers, suppliers, owners, the local community and the public. We also expect our business partners to act legally and with the principles of integrity.

The Compliance Management System has been implemented at Fraport AG majority-owned national and international subsidiaries over the last years, including Fraport Slovenija.

This Group-wide system provides methods, rules, instruments, and an organization so that compliance is implemented as a comprehensive task at all levels and in all relevant processes.

Fraport Slovenija provides communication channels for reporting compliance violations. These channels are open to everyone – employees, customers, suppliers, business partners, and third parties.

At Fraport Slovenija, special protection is given to whistleblowers who pass on information in good faith in order to expose irregularities. They are protected by maximum confidentiality and, whenever possible, the assurance of anonymity. Whistleblowers who have sufficient reason to believe that their information is true are protected against reprisals by Fraport Slovenija.

Compliance violations include, among others:

  • Corruption
  • Fraud/embezzlement/theft (property crimes)
  • Inappropriate behavior in receiving and handing out gifts, benefits and invitations
  • Conflicts of interest
  • Breach of personal data protection
  • Violation of human rights
  • Environmental crimes and risks
  • Providing confidential business information to unauthorized third parties
  • Violation of legal regulations.

Internal Person of Trust

Reports of violations can be submitted directly to Internal Person of Trust of Fraport Slovenija:

Taja Skobir

Head of Integrated Governance System +386 4 2061 440 +386 41 642 921

Electronic Whistleblower System  

Reports of violations can be submitted online via the electronic whistleblower system (the BKMS® system).

The whistleblower system is accessible 24/7 and available in German, English, Greek, Bulgarian, and Portuguese. The certified BKMS® system absolutely guarantees anonymity for whistleblowers.

It is accessed via the Fraport AG website and the respective websites of Fraport's subsidiaries.

External Reporting Channels

All persons who intend to report a violation or misconduct in connection with Fraport Slovenija also have the option of submitting an external report to the responsible state or European Union authorities. Whistleblowers who take this way also fall under the protection of the Slovenian Whistleblower Protection Act.

The Code of Conduct for Employees provides an overview on the fundamental orientation that our company is based on, and on the values Fraport stands for.

According to our Company values - trust, reliability, openness, courage, commitment and competence - we endeavour to act in a socially and economically responsible way. In order to do justice to this responsibility, it is indispensable to implement the Company's values also in everyday working life.

The Code of Conduct for Business Partners stipulates rules for all suppliers and service providers that are in a direct business relationship with Fraport Slovenija. In a similar manner to the Code of conduct for employees, it encompasses compliance, conventions on labour as well as human rights, supplemented by environmental and climate protection aspects. Any compliance breach will be considered an infringement of the contract and our suppliers will be notified of it if need be, together with a deadline to remedy the breach. If escalating, this may result in a termination of the contract.

The Compliance Risk Analysis (CRA) is an essential instrument to identify compliance risks. Since 2015, CRA has been carried out regularly within the Fraport Group, also in Fraport Slovenija. By means of systematically identifying and evaluating risks, CRA thus serves as a basis for appropriate compliance measures.

The new German Act on Due Diligence in Supply Chains (LkSG) came into force on January 1, 2023 with purpose to improve the protection of human rights in global supply chains.  The Act initially applies to companies with at least 3,000 employees and a head office, administrative center, registered office or branch office in Germany – which includes Fraport Slovenija as subsidiary of Fraport AG. The due diligence obligations relate to the company’s own business operations, the actions of a contracting party and, on an ad hoc basis, the actions of further indirect suppliers.

Policy Statement on Human Rights and Environmental Risks

The policy statement sets out Fraport AG’s expectations of its own employees and suppliers regarding the respect of human rights in supply chains. In the future, the policy statement will be reviewed annually and on an ad hoc basis, and updated as required. The environmental and human rights risks identified in the risk analysis as the highest priorities are mentioned in the document, and related preventive and corrective measures are described.

Complaints Procedure

Reports of violations of human rights and breaches of environmental laws and regulations at the Fraport Group and at direct suppliers can be submitted through the   following complaints/whistleblowing channels:

Responsibilities and contact person

Complaints are handled by the Internal Person of Trust of Fraport Slovenija and, where necessary, with the support of other experts. The contact person is the Head of Integrated Governance System, Taja Skobir.  

How the complaints procedure works

Complaints are received by the Compliance department. The whistleblower receives a confirmation of receipt and is kept informed of the next steps that will be taken and the progress of the procedure.

In a first step, an initial assessment is carried out to check whether the reported breach falls within the material scope of the complaint’s procedure. Other requirements for instituting an investigation to establish the facts include whether the incident that has been described can be judged on the whole to be plausible and generally possible and might indicate a violation of any law or a serious breach of an internal regulation. In this process, it is examined whether any collection, processing, or use of data that takes place in the course of the investigation is permissible under data protection law.

The aim of the investigation is to clarify the facts of the matter that are the subject of the report in a neutral, competent, and objective manner. The investigation of the facts is carried out by suitable persons, who are required to act independently and maintain confidentiality. They contact the whistleblower, check the validity of the report that has been received, and, if necessary, request the whistleblower to provide more information. Reports of breaches at a direct supplier are investigated jointly with the supplier. The investigation is conducted on the basis of documents and interviews and is recorded comprehensibly in a case file. Case files are deleted once a year if there is no legitimate interest in retaining them. The whistleblower receives feedback on the progress of the procedure within three months following confirmation of receipt of their report. Feedback is provided only insofar as this does not affect any internal investigations and the rights of the persons who are the subject of a report or who are named in the report are not adversely affected.

Each case concludes with a written final report, which remains strictly confidential. The list of people to whom the report is distributed depends on the nature and severity of the breaches that are identified and is determined on a case-by-case basis. Information is disclosed only if this is necessary and permitted under data protection law.

The final report includes penalties and suitable actions for remedying irregularities and preventing similar breaches in the future. After the investigation has been concluded, the whistleblower is notified of the follow-up actions to be taken, if this is permitted by law.

Protection against reprisals

At Fraport Slovenija, special protection is given to whistleblowers who pass on information in good faith in order to expose irregularities. The Compliance department guarantees that they are protected by maximum confidentiality and, whenever legally possible, by ensuring their anonymity.

In terms of case management at Fraport Slovenija, this means that the identity of the whistleblower is disclosed solely to the persons who are responsible for receiving information or for instituting follow-up actions.

Fraport Slovenija ensures through the whistleblower system that whistleblowers who have sufficient reason to believe that their information is true are not obstructed, restricted, or influenced when they submit the information.

Whistleblowers who have been identified by name need not fear any reprisals, such as suspension, termination, relocation to other duties, disciplinary measures, discrimination, bullying or similar retaliation, from their Fraport Slovenija employer after they have submitted a report.

Information that is submitted with malicious intent or in bad faith to implicate employees is explicitly unwelcome. Information of this kind that is clearly intended only to harm, denounce, or disparage other people will not be processed. The whistleblower will not be given special protection against reprisals and can be subject to liability in these cases.